CVE-2023-41508

CRITICAL

Super Store Finder <3.6 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-41508. PoCs published by redblueteam.

AI-analyzed exploit summary This repository documents CVE-2023-41508, a hard-coded password vulnerability in Super Store Finder v3.6, allowing unauthorized access to the admin panel. It includes screenshots and descriptions of the vulnerability but lacks functional exploit code.

Description

A hard coded password in Super Store Finder v3.6 allows attackers to access the administration panel.

Exploits (1)

nomisec WRITEUP 1 stars

by redblueteam · poc

https://github.com/redblueteam/CVE-2023-41508

View Code ZIP pw:eip

This repository documents CVE-2023-41508, a hard-coded password vulnerability in Super Store Finder v3.6, allowing unauthorized access to the admin panel. It includes screenshots and descriptions of the vulnerability but lacks functional exploit code.

Classification

Writeup 90%

Attack Type

Auth Bypass

Complexity

Trivial

Reliability

Reliable

Target: Super Store Finder v3.6 or below

No auth needed

Prerequisites: Access to the admin login page

MITRE ATT&CK

T1110 - Brute Force T1078 - Valid Accounts

devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit, Third Party Advisory

https://github.com/redblueteam/CVE-2023-41508/

View Exploit ZIP pw:eip

Release Notes

https://superstorefinder.net/support/forums/topic/super-store-finder-patch-notes/

Scores

CVSS v3 9.8

EPSS 0.0114

EPSS Percentile 62.5%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

CWE

CWE-798

Status published

Products (1)

superstorefinder/super_store_finder 3.6

Published Sep 05, 2023

Tracked Since Feb 18, 2026