{"vulnerability": "cve-2023-3118", "sightings": [{"uuid": "d9672047-56bf-41b9-9a14-65ad3a6a11db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31189", "type": "seen", "source": "https://t.me/ctinow/201257", "content": "https://ift.tt/HhmAkWC\nCVE-2023-31189 | Intel Server Product OpenBMC prior 1.09 improper authentication (intel-sa-00922)", "creation_timestamp": "2024-03-06T12:11:34.000000Z"}, {"uuid": "c1e46c13-9065-452b-8824-4ee4289227e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31184", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1371", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-31184\n\ud83d\udd39 Description: ROZCOM client CWE-798: Use of Hard-coded Credentials\n\ud83d\udccf Published: 2023-05-30T00:00:00\n\ud83d\udccf Modified: 2025-01-13T19:53:19.153Z\n\ud83d\udd17 References:\n1. https://www.gov.il/en/Departments/faq/cve_advisories", "creation_timestamp": "2025-01-13T20:07:16.000000Z"}, {"uuid": "8466f09b-4f14-4780-94a0-e1cd020b6e21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31180", "type": "seen", "source": "https://t.me/cibsecurity/63516", "content": "\u203c CVE-2023-31180 \u203c\n\nWJJ Software - InnoKB Server, InnoKB/Console 2.2.1 - Reflected cross-site scripting (RXSS) through an unspecified request.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-09T00:51:02.000000Z"}, {"uuid": "a5fb495f-95b4-4269-ab32-948b4b0a22fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3118", "type": "seen", "source": "https://t.me/cibsecurity/66263", "content": "\u203c CVE-2023-3118 \u203c\n\nThe Export All URLs WordPress plugin before 4.6 does not sanitise and escape a parameter before outputting them back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-10T20:24:06.000000Z"}, {"uuid": "be03a801-589c-47af-9adb-7af5ef4034d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31188", "type": "seen", "source": "https://t.me/cibsecurity/69984", "content": "\u203c CVE-2023-31188 \u203c\n\nMultiple TP-LINK products allow a network-adjacent authenticated attacker to execute arbitrary OS commands. Affected products/versions are as follows: Archer C50 firmware versions prior to 'Archer C50(JP)_V3_230505', Archer C55 firmware versions prior to 'Archer C55(JP)_V1_230506', and Archer C20 firmware versions prior to 'Archer C20(JP)_V1_230616'.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-06T14:17:48.000000Z"}, {"uuid": "ed135bb3-ff1b-49e0-a697-3ffbdf5e7fe0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31183", "type": "seen", "source": "https://t.me/cibsecurity/63486", "content": "\u203c CVE-2023-31183 \u203c\n\nCybonet PineApp Mail Secure\u00c2\u00a0A reflected cross-site scripting (XSS) vulnerability was identified in the product, using an unspecified endpoint.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-09T00:42:58.000000Z"}, {"uuid": "f181b381-64c1-41dc-93b5-4e643a7c0dba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-31181", "type": "seen", "source": "https://t.me/cibsecurity/63493", "content": "\u203c CVE-2023-31181 \u203c\n\nWJJ Software - InnoKB Server, InnoKB/Console 2.2.1 - CWE-22: Path Traversal\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-09T00:43:07.000000Z"}]}