Adlisting Classified Ads 2.14.0 - Information Disclosure

Information disclosure issue in the redirect responses, When accessing any page on the website, Sensitive data, such as API keys, server keys, and app IDs, is being exposed in the body of these redirects. id: CVE-2023-4168 info: name: Adlisting Classified Ads 2.14.0 - Information Disclosure autho...

CVE-2023-4168

A vulnerability was found in Templatecookie Adlisting 2.14.0. It has been classified as problematic. Affected is an unknown function of the file /ad-list of the component Redirect Handler. The manipulation leads to information disclosure. It is possible to launch the attack remotely. The identifi...

Adlisting Classified Ads 2.14.0 - WebPage Content Information Disclosure

Exploit Title: Adlisting Classified Ads 2.14.0 - WebPage Content Information Disclosure Exploit Author: CraCkEr Date: 25/07/2023 Vendor: Templatecookie Vendor Homepage: https://templatecookie.com/ Software Link: https://templatecookie.com/demo/adlisting-classified-ads-script Version: 2.14.0 Teste...

Adlisting Classified Ads 2.14.0 - WebPage Content Information Disclosure Vulnerability

Exploit Title: Adlisting Classified Ads 2.14.0 - WebPage Content Information Disclosure Exploit Author: CraCkEr Vendor: Templatecookie Vendor Homepage: https://templatecookie.com/ Software Link: https://templatecookie.com/demo/adlisting-classified-ads-script Version: 2.14.0 Tested on: Windows 10...

CVE-2023-4168

A vulnerability was found in Templatecookie Adlisting 2.14.0. It has been classified as problematic. Affected is an unknown function of the file /ad-list of the component Redirect Handler. The manipulation leads to information disclosure. It is possible to launch the attack remotely. The identifi...

Design/Logic Flaw

A vulnerability was found in Templatecookie Adlisting 2.14.0. It has been classified as problematic. Affected is an unknown function of the file /ad-list of the component Redirect Handler. The manipulation leads to information disclosure. It is possible to launch the attack remotely. The identifi...

CVE-2023-4168

CVE-2023-4168 : Information disclosure in Templatecookie Adlisting 2.14.0 due to a flaw in the Redirect Handler’s /ad-list flow. Nuclei template reports that redirect responses expose sensitive data (e.g., API keys, server keys, app IDs) in the body of redirects, allowing remote exploitation. The...

CVE-2023-4168 Templatecookie Adlisting Redirect ad-list information disclosure

A vulnerability was found in Templatecookie Adlisting 2.14.0. It has been classified as problematic. Affected is an unknown function of the file /ad-list of the component Redirect Handler. The manipulation leads to information disclosure. It is possible to launch the attack remotely. The identifi...

PT-2023-28044 · Unknown · Templatecookie Adlisting

Name of the Vulnerable Software and Affected Versions: Templatecookie Adlisting version 2.14.0 Description: A vulnerability was found in the component Redirect Handler, affecting an unknown function of the file /ad-list. The manipulation leads to information disclosure and can be launched remotel...

Templatecookie Adlisting Information Disclosure Vulnerability

Templatecookie Adlisting is an advertising application from Templatecookie, Inc. An information disclosure vulnerability exists in Templatecookie Adlisting version 2.14.0. No information about this vulnerability is available at this time, please stay tuned to CNNVD or the vendor announcement...

Jobpilot v2.61 - SQL Injection

Exploit Title: Jobpilot v2.61 - SQL Injection Date: 2023-06-17 Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/jobpilot-job-portal-laravel-script/37897822 Demo Site: https://jobpilot.templatecookie.com Tested on: Kali Linux CVE: N/A ----- PoC: SQLi ----- Parameter: long GET...

Jobpilot v2.61 - SQL Injection Vulnerability

Exploit Title: Jobpilot v2.61 - SQL Injection Exploit Author: Ahmet Ümit BAYRAM Vendor: https://codecanyon.net/item/jobpilot-job-portal-laravel-script/37897822 Demo Site: https://jobpilot.templatecookie.com Tested on: Kali Linux CVE: N/A ----- PoC: SQLi ----- Parameter: long GET Type: error-based...