{"vulnerability": "CVE-2023-2515", "sightings": [{"uuid": "90cba7df-d5d8-48b6-8115-43b5227a71be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25158", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m4jermtfhn2a", "content": "", "creation_timestamp": "2025-10-31T21:02:44.972286Z"}, {"uuid": "8cdcf47f-0ea9-4f88-9589-ea402698c9b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "seen", "source": "MISP/d0bda5d9-8cbc-4c6c-8803-a5e3150f9ec2", "content": "", "creation_timestamp": "2025-09-01T19:03:03.000000Z"}, {"uuid": "7b759162-0d18-4b68-a6e9-a04147bb8f5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "Telegram/JOnWoDmwftkTP4EZwsfWqiv1pZGPw9zw-lpRfHFalLfAlQ", "content": "", "creation_timestamp": "2023-12-19T14:41:47.000000Z"}, {"uuid": "caa5de5b-397c-484d-bc23-6fa9d25e8ff7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25158", "type": "published-proof-of-concept", "source": "https://t.me/LockBitChannels/86623", "content": "Instituto Argentino del Petr\u00f3leo y del Gas \n\nCVE: \n\nCVE-2023-25157\n\nTARGET: \n\nhttps://geopg.iapg.org.ar/geoserver/ows?service=WFS&version=1.0.0&request=GetFeature&typeName=GeoPG:areasPrecarga&CQL_FILTER=strStartswith(obj_version,%27%27%27%27)=true\n\nEXPLOIT (POC):\n\nhttps://github.com/win3zz/CVE-2023-25157 \n\nINFO: \n\nhttps://github.com/murataydemir/CVE-2023-25157-and-CVE-2023-25158", "creation_timestamp": "2024-08-23T05:27:52.000000Z"}, {"uuid": "f8db24f6-7cac-44d2-8b5a-0f6adaadd379", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25158", "type": "published-proof-of-concept", "source": "https://t.me/LockBitChannels/114102", "content": "Instituto Argentino del Petr\u00f3leo y del Gas \n\nCVE: \n\nCVE-2023-25157\n\nTARGET: \n\nhttps://geopg.iapg.org.ar/geoserver/ows?service=WFS&version=1.0.0&request=GetFeature&typeName=GeoPG:areasPrecarga&CQL_FILTER=strStartswith(obj_version,%27%27%27%27)=true\n\nEXPLOIT (POC):\n\nhttps://github.com/win3zz/CVE-2023-25157 \n\nINFO: \n\nhttps://github.com/murataydemir/CVE-2023-25157-and-CVE-2023-25158", "creation_timestamp": "2024-09-25T14:32:27.000000Z"}, {"uuid": "1675dece-f2ca-407f-abe9-f116be283f05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "Telegram/97o8H92ysPogWiZPdtoiRG_yDzZCyat-wYa5JUnG0_YL0po", "content": "", "creation_timestamp": "2024-07-11T05:37:18.000000Z"}, {"uuid": "d7a6f84f-268b-4a7d-b79b-f5bf0ea33e3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25158", "type": "published-proof-of-concept", "source": "Telegram/97o8H92ysPogWiZPdtoiRG_yDzZCyat-wYa5JUnG0_YL0po", "content": "", "creation_timestamp": "2024-07-11T05:37:18.000000Z"}, {"uuid": "99fb26b0-4d16-40a6-8dd3-52fa622ef323", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "https://t.me/LockBitChannels/86623", "content": "Instituto Argentino del Petr\u00f3leo y del Gas \n\nCVE: \n\nCVE-2023-25157\n\nTARGET: \n\nhttps://geopg.iapg.org.ar/geoserver/ows?service=WFS&version=1.0.0&request=GetFeature&typeName=GeoPG:areasPrecarga&CQL_FILTER=strStartswith(obj_version,%27%27%27%27)=true\n\nEXPLOIT (POC):\n\nhttps://github.com/win3zz/CVE-2023-25157 \n\nINFO: \n\nhttps://github.com/murataydemir/CVE-2023-25157-and-CVE-2023-25158", "creation_timestamp": "2024-08-23T05:27:52.000000Z"}, {"uuid": "ffb211e7-6be2-4a1f-8a09-2818b231aa16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25158", "type": "published-proof-of-concept", "source": "Telegram/IWS_vdKP8sgrY5gLgCPrkZk-LHS_2k9xWX1yT9cotUmlo2Uy", "content": "", "creation_timestamp": "2025-01-18T21:56:29.000000Z"}, {"uuid": "0ebf9ebf-08b8-4c3f-b936-abd109976466", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25158", "type": "published-proof-of-concept", "source": "Telegram/OEg8HrPyF37J-vNyvgAbgVfH1cND-LUmbo1w5fnZbA97NXU_", "content": "", "creation_timestamp": "2025-01-07T05:08:53.000000Z"}, {"uuid": "ac75f51c-2cdf-421b-ad12-69382bdfa181", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "Telegram/IWS_vdKP8sgrY5gLgCPrkZk-LHS_2k9xWX1yT9cotUmlo2Uy", "content": "", "creation_timestamp": "2025-01-18T21:56:29.000000Z"}, {"uuid": "c3ba21dd-135c-44bf-a512-b84465211d7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "Telegram/1-fQEAf9zdZhP8U9JlfhshUKIf_oGTilQHlR5yefhegAE4Q", "content": "", "creation_timestamp": "2024-09-25T14:32:41.000000Z"}, {"uuid": "11471d47-ef75-4bb1-be91-6e0333abcacb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25158", "type": "published-proof-of-concept", "source": "Telegram/1-fQEAf9zdZhP8U9JlfhshUKIf_oGTilQHlR5yefhegAE4Q", "content": "", "creation_timestamp": "2024-09-25T14:32:41.000000Z"}, {"uuid": "e8887048-144e-41e1-8ea2-0d291c6229ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "Telegram/cGZe9HOatBOpRYxdc_GFENPohKeQJpSX-0mFvbmC9TF0oFk", "content": "", "creation_timestamp": "2024-09-21T11:51:23.000000Z"}, {"uuid": "9e61c733-6bd7-42ef-a53a-5e384b33b0aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25158", "type": "published-proof-of-concept", "source": "Telegram/cGZe9HOatBOpRYxdc_GFENPohKeQJpSX-0mFvbmC9TF0oFk", "content": "", "creation_timestamp": "2024-09-21T11:51:23.000000Z"}, {"uuid": "ca0df3e0-b85f-46ef-abe1-437a07aa0f11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "Telegram/OEg8HrPyF37J-vNyvgAbgVfH1cND-LUmbo1w5fnZbA97NXU_", "content": "", "creation_timestamp": "2025-01-07T05:08:53.000000Z"}, {"uuid": "5a0be299-622c-4724-8c08-92dd21f00ef7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "Telegram/gj93P2l6tR-CQpz0ZmAmr4u1uuySqvPbjtdUoITSQlSP_pI", "content": "", "creation_timestamp": "2024-08-23T05:27:58.000000Z"}, {"uuid": "1e21448f-f75c-45c3-8dc7-50ea3e538af0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25158", "type": "published-proof-of-concept", "source": "Telegram/gj93P2l6tR-CQpz0ZmAmr4u1uuySqvPbjtdUoITSQlSP_pI", "content": "", "creation_timestamp": "2024-08-23T05:27:58.000000Z"}, {"uuid": "644406e1-b27a-4b49-a58e-d473436e6963", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "Telegram/8kuZMeQDWj_3Y_Wh_LQrqlGxyf7tVz7n1SRMvSXmlKlfrS8", "content": "", "creation_timestamp": "2024-07-11T05:37:18.000000Z"}, {"uuid": "24ea0b50-aca8-4d2f-bb7e-11038eeef5ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25158", "type": "published-proof-of-concept", "source": "Telegram/8kuZMeQDWj_3Y_Wh_LQrqlGxyf7tVz7n1SRMvSXmlKlfrS8", "content": "", "creation_timestamp": "2024-07-11T05:37:18.000000Z"}, {"uuid": "75412e4c-1511-4e1f-a230-a8da7594e9a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "Telegram/YPm32P-WEyXZllEMMX6jFyEMx74cXHg-kYQSgLhhSq5D2wA", "content": "", "creation_timestamp": "2023-07-26T18:43:05.000000Z"}, {"uuid": "ed3e2fe1-5fad-4e9f-a16c-b41b76cbbb5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/1129", "content": "CVE-2023-25157 - \u062a\u0632\u0631\u06cc\u0642 SQL \u062f\u0631 GeoServer\n\n\u0645\u0645\u06a9\u0646 \u0627\u0633\u062a \u0633\u0631\u0648\u06cc\u0633\u200c\u0647\u0627\u06cc\u06cc \u0648\u062c\u0648\u062f \u062f\u0627\u0634\u062a\u0647 \u0628\u0627\u0634\u0646\u062f \u06a9\u0647 \u0647\u0646\u0648\u0632 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc\u200c\u0647\u0627\u06cc geoserver \u062f\u0631 \u0622\u0646\u0647\u0627 \u0628\u0647\u200c\u0631\u0648\u0632 \u0646\u0634\u062f\u0647 \u0628\u0627\u0634\u062f\u060c \u0628\u0646\u0627\u0628\u0631\u0627\u06cc\u0646 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u06cc\u062f \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 gau \u06cc\u0627 wayback \u0628\u0647 \u062c\u0633\u062a\u062c\u0648\u06cc /geoserver/ows \u0628\u067e\u0631\u062f\u0627\u0632\u06cc\u062f \u0648 \u0634\u0627\u0646\u0633 \u062e\u0648\u062f \u0631\u0627 \u0627\u0645\u062a\u062d\u0627\u0646 \u06a9\u0646\u06cc\u062f.