mirror of
https://github.com/0xMarcio/cve.git
synced 2026-05-09 23:27:33 +02:00
marc
1.9 KiB
1.9 KiB
CVE-2020-9483
Description
Resolved When use H2/MySQL/TiDB as Apache SkyWalking storage, the metadata query through GraphQL protocol, there is a SQL injection vulnerability, which allows to access unpexcted data. Apache SkyWalking 6.0.0 to 6.6.0, 7.0.0 H2/MySQL/TiDB storage implementations don't use the appropriate way to set SQL parameters.
POC
Reference
No PoCs from references.
Github
- https://github.com/0day404/vulnerability-poc
- https://github.com/0ps/pocassistdb
- https://github.com/ARPSyndicate/cvemon
- https://github.com/ARPSyndicate/kenzer-templates
- https://github.com/ArrestX/--POC
- https://github.com/CLincat/vulcat
- https://github.com/DSO-Lab/pocscan
- https://github.com/Elsfa7-110/kenzer-templates
- https://github.com/HaleBera/A-NOVEL-CONTAINER-ATTACKS-DATASET-FOR-INTRUSION-DETECTION
- https://github.com/HaleBera/A-NOVEL-CONTAINER-ATTACKS-DATASET-FOR-INTRUSION-DETECTION-Deployments
- https://github.com/KayCHENvip/vulnerability-poc
- https://github.com/MeterianHQ/api-samples-python
- https://github.com/Miraitowa70/POC-Notes
- https://github.com/Neko-chanQwQ/CVE-2020-9483
- https://github.com/Threekiii/Awesome-POC
- https://github.com/Veraxy00/SkywalkingRCE-vul
- https://github.com/d4n-sec/d4n-sec.github.io
- https://github.com/developer3000S/PoC-in-GitHub
- https://github.com/jweny/pocassistdb
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/pen4uin/awesome-vulnerability-research
- https://github.com/pen4uin/vulnerability-research
- https://github.com/pen4uin/vulnerability-research-list
- https://github.com/shanika04/apache_skywalking
- https://github.com/soosmile/POC