Back to directory

WRITEUP #975

CVE-2023-36934 Analysis: MOVEit Transfer SQL Injection

SQL InjectionSecurity code review

by@iamnoooob(Rahul Maini)

Program

Progress (MOVEit Transfer)

Published

Jul 9, 2023

Added to HackDex

Jul 11, 2023

Read Full Writeuphttps://blog.projectdiscovery.io/moveit-transfer-sql-injection/

▸ RELATED WRITEUPS

Breaking Down Barriers: Exploiting Pre-Auth SQL Injection In WhatsUp Gold - CVE-2024-6670

SQL InjectionReverse engineering

Exploiting authorization by nonce in WordPress plugins

RCEArbitrary file upload

Directory Traversal, SQL Injection and Server-Side Request Forgery

SQL InjectionPath traversal

Getting code execution on Veeam through CVE-2023-27532

RCEInsecure deserialization

Spip Preauth RCE 2024: Part 2, A Big Upload

Built with ❤️ by Shubham Rawat