CVE-2023-1730
published 2023-05-02CVE-2023-1730: The SupportCandy WordPress plugin before 3.1.5 does not validate and escape user input before using it in an SQL statement, which could allow unauthenticated…
PriorityP276critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
40.59%
98.5th percentile
The SupportCandy WordPress plugin before 3.1.5 does not validate and escape user input before using it in an SQL statement, which could allow unauthenticated attackers to perform SQL injection attacks
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| supportcandy | supportcandy | < 3.1.5 | 3.1.5 |
Detection & IOCsextracted from sources · hover to see the quote
sigma
title: SupportCandy SQLi Detection
detection:
selection:
- 'status_code == 200'
- 'contains(body, "supportcandy")'
condition: and- →Unauthenticated SQL injection attempts targeting SupportCandy WordPress plugin (before 3.1.5) can be detected by monitoring HTTP responses with status code 200 containing 'supportcandy' in the body, particularly for anomalous SQL metacharacters (e.g., quotes, UNION, SELECT) in request parameters. ↗
- →The nuclei-style fingerprint checks for HTTP 200 responses with 'supportcandy' in the body as a presence indicator for the vulnerable plugin.
- ·The vulnerable version range is SupportCandy WordPress plugin before 3.1.5; ensure version-based detection or patching targets this boundary. ↗
- ·The SQL injection is exploitable by unauthenticated attackers, meaning no authentication bypass is required — WAF/IDS rules should not restrict detection to authenticated sessions. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
SupportCandy < 3.1.5 - Unauthenticated SQL Injection
nuclei·CVSS 9.8
CVE-2023-1730 [CRITICAL] SupportCandy < 3.1.5 - Unauthenticated SQL Injection
SupportCandy =6'
- 'status_code == 200'
- 'contains(body, "supportcandy")'
condition: and
# digest: 4b0a00483046022100c7ccadd47ab2f1037820c117c460043c0b692e7ad176c363296cf326308716bb022100be354f97b3a253676e05bf404c0d861db3fc5751911f4be74c236f9948389c9d:922c64590222798bb761d5b6d8e72950
Talos
Two remote code execution vulnerabilities disclosed in Microsoft Excel
blogs_talos·2023-06-13·CVSS 7.8
CVE-2023-32029 [HIGH] Two remote code execution vulnerabilities disclosed in Microsoft Excel
Cisco Talos recently discovered two vulnerabilities in the Microsoft Excel spreadsheet management software that could allow a malicious actor to execute arbitrary code on the targeted machine.
Microsoft disclosed these issues and patched them as part of June’s monthly security release for the company.
One of the vulnerabilities, TALOS-2023-1730 (CVE-2023-32029), exists in the FreePhisxdb function of Excel. An attacker could exploit this vulnerability by tricking the targeted user into opening a specially crafted file. Then, they can manipulate the heap to gain the ability to execute arbitrary code.
TALOS-2023-1734 (CVE-2023-33133) works similarly, but in this case, causes an out-of-bounds read that turns into an out-of-bounds write, which in turn, could lead to memory corruption and, fi
Talos
Two remote code execution vulnerabilities disclosed in Microsoft Excel
blogs_talos·2023-06-13·CVSS 7.8
CVE-2023-32029 [HIGH] Two remote code execution vulnerabilities disclosed in Microsoft Excel
## Two remote code execution vulnerabilities disclosed in Microsoft Excel
Cisco Talos recently discovered two vulnerabilities in the Microsoft Excel spreadsheet management software that could allow a malicious actor to execute arbitrary code on the targeted machine.
Microsoft disclosed these issues and patched them as part of June’s monthly security release for the company.
One of the vulnerabilities, TALOS-2023-1730 (CVE-2023-32029), exists in the FreePhisxdb function of Excel. An attacker could exploit this vulnerability by tricking the targeted user into opening a specially crafted file. Then, they can manipulate the heap to gain the ability to execute arbitrary code.
TALOS-2023-1734 (CVE-2023-33133) works similarly, but in this case, causes an out-of-bounds read that turns into an
Greynoiseio
NoiseLetter April 2024
blogs_greynoiseio
NoiseLetter April 2024
CVE Disclosure Early Warning Get an early warning when traffic spikes indicate a high likelihood of new disclosures
Compromised Asset Detection Find out immediately if an asset communicates with a malicious IP address
Vulnerability Prioritization Get real-time insight into active exploitation trends to better understand risk and severity
SOC Efficiency Filter out noisy, low priority and false-positive alerts from mass internet scanners
Incident Investigation Add context to incidents to speed the determinations of scope and timelines
Threat Hunting Quickly identify anomalous behavior and enrich your threat hunting campaigns
Why GreyNoise
CVE Disclosure Early Warning Get an early warning when traffic spikes indicate a high likelihood of new disclosures
Compromised Asset Detection Fin
2023-05-02
Published