New module content (2)
GitLab Tags RSS feed email disclosure
Authors: erruquill and n00bhaxor
Type: Auxiliary
Pull request: #18821 contributed by n00bhaxor
Path: gather/gitlab_tags_rss_feed_email_disclosure
AttackerKB reference: CVE-2023-5612
Description: This adds an auxiliary module that leverages an information disclosure vulnerability (CVE-2023-5612) in Gitlab versions before 16.6.6, 16.7 prior to 16.7.4, and 16.8 prior to 16.8.1 to retrieve user email addresses via tags feed.
BoidCMS Command Injection
Authors: 1337kid and bwatters-r7
Type: Exploit
Pull request: #18827 contributed by bwatters-r7
Path: multi/http/cve_2023_38836_boidcms
AttackerKB reference: CVE-2023-38836
Description: This PR adds an authenticated RCE against BoidCMS versions 2.0.0 and earlier. The underlying issue in the vulnerability CVE-2023-38836 is that the file upload check allows a php file to be uploaded and executes as a media file if the GIF header is present in the PHP file.
Enhancements and features (11)
#18686 from h00die - This updates the existing auxiliary/scanner/ssh/ssh_version module with new checks for supported cryptographic algorithms and version detection capabilities.
#18715 from errorxyz - This adds a Splunk library for use by future modules. It also updates the existing exploit/multi/http/splunk_privilege_escalation_cve_2023_32707 module to use it.
< ..
Support the originator by clicking the read the rest link below.
