{"vulnerability": "CVE-2023-2229", "sightings": [{"uuid": "e1c101ff-58e7-4108-895a-784401ac92e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2229", "type": "seen", "source": "https://t.me/arpsyndicate/2368", "content": "#ExploitObserverAlert\n\nCVE-2023-2229\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-2229. The Quick Post Duplicator for WordPress is vulnerable to SQL Injection via the \u2018post_id\u2019 parameter in versions up to, and including, 2.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for authenticated attackers with contributor-level privileges to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.\n\nFIRST-EPSS: 0.000500000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2024-01-03T22:22:34.000000Z"}, {"uuid": "6a5446f4-7c9c-459e-a243-97269ff3c912", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22293", "type": "seen", "source": "https://t.me/ctinow/201149", "content": "https://ift.tt/rQcPuAn\nCVE-2023-22293 | Intel Thunderbolt DCH Drivers on Windows access control (intel-sa-00851)", "creation_timestamp": "2024-03-06T09:37:00.000000Z"}, {"uuid": "4d4058ad-dc60-488e-b2ea-fc00314b1f40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22297", "type": "seen", "source": "https://t.me/cibsecurity/63786", "content": "\u203c CVE-2023-22297 \u203c\n\nAccess of memory location after end of buffer in some Intel(R) Server Board BMC firmware before version 2.90 may allow a privileged user to enable escalation of privilege via local access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-10T18:28:42.000000Z"}, {"uuid": "15300814-2492-4a88-84f1-cea160b3bff8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22294", "type": "seen", "source": "https://t.me/cibsecurity/62373", "content": "\u203c CVE-2023-22294 \u203c\n\nPrivilege escalation in Tribe29 Checkmk Appliance before 1.6.4 allows authenticated site users to escalate privileges via incorrectly set permissions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-18T22:29:18.000000Z"}, {"uuid": "7d8d7922-bb51-4a44-a7dc-b08d598fae2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-22295", "type": "seen", "source": "https://t.me/cibsecurity/62541", "content": "\u203c CVE-2023-22295 \u203c\n\nDatakit CrossCadWare_x64.dll contains an out of bounds read past the end of an allocated buffer while parsing a specially crafted SLDPRT file. This vulnerability could allow an attacker to disclose sensitive information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-20T22:30:52.000000Z"}]}