mirror of
https://github.com/0xMarcio/cve.git
synced 2025-06-01 11:10:36 +00:00
2.0 KiB
2.0 KiB
CVE-2022-22980
Description
A Spring Data MongoDB application is vulnerable to SpEL Injection when using @Query or @Aggregation-annotated query methods with SpEL expressions that contain query parameter placeholders for value binding if the input is not sanitized.
POC
Reference
No PoCs from references.
Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/NaInSec/CVE-PoC-in-GitHub
- https://github.com/SYRTI/POC_to_review
- https://github.com/SummerSec/BlogPapers
- https://github.com/SummerSec/SummerSec
- https://github.com/Vulnmachines/Spring_cve-2022-22980
- https://github.com/W01fh4cker/Serein
- https://github.com/WhooAmii/POC_to_review
- https://github.com/Whoopsunix/PPPVULNS
- https://github.com/Y4tacker/JavaSec
- https://github.com/ax1sX/Automation-in-Java-Security
- https://github.com/ax1sX/Codeql-In-Java-Security
- https://github.com/jweny/cve-2022-22980
- https://github.com/jweny/cve-2022-22980-exp
- https://github.com/k0mi-tg/CVE-POC
- https://github.com/kuron3k0/Spring-Data-Mongodb-Example
- https://github.com/li8u99/Spring-Data-Mongodb-Demo
- https://github.com/manas3c/CVE-POC
- https://github.com/murataydemir/CVE-2022-22980
- https://github.com/nomi-sec/PoC-in-GitHub
- https://github.com/sohamda/organizing-java-backend
- https://github.com/tindoc/spring-blog
- https://github.com/trganda/CVE-2022-22980
- https://github.com/trganda/dockerv
- https://github.com/trhacknon/Pocingit
- https://github.com/whoforget/CVE-POC
- https://github.com/youwizard/CVE-POC
- https://github.com/zecool/cve