Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 3:27 a.m.10 views

CVE-2023-26469

In Jorani 1.0.0, an attacker could leverage path traversal to access files and execute code on the server...

9.8CVSS7.1AI score0.81918EPSS
Exploits5References1
Rapid7 Blog
Rapid7 Blog
added 2023/08/25 9:26 p.m.46 views

Metasploit Weekly Wrap-Up

PowershellPoint This week’s new features and improvements start with two new exploit modules leveraging CVE-2023-34960 Chamilo versions 1.11.18 and below and CVE-2023-26469 in Jorani 1.0.0. Like CVE-2023-34960, I too, feel attacked by PowerPoint sometimes. We also have several improvements,...

7.5CVSS10.4AI score0.99192EPSS
Exploits14
0day.today
0day.today
added 2023/08/21 12:0 a.m.726 views

Jorani Remote Code Execution Exploit

This Metasploit module exploits an unauthenticated remote code execution vulnerability in Jorani versions prior to 1.0.2. It abuses log poisoning and redirection bypass via header spoofing and then it uses path traversal to trigger the vulnerability. It has been tested on Jorani 1.0.0. This modul...

9.8CVSS8.2AI score0.81918EPSS
Exploits5
Metasploit
Metasploit
added 2023/08/19 7:51 p.m.352 views

Jorani unauthenticated Remote Code Execution

This module exploits an unauthenticated Remote Code Execution in Jorani prior to 1.0.2. It abuses 3 vulnerabilities: log poisoning and redirection bypass via header spoofing, then it uses path traversal to trigger the vulnerability. It has been tested on Jorani 1.0.0. Module Options msf use...

9.8CVSS8.6AI score0.81918EPSS
Exploits5
Circl
Circl
added 2023/08/17 10:38 p.m.14 views

CVE-2023-26469

creationtimestamp| type| source ---|---|--- 2023-08-17 22:38:13+00:00| seen| https://t.me/cibsecurity/68783 2023-08-18 21:32:35+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/php/joranipathtrav.rb 2023-09-01 09:45:35+00:00| published-proof-of-concep...

9.8CVSS7.3AI score0.81918EPSS
Exploits5References5
Rows per page
Query Builder