{"vulnerability": "CVE-2023-3031", "sightings": [{"uuid": "af0cd555-9c62-4677-99fa-3a73f50e51ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3031", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/760", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-3031\n\ud83d\udd39 Description: Improper Limitation of a Pathname leads to a Path Traversal vulnerability in the module King-Avis for Prestashop, allowing a user knowing the download token to read arbitrary local files.This issue affects King-Avis: before 17.3.15.\n\n\n\ud83d\udccf Published: 2023-06-02T12:42:11.842Z\n\ud83d\udccf Modified: 2025-01-08T17:58:49.460Z\n\ud83d\udd17 References:\n1. https://borelenzo.github.io/stuff/2023/06/01/cve-2023-3031.html", "creation_timestamp": "2025-01-08T18:17:23.000000Z"}, {"uuid": "1abb56fa-f380-40a7-9e67-f683591fdefe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-30319", "type": "seen", "source": "https://t.me/cibsecurity/66139", "content": "\u203c CVE-2023-30319 \u203c\n\nCross Site Scripting (XSS) vulnerability in username field in /src/chatbotapp/LoginServlet.java in wliang6 ChatEngine commit fded8e710ad59f816867ad47d7fc4862f6502f3e, allows attackers to execute arbitrary code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-06T20:20:28.000000Z"}]}