cve/2020/CVE-2020-1937.md

CVE-2020-1937

Description

Kylin has some restful apis which will concatenate SQLs with the user input string, a user is likely to be able to run malicious database queries.

POC

Reference

No PoCs from references.

Github

• https://github.com/ARPSyndicate/cvemon
• https://github.com/developer3000S/PoC-in-GitHub
• https://github.com/nomi-sec/PoC-in-GitHub
• https://github.com/shanika04/apache_kylin
• https://github.com/soosmile/POC