Loading video...

Video Failed to Load

Go Home

CVE-2023-22518 - Improper Authorization Vulnerability In Confluence Data Center and Server Don’t use and never use this vulnerability lightly,because it is a master of data cleaning

shimizukawasak's profile picture

ShimizuKawasaki

1,172 subscribers

97,432 views • 2 years ago •via X (Twitter)

LIVE

Anya Rossi• Live Now

Private livecam show

5 Comments

CorSch's profile picture
CorSch2 years ago

Is this the "delete only" vulnerability? Looks like RCE to me.

ShimizuKawasaki's profile picture
ShimizuKawasaki2 years ago

clean before and install some plugins to rce

Debug's profile picture
Debug2 years ago

Nice work

Sem Jansen's profile picture
Sem Jansen2 years ago

Is there any way to get poc?

뚱이예요's profile picture
뚱이예요2 years ago

Can I get a poc for study purposes? I beg you.

Related Videos

CVE-2023-23397 Simple and dirty PoC of the CVE-2023-23397 vulnerability impacting the Outlook thick client. #CVE #cybersecurity #infosec
0:42

CVE-2023-23397 Simple and dirty PoC of the CVE-2023-23397 vulnerability impacting the Outlook thick client. #CVE #cybersecurity #infosec

HackGit

76,809 views • 3 years ago

"A Vulnerability to Hack The World" - CVE-2023-4863 The start of a mini series digging into the recent WebP vulnerability. In this first episode, we explore huffman tables!
17:59

"A Vulnerability to Hack The World" - CVE-2023-4863 The start of a mini series digging into the recent WebP vulnerability. In this first episode, we explore huffman tables!

LiveOverflow 🔴

44,787 views • 2 years ago

CVE-2023-23397 Exploiting CVE-2023-23397: Microsoft Outlook Elevation of Privilege Vulnerability. Details: #infosec #CyberSecurity #Pentesting #redteam
0:56

CVE-2023-23397 Exploiting CVE-2023-23397: Microsoft Outlook Elevation of Privilege Vulnerability. Details: #infosec #CyberSecurity #Pentesting #redteam

HackGit

39,726 views • 3 years ago

Exfiltrate #WhatsApp chat, or internal data of any Android app, running on Android 12 or 13 by exploiting CVE-2024-0044 vulnerability
1:47

Exfiltrate #WhatsApp chat, or internal data of any Android app, running on Android 12 or 13 by exploiting CVE-2024-0044 vulnerability

Mobile Hacker

143,609 views • 2 years ago

Never use a persons vulnerability as a weapon during their time of weakness
1:23

Never use a persons vulnerability as a weapon during their time of weakness

Inky Johnson

172,620 views • 2 years ago

Data Center will use a lot of water, Listen!
0:50

Data Center will use a lot of water, Listen!

Johnny Midnight ⚡️

11,749 views • 1 month ago

In this video walkthrough, we break down the basic info of CVE-2023-23397 the zero-day, zero-touch vulnerability that was rated 9.8 on the #CVSS scale. Follow this thread as we detail the general exploitation routine of this #vulnerability.
0:53

In this video walkthrough, we break down the basic info of CVE-2023-23397 the zero-day, zero-touch vulnerability that was rated 9.8 on the #CVSS scale. Follow this thread as we detail the general exploitation routine of this #vulnerability.

Trend Micro Research

200,099 views • 3 years ago

The CertiK Skyfall team identified and collaborated with Apple to fix a vulnerability (CVE-2024-27801) in the low-level implementation of NSXPC, affecting all Apple platforms. This vulnerability could have potentially allowed malicious apps to gain unauthorized access to system services or steal user data from certain third-party applications, particularly those with architectures similar to Telegram. Our proof-of-concept attack demonstrated how a malicious app could steal chat history (such as pictures) from Telegram and transfer it to a remote server. Upgrade all your Apple devices and stay safe! Source:
1:09

The CertiK Skyfall team identified and collaborated with Apple to fix a vulnerability (CVE-2024-27801) in the low-level implementation of NSXPC, affecting all Apple platforms. This vulnerability could have potentially allowed malicious apps to gain unauthorized access to system services or steal user data from certain third-party applications, particularly those with architectures similar to Telegram. Our proof-of-concept attack demonstrated how a malicious app could steal chat history (such as pictures) from Telegram and transfer it to a remote server. Upgrade all your Apple devices and stay safe! Source:

CertiK

341,467 views • 2 years ago

Think of data as a lighthouse: once it’s there, everyone can use it, and your use doesn’t diminish mine. That’s why we don’t leave lighthouse-building to the market — and why government collects & shares economic data.
1:01

Think of data as a lighthouse: once it’s there, everyone can use it, and your use doesn’t diminish mine. That’s why we don’t leave lighthouse-building to the market — and why government collects & shares economic data.

