CVE-2023-1454

Exploitation Summary

CVE-2023-1454 has been observed exploited in the wild (reported by VulnCheck KEV). EIP tracks 8 public exploits from researchers including Sweelg, padbergpete47, shad0w0sec. A Nuclei detection template is also available.

AI-analyzed exploit summary This repository contains a Python-based proof-of-concept exploit for CVE-2023-1454, a SQL injection vulnerability in Jeecg-Boot's jmreport/qurestSql endpoint. The script can scan single or multiple URLs for the vulnerability using a time-based SQL injection payload.

Description

A vulnerability classified as critical has been found in jeecg-boot 3.5.0. This affects an unknown part of the file jmreport/qurestSql. The manipulation of the argument apiSelectId leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-223299.

Exploits (8)

nomisec WORKING POC 21 stars

by Sweelg · infoleak

https://github.com/Sweelg/CVE-2023-1454-Jeecg-Boot-qurestSql-SQLvuln

View Code ZIP pw:eip

This repository contains a Python-based proof-of-concept exploit for CVE-2023-1454, a SQL injection vulnerability in Jeecg-Boot's jmreport/qurestSql endpoint. The script can scan single or multiple URLs for the vulnerability using a time-based SQL injection payload.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: Jeecg-Boot (version not specified, but likely affects 3.5.0 and earlier)

No auth needed

Prerequisites: Target URL running vulnerable Jeecg-Boot instance

MITRE ATT&CK

T1189 - Drive-by Compromise T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC 8 stars

by padbergpete47 · infoleak

https://github.com/padbergpete47/CVE-2023-1454

View Code ZIP pw:eip

This repository contains a Python-based scanner for CVE-2023-1454, a SQL injection vulnerability in Jeecg-Boot's jmreport/qurestSql endpoint. The script checks for vulnerability by sending a crafted POST request with an SQL injection payload and analyzing the response for specific keywords.

Classification

Working Poc | Scanner 95%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: Jeecg-Boot (version 3.5.0 and possibly others)

No auth needed

Prerequisites: Target URL or list of URLs to scan

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC 4 stars

by shad0w0sec · infoleak

https://github.com/shad0w0sec/CVE-2023-1454-EXP

View Code ZIP pw:eip

This is a functional exploit for CVE-2023-1454, a SQL injection vulnerability in JeecgBoot 3.5.0. It leverages the `jmreport/qurestSql` endpoint with crafted payloads to extract database information, including current database, all databases, tables, and columns.

Classification

Working Poc 95%

Attack Type

Sqli

Complexity

Moderate

Reliability

Reliable

Target: JeecgBoot 3.5.0

No auth needed

Prerequisites: Network access to the target JeecgBoot instance · The vulnerable endpoint `/jeecgboot/jmreport/qurestSql` or `/jeecg-boot/jmreport/qurestSql` must be exposed

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WRITEUP 4 stars

by gobysec · poc

https://github.com/gobysec/CVE-2023-1454

View Code ZIP pw:eip

This repository contains a writeup describing an unauthorized SQL injection vulnerability (CVE-2023-1454) in jeecg-boot v3.5.0. It includes details about the vulnerability, its impact, and FOFA query for affected assets.

Classification

Writeup 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Theoretical

Target: jeecg-boot v3.5.0

No auth needed

Prerequisites: Access to the vulnerable jeecg-boot instance

MITRE ATT&CK

T1189 - Drive-by Compromise

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WRITEUP 1 stars

by P4x1s · poc

https://github.com/P4x1s/CVE-2023-1454-EXP

View Code ZIP pw:eip

This repository contains a writeup describing CVE-2023-1454, an unauthorized SQL injection vulnerability in JeecgBoot v3.5.0. The vulnerability allows attackers to extract sensitive data or potentially escalate privileges by writing malicious payloads to the server.

Classification

Writeup 90%

Attack Type

Sqli

Complexity

Moderate

Reliability

Theoretical

Target: JeecgBoot v3.5.0

No auth needed

Prerequisites: access to the vulnerable JeecgBoot instance

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec WORKING POC

by BugFor-Pings · poc

https://github.com/BugFor-Pings/CVE-2023-1454

View Code ZIP pw:eip

This repository contains a Python script that exploits CVE-2023-1454, an unauthenticated SQL injection vulnerability in Jeecg-Boot v3.5.0. The script sends a crafted base64-decoded payload to the `/jeecg-boot/jmreport/qurestSql` endpoint to test for SQL injection.

Classification

Working Poc 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: Jeecg-Boot v3.5.0

No auth needed

Prerequisites: Target running Jeecg-Boot v3.5.0 · Network access to the vulnerable endpoint

MITRE ATT&CK

T1189 - Drive-by Compromise T1505 - Server Software Component

devstral-2 · analyzed Feb 16, 2026 Full analysis →

nomisec SCANNER

by cjybao · remote

https://github.com/cjybao/CVE-2023-1454

View Code ZIP pw:eip

This repository contains a Python-based scanner for CVE-2023-1454, which is a SQL injection vulnerability in JeecgBoot's jmreport/qurestSql endpoint. The scanner checks for the vulnerability by sending a crafted POST request with a malicious payload and analyzing the response.

Classification

Scanner 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: JeecgBoot (version not specified, but likely affects multiple versions)

No auth needed

Prerequisites: Target URL or list of URLs to scan

MITRE ATT&CK

T1189 - Drive-by Compromise T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

vulncheck_xdb SCANNER

remote

https://github.com/BugFor-Pings/CVE-2023-1454-POC

View Code ZIP pw:eip

The repository contains a Python script that checks for SQL injection vulnerability (CVE-2023-1454) in Jeecg-Boot by sending a crafted request to the `/jmreport/qurestSql` endpoint and checking for SQL-related responses. The README provides technical details about the vulnerability, including the affected version and a sample exploit payload.

Classification

Scanner 90%

Attack Type

Sqli

Complexity

Trivial

Reliability

Reliable

Target: Jeecg-Boot v3.5.0

No auth needed

Prerequisites: Target URL list in a file named 'url.txt'

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter

devstral-2 · analyzed Feb 25, 2026 Full analysis →

Nuclei Templates (1)

Jeecg-boot 3.5.0 qurestSql - SQL Injection

CRITICALVERIFIEDby DhiyaneshDK

Shodan: http.favicon.hash:1380908726

FOFA: icon_hash=1380908726

References (3)

Core 3

Core References

Third Party Advisory, VDB Entry vdb-entry technical-description

https://vuldb.com/?id.223299

Permissions Required, Third Party Advisory, VDB Entry signature permissions-required

https://vuldb.com/?ctiid.223299

Exploit, Third Party Advisory broken-link exploit

https://github.com/J0hnWalker/jeecg-boot-sqli

jeecg-boot 3.5.0 - SQL Injection via apiSelectId Parameter

Exploitation Summary

Description

Exploits (8)

Nuclei Templates (1)

References (3)

Scores

Details