CVE-2023-1454

This repository contains a Python-based proof-of-concept exploit for CVE-2023-1454, a SQL injection vulnerability in Jeecg-Boot's jmreport/qurestSql endpoint. The script can scan single or multiple URLs for the vulnerability using a time-based SQL injection payload.

This repository contains a Python-based scanner for CVE-2023-1454, a SQL injection vulnerability in Jeecg-Boot's jmreport/qurestSql endpoint. The script checks for vulnerability by sending a crafted POST request with an SQL injection payload and analyzing the response for specific keywords.

This is a functional exploit for CVE-2023-1454, a SQL injection vulnerability in JeecgBoot 3.5.0. It leverages the `jmreport/qurestSql` endpoint with crafted payloads to extract database information, including current database, all databases, tables, and columns.

This repository contains a writeup describing an unauthorized SQL injection vulnerability (CVE-2023-1454) in jeecg-boot v3.5.0. It includes details about the vulnerability, its impact, and FOFA query for affected assets.

This repository contains a writeup describing CVE-2023-1454, an unauthorized SQL injection vulnerability in JeecgBoot v3.5.0. The vulnerability allows attackers to extract sensitive data or potentially escalate privileges by writing malicious payloads to the server.

This repository contains a Python script that exploits CVE-2023-1454, an unauthenticated SQL injection vulnerability in Jeecg-Boot v3.5.0. The script sends a crafted base64-decoded payload to the `/jeecg-boot/jmreport/qurestSql` endpoint to test for SQL injection.

This repository contains a Python-based scanner for CVE-2023-1454, which is a SQL injection vulnerability in JeecgBoot's jmreport/qurestSql endpoint. The scanner checks for the vulnerability by sending a crafted POST request with a malicious payload and analyzing the response.

The repository contains a Python script that checks for SQL injection vulnerability (CVE-2023-1454) in Jeecg-Boot by sending a crafted request to the `/jmreport/qurestSql` endpoint and checking for SQL-related responses. The README provides technical details about the vulnerability, including the affected version and a sample exploit payload.