{"vulnerability": "cve-2023-2100", "sightings": [{"uuid": "775ec3a4-6d0e-4c6b-86b3-f1b55afeaabc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21005", "type": "seen", "source": "Telegram/NYK8V00YBl5dDzhR1rHlzZ-KyDMMXCDn-V_ht7aFyd3vp0Y", "content": "", "creation_timestamp": "2023-03-29T18:04:29.000000Z"}, {"uuid": "a9993890-9b48-44ea-8246-ee6ed2b1850b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21002", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5581", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-21002\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In getAvailabilityStatus of several Transcode Permission Controllers, there is a possible permission bypass due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-261193935\n\ud83d\udccf Published: 2023-03-24T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-26T19:05:55.540Z\n\ud83d\udd17 References:\n1. https://source.android.com/security/bulletin/pixel/2023-03-01", "creation_timestamp": "2025-02-26T19:24:10.000000Z"}, {"uuid": "ef092628-88e5-4701-9f42-ca411976a0aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21000", "type": "seen", "source": "https://t.me/cibsecurity/60667", "content": "\u203c CVE-2023-21000 \u203c\n\nIn MediaCodec.cpp, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-194783918\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-24T23:42:47.000000Z"}, {"uuid": "99b1a079-7c74-4979-aa74-62beddc26f6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2100", "type": "seen", "source": "https://t.me/arpsyndicate/517", "content": "#ExploitObserverAlert\n\nCVE-2023-2100\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-2100. A vulnerability classified as problematic was found in SourceCodester Vehicle Service Management System 1.0. This vulnerability affects unknown code of the file /admin/report/index.php. The manipulation of the argument date_end leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-226108.\n\nFIRST-EPSS: 0.000520000\nNVD-IS: 2.7\nNVD-ES: 2.8", "creation_timestamp": "2023-11-23T22:52:06.000000Z"}, {"uuid": "782433c6-b083-4bfb-85a1-dc90d3a5c7a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2100", "type": "seen", "source": "https://t.me/cibsecurity/62225", "content": "\u203c CVE-2023-2100 \u203c\n\nA vulnerability classified as problematic was found in SourceCodester Vehicle Service Management System 1.0. This vulnerability affects unknown code of the file /admin/report/index.php. The manipulation of the argument date_end leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-226108.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-15T16:26:38.000000Z"}, {"uuid": "c90ba109-ba4b-44dc-bdd6-31918ef4c1bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2100", "type": "seen", "source": "https://t.me/arpsyndicate/1671", "content": "#ExploitObserverAlert\n\nCVE-2023-2100\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-2100. A vulnerability classified as problematic was found in SourceCodester Vehicle Service Management System 1.0. This vulnerability affects unknown code of the file /admin/report/index.php. The manipulation of the argument date_end leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-226108.\n\nFIRST-EPSS: 0.000520000\nNVD-IS: 2.7\nNVD-ES: 2.8", "creation_timestamp": "2023-12-10T18:19:15.000000Z"}, {"uuid": "76f8fc06-f65b-41a4-90a2-3862ee537141", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-21008", "type": "seen", "source": "https://t.me/cibsecurity/60673", "content": "\u203c CVE-2023-21008 \u203c\n\nIn multiple locations of p2p_iface.cpp, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-257030100\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-24T23:42:52.000000Z"}]}