\nwaybackurl domain[.]com | grep '/geoserver/ows/'\n\nCVE-2023-25157 - GeoServer SQL Injection\n\nThere may be services where geoserver vulnerabilities are still not updated, so you can search /geoserver/ows with gau or wayback and try your luck. \nwaybackurl domain[.]com | grep '/geoserver/ows/'\nPOC: https://github.com/win3zz/CVE-2023-25157", "creation_timestamp": "2024-05-21T11:16:07.000000Z"}, {"uuid": "76372044-b528-46f5-a25e-ce1ceec85982", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25155", "type": "seen", "source": "https://t.me/cibsecurity/59307", "content": "\u203c CVE-2023-25155 \u203c\n\nRedis is an in-memory database that persists on disk. Authenticated users issuing specially crafted `SRANDMEMBER`, `ZRANDMEMBER`, and `HRANDFIELD` commands can trigger an integer overflow, resulting in a runtime assertion and termination of the Redis server process. This problem affects all Redis versions. Patches were released in Redis version(s) 6.0.18, 6.2.11 and 7.0.9.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-02T07:34:06.000000Z"}, {"uuid": "008c5113-4971-4ce6-95de-2d9999f7501e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25153", "type": "seen", "source": "https://t.me/cibsecurity/58328", "content": "\u203c CVE-2023-25153 \u203c\n\ncontainerd is an open source container runtime. Before versions 1.6.18 and 1.5.18, when importing an OCI image, there was no limit on the number of bytes read for certain files. A maliciously crafted image with a large file where a limit was not applied could cause a denial of service. This bug has been fixed in containerd 1.6.18 and 1.5.18. Users should update to these versions to resolve the issue. As a workaround, ensure that only trusted images are used and that only trusted users have permissions to import images.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-16T18:12:36.000000Z"}, {"uuid": "eb98207e-d87e-4c6c-b35e-be9467cc98ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "seen", "source": "MISP/d17bd6ef-d68b-317b-ac33-cdbc44c5fc57", "content": "", "creation_timestamp": "2025-08-31T03:13:01.000000Z"}, {"uuid": "05966ab3-525f-46ab-b9c2-969b66fe2fc6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4498", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-25157 - GeoServer SQL Injection - PoC\nURL\uff1ahttps://github.com/win3zz/CVE-2023-25157\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-06-06T14:16:00.000000Z"}, {"uuid": "55da205d-5bb8-44c2-9457-70b4d8bd69f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25158", "type": "published-proof-of-concept", "source": "https://t.me/LockBitChannels/51257", "content": "Instituto Argentino del Petr\u00f3leo y del Gas \n\nCVE: \n\nCVE-2023-25157\n\nTARGET: \n\nhttps://geopg.iapg.org.ar/geoserver/ows?service=WFS&version=1.0.0&request=GetFeature&typeName=GeoPG:areasPrecarga&CQL_FILTER=strStartswith(obj_version,%27%27%27%27)=true\n\nEXPLOIT (POC):\n\nhttps://github.com/win3zz/CVE-2023-25157 \n\nINFO: \n\nhttps://github.com/murataydemir/CVE-2023-25157-and-CVE-2023-25158", "creation_timestamp": "2024-09-25T14:32:29.000000Z"}, {"uuid": "35933e55-4fd2-40e1-9dba-b85b06cd7df1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25158", "type": "published-proof-of-concept", "source": "https://t.me/LockBitChannels/46741", "content": "Instituto Argentino del Petr\u00f3leo y del Gas \n\nCVE: \n\nCVE-2023-25157\n\nTARGET: \n\nhttps://geopg.iapg.org.ar/geoserver/ows?service=WFS&version=1.0.0&request=GetFeature&typeName=GeoPG:areasPrecarga&CQL_FILTER=strStartswith(obj_version,%27%27%27%27)=true\n\nEXPLOIT (POC):\n\nhttps://github.com/win3zz/CVE-2023-25157 \n\nINFO: \n\nhttps://github.com/murataydemir/CVE-2023-25157-and-CVE-2023-25158", "creation_timestamp": "2024-09-21T11:50:57.000000Z"}, {"uuid": "7aaf213f-bd42-4935-be97-fc09a908303e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "https://t.me/LockBitChannels/23073", "content": "Instituto Argentino del Petr\u00f3leo y del Gas \n\nCVE: \n\nCVE-2023-25157\n\nTARGET: \n\nhttps://geopg.iapg.org.ar/geoserver/ows?service=WFS&version=1.0.0&request=GetFeature&typeName=GeoPG:areasPrecarga&CQL_FILTER=strStartswith(obj_version,%27%27%27%27)=true\n\nEXPLOIT (POC):\n\nhttps://github.com/win3zz/CVE-2023-25157 \n\nINFO: \n\nhttps://github.com/murataydemir/CVE-2023-25157-and-CVE-2023-25158", "creation_timestamp": "2024-08-23T05:27:54.000000Z"}, {"uuid": "9c1eb344-1a09-4d33-b789-3802c9b57d60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25158", "type": "published-proof-of-concept", "source": "https://t.me/LockBitChannels/23073", "content": "Instituto Argentino del Petr\u00f3leo y del Gas \n\nCVE: \n\nCVE-2023-25157\n\nTARGET: \n\nhttps://geopg.iapg.org.ar/geoserver/ows?service=WFS&version=1.0.0&request=GetFeature&typeName=GeoPG:areasPrecarga&CQL_FILTER=strStartswith(obj_version,%27%27%27%27)=true\n\nEXPLOIT (POC):\n\nhttps://github.com/win3zz/CVE-2023-25157 \n\nINFO: \n\nhttps://github.com/murataydemir/CVE-2023-25157-and-CVE-2023-25158", "creation_timestamp": "2024-08-23T05:27:54.000000Z"}, {"uuid": "de65f047-63ea-43eb-8b63-a68cb9fb88d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "https://t.me/k7ali_linux/16", "content": "#sql\nCVE: CVE-2023-25157\n\n_____________________________\n\nCVE-2023-25157 - GeoServer SQL Injection - PoC\n\n_____________________________\n\n\nThis script is a proof of concept for OGC Filter SQL Injection vulnerabilities in GeoServer, a popular open-source software server for sharing geospatial data. It sends requests to the target URL and exploits potential vulnerabilities by injecting malicious payloads into the CQL_FILTER parameter. For experimental purposes, the script uses SELECT version() SQL statement as payload.\n\n\n\n\nSQL Injection : PoC\n\npython3 CVE-2023-25157.py \n\n\n\n\ngoogle dork : inurl:\"/geoserver/ows?service=wfs\"", "creation_timestamp": "2023-07-24T00:48:15.000000Z"}, {"uuid": "a98d3d28-1e19-4309-b949-e201bd91d3dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "Telegram/ASDRpP9GiU4JO8pOjmGxmddBerQfe_KbWsxU6W9kHCoKk1U", "content": "", "creation_timestamp": "2024-08-23T05:27:59.000000Z"}, {"uuid": "1df3afc1-587f-40ff-873a-bf478e4c3a37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25158", "type": "published-proof-of-concept", "source": "Telegram/ASDRpP9GiU4JO8pOjmGxmddBerQfe_KbWsxU6W9kHCoKk1U", "content": "", "creation_timestamp": "2024-08-23T05:27:59.000000Z"}, {"uuid": "e6a73f8e-0aa6-4103-9cee-459777d69d07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "seen", "source": "https://t.me/arpsyndicate/840", "content": "#ExploitObserverAlert\n\nCVE-2023-25157\n\nDESCRIPTION: Exploit Observer has 26 entries related to CVE-2023-25157. GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. GeoServer includes support for the OGC Filter expression language and the OGC Common Query Language (CQL) as part of the Web Feature Service (WFS) and Web Map Service (WMS) protocols.  CQL is also supported through the Web Coverage Service (WCS) protocol for ImageMosaic coverages. Users are advised to upgrade to either version 2.21.4, or version 2.22.2 to resolve this issue. Users unable to upgrade should disable the PostGIS Datastore *encode functions* setting to mitigate ``strEndsWith``, ``strStartsWith`` and ``PropertyIsLike `` misuse and enable the PostGIS DataStore *preparedStatements* setting to mitigate the ``FeatureId`` misuse.\n\nFIRST-EPSS: 0.386710000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-01T07:50:58.000000Z"}, {"uuid": "0ca10e27-8a4f-481a-8117-0123a917b25d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "seen", "source": "https://t.me/arpsyndicate/812", "content": "#ExploitObserverAlert\n\nCVE-2023-25157\n\nDESCRIPTION: Exploit Observer has 27 entries related to CVE-2023-25157. GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. GeoServer includes support for the OGC Filter expression language and the OGC Common Query Language (CQL) as part of the Web Feature Service (WFS) and Web Map Service (WMS) protocols.  