{"vulnerability": "CVE-2023-0630", "sightings": [{"uuid": "c3328820-0925-4321-88ce-d957d9c6d0fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0630", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4526", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-0630 - Slimstat Analytics < 4.9.3.3 - Subscriber+ SQL Injection\nURL\uff1ahttps://github.com/RandomRobbieBF/CVE-2023-0630\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-06-12T07:34:14.000000Z"}, {"uuid": "1826a6ac-732a-45f1-bfb3-05b6608d4dfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0630", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3082", "content": "Tools \ud83d\udd27 \ud83d\udd28  \ud83d\udd27 -  Hackers Factory\n\n\u200b\u200bspraycharles\n\nLow and slow password spraying tool, designed to spray on an interval over a long period of time.\n\nhttps://github.com/Tw1sm/spraycharles\n\n#infosec #pentesting #redteam\n\n\u200b\u200bCloudflare Tunnel Ingress Controller\n\nTLDR; This project simplifies exposing Kubernetes services to the internet easily and securely using Cloudflare Tunnel.\n\nhttps://github.com/STRRL/cloudflare-tunnel-ingress-controller\n\n#cybersecurity #infosec\n\n\u200b\u200bCVE-2023-25157\n\nThis is a simple Python Script to Find the Latest GeoServer SQL Injection Vulnerability. You can use the Scripts on hosts to check for infected path.\n\nhttps://github.com/0x2458bughunt/CVE-2023-25157\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bCVE-2023-0630\n\nSlimstat Analytics < 4.9.3.3 - Subscriber+ SQL Injection.\n\nhttps://github.com/RandomRobbieBF/CVE-2023-0630\n\n#cve #cybersecurity #infosec\n\nStolen-CVE-2022\n\nArbitrary File Delete Elevation of Privilege through Operating System Check of HP Support Assistant.\n\nhttps://github.com/sp3arm4n/Stolen-CVE-2022\n\n#cybersecurity #infosec\n\n\u200b\u200btoxssin \n\nPenetration testing tool that automates the process of exploiting Cross-Site Scripting (XSS) vulnerabilities. It consists of an https server that works as an interpreter for the traffic generated by the malicious JavaScript payload that powers this tool (toxin.js).\n\nThis project started as (and still is) a research-based creative endeavor to explore the exploitability depth that an XSS vulnerability may introduce by using vanilla JavaScript, trusted certificates and cheap tricks.\n\nhttps://github.com/t3l3machus/toxssin\n\n#infosec #pentesting #redteam\n\n\u200b\u200bonedrive_user_enum v2.00\n\nPentest tool to enumerate valid o365 users.\n\nhttps://github.com/nyxgeek/onedrive_user_enum\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bModuleShifting\n\nStealthier variation of Module Stomping and Module Overloading injection techniques that reduces memory IoCs. Implemented in Python ctypes.\n\nhttps://github.com/naksyn/ModuleShifting\n\n#infosec #pentesting #redteam\n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-06-12T12:46:44.000000Z"}, {"uuid": "304d15d5-32b2-4072-bd4c-70be70863ed4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0630", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/3651", "content": "\ud83d\udda5Dataleak:\n\n\ud83d\udd31Leak Alibaba Cloud \ud83d\udcad : https://system32.ink/d/leak-alibaba-cloud-%f0%9f%92%ad/\n\n\ud83d\udd31Leak aub_ma : https://system32.ink/d/leak-aub-ma/\n\n\ud83d\udd31Leak pannonhosting_hu: https://system32.ink/d/leak-pannonhosting-hu/\n\n\ud83d\udd31Leak astrongameclub_gr : https://system32.ink/d/leak-astrongameclub-gr/\n\n\ud83d\udd31Leak dheeramotors_com : https://system32.ink/d/leak-dheeramotors-com/\n\n\ud83d\udd31Leak forexchanger_com : https://system32.ink/d/leak-forexchanger-com/\n\n\ud83d\udda5Tools:\n\n\ud83d\udd31Ransomware tool pack : https://system32.ink/d/ransomware-tool-pack/\n\n\ud83d\udd31RedLotus is a Windows UEFI Bootkit in Rust : https://system32.ink/d/redlotus-is-a-windows-uefi-bootkit-in-rust-2/\n\n\ud83d\udd31QuillBot-Premium-Crack-2.0.1 : https://system32.ink/d/quillbot-premium-crack-2-0-1/\n\n\ud83d\udd31Automatic XSS Vulnerability Scanner, Dorker, and Payload Injector : https://system32.ink/d/automatic-xss-vulnerability-scanner-dorker-and-payload-injector/\n\n\ud83d\udda5Exploits:\n\n\ud83d\udd31CVE-2023-0630: Slimstat Analytics <4.9.3 \u2013 Subscriber + SQL Injection : https://system32.ink/d/cve-2023-0630-slimstat-analytics-4-9-3-subscriber-sql-injection/\n\n\ud83d\udd31CVE-2020-3187 Exploit : https://system32.ink/d/cve-2020-3187-exploit/\n\n\ud83d\udda5Material: \n\n\ud83d\udd31Doxing Pack : https://system32.ink/news-feed/p/474/\n\n\ud83d\udd31recon2023-resources: https://system32.ink/news-feed/p/475/\n\n@crackcodes | (crackcodes.in)", "creation_timestamp": "2023-06-11T06:33:31.000000Z"}, {"uuid": "83547c5b-f8c5-4cf1-aa1d-029f519dcd06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0630", "type": "published-proof-of-concept", "source": "Telegram/KN8qLPTtPX0baYiximYDtfpoMx_mkqHFVBjAzom7DVoISQ", "content": "", "creation_timestamp": "2023-06-11T06:35:47.000000Z"}, {"uuid": "de0190bf-f6f6-424a-8d71-3451ee13ecc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0630", "type": "published-proof-of-concept", "source": "Telegram/nSbVQF_6uQy1IJtd-fdzu-4Irw8WD0R-mlw6L_55LbSvlAM", "content": "", "creation_timestamp": "2023-06-12T21:13:47.000000Z"}, {"uuid": "ca928e9b-66e8-4fed-a5c5-0d7580222a19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0630", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8462", "content": "#exploit\n1. CVE-2023-0630:\nSlimstat Analytics <4.9.3 - Subscriber + SQL Injection\nhttps://github.com/RandomRobbieBF/CVE-2023-0630\n\n2. CVE-2023-32353:\nLPE via iTunes in Windows\nhttps://github.com/86x/CVE-2023-32353-PoC\n\n3. Arbitrary File Delete/EoP through Operating System Check of HP Support Assistant\nhttps://github.com/sp3arm4n/Stolen-CVE-2022", "creation_timestamp": "2024-05-25T04:21:50.000000Z"}, {"uuid": "d3c691ba-669a-4057-a571-70f44fa7eb10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-0630", "type": "seen", "source": "https://t.me/cibsecurity/60334", "content": "\u203c CVE-2023-0630 \u203c\n\nThe Slimstat Analytics WordPress plugin before 4.9.3.3 does not prevent subscribers from rendering shortcodes that concatenates attributes directly into an SQL query.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-20T21:04:21.000000Z"}]}