Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1110 CNY

100%
Buy Us a Coffee

CVE-2023-4168 PoC — Templatecookie Adlisting Redirect ad-list information disclosure

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-4168.yaml
Associated Vulnerability
Title:Templatecookie Adlisting Redirect ad-list information disclosure (CVE-2023-4168)
Description:A vulnerability was found in Templatecookie Adlisting 2.14.0. It has been classified as problematic. Affected is an unknown function of the file /ad-list of the component Redirect Handler. The manipulation leads to information disclosure. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-236184. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.
Description
Information disclosure issue in the redirect responses, When accessing any page on the website, Sensitive data, such as API keys, server keys, and app IDs, is being exposed in the body of these redirects.
File Snapshot

 id: CVE-2023-4168

info:
  name: Adlisting Classified Ads 2.14.0 - Information Disclosure
  author: 

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. Local POC snapshots are reserved for subscribers — if the original source is unavailable, the local mirror is part of the paid plan.
    3. Mirroring, verifying, and maintaining this POC archive takes ongoing effort, so local snapshots are a paid feature. Your subscription keeps the archive online — thank you for the support. View subscription plans →