{"vulnerability": "CVE-2022-2380", "sightings": [{"uuid": "16613bd1-2f2c-41f2-8228-a547dc65b907", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23808", "type": "published-proof-of-concept", "source": "https://t.me/LearnExploit/5058", "content": "CVE-2022-23808 ( phpMyAdmin Exploit )\n\nGithub \n\n#exploit #Cve\n\u2014\u2014\u2014\u2014\u2014\u2014\u200c\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-05-20T00:26:25.000000Z"}, {"uuid": "2a390f9a-eb46-4f09-8bdb-bc84da9939bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23808", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/2928", "content": "Tools - Hackers Factory \n\n\u200b\u200bSSHLog\n\nA free, source-available Linux daemon written in C++ and Python that passively monitors #OpenSSH servers via eBPF to:\ud83d\udc47\n\nhttps://github.com/sshlog/agent\n\n\u200b\u200bParallels Desktop VM Escape\n\nThis repository contains an exploit for a Parallels Desktop vulnerability which has been assigned CVE-2023-27326. This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop.\n\nhttps://github.com/Malwareman007/CVE-2023-27326\n\n#infosec #cve #pentesting\n\n\u200b\u200bCVE-2023-28231\n\nDHCP Server Remote Code Execution impact: 2008 R2 SP1 \u0434\u043e Server 2019\n\nhttps://github.com/glavstroy/CVE-2023-28231\n\n#cybersecurity #infosec #cve\n\n\u200b\u200bCVE-2022-23808\n\nphpMyAdmin Exploit\n\nhttps://github.com/dipakpanchal456/CVE-2022-23808\n\n#cve #infosec #pentesting\n\n\u200b\u200bAPTRS\n\nAutomated Penetration Testing Reporting System is an automated reporting tool in Python and Django. The tool allows Penetration testers to create a report directly without using the Traditional Docx file. It also provides an approach to keeping track of the projects and vulnerabilities.\n\nhttps://github.com/JapneetRajput/RedTeaming\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bRootKits List Download\n\nThis is the list of all rootkits found so far on github and other sites.\n\nhttps://github.com/d30sa1/RootKits-List-Download\n\n#infosec #pentesting #redteam\n\n\u200b\u200bspotexfil (status: prototype)\n\nA simple attempt to exfiltrate data using spotify API, 300 bytes at a time. We can read a mini file (payload) and encode it inside a playlist description field via Spotify API. Really MVP/prototype, not meant for large files.\n\nhttps://github.com/sourcefrenchy/spotexfil\n\n#infosec #pentesting #redteam\n\n\u200b\u200bshellcode_exec_workerfactory\n\nJust another shellcode execution technique.\n\nhttps://gist.github.com/RistBS/fd4243d6df142d197920e2b72baa3cdd\n\n#infosec #pentesting #redteam\n\n\u200b\u200bAwesome Cobalt Strike\n\n\u2022 The first part is a collection of quality articles about Cobalt Strike.\n\u2022 The third part is about the integration of the new features BOF resources.\n\u2022 This project is to solve the problem of not finding the right aggressor script or BOF when it is needed.\n\nhttps://github.com/zer0yu/Awesome-CobaltStrike\n\n#infosec #pentesting #redteam\n\n\u200b\u200bHacking Neural Networks\n\nThis is a short introduction on methods that use neural networks in an offensive manner (bug hunting, shellcode obfuscation, etc.) and how to exploit neural networks found in the wild (information extraction, malware injection, backdooring, etc.).\n\nhttps://github.com/tigthor/neural-network-hacking\n\n#infosec #pentesting #redteam\n\n\u200b\u200bOffensive Security Tools\n\nHere you will find a useful collection of commands and file resource locations used in Pentesting operations. This reference is will go hand in hand with Kali Linux and the OSCP.\n\nhttps://github.com/Totes5706/Offensive-Security-Cheat-Sheet\n\n#infosec #pentesting #redteam\n\n\u200b\u200bSocialhunte\n\nCrawls the website and finds broken social media links that can be hijacked.\n\nhttps://github.com/utkusen/socialhunter\n\n#pentesting #redteam #bugbounty\n\n\u200b\u200bJustRepository RedTeam\n\nThese are repository for tools and code I modify and compile for fun (?). Note that \"use this for educational purposes only\".\n\nhttps://github.com/dxnboy/redteam\n\n#infosec #pentesting #redteam\n\n\u200b\u200bPenny Testing Tools\n\nA combination of Offensive Security tools and scripts for Red Teamers & Penetration Testers.\n\nhttps://github.com/zruvv/OffensiveSecurity\n\n#infosec #pentesting #redteam\n\n\u200b\u200bOSCP personal cheatsheet\n\nhttps://github.com/Luizfsn/offensive-security-practices-cheatsheet\n\n#infosec #pentesting #redteam\n\n\u200b\u200bVulnerable-AD\n\nCreate a vulnerable active directory that's allowing you to test most of active directory attacks in local lab.\n\nhttps://github.com/WazeHell/vulnerable-AD\n\n#cybersecurity #infosec #pentesting\n\nhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory", "creation_timestamp": "2023-05-07T16:32:40.000000Z"}, {"uuid": "331a82d6-7316-4a8a-99c4-03f160636689", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23805", "type": "seen", "source": "https://t.me/cibsecurity/36896", "content": "\u203c CVE-2022-23805 \u203c\n\nA security out-of-bounds read information disclosure vulnerability in Trend Micro Worry-Free Business Security Server could allow a local attacker to send garbage data to a specific named pipe and crash the server. