CVE-2023-36347
published 2023-06-30CVE-2023-36347: A broken authentication mechanism in the endpoint excel.php of POS Codekop v2.0 allows unauthenticated attackers to download selling data.
PriorityP271high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
32.35%
98.1th percentile
A broken authentication mechanism in the endpoint excel.php of POS Codekop v2.0 allows unauthenticated attackers to download selling data.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| codekop | codekop | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Unauthenticated HTTP GET request to /excel.php or /pos-kasir-php/excel.php returning Content-Type: application/vnd.ms-excel indicates successful exploitation of the broken authentication vulnerability. ↗
- →Response body containing the string 'Document' alongside the application/vnd.ms-excel Content-Type header confirms unauthenticated access to selling data via the vulnerable endpoint. ↗
- ·The Nuclei template uses stop-at-first-match, meaning only the first matching path (/excel.php or /pos-kasir-php/excel.php) will be tested per target. Ensure both paths are checked independently if performing manual detection. ↗
- ·Detection requires both conditions to match simultaneously (matchers-condition: and) — the response body must contain 'Document' AND the Content-Type header must be 'application/vnd.ms-excel'. A single condition alone is insufficient for a confirmed finding. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
POS Codekop v2.0 - Broken Authentication
nuclei·CVSS 7.5
CVE-2023-36347 [HIGH] POS Codekop v2.0 - Broken Authentication
POS Codekop v2.0 - Broken Authentication
A broken authentication mechanism in the endpoint excel.php of POS Codekop v2.0 allows unauthenticated attackers to download selling data.
Template:
id: CVE-2023-36347
info:
name: POS Codekop v2.0 - Broken Authentication
author: princechaddha
severity: high
description: |
A broken authentication mechanism in the endpoint excel.php of POS Codekop v2.0 allows unauthenticated attackers to download selling data.
impact: |
Successful exploitation could lead to unauthorized access to sensitive information.
remediation: |
Implement proper authentication mechanisms and ensure secure user session management.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cve-id: CVE-2023-36347
cwe-id: CWE-306
epss-score: 0.8448
No writeups or analysis indexed.
2023-06-30
Published