CQL is also supported through the Web Coverage Service (WCS) protocol for ImageMosaic coverages. Users are advised to upgrade to either version 2.21.4, or version 2.22.2 to resolve this issue. Users unable to upgrade should disable the PostGIS Datastore *encode functions* setting to mitigate ``strEndsWith``, ``strStartsWith`` and ``PropertyIsLike `` misuse and enable the PostGIS DataStore *preparedStatements* setting to mitigate the ``FeatureId`` misuse.\n\nFIRST-EPSS: 0.386710000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-11-30T09:38:39.000000Z"}, {"uuid": "7e1bee30-41eb-42a9-ab9a-8e92fcb81d39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "Telegram/m7MxC6hm7ItAhposRvk8IiGwxjG9a9shiloiRAer3HT2F9U", "content": "", "creation_timestamp": "2024-09-25T14:32:41.000000Z"}, {"uuid": "352eb423-3ae0-479b-8c5b-c04ba02e0c96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25158", "type": "published-proof-of-concept", "source": "Telegram/m7MxC6hm7ItAhposRvk8IiGwxjG9a9shiloiRAer3HT2F9U", "content": "", "creation_timestamp": "2024-09-25T14:32:41.000000Z"}, {"uuid": "a0248481-d7db-48ac-a5f2-01d09f4cd702", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "Telegram/3no4dIg2k44AvUb6sgqwXmgAoKxKI2JtekpyDANlNcY6rY8", "content": "", "creation_timestamp": "2024-09-21T11:51:17.000000Z"}, {"uuid": "adb2e729-b040-42c2-a86e-0ad290c7353b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25158", "type": "published-proof-of-concept", "source": "Telegram/3no4dIg2k44AvUb6sgqwXmgAoKxKI2JtekpyDANlNcY6rY8", "content": "", "creation_timestamp": "2024-09-21T11:51:17.000000Z"}, {"uuid": "184be287-d85e-47ef-bc69-d2af82d27d29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "Telegram/sI95sQqr7vmPeKfqrt4vEXMsY3f0wQ-hn7oUnpwK6uLzntML", "content": "", "creation_timestamp": "2025-01-18T21:56:31.000000Z"}, {"uuid": "4d6be71d-c961-4c03-90ab-b46b6296429f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25158", "type": "published-proof-of-concept", "source": "Telegram/73P5n3sLX9SuBPcHTMorCEYvblMCOZyJ2AhQRHcKBTQ8fynE", "content": "", "creation_timestamp": "2024-12-20T09:39:30.000000Z"}, {"uuid": "fca6101e-c3b0-4fe2-95a9-48f4e63f6052", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25158", "type": "published-proof-of-concept", "source": "Telegram/NRpQJui_QPN-VwWhVrsL5-YH0LXmaCMbhtvD462cnLE5yAgk", "content": "", "creation_timestamp": "2025-01-07T05:08:50.000000Z"}, {"uuid": "78a8a9be-47e5-4b1e-8123-156cfae95b90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25158", "type": "published-proof-of-concept", "source": "Telegram/sI95sQqr7vmPeKfqrt4vEXMsY3f0wQ-hn7oUnpwK6uLzntML", "content": "", "creation_timestamp": "2025-01-18T21:56:31.000000Z"}, {"uuid": "57946235-e3e2-4f15-b704-ecd5bd037ed0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "Telegram/NRpQJui_QPN-VwWhVrsL5-YH0LXmaCMbhtvD462cnLE5yAgk", "content": "", "creation_timestamp": "2025-01-07T05:08:50.000000Z"}, {"uuid": "78c64298-7ccc-4aa9-aace-0abd3d90daa0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "Telegram/73P5n3sLX9SuBPcHTMorCEYvblMCOZyJ2AhQRHcKBTQ8fynE", "content": "", "creation_timestamp": "2024-12-20T09:39:30.000000Z"}, {"uuid": "70248750-4285-4e1d-a199-a41467cb936d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "https://t.me/Shade_Black_Hacker/429", "content": "\ud83d\udca5GeoServer SQL Injection Vulnerability Analysis (CVE-2023-25157)\n\nSQL Injection Vulnerabilities have been found with:\n\ud83d\udcbe PropertyIsLike filter, when used with a String field and any database DataStore, or with a PostGIS DataStore with encode functions enabled\n\ud83d\udcbe strEndsWith function, when used with a PostGIS DataStore with encode functions enabled\n\ud83d\udcbe strStartsWith function, when used with a PostGIS DataStore with encode functions enabled\n\ud83d\udcbe FeatureId filter, when used with any database table having a String primary key column and when prepared statements are disabled\n\ud83d\udcbe jsonArrayContains function, when used with a String or JSON field and with a PostGIS or Oracle DataStore (GeoServer 2.22.0+ only)\n\ud83d\udcbe DWithin filter, when used with an Oracle DataStore\n\n\n\ud83d\udd16CVE-2023-25157 - GeoServer SQL Injection - PoC\n\nUsage:\npython3 CVE-2023-25157.py ", "creation_timestamp": "2023-08-05T07:42:03.000000Z"}, {"uuid": "3c5fcda1-2356-4c28-b06f-3a795e9965c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/3733", "content": "CVE-2023-25157\n\nGET /geoserver/ows?service=wfs&version=1.0.0&request=GetFeature&typeNamosloe=gwpd:chinamap11&CQL_FILTER=strStartsWith%28Vatican City%2C%27x%27%27%29+%3D+true+and+1%3D%28SELECT+CAST+%28%28SELECT+version()%29+AS+INTEGER%29%29+--+%27%29+%3D+true HTTP/1.1", "creation_timestamp": "2023-12-26T13:18:41.000000Z"}, {"uuid": "3fcb3a2f-f50a-46d9-afa6-93e524548a8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/3699", "content": "CVE-2023-25157\n\nGET /geoserver/ows?service=wfs&version=1.0.0&request=GetFeature&typeName=gwpd:chinamap11&CQL_FILTER=strStartsWith%28Vatican City%2C%27x%27%27%29+%3D+true+and+1%3D%28SELECT+CAST+%28%28SELECT+version()%29+AS+INTEGER%29%29+--+%27%29+%3D+true HTTP/1.1\n\n#poc  #exploit", "creation_timestamp": "2023-12-20T13:43:29.000000Z"}, {"uuid": "fbf608f5-f5b4-453a-850f-a28360e9c441", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3082", "content": "Tools \ud83d\udd27 \ud83d\udd28  \ud83d\udd27 -  Hackers Factory\n\n\u200b\u200bspraycharles\n\nLow and slow password spraying tool, designed to spray on an interval over a long period of time.\n\nhttps://github.com/Tw1sm/spraycharles\n\n#infosec #pentesting #redteam\n\n\u200b\u200bCloudflare Tunnel Ingress Controller\n\nTLDR; This project simplifies exposing Kubernetes services to the internet easily and securely using Cloudflare Tunnel.\n\nhttps://github.com/STRRL/cloudflare-tunnel-ingress-controller\n\n#cybersecurity #infosec\n\n\u200b\u200bCVE-2023-25157\n\nThis is a simple Python Script to Find the Latest GeoServer SQL Injection Vulnerability. You can use the Scripts on hosts to check for infected path.\n\nhttps://github.com/0x2458bughunt/CVE-2023-25157\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bCVE-2023-0630\n\nSlimstat Analytics < 4.9.3.3 - Subscriber+ SQL Injection.\n\nhttps://github.com/RandomRobbieBF/CVE-2023-0630\n\n#cve #cybersecurity #infosec\n\nStolen-CVE-2022\n\nArbitrary File Delete Elevation of Privilege through Operating System Check of HP Support Assistant.\n\nhttps://github.com/sp3arm4n/Stolen-CVE-2022\n\n#cybersecurity #infosec\n\n\u200b\u200btoxssin \n\nPenetration testing tool that automates the process of exploiting Cross-Site Scripting (XSS) vulnerabilities. It consists of an https server that works as an interpreter for the traffic generated by the malicious JavaScript payload that powers this tool (toxin.js).\n\nThis project started as (and still is) a research-based creative endeavor to explore the exploitability depth that an XSS vulnerability may introduce by using vanilla JavaScript, trusted certificates and cheap tricks.\n\nhttps://github.com/t3l3machus/toxssin\n\n#infosec #pentesting #redteam\n\n\u200b\u200bonedrive_user_enum v2.00\n\nPentest tool to enumerate valid o365 users.\n\nhttps://github.com/nyxgeek/onedrive_user_enum\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bModuleShifting\n\nStealthier variation of Module Stomping and Module Overloading injection techniques that reduces memory IoCs. Implemented in Python ctypes.