.. / CVE-2023-4168

Exploit for Adlisting Classified Ads 2.14.0 - Information Disclosure (CVE-2023-4168)

Description:

Information disclosure issue in the redirect responses, When accessing any page on the website, Sensitive data, such as API keys, server keys, and app IDs, is being exposed in the body of these redirects.

Nuclei Template

View the template here CVE-2023-4168.yaml

Validate with Nuclei

echo "$URL" | nuclei -t ~/nuclei-templates/http/cves/2023/CVE-2023-4168.yaml
Copy

References:

https://www.exploit-db.com/exploits/51667
https://vuldb.com/?ctiid.236184
https://nvd.nist.gov/vuln/detail/CVE-2023-4168
https://templatecookie.com/demo/adlisting-classified-ads-script
https://vuldb.com/?id.236184