Justin Wolfers

31,531 views • 10 months ago

Demo of using #BlueDucky to exploit 0-click Bluetooth vulnerability of targeted Android smartphone (CVE-2023-45866) Executed by Raspberry Pi 4 and Android running #NetHunter
0:46

Demo of using #BlueDucky to exploit 0-click Bluetooth vulnerability of targeted Android smartphone (CVE-2023-45866) Executed by Raspberry Pi 4 and Android running #NetHunter

Mobile Hacker

129,652 views • 2 years ago

Here is ENLBufferPwn (CVE ID pending), a severe vulnerability in many first party 3DS, Wii U and Switch games. It allows remote code execution in a victim console by just having an online game session with an attacker. Vulnerability report: 🧵(1/7)
0:27

Here is ENLBufferPwn (CVE ID pending), a severe vulnerability in many first party 3DS, Wii U and Switch games. It allows remote code execution in a victim console by just having an online game session with an attacker. Vulnerability report: 🧵(1/7)

PabloMK7

590,787 views • 3 years ago

‼️🚨 This is alarming: Researchers found a one-click data exfiltration vulnerability in M365 Copilot. A single click on a trusted microsoft[.]com link let attackers pull emails, MFA codes, meeting notes, and SharePoint/OneDrive files, no permissions or second click required. Microsoft has patched it as CVE-2026-42824, rated critical.
0:58

‼️🚨 This is alarming: Researchers found a one-click data exfiltration vulnerability in M365 Copilot. A single click on a trusted microsoft[.]com link let attackers pull emails, MFA codes, meeting notes, and SharePoint/OneDrive files, no permissions or second click required. Microsoft has patched it as CVE-2026-42824, rated critical.

International Cyber Digest

141,364 views • 7 days ago

🚨CVE-2023-20198: Remote Code Execution via File Upload Vulnerability | $15,000 Bounty | PoC Credit:
3:26

🚨CVE-2023-20198: Remote Code Execution via File Upload Vulnerability | $15,000 Bounty | PoC Credit:

Dark Web Informer

22,486 views • 1 year ago

Streaming data from server to client with "use" in Next.js
0:53

Streaming data from server to client with "use" in Next.js

Alex Sidorenko

36,533 views • 1 year ago

CVE-2024-34470: Path Traversal vulnerability in HSC Mailinspector Credit:
0:59

CVE-2024-34470: Path Traversal vulnerability in HSC Mailinspector Credit:

Dark Web Informer - Cyber Threat Intelligence

20,351 views • 1 year ago

How much water do data centres really use in the UK? Sky's technology correspondent Rowland Manthorpe visits a "waterless" data centre in London and reveals how much water data centres use in the UK and why the issue is more complicated than it first appears. 🔗Full report:
1:33

How much water do data centres really use in the UK? Sky's technology correspondent Rowland Manthorpe visits a "waterless" data centre in London and reveals how much water data centres use in the UK and why the issue is more complicated than it first appears. 🔗Full report:

Sky News

39,595 views • 17 days ago

Texas is going from 40 Data Centers to over 400 in the next 2 years - Texas could use 30% of US data center power demand by 2028 - By 2030 the Texas data centers could use 161 billion gallons of water per year - The 400 data centers will use the equivalent of 9 million homes in energy usage every year I don’t want to EVER hear the words climate change ever again
0:39

Texas is going from 40 Data Centers to over 400 in the next 2 years - Texas could use 30% of US data center power demand by 2028 - By 2030 the Texas data centers could use 161 billion gallons of water per year - The 400 data centers will use the equivalent of 9 million homes in energy usage every year I don’t want to EVER hear the words climate change ever again

Wall Street Apes

156,336 views • 1 month ago

Do you use a virtual machine to browse dangerous links safely? If you use the Chrome browser inside that virtual machine, is it secure enough? As you might have guessed, the answer is not so much. We chained six unique CVEs from 2023 listed below. • Chrome Renderer RCE : CVE-2023-3079 • Chrome Sandbox Escape : CVE-2023-21674 • LPE in guest OS : CVE-2023-29360 • VMware Info Leak : CVE-2023-34044 • VMware Escape : CVE-2023-20869 • LPE in host OS : CVE-2023-36802
0:34

Do you use a virtual machine to browse dangerous links safely? If you use the Chrome browser inside that virtual machine, is it secure enough? As you might have guessed, the answer is not so much. We chained six unique CVEs from 2023 listed below. • Chrome Renderer RCE : CVE-2023-3079 • Chrome Sandbox Escape : CVE-2023-21674 • LPE in guest OS : CVE-2023-29360 • VMware Info Leak : CVE-2023-34044 • VMware Escape : CVE-2023-20869 • LPE in host OS : CVE-2023-36802

Theori

139,539 views • 2 years ago

🚨CVE-2025-31161: Authentication Bypass Vulnerability in CrushFTP Credit: Exploit:
8:14

🚨CVE-2025-31161: Authentication Bypass Vulnerability in CrushFTP Credit: Exploit:

Dark Web Informer

36,563 views • 1 year ago

“Facts don’t really matter for the de-growth mob.” — The Washington Post’s James Hohmann The anti–data center hysteria around water was built on a bogus stat about a data center’s water consumption in Chile that was off by a factor of 1,000. All U.S. data centers use less than 0.5% of America’s freshwater. The war on data centers is built on junk math and is funded by China and foreign billionaires!
1:28

“Facts don’t really matter for the de-growth mob.” — The Washington Post’s James Hohmann The anti–data center hysteria around water was built on a bogus stat about a data center’s water consumption in Chile that was off by a factor of 1,000. All U.S. data centers use less than 0.5% of America’s freshwater. The war on data centers is built on junk math and is funded by China and foreign billionaires!

Steve Guest

27,692 views • 1 month ago