{"vulnerability": "CVE-2023-4886", "sightings": [{"uuid": "6b74e999-85a5-4a47-ab33-6723fb9afb0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48864", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/4966", "content": "https://system32.ink/semcms-v4.8-cve-2023-48864-sql-injection-exploit/\n\nSemcms v4.8 CVE-2023-48864 SQL Injection Exploit", "creation_timestamp": "2024-01-08T10:07:01.000000Z"}, {"uuid": "65898e3a-4eb2-4ead-9bc5-1142f1b5eb2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48864", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/3810", "content": "https://github.com/f3lze3/CVE-2023-48864\n\nSemcms v4.8 web_inc.php SQL Injection\n\n#github", "creation_timestamp": "2024-01-04T12:26:29.000000Z"}, {"uuid": "a94f0911-8ba1-4838-9425-f3688a2ba28a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48864", "type": "published-proof-of-concept", "source": "Telegram/wbm3kE8HmRcKvIN4_C3c2DVRC7_c1RfC2Py3EAkUKi8G2w", "content": "", "creation_timestamp": "2024-01-08T10:08:52.000000Z"}, {"uuid": "a569b56b-a627-4e92-aba7-1637a4c67d27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4886", "type": "seen", "source": "https://t.me/cibsecurity/71505", "content": "\u203c CVE-2023-4886 \u203c\n\nA sensitive information exposure vulnerability was found in foreman. Contents of tomcat's server.xml file, which contain passwords to candlepin's keystore and truststore, were found to be world readable.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-03T18:46:14.000000Z"}, {"uuid": "a891aed2-5ad9-40cb-8289-732b1eec37cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48864", "type": "seen", "source": "https://t.me/ctinow/174859", "content": "https://ift.tt/GOhV7C4\nCVE-2023-48864 | SEMCMS 4.8 /web_inc.php languageID sql injection", "creation_timestamp": "2024-01-28T08:56:18.000000Z"}, {"uuid": "d643269f-611c-4d94-97ce-ff3a92a81538", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48864", "type": "seen", "source": "https://t.me/ctinow/169138", "content": "https://ift.tt/MnbYzVP\nCVE-2023-48864 Exploit", "creation_timestamp": "2024-01-17T08:16:18.000000Z"}, {"uuid": "8447a727-7db3-494b-9b09-a5f22caeee3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48864", "type": "seen", "source": "https://t.me/ctinow/165650", "content": "https://ift.tt/bjaeKfg\nCVE-2023-48864", "creation_timestamp": "2024-01-10T09:26:39.000000Z"}, {"uuid": "be19c228-12e5-47a7-a0d1-839dd036fcfe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48861", "type": "seen", "source": "https://t.me/ctinow/160895", "content": "https://ift.tt/eqdAYWZ\nCVE-2023-48861 | TTplayer 7.0.2 urlmon.dll uncontrolled search path", "creation_timestamp": "2023-12-30T15:02:07.000000Z"}, {"uuid": "196983c5-da3c-4e4a-bfa4-2f2cda461205", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48860", "type": "seen", "source": "https://t.me/ctinow/160888", "content": "https://ift.tt/yv0DRYr\nCVE-2023-48860 | Totolink N300RT 3.2.4-B20180730.0906 access control", "creation_timestamp": "2023-12-30T15:01:58.000000Z"}, {"uuid": "937dabfb-052d-4da9-943f-ec4ef6d7fd97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48864", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9717", "content": "#exploit\n1. CVE-2023-6348:\nChrome BindTextSuggestionHostForFrame Type Confusion\nhttps://packetstormsecurity.com/files/176368/Chrome-BindTextSuggestionHostForFrame-Type-Confusion.html\n\n2. CVE-2023-48864:\nSemcms v4.8 web_inc.php SQL Injection\nhttps://github.com/f3lze3/CVE-2023-48864\n\n3. CVE-2023-36404:\nWindows Kernel Information Disclosure\nhttps://packetstormsecurity.com/files/176110/Windows-Kernel-Information-Disclosure.html", "creation_timestamp": "2024-01-06T08:56:36.000000Z"}, {"uuid": "ecdc7d48-6cef-468e-a44e-585c1742225b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48864", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1797", "content": "https://github.com/f3lze3/CVE-2023-48864\n\nSemcms v4.8 web_inc.php SQL Injection\n\n#github", "creation_timestamp": "2024-01-04T08:55:27.000000Z"}, {"uuid": "4014d313-bbd9-4160-8889-846c0be1eb68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48866", "type": "seen", "source": "https://t.me/ctinow/158751", "content": "https://ift.tt/5OVldrT\nCVE-2023-48866 | Grocy up to 4.0.3 Recipe Preparation /api/objects/recipes cross site scripting", "creation_timestamp": "2023-12-23T09:41:56.000000Z"}, {"uuid": "e5158f1f-db96-4b55-aa72-4936e20b50d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48863", "type": "seen", "source": "https://t.me/ctinow/158746", "content": "https://ift.tt/XLM7zsm\nCVE-2023-48863 | SEMCMS 3.9 sql injection", "creation_timestamp": "2023-12-23T09:41:49.000000Z"}, {"uuid": "154f73ea-314b-4bd5-b112-ecb5948d1ed6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48864", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/2419", "content": "#exploit\n1. CVE-2023-6348:\nChrome BindTextSuggestionHostForFrame Type Confusion\nhttps://packetstormsecurity.com/files/176368/Chrome-BindTextSuggestionHostForFrame-Type-Confusion.html\n\n2. CVE-2023-48864:\nSemcms v4.8 web_inc.php SQL Injection\nhttps://github.com/f3lze3/CVE-2023-48864\n\n3. CVE-2023-36404:\nWindows Kernel Information Disclosure\nhttps://packetstormsecurity.com/files/176110/Windows-Kernel-Information-Disclosure.html", "creation_timestamp": "2024-08-16T08:59:55.000000Z"}]}