{"vulnerability": "CVE-2023-3785", "sightings": [{"uuid": "9424acc1-fd53-4830-8cb3-e9baa528a76d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3785", "type": "seen", "source": "https://t.me/cibsecurity/67034", "content": "\u203c CVE-2023-3785 \u203c\n\nA vulnerability was found in PaulPrinting CMS 2018. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation of the argument firstname/lastname/address/city/state leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-235052.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-20T14:42:48.000000Z"}, {"uuid": "2ff49e9d-89ab-41b6-ada2-96d873b84066", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37858", "type": "seen", "source": "https://t.me/cibsecurity/68087", "content": "\u203c CVE-2023-37858 \u203c\n\nIn PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated, remote attacker with admin privileges is able to read hardcoded cryptographic keys allowing to decrypt an encrypted web application login password.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-09T12:17:08.000000Z"}, {"uuid": "6bee304b-1fd3-4c09-ad7c-54183896ec37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37859", "type": "seen", "source": "https://t.me/cibsecurity/68085", "content": "\u203c CVE-2023-37859 \u203c\n\nIn PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 the SNMP daemon is running with root privileges allowing a remote attacker with knowledge of the SNMPv2 r/w community string to execute system commands as root.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-09T12:17:00.000000Z"}, {"uuid": "deeff07b-a799-41ea-bcf8-61339ee52f08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37855", "type": "seen", "source": "https://t.me/cibsecurity/68070", "content": "\u203c CVE-2023-37855 \u203c\n\nIn PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges is able to gain limited read-access to the device-filesystem within the embedded Qt browser.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-09T12:44:21.000000Z"}, {"uuid": "00be5289-6257-440c-94fb-177bff36f309", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37857", "type": "seen", "source": "https://t.me/cibsecurity/68078", "content": "\u203c CVE-2023-37857 \u203c\n\nIn PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated, remote attacker with admin privileges is able to read hardcoded cryptographic keys allowing the attacker to create valid session cookies. This issue cannot be exploited to bypass the web service authentication of the affected device(s).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-09T12:16:33.000000Z"}, {"uuid": "fe7d6847-9efc-465a-9edd-3b462c107652", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-37856", "type": "seen", "source": "https://t.me/cibsecurity/68073", "content": "\u203c CVE-2023-37856 \u203c\n\nIn PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges is able to gain limited read-access to the device-filesystem through a configuration dialog within the embedded Qt browser .\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-09T12:16:13.000000Z"}]}