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-05T02:42:30.000000Z"}, {"uuid": "503c27bc-9226-4b02-b81a-5bf71c6a7bb8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23808", "type": "seen", "source": "https://t.me/cibsecurity/36089", "content": "\u203c CVE-2022-23808 \u203c\n\nAn issue was discovered in phpMyAdmin 5.1 before 5.1.2. An attacker can inject malicious code into aspects of the setup script, which can allow XSS or HTML injection.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-22T07:13:55.000000Z"}, {"uuid": "243631b4-87fb-42d2-b875-2dcbbe4c5b2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23807", "type": "seen", "source": "https://t.me/cibsecurity/36090", "content": "\u203c CVE-2022-23807 \u203c\n\nAn issue was discovered in phpMyAdmin 4.9 before 4.9.8 and 5.1 before 5.1.2. A valid user who is already authenticated to phpMyAdmin can manipulate their account to bypass two-factor authentication for future login instances.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-22T07:13:56.000000Z"}, {"uuid": "9d49b9e8-2704-4d24-8a15-de713a960c21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23807", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-027-02", "content": "", "creation_timestamp": "2026-01-27T11:00:00.000000Z"}, {"uuid": "67604713-66c2-4b56-937d-3a1d2d466b80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23808", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-027-02", "content": "", "creation_timestamp": "2026-01-27T11:00:00.000000Z"}, {"uuid": "90ff2528-6d75-4232-90a2-b338b075232f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23808", "type": "published-proof-of-concept", "source": "https://t.me/poxek/2178", "content": "phpMyAdmin Exploit CVE-2022-23808\nphpMyAdmin 5.1.1 - XSS (Cross-site Scripting)\nhttps://github.com/dipakpanchal456/CVE-2022-23808\n\n\u0414\u043d\u0435\u0432\u043d\u0438\u043a \u0411\u0435\u0437\u043e\u043f\u0430\u0441\u043d\u0438\u043a\u0430 \ud83d\udee1", "creation_timestamp": "2022-08-13T21:02:15.000000Z"}, {"uuid": "5fecdf25-5dfa-4228-9842-37e8f805eb41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23808", "type": "published-proof-of-concept", "source": "https://t.me/jokerplstaeen/17188", "content": "CVE-2022-23808\n\nphpMyAdmin Exploit\n\nhttps://github.com/dipakpanchal456/CVE-2022-23808\u2026\n\n#cve #infosec #pentesting\nt.me/hackgit/8574\u2026", "creation_timestamp": "2023-05-19T22:51:58.000000Z"}, {"uuid": "d74c80d9-ed28-403d-9910-35d2ffd4928d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23801", "type": "seen", "source": "https://t.me/cibsecurity/39835", "content": "\u203c CVE-2022-23801 \u203c\n\nAn issue was discovered in Joomla! 4.0.0 through 4.1.0. Possible XSS atack vector through SVG embedding in com_media.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-30T20:12:35.000000Z"}, {"uuid": "eaf50d75-99a4-4ef4-aac6-2e56801dafaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23804", "type": "seen", "source": "https://t.me/cibsecurity/37608", "content": "\u203c CVE-2022-23804 \u203c\n\nA stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon ReadIJCoord coordinate parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010. A specially-crafted gerber or excellon file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-16T20:42:22.000000Z"}, {"uuid": "83982f56-aefc-4efc-b8a3-65848ce87a18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23803", "type": "seen", "source": "https://t.me/cibsecurity/37596", "content": "\u203c CVE-2022-23803 \u203c\n\nA stack-based buffer overflow vulnerability exists in the Gerber Viewer gerber and excellon ReadXYCoord coordinate parsing functionality of KiCad EDA 6.0.1 and master commit de006fc010. A specially-crafted gerber or excellon file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-16T20:36:22.000000Z"}, {"uuid": "97d07c02-5b75-4613-8cc7-0a903716f37a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2380", "type": "seen", "source": "https://t.me/cibsecurity/46184", "content": "\u203c CVE-2022-2380 \u203c\n\nThe Linux kernel was found vulnerable out of bounds memory access in the drivers/video/fbdev/sm712fb.c:smtcfb_read() function. The vulnerability could result in local attackers being able to crash the kernel.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-13T22:40:05.000000Z"}, {"uuid": "823a0e4d-4cb6-4966-8192-b944e2e01125", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23802", "type": "seen", "source": "https://t.me/cibsecurity/42152", "content": "\u203c CVE-2022-23802 \u203c\n\nJoomla Guru extension 5.2.5 is affected by: Insecure Permissions. The impact is: obtain sensitive information (remote). The component is: Access to private information and components, possibility to view other users' information. Information disclosure Access to private information and components, possibility to view other users' information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-06T22:23:20.000000Z"}, {"uuid": "088871cb-8e12-43d6-99de-7799a181e32d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23800", "type": "seen", "source": "https://t.me/cibsecurity/39854", "content": "\u203c CVE-2022-23800 \u203c\n\nAn issue was discovered in Joomla! 4.0.0 through 4.1.0. Inadequate content filtering leads to XSS vulnerabilities in various components.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-30T20:18:37.000000Z"}]}