Back to directory
WRITEUP #2111

CVE-2022–36635 — A SQL Injection in ZKSecurityBio to RCE

SQL Injection
by@CaioBurgardt(Caio Burgardt)
Program
ZKTeco
Published
Oct 6, 2022
Added to HackDex
Oct 8, 2022
Read Full Writeuphttps://medium.com/stolabs/cve-2022-36635-a-sql-injection-in-zksecuritybio-to-rce-c5bde2962d47
RELATED WRITEUPS
Directory Traversal, SQL Injection and Server-Side Request Forgery
SQL InjectionPath traversal
Breaking Down Barriers: Exploiting Pre-Auth SQL Injection In WhatsUp Gold - CVE-2024-6670
SQL InjectionReverse engineering
Bypassing airport security via SQL injection
SQL Injection
World of SELECT-only PostgreSQL Injections: (Ab)using the filesystem
SQL Injection
Exploiting authorization by nonce in WordPress plugins
RCEArbitrary file upload

Built with ❤️ by Shubham Rawat