\n\nhttps://github.com/naksyn/ModuleShifting\n\n#infosec #pentesting #redteam\n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-06-12T12:46:44.000000Z"}, {"uuid": "b9e6fdd5-fa21-402b-835b-7a8bb03babbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3079", "content": "Tools \ud83d\udd27 \ud83d\udd28 - Hackers Factory\n\nGrype\n\nA vulnerability scanner for container images and filesystems. Easily install the binary to try it out. Works with Syft, the powerful SBOM (software bill of materials) tool for container images and filesystems.\n\nhttps://github.com/anchore/grype\n\n#cybersecurity #infosec #best\n\nCatSniffer\n\nCatSniffer is an original multiprotocol, and multiband board made for sniffing, communicating, and attacking IoT (Internet of Things) devices. It was designed as a highly portable USB stick that integrates the new chips TI CC1352, Semtech SX1262, and Microchip SAMD21E17.\n\nhttps://github.com/ElectronicCats/CatSniffer\n\n#cybersecurity #infosec #pentesting\n\nCVE-2023-25157 \n\nGeoServer SQL Injection - PoC.\n\nhttps://github.com/win3zz/CVE-2023-25157\n\n#cve #cybersecurity #infosec\n\nSYSCALL_API\n\nsyscall_api.asm block is used for dynamically finding the syscall number (SN) inside a function body and performing a manual syscall with the found SN.\n\nhttps://github.com/EgeBalci/syscall_api\n\n#cybersecurity #infosec\n\nEbpfguard\n\nRust library for writing Linux security policies using eBPF.\n\nhttps://github.com/deepfence/ebpfguard\n\n#cybersecurity #infosec\n\nRust Process Herpaderping\n\nRust implementation of the Process Herpaderping original PoC.\n\nhttps://github.com/secur30nly/rust-herpaderping\n\n#cybersecurity #infosec\n\ntun2socks\n\nPowered by gVisor TCP/IP stack.\n\nhttps://github.com/xjasonlyu/tun2socks\n\n#cybersecurity #infosec #privacy\n\nOffensive Bookmarks\n\nA collection of bookmarks for penetration testers, bug bounty hunters, malware developers, reverse engineers and anyone who is just interested in infosec topics.\n\nhttps://github.com/kargisimos/offensive-bookmarks\n\n#infosec #pentesting #redteam\n\nSynergy Httpx\n\nA Python http(s) server designed to assist in red teaming activities such as receiving intercepted data via POST requests and serving content dynamically (e.g. payloads).\n\nhttps://github.com/t3l3machus/Synergy-httpx\n\n#infosec #pentesting #redteam\n\nCSRFShark\n\nA utility for manipulating cross-site request forgery attacks. It allows to easily generate a CSRF PoC based on a given HTTP/CURL requests with further possibility to get a permanent link to the result.\n\nhttps://github.com/csrfshark/app\n\nWeb:\nhttps://csrfshark.github.io/app/\n\n#infosec #pentesting #bugbounty #tools #cybersecurity \nhttps://t.me/dilagrafie", "creation_timestamp": "2023-06-07T15:39:22.000000Z"}, {"uuid": "8bc03af0-70f9-43f0-b0ed-19368d7d5d9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "seen", "source": "https://t.me/jokerplstaeen/21018", "content": "\u200f\u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u0627\u0644\u0643\u0648\u062f \u0627\u0644\u0628\u0631\u0645\u062c\u064a\u0629 \u0644\u0627\u0633\u062a\u063a\u0644\u0627\u0644 \u062b\u063a\u0631\u0629   \u200e#WinRAR CVE-2023-25157, \u0644\u0625\u0635\u0627\u0628\u0629 \u0627\u0644\u0645\u0633\u062a\u062e\u062f\u0645\u064a\u0646 \u0628\u0628\u0631\u0645\u062c\u064a\u0629 Venom \u0627\u0644\u0636\u0627\u0631\u0629.\n\u0627\u0644\u062e\u0628\u0631: https://thehackernews.com/2023/09/beware-fake-exploit-for-winrar.html?m=1\n\u200e#\u0627\u0644\u0627\u0645\u0646_\u0627\u0644\u0633\u064a\u0628\u0631\u0627\u0646\u064a", "creation_timestamp": "2023-09-21T22:18:12.000000Z"}, {"uuid": "0c34bb18-e9ee-47e9-9ea3-a3c9d1c8c546", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25158", "type": "seen", "source": "https://t.me/cibsecurity/58646", "content": "\u203c CVE-2023-25158 \u203c\n\nGeoTools is an open source Java library that provides tools for geospatial data. GeoTools includes support for OGC Filter expression language parsing, encoding and execution against a range of datastore. SQL Injection Vulnerabilities have been found when executing OGC Filters with JDBCDataStore implementations. Users are advised to upgrade to either version 27.4 or to 28.2 to resolve this issue. Users unable to upgrade may disable `encode functions` for PostGIS DataStores or enable `prepared statements` for JDBCDataStores as a partial mitigation.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-22T00:47:05.000000Z"}, {"uuid": "90fdfcd8-70f5-4735-8b15-b926128f9e02", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "seen", "source": "https://t.me/cibsecurity/58649", "content": "\u203c CVE-2023-25157 \u203c\n\nGeoServer is an open source software server written in Java that allows users to share and edit geospatial data. GeoServer includes support for the OGC Filter expression language and the OGC Common Query Language (CQL) as part of the Web Feature Service (WFS) and Web Map Service (WMS) protocols. CQL is also supported through the Web Coverage Service (WCS) protocol for ImageMosaic coverages. Users are advised to upgrade to either version 2.21.4, or version 2.22.2 to resolve this issue. Users unable to upgrade should disable the PostGIS Datastore *encode functions* setting to mitigate ``strEndsWith``, ``strStartsWith`` and ``PropertyIsLike `` misuse and enable the PostGIS DataStore *preparedStatements* setting to mitigate the ``FeatureId`` misuse.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-22T00:47:08.000000Z"}, {"uuid": "dc61cc49-e69b-40f0-913f-e4656448a3d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25154", "type": "seen", "source": "https://t.me/cibsecurity/58706", "content": "\u203c CVE-2023-25154 \u203c\n\nMisskey is an open source, decentralized social media platform. In versions prior to 13.5.0 the link to the instance to the sender that appears when viewing a user or note received through ActivityPub is not properly validated, so by inserting a URL with a javascript scheme an attacker may execute JavaScript code in the context of the recipient. This issue has been fixed in version 13.5.0. Users are advised to upgrade. Users unable to upgrade should not \"view on remote\" for untrusted instances.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-23T00:52:04.000000Z"}, {"uuid": "cc49c925-bb60-4ef7-a183-c3c9a6e6fea3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25159", "type": "seen", "source": "https://t.me/cibsecurity/58014", "content": "\u203c CVE-2023-25159 \u203c\n\nNextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform, and Nextcloud Office is a document collaboration app for the same platform. Nextcloud Server 24.0.x prior to 24.0.8 and 25.0.x prior to 25.0.1, Nextcloud Enterprise Server 24.0.x prior to 24.0.8 and 25.0.x prior to 25.0.1, and Nextcloud Office (Richdocuments) App 6.x prior to 6.3.1 and 7.x prior to 7.0.1 have previews accessible without a watermark. The download should be hidden and the watermark should get applied. This issue is fixed in Nextcloud Server 25.0.1 and 24.0.8, Nextcloud Enterprise Server 25.0.1 and 24.0.8, and Nextcloud Office (Richdocuments) App 7.0.1 (for 25) and 6.3.1 (for 24). No known workarounds are available.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-13T20:30:01.000000Z"}, {"uuid": "3cf558ee-77b4-4a35-ba5c-b6e4f320daf0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25156", "type": "seen", "source": "https://t.me/cibsecurity/58241", "content": "\u203c CVE-2023-25156 \u203c\n\nKiwi TCMS, an open source test management system, does not impose rate limits in versions prior to 12.0. This makes it easier to attempt brute-force attacks against the login page. Users should upgrade to v12.0 or later to receive a patch. As a workaround, users may install and configure a rate-limiting proxy in front of Kiwi TCMS.