{"vulnerability": "CVE-2023-4900", "sightings": [{"uuid": "3a395368-5c4f-43d9-a468-de08e72802d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49000", "type": "seen", "source": "https://t.me/arpsyndicate/2246", "content": "#ExploitObserverAlert\n\nCVE-2023-49000\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-49000. An issue in ArtistScope ArtisBrowser v.34.1.5 and before allows an attacker to bypass intended access restrictions via interaction with the com.artis.browser.IntentReceiverActivity component.", "creation_timestamp": "2023-12-29T12:06:10.000000Z"}, {"uuid": "7ff367d5-4c0d-4640-b90e-a82ab15999b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49004", "type": "seen", "source": "https://t.me/ctinow/156986", "content": "https://ift.tt/3CRaHYJ\nCVE-2023-49004", "creation_timestamp": "2023-12-20T13:53:18.000000Z"}, {"uuid": "e3a1b478-c773-4c29-b420-a7c123097da2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49002", "type": "seen", "source": "https://t.me/arpsyndicate/2228", "content": "#ExploitObserverAlert\n\nCVE-2023-49002\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-49002. An issue in Xenom Technologies (sinous) Phone Dialer-voice Call Dialer v.1.2.5 allows an attacker to bypass intended access restrictions via interaction with com.funprime.calldialer.ui.activities.OutgoingActivity.", "creation_timestamp": "2023-12-29T09:54:03.000000Z"}, {"uuid": "8619361b-f7ec-43b1-886e-d22f36173844", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49004", "type": "seen", "source": "https://t.me/ctinow/167808", "content": "https://ift.tt/Cp1GEWM\nCVE-2023-49004 | D-Link DIR-850L B1_FW223WWb01 en code injection", "creation_timestamp": "2024-01-13T11:51:45.000000Z"}, {"uuid": "062d245c-9e78-48a7-8501-8e7f139cbc14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49003", "type": "seen", "source": "https://t.me/arpsyndicate/2214", "content": "#ExploitObserverAlert\n\nCVE-2023-49003\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-49003. An issue in simplemobiletools Simple Dialer 5.18.1 allows an attacker to bypass intended access restrictions via interaction with com.simplemobiletools.dialer.activities.DialerActivity.", "creation_timestamp": "2023-12-29T08:28:55.000000Z"}, {"uuid": "4c1e46d9-531b-4fd2-a536-0e2b692347f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49001", "type": "seen", "source": "https://t.me/arpsyndicate/2216", "content": "#ExploitObserverAlert\n\nCVE-2023-49001\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-49001. An issue in Indi Browser (aka kvbrowser) v.12.11.23 allows an attacker to bypass intended access restrictions via interaction with the com.example.gurry.kvbrowswer.webview component.", "creation_timestamp": "2023-12-29T08:43:10.000000Z"}, {"uuid": "0515ca9a-c893-4eca-a015-fbfb7e604406", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4900", "type": "seen", "source": "https://t.me/cibsecurity/70358", "content": "\u203c CVE-2023-4900 \u203c\n\nInappropriate implementation in Custom Tabs in Google Chrome on Android prior to 117.0.5938.62 allowed a remote attacker to obfuscate a permission prompt via a crafted HTML page. (Chromium security severity: