{"vulnerability": "CVE-2023-2887", "sightings": [{"uuid": "8404a804-a34c-4791-b8f5-6b222eea7e90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2887", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2026", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-2887\n\ud83d\udd39 Description: Authentication Bypass by Spoofing vulnerability in CBOT Chatbot allows Authentication Bypass.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.\n\n\n\ud83d\udccf Published: 2023-05-25T08:33:34.404Z\n\ud83d\udccf Modified: 2025-01-16T19:24:18.873Z\n\ud83d\udd17 References:\n1. https://www.usom.gov.tr/bildirim/tr-23-0293", "creation_timestamp": "2025-01-16T19:56:11.000000Z"}, {"uuid": "aefde2c7-edc9-4dcd-80e4-fcc48c2951ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28879", "type": "published-proof-of-concept", "source": "Telegram/umegrwDbIYS3FaE57xGjobZM2tDLggvSDkH_TuQtn3CE", "content": "", "creation_timestamp": "2023-04-13T17:55:55.000000Z"}, {"uuid": "0cc4bbc2-d02d-4459-9a0a-062501f84a7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28872", "type": "seen", "source": "https://t.me/ctinow/162658", "content": "https://ift.tt/6YGboXU\nCVE-2023-28872 Exploit", "creation_timestamp": "2024-01-03T23:17:22.000000Z"}, {"uuid": "52618bac-5db4-4934-a5da-53fdd0fb4b41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28870", "type": "seen", "source": "https://t.me/ctinow/161233", "content": "https://ift.tt/VizfL4r\nCVE-2023-28870 | NCP Secure Enterprise Client up to 12.21 Configuration File permission (usd-2022-0004)", "creation_timestamp": "2024-01-01T08:56:54.000000Z"}, {"uuid": "3112abe0-f48c-4797-91fd-2aa81429bcfe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28871", "type": "seen", "source": "https://t.me/ctinow/161229", "content": "https://ift.tt/zptF8E1\nCVE-2023-28871 | NCP Secure Enterprise Client up to 12.21 symlink (usd-2022-0005)", "creation_timestamp": "2024-01-01T08:26:46.000000Z"}, {"uuid": "80e95c58-9b7f-4711-95e3-07c48f008458", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28873", "type": "seen", "source": "https://t.me/ctinow/161235", "content": "https://ift.tt/rkuP5dN\nCVE-2023-28873 | Seafile 9.0.6 Wiki/Discussion Page cross site scripting (usd-2022-0032)", "creation_timestamp": "2024-01-01T08:56:56.000000Z"}, {"uuid": "ea0c39f1-8c5d-47e4-8b69-c35e81ac9ecd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28872", "type": "seen", "source": "https://t.me/ctinow/159157", "content": "https://ift.tt/x4iK7no\nCVE-2023-28872", "creation_timestamp": "2023-12-25T08:26:19.000000Z"}, {"uuid": "c3d11737-6975-4287-8713-f4ea182eb5ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28875", "type": "seen", "source": "https://t.me/ctinow/159077", "content": "https://ift.tt/8abNQ6d\nCVE-2023-28875 | Afian Filerun 20220202 Share Link cross site scripting", "creation_timestamp": "2023-12-24T18:21:59.000000Z"}, {"uuid": "2c5f6b9b-2f89-4ca9-aafb-03036f635a16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28876", "type": "seen", "source": "https://t.me/ctinow/159075", "content": "https://ift.tt/rVN62gb\nCVE-2023-28876 | Afian Filerun up to 20220202 access control", "creation_timestamp": "2023-12-24T18:21:57.000000Z"}, {"uuid": "0595e85d-9439-4edf-b372-01f0b1b73885", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28877", "type": "seen", "source": "https://t.me/cibsecurity/61252", "content": "\u203c CVE-2023-28877 \u203c\n\nThe VTEX apps-graphql@2.x GraphQL API module does not properly restrict unauthorized access to private configuration data. (apps-graphql@3.x is unaffected by this issue.)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-31T20:22:21.000000Z"}, {"uuid": "9bada249-9939-4cf3-906c-49c424dac14b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28879", "type": "seen", "source": "https://t.me/cibsecurity/61257", "content": "\u203c CVE-2023-28879 \u203c\n\nIn Artifex Ghostscript through 10.01.0, there is a buffer overflow leading to potential corruption of data internal to the PostScript interpreter, in base/sbcp.c. This affects BCPEncode, BCPDecode, TBCPEncode, and TBCPDecode. If the write buffer is filled to one byte less than full, and one then tries to write an escaped character, two bytes are written.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-31T20:22:26.000000Z"}, {"uuid": "53848479-cd54-49ba-94d2-60d66b0b22e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28879", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/7503", "content": "Shell in the Ghost: Ghostscript CVE-2023-28879 writeup\n\nhttps://offsec.almond.consulting/ghostscript-cve-2023-28879.html", "creation_timestamp": "2023-07-10T09:05:43.000000Z"}, {"uuid": "e1ce18f0-059b-4046-9c24-f66baea2b880", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28879", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/7222", "content": "Shell in the Ghost: Ghostscript CVE-2023-28879 writeup\nhttps://offsec.almond.consulting/ghostscript-cve-2023-28879.html", "creation_timestamp": "2023-04-13T17:51:24.000000Z"}, {"uuid": "292f1c4c-bd76-4666-bd44-337e923c1204", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-28879", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8102", "content": "#exploit\n1. Potato privilege escalation in Windows Server 2012 - 2022, Windows 8 - 11\nhttps://github.com/BeichenDream/GodPotato\n\n2. CVE-2023-28879:\nShell in the Ghost (RCE in Ghostscript)\nhttps://offsec.almond.consulting/ghostscript-cve-2023-28879.html\n\n3. CVE-2023-28206:\nOut-of-bounds memory move in IosaColorManagerMSR8::getHDRStats_gatedContext\nhttps://gist.github.com/LinusHenze/728db96a836b6817ecb727cfbde606b3", "creation_timestamp": "2023-04-12T11:03:01.000000Z"}]}