{"vulnerability": "CVE-2023-4886", "sightings": [{"uuid": "65898e3a-4eb2-4ead-9bc5-1142f1b5eb2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48864", "type": "published-proof-of-concept", "source": "https://t.me/WARLOCK_DARK_ARMY_OFFICIALS/3810", "content": "https://github.com/f3lze3/CVE-2023-48864\n\nSemcms v4.8 web_inc.php SQL Injection\n\n#github", "creation_timestamp": "2024-01-04T12:26:29.000000Z"}, {"uuid": "a94f0911-8ba1-4838-9425-f3688a2ba28a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48864", "type": "published-proof-of-concept", "source": "Telegram/wbm3kE8HmRcKvIN4_C3c2DVRC7_c1RfC2Py3EAkUKi8G2w", "content": "", "creation_timestamp": "2024-01-08T10:08:52.000000Z"}, {"uuid": "a569b56b-a627-4e92-aba7-1637a4c67d27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4886", "type": "seen", "source": "https://t.me/cibsecurity/71505", "content": "\u203c CVE-2023-4886 \u203c\n\nA sensitive information exposure vulnerability was found in foreman. Contents of tomcat's server.xml file, which contain passwords to candlepin's keystore and truststore, were found to be world readable.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-03T18:46:14.000000Z"}, {"uuid": "6b74e999-85a5-4a47-ab33-6723fb9afb0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48864", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/4966", "content": "https://system32.ink/semcms-v4.8-cve-2023-48864-sql-injection-exploit/\n\nSemcms v4.8 CVE-2023-48864 SQL Injection Exploit", "creation_timestamp": "2024-01-08T10:07:01.000000Z"}, {"uuid": "4014d313-bbd9-4160-8889-846c0be1eb68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48866", "type": "seen", "source": "https://t.me/ctinow/158751", "content": "https://ift.tt/5OVldrT\nCVE-2023-48866 | Grocy up to 4.0.3 Recipe Preparation /api/objects/recipes cross site scripting", "creation_timestamp": "2023-12-23T09:41:56.000000Z"}, {"uuid": "a891aed2-5ad9-40cb-8289-732b1eec37cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48864", "type": "seen", "source": "https://t.me/ctinow/174859", "content": "https://ift.tt/GOhV7C4\nCVE-2023-48864 | SEMCMS 4.8 /web_inc.php languageID sql injection", "creation_timestamp": "2024-01-28T08:56:18.000000Z"}, {"uuid": "8447a727-7db3-494b-9b09-a5f22caeee3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48864", "type": "seen", "source": "https://t.me/ctinow/165650", "content": "https://ift.tt/bjaeKfg\nCVE-2023-48864", "creation_timestamp": "2024-01-10T09:26:39.000000Z"}, {"uuid": "196983c5-da3c-4e4a-bfa4-2f2cda461205", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48860", "type": "seen", "source": "https://t.me/ctinow/160888", "content": "https://ift.tt/yv0DRYr\nCVE-2023-48860 | Totolink N300RT 3.2.4-B20180730.0906 access control", "creation_timestamp": "2023-12-30T15:01:58.000000Z"}, {"uuid": "d643269f-611c-4d94-97ce-ff3a92a81538", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48864", "type": "seen", "source": "https://t.me/ctinow/169138", "content": "https://ift.tt/MnbYzVP\nCVE-2023-48864 Exploit", "creation_timestamp": "2024-01-17T08:16:18.000000Z"}, {"uuid": "be19c228-12e5-47a7-a0d1-839dd036fcfe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48861", "type": "seen", "source": "https://t.me/ctinow/160895", "content": "https://ift.tt/eqdAYWZ\nCVE-2023-48861 | TTplayer 7.0.2 urlmon.dll uncontrolled search path", "creation_timestamp": "2023-12-30T15:02:07.000000Z"}, {"uuid": "e5158f1f-db96-4b55-aa72-4936e20b50d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48863", "type": "seen", "source": "https://t.me/ctinow/158746", "content": "https://ift.tt/XLM7zsm\nCVE-2023-48863 | SEMCMS 3.9 sql injection", "creation_timestamp": "2023-12-23T09:41:49.000000Z"}, {"uuid": "ecdc7d48-6cef-468e-a44e-585c1742225b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48864", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1797", "content": "https://github.com/f3lze3/CVE-2023-48864\n\nSemcms v4.8 web_inc.php SQL Injection\n\n#github", "creation_timestamp": "2024-01-04T08:55:27.000000Z"}, {"uuid": "154f73ea-314b-4bd5-b112-ecb5948d1ed6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48864", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/2419", "content": "#exploit\n1. CVE-2023-6348:\nChrome BindTextSuggestionHostForFrame Type Confusion\nhttps://packetstormsecurity.com/files/176368/Chrome-BindTextSuggestionHostForFrame-Type-Confusion.html\n\n2. CVE-2023-48864:\nSemcms v4.8 web_inc.php SQL Injection\nhttps://github.com/f3lze3/CVE-2023-48864\n\n3. CVE-2023-36404:\nWindows Kernel Information Disclosure\nhttps://packetstormsecurity.com/files/176110/Windows-Kernel-Information-Disclosure.html", "creation_timestamp": "2024-08-16T08:59:55.000000Z"}, {"uuid": "937dabfb-052d-4da9-943f-ec4ef6d7fd97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48864", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9717", "content": "#exploit\n1. CVE-2023-6348:\nChrome BindTextSuggestionHostForFrame Type Confusion\nhttps://packetstormsecurity.com/files/176368/Chrome-BindTextSuggestionHostForFrame-Type-Confusion.html\n\n2. CVE-2023-48864:\nSemcms v4.8 web_inc.php SQL Injection\nhttps://github.com/f3lze3/CVE-2023-48864\n\n3. CVE-2023-36404:\nWindows Kernel Information Disclosure\nhttps://packetstormsecurity.com/files/176110/Windows-Kernel-Information-Disclosure.html", "creation_timestamp": "2024-01-06T08:56:36.000000Z"}]}