Medium)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-13T00:23:24.000000Z"}, {"uuid": "6238a752-bb91-44c4-b996-a6e1c25d833a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49006", "type": "seen", "source": "https://t.me/ctinow/161934", "content": "https://ift.tt/lBM5ybh\nCVE-2023-49006 Exploit", "creation_timestamp": "2024-01-02T18:16:22.000000Z"}, {"uuid": "19726c70-fc43-4ace-9d14-9dd9ca6d04e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49000", "type": "seen", "source": "https://t.me/ctinow/170269", "content": "https://ift.tt/UY7dz0v\nCVE-2023-49000 | ArtistScope ArtisBrowser up to 34.1.5 com.artis.browser.IntentReceiverActivity code injection", "creation_timestamp": "2024-01-19T16:41:54.000000Z"}, {"uuid": "4e43e553-9265-4d56-903b-011ea6fd0e64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49002", "type": "seen", "source": "https://t.me/ctinow/170260", "content": "https://ift.tt/1aj5FxQ\nCVE-2023-49002 | Xenom Phone Dialer-voice Call Dialer 1.2.5 access control", "creation_timestamp": "2024-01-19T16:12:01.000000Z"}, {"uuid": "1d35385c-f152-4b84-b058-f24053fd5722", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49006", "type": "seen", "source": "https://t.me/ctinow/167305", "content": "https://ift.tt/kS9mpcz\nCVE-2023-49006 | Phpsysinfo 3.4.3 XML.php cross-site request forgery", "creation_timestamp": "2024-01-12T15:11:37.000000Z"}, {"uuid": "3ac2dd0b-f21a-48ee-bb05-40df14d5e1eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49003", "type": "seen", "source": "https://t.me/ctinow/163227", "content": "https://ift.tt/C6VHZFO\nCVE-2023-49003 Exploit", "creation_timestamp": "2024-01-04T21:22:00.000000Z"}, {"uuid": "c43fd7c4-4ced-4153-ba9e-b10cb8784268", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49007", "type": "seen", "source": "https://t.me/ctinow/161110", "content": "https://ift.tt/d5LqySz\nCVE-2023-49007 | Netgear Orbi RBR750 prior 7.2.6.21 /usr/sbin/httpd stack-based overflow", "creation_timestamp": "2023-12-31T15:16:44.000000Z"}, {"uuid": "ca35ff90-4b8e-47b7-bbf3-1cf5a4e40ddb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49003", "type": "seen", "source": "https://t.me/ctinow/159837", "content": "https://ift.tt/kjnegYl\nCVE-2023-49003", "creation_timestamp": "2023-12-27T23:26:10.000000Z"}, {"uuid": "51fa504a-6d53-406f-964f-cfc426c2be96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49002", "type": "seen", "source": "https://t.me/ctinow/159836", "content": "https://ift.tt/39yZkgE\nCVE-2023-49002", "creation_timestamp": "2023-12-27T23:26:09.000000Z"}, {"uuid": "146ca9fb-5b00-4155-916a-c590719b6f34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49001", "type": "seen", "source": "https://t.me/ctinow/159835", "content": "https://ift.tt/DpiTLVO\nCVE-2023-49001", "creation_timestamp": "2023-12-27T23:26:08.000000Z"}, {"uuid": "48c4ebc5-35b8-4483-8d6d-72286b2014ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49000", "type": "seen", "source": "https://t.me/ctinow/159834", "content": "https://ift.tt/8BrLAcK\nCVE-2023-49000", "creation_timestamp": "2023-12-27T23:26:07.000000Z"}, {"uuid": "e9153bc6-2d43-4778-8a76-537d1f7557c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49006", "type": "seen", "source": "https://t.me/kasraone_com/633", "content": "\ud83d\udd34 CVE-2023-49006\n\n\n\u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc Cross Site Request Forgery (CSRF) \u062f\u0631 Phpsysinfo \u0646\u0633\u062e\u0647 3.4.3 \u0628\u0647 \u0645\u0647\u0627\u062c\u0645 \u0627\u0632 \u0631\u0627\u0647 \u062f\u0648\u0631 \u0627\u062c\u0627\u0632\u0647 \u0645\u06cc \u062f\u0647\u062f \u062a\u0627 \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u062d\u0633\u0627\u0633 \u0631\u0627 \u0627\u0632 \u0637\u0631\u06cc\u0642 \u06cc\u06a9 \u0635\u0641\u062d\u0647 \u062f\u0633\u062a\u06a9\u0627\u0631\u06cc \u0634\u062f\u0647 \u062f\u0631 \u0641\u0627\u06cc\u0644 XML.php \u0628\u0647 \u062f\u0633\u062a \u0622\u0648\u0631\u062f.\n\nphpsysinfo v3.4.3\n\u062f\u0627\u0631\u0627\u06cc \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc JSONP \u0627\u0633\u062a. \u0641\u0627\u06cc\u0644 XML.php \u062f\u0627\u0631\u0627\u06cc \u0622\u0633\u06cc\u0628 \u067e\u0630\u06cc\u0631\u06cc JSONP hijacking \u0627\u0633\u062a. \u0647\u0646\u06af\u0627\u0645\u06cc \u06a9\u0647 \u06a9\u0627\u0631\u0628\u0631 \u0627\u0632 \u0635\u0641\u062d\u0647 \u0627\u06cc \u0628\u0627\u0632\u062f\u06cc\u062f \u0645\u06cc \u06a9\u0646\u062f \u06a9\u0647 \u0628\u0627 \u062f\u0642\u062a \u062a\u0648\u0633\u0637 \u0645\u0647\u0627\u062c\u0645 \u0633\u0627\u062e\u062a\u0647 \u0634\u062f\u0647 \u0627\u0633\u062a\u060c \u062f\u0627\u062f\u0647 \u0647\u0627\u06cc JSON \u0628\u0647 \u062f\u0633\u062a \u0645\u06cc \u0622\u06cc\u062f \u0648 \u0628\u0631\u0627\u06cc \u0645\u0647\u0627\u062c\u0645 \u0627\u0631\u0633\u0627\u0644 \u0645\u06cc \u0634\u0648\u062f.\n\u062d\u0627\u0644\u0627 \u0641\u0631\u0622\u06cc\u0646\u062f\u0647 \u0627\u06cc\u0646 \u062d\u0645\u0644\u0647 \u0686\u0637\u0648\u0631\u06cc \u0627\u0633\u062a \u061f\n\u0628\u0647 \u0633\u0627\u062f\u06af\u06cc \u0627\u0632 \u06cc\u06a9 \u0641\u0627\u06cc\u0644 PHP \u0628\u0631\u0627\u06cc \u0627\u0631\u0633\u0627\u0644 \u062f\u0627\u062f\u0647 \u0647\u0627\u06cc JSON \u0628\u0627\u0632\u06cc\u0627\u0628\u06cc \u0634\u062f\u0647 \u0628\u0647 \u0633\u0631\u0648\u0631 \u062e\u0648\u062f \u0628\u0627 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0627\u0632 XMLHttpRequest \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u0645\u06cc \u06a9\u0646\u062f.\n\n\u062f\u0631 \u0627\u06cc\u0646\u062c\u0627 \u06a9\u062f HTML \u0628\u0631\u0627\u06cc \u0627\u062b\u0628\u0627\u062a \u0641\u0627\u06cc\u0644 \u0645\u0641\u0647\u0648\u0645\u06cc \u0622\u0645\u062f\u0647 \u0627\u0633\u062a:\n\n \n \n \n \n \n \n \n \n \nfunction dezsbrxdio(data){ alert(JSON.stringify(data)); } \n \n\n \n\n\n\n\n\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 \u2661 \u2800\u2800 \u3007\u2800\u00a0 \u2800 \u2399\u2800\u200c \u200c \u2332\u2063 \n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 \u02e1\u2071\u1d4f\u1d49\u00a0 \u1d9c\u1d52\u1d50\u1d50\u1d49\u207f\u1d57\u00a0 \u02e2\u1d43\u1d5b\u1d49\u00a0 \u02e2\u02b0\u1d43\u02b3\u1d49\n\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 K1\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 kasraone", "creation_timestamp": "2024-01-04T10:30:25.000000Z"}, {"uuid": "f5283804-d4fb-4e6f-a45a-261662028fa9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49002", "type": "seen", "source": "https://t.me/ctinow/163667", "content": "https://ift.tt/Ly8MKCQ\nCVE-2023-49002 Exploit", "creation_timestamp": "2024-01-05T19:17:24.000000Z"}]}