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-15T18:50:16.000000Z"}, {"uuid": "de915bbd-69ce-41b8-bbbf-6ed524c95ed2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1728", "content": "CVE-2023-25157\n\nGET /geoserver/ows?service=wfs&version=1.0.0&request=GetFeature&typeName=gwpd:chinamap11&CQL_FILTER=strStartsWith%28Vatican City%2C%27x%27%27%29+%3D+true+and+1%3D%28SELECT+CAST+%28%28SELECT+version()%29+AS+INTEGER%29%29+--+%27%29+%3D+true HTTP/1.1\n\n#poc  #exploit", "creation_timestamp": "2023-12-19T16:07:49.000000Z"}, {"uuid": "df1bac70-eb3c-4f74-9038-f359f0d28fc2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/715", "content": "CVE-2023-25157 \n\n/geoserver/ows?service=wfs&version=1.0.0&request=GetFeature&typeName=osm:osm_places&CQL_FILTER=strStartsWith%28name%2C%27x%27%27%29+%3D+true+and+1%3D%28SELECT+CAST+%28%28SELECT+current_user%29+AS+INTEGER%29%29+--+%27%29+%3D+true\n\n#poc", "creation_timestamp": "2023-07-11T17:46:18.000000Z"}, {"uuid": "30616508-c580-49d9-bf61-f0dfbf4ae1e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "https://t.me/LearnExploit/5810", "content": "CVE-2023-25157\n\nGET /geoserver/ows?service=wfs&version=1.0.0&request=GetFeature&typeNamosloe=gwpd:chinamap11&CQL_FILTER=strStartsWith%28Vatican City%2C%27x%27%27%29+%3D+true+and+1%3D%28SELECT+CAST+%28%28SELECT+version()%29+AS+INTEGER%29%29+--+%27%29+%3D+true HTTP/1.1\n\n#CVE #Poc\n\u2014\u2014\u2014\u2014\u2014\u2014\n0Day.Today\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-12-24T14:25:25.000000Z"}, {"uuid": "78784782-6226-4173-b030-b1cc13a3f62e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/351", "content": "\ud83d\udca5GeoServer SQL Injection Vulnerability Analysis (CVE-2023-25157)\n\nSQL Injection Vulnerabilities have been found with:\n\ud83d\udcbe PropertyIsLike filter, when used with a String field and any database DataStore, or with a PostGIS DataStore with encode functions enabled\n\ud83d\udcbe strEndsWith function, when used with a PostGIS DataStore with encode functions enabled\n\ud83d\udcbe strStartsWith function, when used with a PostGIS DataStore with encode functions enabled\n\ud83d\udcbe FeatureId filter, when used with any database table having a String primary key column and when prepared statements are disabled\n\ud83d\udcbe jsonArrayContains function, when used with a String or JSON field and with a PostGIS or Oracle DataStore (GeoServer 2.22.0+ only)\n\ud83d\udcbe DWithin filter, when used with an Oracle DataStore\n\n\n\ud83d\udd16CVE-2023-25157 - GeoServer SQL Injection - PoC\n\nUsage:\npython3 CVE-2023-25157.py ", "creation_timestamp": "2024-08-16T08:08:21.000000Z"}, {"uuid": "1fe1db9c-db79-45c7-812d-1fc5d219e370", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25151", "type": "seen", "source": "https://t.me/cibsecurity/57797", "content": "\u203c CVE-2023-25151 \u203c\n\nopentelemetry-go-contrib is a collection of extensions for OpenTelemetry-Go. The v0.38.0 release of `go.opentelemetry.io/contrib/instrumentation/net/http/otelhttp` uses the `httpconv.ServerRequest` function to annotate metric measurements for the `http.server.request_content_length`, `http.server.response_content_length`, and `http.server.duration` instruments. The `ServerRequest` function sets the `http.target` attribute value to be the whole request URI (including the query string)[^1]. The metric instruments do not \"forget\" previous measurement attributes when `cumulative` temporality is used, this means the cardinality of the measurements allocated is directly correlated with the unique URIs handled. If the query string is constantly random, this will result in a constant increase in memory allocation that can be used in a denial-of-service attack. This issue has been addressed in version 0.39.0. Users are advised to upgrade. There are no known workarounds for this issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-08T22:25:26.000000Z"}, {"uuid": "409cadb6-b2d4-4beb-a44d-763c62927686", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25158", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4538", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aGeoServer & GeoTools SQL Injection (CVE-2023-25157 & CVE-2023-25158)\nURL\uff1ahttps://github.com/murataydemir/CVE-2023-25157-and-CVE-2023-25158\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-06-11T20:22:50.000000Z"}, {"uuid": "d0c55253-528b-4548-8257-6a61c8300485", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4538", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aGeoServer & GeoTools SQL Injection (CVE-2023-25157 & CVE-2023-25158)\nURL\uff1ahttps://github.com/murataydemir/CVE-2023-25157-and-CVE-2023-25158\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-06-11T20:22:50.000000Z"}, {"uuid": "bddb754d-0ed6-408f-a6cc-3a86934ee147", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4548", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aA script, written in golang. POC for CVE-2023-25157\nURL\uff1ahttps://github.com/7imbitz/CVE-2023-25157-checker\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-06-12T14:44:48.000000Z"}, {"uuid": "f865ad00-a6aa-421d-b27e-9858f603bd68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4657", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-25157 SQL injection vulnerability found in GeoServer\nURL\uff1ahttps://github.com/drfabiocastro/geoserver\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-07-01T13:41:13.000000Z"}, {"uuid": "e5a70a5e-8126-4d74-9713-11c5347ea839", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "https://t.me/LockBitChannels/51257", "content": "Instituto Argentino del Petr\u00f3leo y del Gas \n\nCVE: \n\nCVE-2023-25157\n\nTARGET: \n\nhttps://geopg.iapg.org.ar/geoserver/ows?service=WFS&version=1.0.0&request=GetFeature&typeName=GeoPG:areasPrecarga&CQL_FILTER=strStartswith(obj_version,%27%27%27%27)=true\n\nEXPLOIT (POC):\n\nhttps://github.com/win3zz/CVE-2023-25157 \n\nINFO: \n\nhttps://github.com/murataydemir/CVE-2023-25157-and-CVE-2023-25158", "creation_timestamp": "2024-09-25T14:32:29.000000Z"}, {"uuid": "b406d2c2-eae6-4cfc-bbbc-0dac9562b51e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "https://t.me/LockBitChannels/46741", "content": "Instituto Argentino del Petr\u00f3leo y del Gas \n\nCVE: \n\nCVE-2023-25157\n\nTARGET: \n\nhttps://geopg.iapg.org.ar/geoserver/ows?service=WFS&version=1.0.0&request=GetFeature&typeName=GeoPG:areasPrecarga&CQL_FILTER=strStartswith(obj_version,%27%27%27%27)=true\n\nEXPLOIT (POC):\n\nhttps://github.com/win3zz/CVE-2023-25157 \n\nINFO: \n\nhttps://github.com/murataydemir/CVE-2023-25157-and-CVE-2023-25158", "creation_timestamp": "2024-09-21T11:50:57.000000Z"}, {"uuid": "4ca90e64-5f2e-4fdf-b955-1c7083f9d470", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "Telegram/IqdM5nvzs1brEdeE8cbCEB5Vhh4zS30-EIEq7TIjslasGuw", "content": "", "creation_timestamp": "2024-07-11T05:37:19.000000Z"}, {"uuid": "f06c9dfb-a5bd-4dd6-b173-889a0c9f5f95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25158", "type": "published-proof-of-concept", "source": "Telegram/IqdM5nvzs1brEdeE8cbCEB5Vhh4zS30-EIEq7TIjslasGuw", "content": "", "creation_timestamp": "2024-07-11T05:37:19.000000Z"}, {"uuid": "7d8e578f-ebea-40fa-b0ca-14e171dc1b56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "seen", "source": "https://t.me/arpsyndicate/746", "content": "#ExploitObserverAlert\n\nCVE-2023-25157\n\nDESCRIPTION: Exploit Observer has 26 entries related to CVE-2023-25157. GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. GeoServer includes support for the OGC Filter expression language and the OGC Common Query Language (CQL) as part of the Web Feature Service (WFS) and Web Map Service (WMS) protocols.  