CVE-2024-9264

This PoC exploits CVE-2024-9264, a DuckDB SQL injection vulnerability in Grafana's experimental SQL Expressions feature, allowing authenticated users to read arbitrary files or execute commands (RCE on v11.0.0).

The repository contains functional exploit code for CVE-2026-22812, demonstrating an RCE vulnerability in OpenCode by leveraging session creation and command execution via a crafted JSON payload. The script includes multi-threaded scanning capabilities and detailed error handling.

This PoC exploits CVE-2024-9264 in Grafana by leveraging SQL expression injection to create and trigger a reverse shell via the shellfs community extension. It requires authentication and DuckDB to be installed on the target system.

This PoC exploits CVE-2024-9264 in Grafana v11.x by leveraging DuckDB's `read_csv_auto` function to read arbitrary files via SQL expression queries. It requires authentication and DuckDB to be accessible in Grafana's PATH.

This repository contains a Go-based exploit for CVE-2024-9264, a critical SQL injection vulnerability in Grafana that allows authenticated attackers to achieve RCE, file reads, or command execution via crafted SQL queries.

The repository contains functional exploit code for multiple CVEs, including authentication bypass vulnerabilities in TOTOLINK devices and a scanner for Fortinet SSL VPN (CVE-2024-21762). The PoCs demonstrate the vulnerabilities with clear technical details and functional code.

This repository contains a functional PoC exploit for CVE-2024-9264, an authenticated RCE vulnerability in Grafana v11.0. The exploit leverages SQL injection in the DuckDB CLI via the SQL Expressions feature to execute arbitrary shell commands and establish a reverse shell.

This repository provides details about CVE-2024-9264 and includes instructions to build a vulnerable version of Grafana (11.0.0) for testing purposes. No exploit code or PoC is present in the provided files.

This PoC exploits an arbitrary file read and command execution vulnerability in Grafana via SQL injection in the Expression datasource. It authenticates, then uses malicious SQL queries to achieve RCE by writing command output to a file and reading it back.

This PoC demonstrates an SQL injection vulnerability in Grafana via the Expression datasource, allowing arbitrary file reads (e.g., `/etc/passwd`). The exploit sends a crafted POST request to execute SQL queries through the `__expr__` datasource.

This PoC demonstrates a local file inclusion (LFI) vulnerability in Grafana 11.x via DuckDB SQL expressions, allowing authenticated users to read arbitrary files on the server. The exploit uses Grafana's SQL expression endpoint to execute DuckDB's `read_text()` function and retrieve the contents of a target file.

This is a functional proof-of-concept exploit for CVE-2024-9264, targeting Grafana via SQL expressions and DuckDB to achieve remote code execution. It writes a reverse shell script to the target system and executes it using the `shellfs` extension.

This PoC exploits CVE-2024-9264, a Remote Code Execution (RCE) vulnerability in Grafana via SQL Expressions. It leverages insufficient input sanitization to execute arbitrary shell commands by installing and loading the 'shellfs' community extension, then triggering a reverse shell.