{"vulnerability": "cve-2023-2695", "sightings": [{"uuid": "45767f96-fb28-4891-913a-3e168cfe6f2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26954", "type": "seen", "source": "Telegram/dDJuHQOSo2PIXQJbVQNO3se8XJ0sJyUDuj_4ffFW92Jldg8Q", "content": "", "creation_timestamp": "2025-03-08T04:34:11.000000Z"}, {"uuid": "1ba93fb0-d795-4898-89b4-876cf83d13c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26957", "type": "seen", "source": "Telegram/JvyNhqjWkUGjRu9Vvtd5oT62PeXXqReSzXxu4SFI8kjEoboL", "content": "", "creation_timestamp": "2025-03-06T02:17:23.000000Z"}, {"uuid": "f80e1c4d-f746-4c0e-a9e1-6a93078ffc54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26950", "type": "seen", "source": "Telegram/U2Fug4xDmkdAjOuyAq0_IwLpegoIUSps7afromCWv6ExyRuB", "content": "", "creation_timestamp": "2025-03-06T02:16:33.000000Z"}, {"uuid": "7a8d9ff1-4142-4e06-83a6-fd5d627d088f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26956", "type": "seen", "source": "Telegram/kC4HNoU7E2pZdsNP5EKqND2N6SEjNMywCXQBdkKdrUDTR1vd", "content": "", "creation_timestamp": "2025-03-06T02:17:22.000000Z"}, {"uuid": "97183fd8-e49f-42c5-b4b8-f8187818719d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26958", "type": "seen", "source": "https://t.me/cibsecurity/60794", "content": "\u203c CVE-2023-26958 \u203c\n\nPhpgurukul Park Ticketing Management System 1.0 is vulnerable to Cross Site Scripting (XSS) via the Admin Name parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-27T18:20:18.000000Z"}, {"uuid": "47517f3e-1942-4aad-9c21-60a4c11fb855", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26955", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6580", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-26955\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Admin Group module.\n\ud83d\udccf Published: 2023-03-07T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-05T17:00:27.385Z\n\ud83d\udd17 References:\n1. https://github.com/keheying/onekeyadmin/issues/6", "creation_timestamp": "2025-03-05T18:30:37.000000Z"}, {"uuid": "39465ad7-cfb6-446a-885e-4f912eafdf0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26953", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6426", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-26953\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Add Administrator module.\n\ud83d\udccf Published: 2023-03-07T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-04T19:35:58.874Z\n\ud83d\udd17 References:\n1. https://github.com/keheying/onekeyadmin/issues/8", "creation_timestamp": "2025-03-04T20:32:08.000000Z"}, {"uuid": "54360c7a-e677-413b-a724-1ab31ed4dc30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26957", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6583", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-26957\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: onekeyadmin v1.3.9 was discovered to contain an arbitrary file delete vulnerability via the component \\admin\\controller\\plugins.\n\ud83d\udccf Published: 2023-03-09T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-05T18:21:28.713Z\n\ud83d\udd17 References:\n1. https://github.com/keheying/onekeyadmin/issues/3", "creation_timestamp": "2025-03-05T18:55:30.000000Z"}, {"uuid": "b919f51a-e039-421e-b62c-7c94fddf5f30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26959", "type": "seen", "source": "https://t.me/cibsecurity/60783", "content": "\u203c CVE-2023-26959 \u203c\n\nPhpgurukul Park Ticketing Management System 1.0 is vulnerable to SQL Injection via the User Name parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-27T18:20:05.000000Z"}, {"uuid": "cd93fabb-ed5e-4d83-98ea-35372a18c07c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26951", "type": "seen", "source": "https://t.me/cibsecurity/60110", "content": "\u203c CVE-2023-26951 \u203c\n\nonekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Member List module.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-16T06:30:35.000000Z"}, {"uuid": "dc82fb6d-4b04-4fcb-a142-3aa02aa8f465", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26956", "type": "seen", "source": "https://t.me/cibsecurity/59691", "content": "\u203c CVE-2023-26956 \u203c\n\nonekeyadmin v1.3.9 was discovered to contain an arbitrary file read vulnerability via the component /admin1/curd/code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-08T22:24:04.000000Z"}, {"uuid": "6a08ff58-2656-40e4-8efd-aabf11ffa8f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26954", "type": "seen", "source": "https://t.me/cibsecurity/59563", "content": "\u203c CVE-2023-26954 \u203c\n\nonekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the User Group module.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-07T16:23:56.000000Z"}, {"uuid": "3c956313-b63a-40a3-a07e-3ef550ca98cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26955", "type": "seen", "source": "https://t.me/cibsecurity/59560", "content": "\u203c CVE-2023-26955 \u203c\n\nonekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Admin Group module.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-07T16:23:12.000000Z"}, {"uuid": "2ff99915-3c0d-4b47-9345-8ad80d619b8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26953", "type": "seen", "source": "https://t.me/cibsecurity/59582", "content": "\u203c CVE-2023-26953 \u203c\n\nonekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Add Administrator module.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-07T18:19:45.000000Z"}, {"uuid": "39bb8622-a61c-4deb-93a2-578a4970b5d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26950", "type": "seen", "source": "https://t.me/cibsecurity/59668", "content": "\u203c CVE-2023-26950 \u203c\n\nonekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Title parameter under the Adding Categories module.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-08T16:23:29.000000Z"}, {"uuid": "c6445841-0bff-48cd-8276-736bc0831ca4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26952", "type": "seen", "source": "https://t.me/cibsecurity/59670", "content": "\u203c CVE-2023-26952 \u203c\n\nonekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Add Menu module.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-08T16:23:31.000000Z"}, {"uuid": "b719b27f-7e73-4ec4-bc4a-5762bddc3223", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-26957", "type": "seen", "source": "https://t.me/cibsecurity/59756", "content": "\u203c CVE-2023-26957 \u203c\n\nonekeyadmin v1.3.9 was discovered to contain an arbitrary file delete vulnerability via the component \\admin\\controller\\plugins.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-10T00:20:34.000000Z"}]}