CQL is also supported through the Web Coverage Service (WCS) protocol for ImageMosaic coverages. Users are advised to upgrade to either version 2.21.4, or version 2.22.2 to resolve this issue. Users unable to upgrade should disable the PostGIS Datastore *encode functions* setting to mitigate ``strEndsWith``, ``strStartsWith`` and ``PropertyIsLike `` misuse and enable the PostGIS DataStore *preparedStatements* setting to mitigate the ``FeatureId`` misuse.\n\nFIRST-EPSS: 0.386710000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-11-29T13:49:33.000000Z"}, {"uuid": "0fc99bf0-88b6-42b6-b5fc-8ac6b6f7ec2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "seen", "source": "https://t.me/arpsyndicate/569", "content": "#ExploitObserverAlert\n\nCVE-2023-25157\n\nDESCRIPTION: Exploit Observer has 26 entries related to CVE-2023-25157. GeoServer is an open source software server written in Java that allows users to share and edit geospatial data. GeoServer includes support for the OGC Filter expression language and the OGC Common Query Language (CQL) as part of the Web Feature Service (WFS) and Web Map Service (WMS) protocols.  CQL is also supported through the Web Coverage Service (WCS) protocol for ImageMosaic coverages. Users are advised to upgrade to either version 2.21.4, or version 2.22.2 to resolve this issue. Users unable to upgrade should disable the PostGIS Datastore *encode functions* setting to mitigate ``strEndsWith``, ``strStartsWith`` and ``PropertyIsLike `` misuse and enable the PostGIS DataStore *preparedStatements* setting to mitigate the ``FeatureId`` misuse.\n\nFIRST-EPSS: 0.369840000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-11-25T04:28:57.000000Z"}, {"uuid": "913274e3-5b5c-40c8-989c-f1216be326fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "Telegram/55DVCuR8w0IyLrTs3rzulkPBxgRxTIiTeJ7hyFYZ4WSp6gJI", "content": "", "creation_timestamp": "2025-01-13T01:03:08.000000Z"}, {"uuid": "683a96ba-88c0-424e-92e7-ab84bb39ae4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25158", "type": "published-proof-of-concept", "source": "Telegram/55DVCuR8w0IyLrTs3rzulkPBxgRxTIiTeJ7hyFYZ4WSp6gJI", "content": "", "creation_timestamp": "2025-01-13T01:03:08.000000Z"}, {"uuid": "2a1fdc52-67d6-4ae6-a3fb-f7091df03a92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "https://t.me/LockBitRaasRansomware/43294", "content": "Instituto Argentino del Petr\u00f3leo y del Gas \n\nCVE: \n\nCVE-2023-25157\n\nTARGET: \n\nhttps://geopg.iapg.org.ar/geoserver/ows?service=WFS&version=1.0.0&request=GetFeature&typeName=GeoPG:areasPrecarga&CQL_FILTER=strStartswith(obj_version,%27%27%27%27)=true\n\nEXPLOIT (POC):\n\nhttps://github.com/win3zz/CVE-2023-25157 \n\nINFO: \n\nhttps://github.com/murataydemir/CVE-2023-25157-and-CVE-2023-25158", "creation_timestamp": "2024-07-11T05:37:18.000000Z"}, {"uuid": "ed55a845-c947-4713-8ba2-6410d66e8134", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25158", "type": "published-proof-of-concept", "source": "https://t.me/LockBitRaasRansomware/43294", "content": "Instituto Argentino del Petr\u00f3leo y del Gas \n\nCVE: \n\nCVE-2023-25157\n\nTARGET: \n\nhttps://geopg.iapg.org.ar/geoserver/ows?service=WFS&version=1.0.0&request=GetFeature&typeName=GeoPG:areasPrecarga&CQL_FILTER=strStartswith(obj_version,%27%27%27%27)=true\n\nEXPLOIT (POC):\n\nhttps://github.com/win3zz/CVE-2023-25157 \n\nINFO: \n\nhttps://github.com/murataydemir/CVE-2023-25157-and-CVE-2023-25158", "creation_timestamp": "2024-07-11T05:37:18.000000Z"}, {"uuid": "415871db-a7a5-49c2-8898-aedc96adb48e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "https://t.me/OnlineHacKingX/124", "content": "\ud83d\udca5GeoServer SQL Injection Vulnerability Analysis (CVE-2023-25157)\n\nSQL Injection Vulnerabilities have been found with:\n\ud83d\udcbe PropertyIsLike filter, when used with a String field and any database DataStore, or with a PostGIS DataStore with encode functions enabled\n\ud83d\udcbe strEndsWith function, when used with a PostGIS DataStore with encode functions enabled\n\ud83d\udcbe strStartsWith function, when used with a PostGIS DataStore with encode functions enabled\n\ud83d\udcbe FeatureId filter, when used with any database table having a String primary key column and when prepared statements are disabled\n\ud83d\udcbe jsonArrayContains function, when used with a String or JSON field and with a PostGIS or Oracle DataStore (GeoServer 2.22.0+ only)\n\ud83d\udcbe DWithin filter, when used with an Oracle DataStore\n\n\n\ud83d\udd16CVE-2023-25157 - GeoServer SQL Injection - PoC\n\nUsage:\npython3 CVE-2023-25157.py ", "creation_timestamp": "2023-07-23T20:21:32.000000Z"}, {"uuid": "68229ff4-817d-4cf9-8d7c-cece36b67761", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "Telegram/mJJuTA-j83nUinTnyEfZjEZZnET7HNg0vwqNPse9CYMBFWw", "content": "", "creation_timestamp": "2025-04-24T17:00:07.000000Z"}, {"uuid": "2894f6ce-183a-429d-9486-365d78846155", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "Telegram/yQ6S4ZyZuQP8mKzezf1BQcvxva051_sxizI1YHgjKAB8ww", "content": "", "creation_timestamp": "2023-06-08T06:55:59.000000Z"}, {"uuid": "5b53bcfe-c590-49e7-a259-12b821c1f1a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3161", "content": "Hackers Factory \n\nGrype\n\nA vulnerability scanner for container images and filesystems. Easily install the binary to try it out. Works with Syft, the powerful SBOM (software bill of materials) tool for container images and filesystems.\n\nhttps://github.com/anchore/grype\n\n#cybersecurity #infosec #best\n\nCatSniffer\n\nCatSniffer is an original multiprotocol, and multiband board made for sniffing, communicating, and attacking IoT (Internet of Things) devices. It was designed as a highly portable USB stick that integrates the new chips TI CC1352, Semtech SX1262, and Microchip SAMD21E17.\n\nhttps://github.com/ElectronicCats/CatSniffer\n\n#cybersecurity #infosec #pentesting\n\nCVE-2023-25157 \n\nGeoServer SQL Injection - PoC.\n\nhttps://github.com/win3zz/CVE-2023-25157\n\n#cve #cybersecurity #infosec\n\nSYSCALL_API\n\nsyscall_api.asm block is used for dynamically finding the syscall number (SN) inside a function body and performing a manual syscall with the found SN.\n\nhttps://github.com/EgeBalci/syscall_api\n\n#cybersecurity #infosec\n\nEbpfguard\n\nRust library for writing Linux security policies using eBPF.\n\nhttps://github.com/deepfence/ebpfguard\n\n#cybersecurity #infosec\n\nRust Process Herpaderping\n\nRust implementation of the Process Herpaderping original PoC.\n\nhttps://github.com/secur30nly/rust-herpaderping\n\n#cybersecurity #infosec\n\ntun2socks\n\nPowered by gVisor TCP/IP stack.\n\nhttps://github.com/xjasonlyu/tun2socks\n\n#cybersecurity #infosec #privacy\n\nOffensive Bookmarks\n\nA collection of bookmarks for penetration testers, bug bounty hunters, malware developers, reverse engineers and anyone who is just interested in infosec topics.\n\nhttps://github.com/kargisimos/offensive-bookmarks\n\n#infosec #pentesting #redteam\n\nSynergy Httpx\n\nA Python http(s) server designed to assist in red teaming activities such as receiving intercepted data via POST requests and serving content dynamically (e.g. payloads).\n\nhttps://github.com/t3l3machus/Synergy-httpx\n\n#infosec #pentesting #redteam\n\nCSRFShark\n\nA utility for manipulating cross-site request forgery attacks. It allows to easily generate a CSRF PoC based on a given HTTP/CURL requests with further possibility to get a permanent link to the result.