{"vulnerability": "CVE-2023-4605", "sightings": [{"uuid": "e4a5e175-4a90-4cdf-92dc-2825fa6f4f27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46059", "type": "seen", "source": "https://t.me/cibsecurity/72806", "content": "\u203c CVE-2023-46059 \u203c\n\nCross Site Scripting (XSS) vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the Service, and website URL to Ping parameters of the admin/trackback.php component.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-24T07:37:59.000000Z"}, {"uuid": "495b6089-f818-4ab0-8ae3-34536ac18bbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46054", "type": "seen", "source": "https://t.me/cibsecurity/72734", "content": "\u203c CVE-2023-46054 \u203c\n\nCross Site Scripting (XSS) vulnerability in WBCE CMS v.1.6.1 and before allows a remote attacker to escalate privileges via a crafted script to the website_footer parameter in the admin/settings/save.php component.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-21T12:35:59.000000Z"}, {"uuid": "973080ac-ea02-425c-9062-bea09a617277", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46055", "type": "seen", "source": "https://t.me/cibsecurity/72733", "content": "\u203c CVE-2023-46055 \u203c\n\nAn issue in ThingNario Photon v.1.0 allows a remote attacker to execute arbitrary code and escalate privileges via a crafted script to the ping function to the \"thingnario Logger Maintenance Webpage\" endpoint.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-21T13:02:36.000000Z"}, {"uuid": "ffb309a3-d305-4808-b06c-900266584040", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46058", "type": "seen", "source": "https://t.me/cibsecurity/72805", "content": "\u203c CVE-2023-46058 \u203c\n\nCross Site Scripting (XSS) vulnerability in Geeklog-Core geeklog v.2.2.2 allows a remote attacker to execute arbitrary code via a crafted payload to the grp_desc parameter of the admin/group.php component.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-24T07:37:58.000000Z"}, {"uuid": "8287e1c3-eea8-44f4-bcce-18ca4372165c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46050", "type": "seen", "source": "https://t.me/ctinow/175147", "content": "https://ift.tt/0GWyz8l\nCVE-2023-46050", "creation_timestamp": "2024-01-29T10:26:43.000000Z"}]}