{"vulnerability": "cve-2023-2947", "sightings": [{"uuid": "1e58c147-8b5d-4db9-b289-cf2e54c57e5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29476", "type": "seen", "source": "https://t.me/cvedetector/12907", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-29476 - Menlo On-Premise Appliance Web Policy Inconsistency Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2023-29476 \nPublished : Dec. 14, 2024, 2:15 a.m. | 39\u00a0minutes ago \nDescription : In Menlo On-Premise Appliance before 2.88, web policy may not be consistently applied properly to intentionally malformed client requests. This is fixed in 2.88.2+, 2.89.1+, and 2.90.1+. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-14T04:19:16.000000Z"}, {"uuid": "3df6ea4d-9350-44f4-b372-ff65e17aa51a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2947", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1587", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-2947\n\ud83d\udd39 Description: Cross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr prior to 7.0.1.\n\ud83d\udccf Published: 2023-05-27T00:00:00\n\ud83d\udccf Modified: 2025-01-14T18:45:05.373Z\n\ud83d\udd17 References:\n1. https://huntr.dev/bounties/52534def-acab-4200-a79a-89ef4ce6a0b0\n2. https://github.com/openemr/openemr/commit/8d2d601ac40aca75bcd2c3cf193f59c8e56d8425", "creation_timestamp": "2025-01-14T19:11:12.000000Z"}, {"uuid": "0d388541-2ad7-490f-85a8-8c5ae1bc5a56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2947", "type": "seen", "source": "https://t.me/cibsecurity/64743", "content": "\u203c CVE-2023-2947 \u203c\n\nCross-site Scripting (XSS) - Stored in GitHub repository openemr/openemr prior to 7.0.1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-28T02:29:42.000000Z"}, {"uuid": "d0a8019b-d1de-46a1-91ac-94656c215794", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29478", "type": "seen", "source": "Telegram/0bb4ickjNVq2KArTNOdzserrohT_992e5R5ph1LrWrwSMlxx", "content": "", "creation_timestamp": "2025-02-14T10:04:00.000000Z"}, {"uuid": "a9212011-bb12-40c1-9e20-406dc901b173", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29478", "type": "seen", "source": "https://t.me/cibsecurity/61625", "content": "\u203c CVE-2023-29478 \u203c\n\nBiblioCraft before 2.4.6 does not sanitize path-traversal characters in filenames, allowing restricted write access to almost anywhere on the filesystem. This includes the Minecraft mods folder, which results in code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-07T07:26:55.000000Z"}, {"uuid": "8377dae7-0c34-4ac6-be33-a938e2976b69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29479", "type": "seen", "source": "https://t.me/cibsecurity/62714", "content": "\u203c CVE-2023-29479 \u203c\n\nRibose RNP before 0.16.3 may hang when the input is malformed.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-24T18:14:41.000000Z"}, {"uuid": "a0787fb1-2d10-4a3f-a40a-63497b21329d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29471", "type": "seen", "source": "https://t.me/cibsecurity/63016", "content": "\u203c CVE-2023-29471 \u203c\n\nLightbend Alpakka Kafka before 5.0.0 logs its configuration as debug information, and thus log files may contain credentials (if plain cleartext login is configured). This occurs in akka.kafka.internal.KafkaConsumerActor.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-28T00:26:47.000000Z"}, {"uuid": "7b5d6b1b-54f7-45e9-83c8-04892729e58f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29474", "type": "seen", "source": "https://t.me/cibsecurity/61623", "content": "\u203c CVE-2023-29474 \u203c\n\ninventory in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 before 10 R1.34.4 allows an unauthenticated attacker to run arbitrary commands on the platform operating system and achieve administrative access, aka OSFOURK-23552.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-07T04:38:08.000000Z"}, {"uuid": "608e24d5-10c1-4ce8-aa64-6206a86b2ac6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29473", "type": "seen", "source": "https://t.me/cibsecurity/61622", "content": "\u203c CVE-2023-29473 \u203c\n\nwebservice in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 before 10 R1.34.4 allows an unauthenticated attacker to run arbitrary commands on the platform operating system and achieve administrative access, aka OSFOURK-23710.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-07T02:27:20.000000Z"}, {"uuid": "5335dc1b-e78c-4d85-bf2e-ce4eaf9215bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29475", "type": "seen", "source": "https://t.me/cibsecurity/61621", "content": "\u203c CVE-2023-29475 \u203c\n\ninventory in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 before 10 R1.34.4 allows an unauthenticated attacker to run arbitrary commands on the platform operating system and achieve administrative access, aka OSFOURK-23543.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-07T02:27:19.000000Z"}]}