\n\nhttps://github.com/csrfshark/app\n\nWeb:\nhttps://csrfshark.github.io/app/\n\n#infosec #pentesting #bugbounty\n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-09-02T11:33:16.000000Z"}, {"uuid": "11b32b6d-47c0-411d-99b6-b858d9d1e7c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1570", "content": "CVE-2023-25157\nGeoServer SQL Injection - POC exploit\nGeoServer SQL Injection - check vuln script", "creation_timestamp": "2023-06-12T08:29:11.000000Z"}, {"uuid": "92cabe1d-680b-451a-8b71-b97fffdc9fb8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/3805", "content": "\ud83d\udca5GeoServer SQL Injection Vulnerability Analysis (CVE-2023-25157)\n\nSQL Injection Vulnerabilities have been found with:\n\ud83d\udcbe PropertyIsLike filter, when used with a String field and any database DataStore, or with a PostGIS DataStore with encode functions enabled\n\ud83d\udcbe strEndsWith function, when used with a PostGIS DataStore with encode functions enabled\n\ud83d\udcbe strStartsWith function, when used with a PostGIS DataStore with encode functions enabled\n\ud83d\udcbe FeatureId filter, when used with any database table having a String primary key column and when prepared statements are disabled\n\ud83d\udcbe jsonArrayContains function, when used with a String or JSON field and with a PostGIS or Oracle DataStore (GeoServer 2.22.0+ only)\n\ud83d\udcbe DWithin filter, when used with an Oracle DataStore\n\n\n\ud83d\udd16CVE-2023-25157 - GeoServer SQL Injection - PoC\n\nUsage:\npython3 CVE-2023-25157.py ", "creation_timestamp": "2023-07-06T15:52:42.000000Z"}, {"uuid": "130f45e7-c949-4d04-89d5-f21f6bc74666", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "exploited", "source": "https://t.me/true_secator/4868", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Unit42 \u0438\u0437 Palo Alto \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0438 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u044e \u043f\u043e \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044e VenomRAT \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c \u043f\u043e\u0434\u0434\u0435\u043b\u044c\u043d\u043e\u0433\u043e PoC\u00a0\u0434\u043b\u044f \u043d\u0435\u0434\u0430\u0432\u043d\u0435\u0439 RCE-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 WinRAR, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u043e\u0439 \u043a\u0430\u043a\u00a0CVE-2023-40477.\n\n21 \u0430\u0432\u0433\u0443\u0441\u0442\u0430, \u0431\u0443\u043a\u0432\u0430\u043b\u044c\u043d\u043e \u0441\u043f\u0443\u0441\u0442\u044f 4 \u0434\u043d\u044f \u043f\u043e\u0441\u043b\u0435 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u043e\u0433\u043e \u0441\u043e\u043e\u0431\u0449\u0435\u043d\u0438\u044f \u043e \u043e\u0448\u0438\u0431\u043a\u0435. \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043f\u043e\u0434 \u043f\u0441\u0435\u0432\u0434\u043e\u043d\u0438\u043c\u043e\u043c whalersplonk \u0440\u0430\u0437\u043c\u0435\u0441\u0442\u0438\u043b \u0444\u0435\u0439\u043a\u043e\u0432\u044b\u0439 PoC-\u0441\u043a\u0440\u0438\u043f\u0442 \u0432 \u0441\u0432\u043e\u0435\u043c \u0440\u0435\u043f\u043e\u0437\u0438\u0442\u043e\u0440\u0438\u0438 \u043d\u0430 GitHub.\n\n\u0412 \u043e\u0441\u043d\u043e\u0432\u0435 \u0443\u043a\u0430\u0437\u0430\u043d\u043d\u043e\u0433\u043e PoC \u0431\u044b\u043b \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d \u043e\u0431\u0449\u0435\u0434\u043e\u0441\u0442\u0443\u043f\u043d\u043e\u043c \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0431\u044b\u043b \u043d\u0430\u0446\u0435\u043b\u0435\u043d \u043d\u0430 \u0434\u0440\u0443\u0433\u0443\u044e SQL-\u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0438 \u043f\u043e\u0434 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435\u043c GeoServer, \u043e\u0442\u0441\u043b\u0435\u0436\u0438\u0432\u0430\u0435\u043c\u0443\u044e \u043a\u0430\u043a\u00a0CVE-2023-25157.\u00a0\n\n\u041a\u0430\u043a \u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0442 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438, \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u0432\u0440\u044f\u0434 \u043b\u0438 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u043b \u0444\u0430\u043b\u044c\u0448\u0438\u0432\u044b\u0439 Python-\u0441\u043a\u0440\u0438\u043f\u0442 \u043f\u043e\u0434 \u0438\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439, \u0441\u043a\u043e\u0440\u0435\u0435 \u0432\u0441\u0435\u0433\u043e \u0431\u044b\u043b \u043d\u0430\u0446\u0435\u043b\u0435\u043d \u043d\u0430 \u0434\u0440\u0443\u0433\u0438\u0445 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u043e\u0432, \u043f\u044b\u0442\u0430\u044f\u0441\u044c \u0432\u043d\u0435\u0434\u0440\u0438\u0442\u044c \u043d\u043e\u0432\u044b\u0435 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u0441\u0432\u043e\u0438 \u043e\u043f\u0435\u0440\u0430\u0446\u0438\u0438.\n\n\u0412\u043e\u0441\u0441\u043e\u0437\u0434\u0430\u043d\u043d\u0430\u044f \u0438\u043c\u0438 \u0445\u0440\u043e\u043d\u043e\u043b\u043e\u0433\u0438\u044f \u0441\u043e\u0431\u044b\u0442\u0438\u0439 \u0442\u0430\u043a\u0436\u0435 \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e \u0438\u043d\u0444\u0440\u0430\u0441\u0442\u0440\u0443\u043a\u0442\u0443\u0440\u0430 \u0438 \u043f\u043e\u043b\u0435\u0437\u043d\u0430\u044f \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0430 \u0441\u043e\u0437\u0434\u0430\u0432\u0430\u043b\u0438\u0441\u044c \u0437\u0430\u0440\u0430\u043d\u0435\u0435, \u043d\u0435\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e \u043e\u0442 \u0432\u044b\u043f\u0443\u0441\u043a\u0430 \u043f\u043e\u0434\u0434\u0435\u043b\u044c\u043d\u043e\u0433\u043e PoC. \u041f\u0440\u043e\u0441\u0442\u043e \u0430\u043a\u0442\u043e\u0440 \u0440\u0435\u0448\u0438\u043b \u043e\u043f\u0435\u0440\u0430\u0442\u0438\u0432\u043d\u043e \u0432\u043e\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c\u0441\u044f \u0441\u0438\u0442\u0443\u0430\u0446\u0438\u0435\u0439, \u0443\u0447\u0438\u0442\u044b\u0432\u0430\u044f \u043d\u0430\u043b\u0438\u0447\u0438\u0435 \u0443 WinRAR \u0431\u043e\u043b\u0435\u0435 500 \u043c\u043b\u043d. \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u0439 \u043f\u043e \u0432\u0441\u0435\u043c\u0443 \u043c\u0438\u0440\u0443.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u0434\u043b\u044f \u0432\u0432\u043e\u0434\u0430 \u0432 \u0437\u0430\u0431\u043b\u0443\u0436\u0434\u0435\u043d\u0438\u0435 \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u044b\u0445 \u0436\u0435\u0440\u0442\u0432 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u0441\u043d\u0430\u0431\u0434\u0438\u043b\u0438 \u0440\u0430\u0437\u043c\u0435\u0449\u0435\u043d\u043d\u044b\u0439 ZIP-\u0430\u0440\u0445\u0438\u0432 \u0444\u0430\u0439\u043b\u043e\u043c\u00a0README.md\u00a0\u0441 \u043a\u0440\u0430\u0442\u043a\u0438\u043c \u043e\u043f\u0438\u0441\u0430\u043d\u0438\u0435\u043c \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 CVE-2023-40477 \u0438 \u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u0435\u0439 \u043f\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u044e \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u044f\u00a0poc.py, \u0443\u043a\u0430\u0437\u0430\u0432 \u0432 \u043d\u0435\u0439 \u0441\u0441\u044b\u043b\u043a\u0443 \u043d\u0430 \u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0430\u0446\u0438\u043e\u043d\u043d\u044b\u0439 \u0440\u043e\u043b\u0438\u043a \u043d\u0430 \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0435\u043c \u0440\u0435\u0441\u0443\u0440\u0441\u0435.