Lucene search
GoogleOSV:CVE-2021-39165HistoryAug 26, 2021 - 9:15 p.m.
CVE-2021-39165
2021-08-2621:15:10
Google
osv.dev
5
Cachet is an open source status page. With Cachet prior to and including 2.3.18, there is a SQL injection which is in the SearchableTrait#scopeSearch(). Attackers without authentication can utilize this vulnerability to exfiltrate sensitive data from the database such as administrator’s password and session. The original repository of Cachet <https://github.com/CachetHQ/Cachet> is not active, the stable version 2.3.18 and it’s developing 2.4 branch is affected.
Related
githubexploit
githubexploit
Exploit for Improper Authentication in Chachethq Cachet
2023-09-20 22:19:55
Exploit for Improper Authentication in Chachethq Cachet
2022-03-15 18:14:46
cve
cve
CVE-2021-39165
2021-08-26 21:15:10
cvelist
cvelist
CVE-2021-39165 Unauthenticated SQL Injection
2021-08-26 20:25:12
veracode
veracode
SQL Injection
2021-08-30 05:13:57
osv
osv
Unauthenticated SQL Injection in Cachet
2021-08-30 16:12:58
prion
prion
Sql injection
2021-08-26 21:15:00
nuclei
nuclei
Cachet <=2.3.18 - SQL Injection
2022-10-06 20:20:48
nvd
nvd
CVE-2021-39165
2021-08-26 21:15:10
github
github
Unauthenticated SQL Injection in Cachet
2021-08-30 16:12:58
sonarsource
sonarsource
Cachet 2.4: Code Execution via Laravel Configuration Injection
2021-09-21 00:00:00