{"vulnerability": "cve-2023-30943", "sightings": [{"uuid": "fac01e13-f0fc-4b63-9e72-bf8d20d5e07d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-30943", "type": "published-proof-of-concept", "source": "https://t.me/cKure/11545", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 A Python-based tool to detect the CVE-2023-30943 vulnerability in Moodle, which allows unauthorized folder creation via specially crafted requests in TinyMCE loaders.\n\nhttps://github.com/Chocapikk/CVE-2023-30943", "creation_timestamp": "2023-09-10T07:20:51.000000Z"}, {"uuid": "fe37dadd-daff-437f-8708-2a79a0e0cd7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-30943", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5100", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aA Python-based tool to detect the CVE-2023-30943 vulnerability in Moodle, which allows unauthorized folder creation via specially crafted requests in TinyMCE loaders.\nURL\uff1ahttps://github.com/Chocapikk/CVE-2023-30943\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-09-07T13:27:41.000000Z"}, {"uuid": "f0948260-d54d-47d1-b09a-d8415ca062cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-30943", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5049", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-30943  RCE PoC\nURL\uff1ahttps://github.com/d0rb/CVE-2023-30943\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-08-31T08:22:19.000000Z"}, {"uuid": "ad917c92-226c-4d8a-afee-fde4fc7fb0a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-30943", "type": "published-proof-of-concept", "source": "Telegram/E5rIyo4yL4A8Cl6ljSa_CCU0uFuGXhuvUe-Dy3r702CaxA", "content": "", "creation_timestamp": "2023-09-02T04:07:54.000000Z"}, {"uuid": "b8a93caa-b55c-4713-ae15-c66beb5e0dd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-30943", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3187", "content": "Hackers Factory \n\nA fast port scanner written in go with a focus on reliability and simplicity. Designed to be used in combination with other tools for attack surface discovery in bug bounties and pentests\n\nhttps://github.com/projectdiscovery/naabu\n\nA collection of phishing samples for researchers and detection developers.\n\nhttps://github.com/rf-peixoto/phishing_pot\n\nPassive subdomain continous monitoring tool.\n\nhttps://github.com/e1abrador/sub.Monitor\n\nSecurity scanner for your Terraform code\n\nhttps://github.com/aquasecurity/tfsec\n\nDetect and remediate misconfigurations and security risks across all your GitHub and GitLab assets\n\nhttps://github.com/Legit-Labs/legitify\n\nStreamline your recon and vulnerability detection process with SCRIPTKIDDI3, A recon and initial vulnerability detection tool built using shell script and open source tools.\n\nhttps://github.com/thecyberneh/scriptkiddi3\n\nUseful resources for SOC Analyst and SOC Analyst candidates.\n\nhttps://github.com/LetsDefend/awesome-soc-analyst\n\nXML-RPC Vulnerability Checker and Directory Fuzzer\n\nhttps://github.com/MINAD0/XML-RPC-Check\n\nA Python-based tool to detect the CVE-2023-30943 vulnerability in Moodle, which allows unauthorized folder creation via specially crafted requests in TinyMCE loaders.\n\nhttps://github.com/Chocapikk/CVE-2023-30943\n\nAn exploit for OpenTSDB <= 2.4.1 cmd injection (CVE-2023-36812/CVE-2023-25826) written in Fortran\n\nhttps://github.com/ErikWynter/opentsdb_key_cmd_injection\n\nNotepad++ heap buffer overflow vulnerability CVE-2023-40031 analysis and reproduction\n\nhttps://github.com/webraybtl/CVE-2023-40031\n\nPMP-Decrypter. This is a tool to decrypt the encrypted password strings in \"Patch My PC\"\n\nhttps://github.com/LuemmelSec/PMP-Decrypter\n\n#infosec #cybersecurity #hackersfactory \n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-09-10T12:01:22.000000Z"}, {"uuid": "5ca50bb4-9b5d-40d0-b43a-1e6bdfed6a0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-30943", "type": "published-proof-of-concept", "source": "Telegram/md5Pwtve7jVTx3xy8D8J1lcevEgfzLM_a_lPeb-uR2QiMQ", "content": "", "creation_timestamp": "2023-09-04T06:54:35.000000Z"}, {"uuid": "83200bfb-7dc5-4463-97c2-03f54b949f63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-30943", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/1103", "content": "CVE-2023-30943: Moodle <= 4.2.0 - \u0627\u06cc\u062c\u0627\u062f \u062f\u0644\u062e\u0648\u0627\u0647 \u067e\u0648\u0634\u0647 (Stored-XSS) \u0628\u0647 RCE\n\u0644\u06cc\u0646\u06a9: https://www.sonarsource.com/blog/playing-dominos-with-moodles-security-1/\n\nCVE-2023-30943 : Moodle <= 4.2.0 - Arbitrary folder creation (Stored-XSS) to RCE \nLink : https://www.sonarsource.com/blog/playing-dominos-with-moodles-security-1/", "creation_timestamp": "2024-05-12T05:59:09.000000Z"}, {"uuid": "616f6231-2df0-464a-a1e3-c503ec1769ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-30943", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/4258", "content": "\ud83d\udd78Department of Defence South African (DARPA) Data Leak : Download\n\n\ud83c\udfe5Canadian Nurses Association Data Leak : Download\n\n\ud83d\udc7eHackBot \u2013 AI Cybersecurity Chatbot : Download\n\n\ud83e\uddeeCVE-2023-30943 Moodle Exploit : Download\n\n\ud83d\udc32CVE-2023-41717 Zscaler Proxy Exploit : Download\n\n\ud83d\udcdfB(l)utter \u2013 Flutter Mobile Application Reverse Engineering Tool : Download\n\n\ud83e\udeacGreenBot : Download", "creation_timestamp": "2023-09-04T07:05:29.000000Z"}, {"uuid": "739dcd8b-c86b-4926-9f83-daf84f527587", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-30943", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/4240", "content": "\ud83d\udd78Department of Defence South African (DARPA) Data Leak : Download\n\n\ud83c\udfe5Canadian Nurses Association Data Leak : Download\n\n\ud83d\udc7eHackBot \u2013 AI Cybersecurity Chatbot : Download\n\n\ud83e\uddeeCVE-2023-30943 Moodle Exploit : Download\n\n\ud83d\udc32CVE-2023-41717 Zscaler Proxy Exploit : Download\n\n\ud83d\udcdfB(l)utter \u2013 Flutter Mobile Application Reverse Engineering Tool : Download\n\n\ud83e\udeacGreenBot : Download", "creation_timestamp": "2023-09-02T04:30:46.000000Z"}, {"uuid": "b7a91fa4-faf8-4cd5-bb8f-57fa7b8b3129", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-30943", "type": "seen", "source": "https://t.me/cibsecurity/63177", "content": "\u203c CVE-2023-30943 \u203c\n\nThe vulnerability was found Moodle which exists because the application allows a user to control path of the older to create in TinyMCE loaders. A remote user can send a specially crafted HTTP request and create arbitrary folders on the system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-03T00:30:27.000000Z"}, {"uuid": "6314e5bf-e439-41a9-90dc-bf6d12e03a29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-30943", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/980", "content": "https://github.com/d0rb/CVE-2023-30943\n#github", "creation_timestamp": "2023-09-01T05:35:16.000000Z"}, {"uuid": "e541df9f-5ad6-4098-a39f-5fdf7d3f546e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-30943", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8948", "content": "#exploit\n1. CVE-2023-41717:\nInappropriate file type control in Zscaler Proxy\nhttps://github.com/federella/CVE-2023-41717\n\n2. CVE-2023-30943:\nMoodle Vulnerabilities Exploits\nhttps://github.com/d0rb/CVE-2023-30943", "creation_timestamp": "2023-09-01T11:00:45.000000Z"}, {"uuid": "a702fdb9-356e-4d15-b1be-9807a0e49ae6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-30943", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8993", "content": "#tools\n#Blue_Team_Techniques\nA Python-based tool to detect the CVE-2023-30943 vulnerability in Moodle\nhttps://github.com/Chocapikk/CVE-2023-30943", "creation_timestamp": "2023-09-09T12:36:01.000000Z"}]}