\n\n\u041f\u043e\u0434\u0434\u0435\u043b\u044c\u043d\u044b\u0439 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0439 poc.py\u00a0\u0431\u044b\u043b \u043e\u0441\u043d\u043e\u0432\u0430\u043d \u043d\u0430 PoC CVE-2023-25157, \u043d\u043e \u0441 \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u043c\u0438 \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u0438\u044f\u043c\u0438: \u0431\u044b\u043b\u0438 \u0443\u0434\u0430\u043b\u0435\u043d\u044b \u043a\u043e\u043c\u043c\u0435\u043d\u0442\u0430\u0440\u0438\u0438, \u0438\u0437\u043c\u0435\u043d\u0435\u043d\u044b \u043d\u0435\u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0441\u0442\u0440\u043e\u043a\u0438 \u043a\u043e\u0434\u0430 \u0438 \u0431\u044b\u043b \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d \u0434\u043e\u043f\u043e\u043b\u043d\u0438\u0442\u0435\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434, \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u044e\u0449\u0438\u0439 \u043f\u0430\u043a\u0435\u0442\u043d\u044b\u0439 \u0441\u043a\u0440\u0438\u043f\u0442 \u0441 \u043a\u043e\u043c\u043c\u0435\u043d\u0442\u0430\u0440\u0438\u0435\u043c \u00ab\u043f\u0440\u043e\u0432\u0435\u0440\u0438\u0442\u044c \u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e\u0441\u0442\u044c\u00bb.\n\n\u041e\u0431\u0440\u0430\u0449\u0430\u044f\u0441\u044c \u043a \u0432\u044b\u0434\u0435\u043b\u0435\u043d\u043d\u043e\u043c\u0443 URL-\u0430\u0434\u0440\u0435\u0441\u0443 (checkblacklistwords[.]eu), \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442\u0441\u044f \u0437\u0430\u043a\u043e\u0434\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0439 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0439 PowerShell, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0435\u0442 \u0434\u0440\u0443\u0433\u043e\u0439 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0439 PowerShell \u0438\u0437 checkblacklistwords[.]eu/c.txt.\n\n\u0417\u0430\u0433\u0440\u0443\u0436\u0435\u043d\u043d\u044b\u0439 \u0441\u0446\u0435\u043d\u0430\u0440\u0438\u0439 PowerShell \u0434\u043e\u0441\u0442\u0430\u0432\u043b\u044f\u0435\u0442 \u0438\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u0439 \u0444\u0430\u0439\u043b \u0438 \u0441\u043e\u0437\u0434\u0430\u0435\u0442 \u0437\u0430\u043f\u043b\u0430\u043d\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u0443\u044e \u0437\u0430\u0434\u0430\u0447\u0443, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430\u0435\u0442 \u0435\u0433\u043e \u043a\u0430\u0436\u0434\u044b\u0435 \u0442\u0440\u0438 \u043c\u0438\u043d\u0443\u0442\u044b \u0434\u043b\u044f \u043f\u043e\u0441\u0442\u043e\u044f\u043d\u043d\u043e\u0433\u043e \u0432\u044b\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u044f \u043f\u043e\u043b\u0435\u0437\u043d\u043e\u0439 \u043d\u0430\u0433\u0440\u0443\u0437\u043a\u0438.\n\n\u0418\u0441\u043f\u043e\u043b\u043d\u044f\u0435\u043c\u044b\u0439 \u0444\u0430\u0439\u043b Windows.Gaming.Preview.exe\u00a0- \u044d\u0442\u043e \u0438 \u0435\u0441\u0442\u044c VenomRAT, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0438\u043c\u0435\u0435\u0442 \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u0443\u044e \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u044e.\n\n\u041e\u0431\u0440\u0430\u0437\u0435\u0446 \u0431\u044b\u043b \u0441\u043a\u043e\u043c\u043f\u0438\u043b\u0438\u0440\u043e\u0432\u0430\u043d 8 \u0444\u0435\u0432\u0440\u0430\u043b\u044f 2023 \u0433\u043e\u0434\u0430 \u0432 22:10:28 UTC \u043e\u0434\u043d\u043e\u0432\u0440\u0435\u043c\u0435\u043d\u043d\u043e \u0435\u0449\u0435 \u0441 700 \u0434\u0440\u0443\u0433\u0438\u043c\u0438, \u0447\u0442\u043e \u0443\u043a\u0430\u0437\u044b\u0432\u0430\u0435\u0442 \u043d\u0430 \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u0438\u0435 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u043e\u0433\u043e \u043a\u043e\u043c\u043f\u043e\u043d\u043e\u0432\u0449\u0438\u043a\u0430 \u0438 \u043c\u043e\u0434\u0438\u0444\u0438\u043a\u0430\u0446\u0438\u0438 \u0431\u0430\u0437\u043e\u0432\u043e\u0433\u043e \u0444\u0430\u0439\u043b\u0430 \u0435\u0433\u043e \u0441 \u043f\u043e\u043c\u043e\u0449\u044c\u044e \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u043d\u0430\u0441\u0442\u0440\u043e\u0435\u043a \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438.\u00a0\n\n\u0423\u0441\u0442\u0430\u043d\u043e\u0432\u0438\u0442\u044c \u0442\u043e\u0447\u043d\u043e\u0435 \u0447\u0438\u0441\u043b\u043e \u043a\u043e\u043c\u043f\u0440\u043e\u043c\u0435\u0442\u0430\u0446\u0438\u0439 \u0438 \u043e\u0446\u0435\u043d\u0438\u0442\u044c \u0432\u043b\u0438\u044f\u043d\u0438\u0435 \u043a\u0430\u043c\u043f\u0430\u043d\u0438\u0438 \u043d\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u0438\u043b\u043e\u0441\u044c \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u044b\u043c, \u043d\u043e \u0441\u043c\u043e\u043d\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0435 \u0430\u043a\u0442\u043e\u0440\u043e\u043c \u0438\u043c\u0435\u043b\u043e 121 \u043f\u0440\u043e\u0441\u043c\u043e\u0442\u0440. \u041f\u043e\u043b\u043d\u044b\u0439 \u0441\u043f\u0438\u0441\u043e\u043a SHA \u0438 IoC\u00a0\u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d \u043d\u0430 GitHub.", "creation_timestamp": "2023-09-20T16:30:06.000000Z"}, {"uuid": "5f683e6d-23dc-4bb3-8114-b5e8eb2c1379", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/3635", "content": "\ud83d\udda5Dataleak: \n\n\ud83d\udd31Leak auchan(.)ru : https://system32.ink/d/leak-auchan-ru/\n\n\ud83d\udd31Leak askona(.)ru : https://system32.ink/d/leak-askona-ru/\n\n\ud83d\udd31Leak Leak book24(.)ru: https://system32.ink/d/leak-book24-ru/\n\n\ud83d\udd31BSI (Bank Syariah Indonesia) All employeers Leak : https://system32.ink/d/bsi-bank-syariah-indonesia-all-employeers-full-database/\n\n\ud83d\udd31Leak uprz(.)ru : https://system32.ink/d/leak-uprz-ru/\n\n\ud83d\udda5Exploit:\n\n\ud83d\udd31CVE-2023-25157 GeoServer SQL Injection \u2013 PoC : https://system32.ink/d/cve-2023-25157-geoserver-sql-injection-poc/\n\n\ud83d\udd31Public key authentication bypass in libssh POC : https://system32.ink/d/public-key-authentication-bypass-in-libssh-poc/\n\n\ud83d\udd31CVE-2023-33829: SCM Manager XSS: https://system32.ink/d/cve-2023-33829-scm-manager-xss/\n\n\ud83d\udda5ToolS:\n\n\ud83d\udd31SMSCaster a Tool to send Sms with GSM senders : https://system32.ink/d/smscaster-a-tool-to-send-sms-with-gsm-senders/\n\n\ud83d\udd31ATM Scanner Vulns : https://system32.ink/d/atm-scanner-vulns/", "creation_timestamp": "2023-06-08T06:54:48.000000Z"}, {"uuid": "5538e13d-d06a-4bbf-9bff-60c7d2b056ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "Telegram/yHg93QqOtpT1M0uITUSqcy6VtVWXPQRzYFifoEC6FqOPlZY", "content": "", "creation_timestamp": "2023-06-12T21:13:50.000000Z"}, {"uuid": "24d246de-0292-4bed-8180-7cd55bcf7608", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "Telegram/HH1ZkZHBmLCJ3sOOqZkMsWgDR9RgT2UlNBdwSObVbvbziro", "content": "", "creation_timestamp": "2023-06-12T21:13:07.000000Z"}, {"uuid": "3ef5c4b4-622c-42f3-b2c0-3c6cf9adbbba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/635", "content": "cve-2023-25157\nhttps://github.com/win3zz/CVE-2023-25157   poc\nhttps://github.com/0x2458bughunt/CVE-2023-25157      \u68c0\u6d4b\u6f0f\u6d1e\u811a\u672c", "creation_timestamp": "2023-06-12T08:34:00.000000Z"}, {"uuid": "bc70bea2-3791-4f72-aeb4-315a47cf0fd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-25157", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8683", "content": "#exploit\n1. CVE-2023-36664:\nGhostscript Code Execution Vulnerability\nhttps://www.kroll.com/en/insights/publications/cyber/ghostscript-cve-2023-36664-remote-code-execution-vulnerability\n\n2. CVE-2023-25157:\nGeoServer SQL Injection\nhttps://github.com/win3zz/CVE-2023-25157", "creation_timestamp": "2023-07-17T10:59:01.000000Z"}]}