{"vulnerability": "cve-2023-2909", "sightings": [{"uuid": "c5e25a9d-6981-42e0-94d3-7fa1119760d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29096", "type": "seen", "source": "https://t.me/ctinow/157238", "content": "https://ift.tt/rPN1e82\nCVE-2023-29096", "creation_timestamp": "2023-12-20T19:25:38.000000Z"}, {"uuid": "69cdf53b-4270-4e2d-a974-48b53d8320ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2909", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1071", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-2909\n\ud83d\udd39 Description: EZ Sync service fails to adequately handle user input, allowing an attacker to navigate beyond the intended directory structure and delete files. Affected products and versions include: ADM 4.0.6.REG2, 4.1.0 and below as well as ADM 4.2.1.RGE2 and below.\n\ud83d\udccf Published: 2023-05-31T09:26:31.581Z\n\ud83d\udccf Modified: 2025-01-09T21:01:20.049Z\n\ud83d\udd17 References:\n1. https://www.asustor.com/security/security_advisory_detail?id=25", "creation_timestamp": "2025-01-09T21:15:25.000000Z"}, {"uuid": "9a46a302-ce5a-4351-a860-279b4a7359bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29096", "type": "seen", "source": "https://t.me/ctinow/167880", "content": "https://ift.tt/gV1KnzS\nCVE-2023-29096 | BestWebSoft Contact Form to DB Plugin up to 1.7.0 on WordPress sql injection", "creation_timestamp": "2024-01-13T17:52:06.000000Z"}, {"uuid": "ccd7f5c7-a4c6-4d69-85db-da0bd9a2f292", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29099", "type": "seen", "source": "https://t.me/cibsecurity/67958", "content": "\u203c CVE-2023-29099 \u203c\n\nAuth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Elegant themes Divi theme &lt;=\u00c2\u00a04.20.2 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-08T14:14:46.000000Z"}, {"uuid": "11951dbe-bfe4-42e2-9494-40994fffefa9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29097", "type": "seen", "source": "https://t.me/cibsecurity/68441", "content": "\u203c CVE-2023-29097 \u203c\n\nAuth. (author+) Stored Cross-Site Scripting (XSS) vulnerability in a3rev Software a3 Portfolio plugin &lt;=\u00c2\u00a03.1.0 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-14T18:24:25.000000Z"}, {"uuid": "446d1130-b409-4201-8a78-7479ca007033", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2909", "type": "seen", "source": "https://t.me/cibsecurity/64810", "content": "\u203c CVE-2023-2909 \u203c\n\nEZ Sync service fails to adequately handle user input, allowing an attacker to navigate beyond the intended directory structure and delete files. Affected products and versions include: ADM 4.0.6.REG2, 4.1.0 and below as well as ADM 4.2.1.RGE2 and below.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-06T14:29:25.000000Z"}, {"uuid": "d055f83b-542b-4235-92b8-d699985e476c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29094", "type": "seen", "source": "https://t.me/cibsecurity/61659", "content": "\u203c CVE-2023-29094 \u203c\n\nAuth. (admin+) Stored Cross-site Scripting (XSS) vulnerability in PI Websolution Product page shipping calculator for WooCommerce plugin &lt;= 1.3.20 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-07T16:27:58.000000Z"}, {"uuid": "26345b59-a1ef-444d-a656-c0b5d1e19e6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29091", "type": "seen", "source": "https://t.me/cibsecurity/62202", "content": "\u203c CVE-2023-29091 \u203c\n\nAn issue was discovered in Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP URI.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-15T00:26:28.000000Z"}, {"uuid": "e6afafdb-6547-44ab-bd42-1e4c283496eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29090", "type": "seen", "source": "https://t.me/cibsecurity/62196", "content": "\u203c CVE-2023-29090 \u203c\n\nAn issue was discovered in Exynos Mobile Processor, Automotive Processor and Modem for Exynos Modem 5123, Exynos Modem 5300, Exynos 980, Exynos 1080, Exynos 9110, and Exynos Auto T5123. Memory corruption can occur due to insufficient parameter validation while decoding an SIP Via header.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-15T00:26:21.000000Z"}]}