{"uuid": "ed3e2fe1-5fad-4e9f-a16c-b41b76cbbb5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/1129", "content": "CVE-2023-25157 - \u062a\u0632\u0631\u06cc\u0642 SQL \u062f\u0631 GeoServer\n\n\u0645\u0645\u06a9\u0646 \u0627\u0633\u062a \u0633\u0631\u0648\u06cc\u0633\u200c\u0647\u0627\u06cc\u06cc \u0648\u062c\u0648\u062f \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u0646\u062f \u06a9\u0647 \u0647\u0646\u0648\u0632 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc geoserver \u062f\u0631 \u0622\u0646\u0647\u0627 \u0628\u0647\u200c\u0631\u0648\u0632 \u0646\u0634\u062f\u0647 \u0628\u0627\u0634\u062f\u060c \u0628\u0646\u0627\u0628\u0631\u0627\u06cc\u0646 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u06cc\u062f \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 gau \u06cc\u0627 wayback \u0628\u0647 \u062c\u0633\u062a\u062c\u0648\u06cc /geoserver/ows \u0628\u067e\u0631\u062f\u0627\u0632\u06cc\u062f \u0648 \u0634\u0627\u0646\u0633 \u062e\u0648\u062f \u0631\u0627 \u0627\u0645\u062a\u062d\u0627\u0646 \u06a9\u0646\u06cc\u062f.\nwaybackurl domain[.]com | grep '/geoserver/ows/'\n\nCVE-2023-25157 - GeoServer SQL Injection\n\nThere may be services where geoserver vulnerabilities are still not updated, so you can search /geoserver/ows with gau or wayback and try your luck. \nwaybackurl domain[.]com | grep '/geoserver/ows/'\nPOC: https://github.com/win3zz/CVE-2023-25157", "creation_timestamp": "2024-05-21T11:16:07.000000Z"}