{"vulnerability": "cve-2023-3484", "sightings": [{"uuid": "5dde393a-1509-440f-a59a-401de2ef2c19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34840", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3099", "content": "Tools \ud83d\udd27 \ud83d\udd28 \ud83d\udd27 \ud83d\udd28  - Hackers Factory \n\n\u200b\u200bosquery-defense-kit\n\nODK (osquery-defense-kit) is unique in that the queries are designed to be used as part of a production detection & response pipeline. The detection queries are formulated to return zero rows during normal expected behavior, so that they may be configured to generate alerts when rows are returned.\n\nhttps://github.com/chainguard-dev/osquery-defense-kit\n\n#cybersecurity #infosec\n\n\u200b\u200bSAFIREFUZZ\n\nA throughput-optimized rehosting and fuzzing framework for ARM Cortex-M firmware. It takes monolithic binary-only firmware images and uses high-level emulation (HLE) and dynamic binary rewriting to run them on far more powerful hardware with low overhead.\n\nhttps://github.com/pr0me/SAFIREFUZZ\n\n#cybersecurity #infosec\n\n\u200b\u200bGoogle CTF\n\nThis repository lists most of the challenges used in the Google CTF since 2017, as well as most of the infrastructure that can be used to run them.\n\nhttps://github.com/google/google-ctf\n\n#CTF #cybersecurity #infosec\n\n\u200b\u200breveng_rtkit\n\nLinux Loadable Kernel Module (LKM) based rootkit (ring-0), capable of hiding itself, processes/implants, rmmod proof, has ability to bypass infamous rkhunter antirootkit.\n\nhttps://github.com/reveng007/reveng_rtkit\n\n#infosec #pentesting #redteam\n\n\u200b\u200bPwnDoc-ng\n\nA pentest reporting application making it simple and easy to write your findings and generate a customizable Docx report. \n\nhttps://github.com/pwndoc-ng/pwndoc-ng\n\n#cybersecurity #infosec #pentesting\n\nPwnDoc-Vulns\n\nA collection of vuln templates you can import and use together with PwnDoc or PwnDoc-NG.\n\nhttps://github.com/LuemmelSec/PwnDoc-Vulns\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bVulnx\n\nAn intelligent bot auto shell injector that detects vulnerabilities in multiple types of cms.\n\nhttps://github.com/anouarbensaad/vulnx\n\n#infosec #pentesting #bugbounty\n\n\u200b\u200bReview Analyzer\n\nA #Chrome Extension for #extracting valuable insights from reviews, generating concise summaries, sentiment analysis, and keyword extraction.\n\nhttps://github.com/serpapi/review-analyzer\n\n\u200b\u200bCVE-2023-34840\n\nAll versions in angular-ui-notification are vulnerable to XSS due to the library not sanitizing the input provided by the user.\n\nhttps://github.com/Xh4H/CVE-2023-34840\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bCVE-2023-34598\n\nGibbon v25.0.0 is vulnerable to a Local File Inclusion (LFI) vulnerability where it's possible to include the content of several files present in the installation folder in the server's response.\n\nhttps://github.com/maddsec/CVE-2023-34598\n\n#cve #cybersecurity #infosec\n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-06-28T15:25:39.000000Z"}, {"uuid": "0f3b9437-437c-401c-b55e-03f4f7440aa4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34843", "type": "published-proof-of-concept", "source": "Telegram/rQMVu4dwJRh1-j8AkvL2ouV19FMmA1TDUkwtOokmEHAkfA", "content": "", "creation_timestamp": "2023-07-01T09:06:39.000000Z"}, {"uuid": "20e91836-109c-459b-8293-c5aeced7d889", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34840", "type": "published-proof-of-concept", "source": "Telegram/6PZKKGQl03Vi6ZEkQInhbXHc7Cdk1szybYRTzghfbAVd-Q", "content": "", "creation_timestamp": "2023-07-02T10:21:51.000000Z"}, {"uuid": "445275ca-5083-418c-99b3-6216c1eaaf76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34843", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4637", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aPublic disclosure for CVE-2023-34843.\nURL\uff1ahttps://github.com/rootd4ddy/CVE-2023-34843\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-06-28T07:44:18.000000Z"}, {"uuid": "ab31e7c3-743e-4e08-8168-b43496d01334", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34843", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/3780", "content": "\ud83d\udd10DATALEAKS:\n\n\ud83d\udcccSocial Security Administration USA (SSA.gov) Leak : https://www.system32.ink/2023/06/social-security-administration-usa.html\n\n\ud83d\udcccElectrical4all (electrical4all.co.uk) UK Data Leak : https://www.system32.ink/2023/06/electrical4all-electrical4allcouk-uk.html\n\n\ud83d\udcccAuraXR (Mexican 'extended reality' company) DATA Leak : https://www.system32.ink/2023/06/auraxr-mexican-extended-reality-company.html\n\n\ud83d\udcccQWERT SYSTEM (South Korean POS systems) Leak : https://www.system32.ink/2023/06/qwert-system-south-korean-pos-systems.html\n\n\ud83d\udcccTelstra MyRewards (Australian rewards/coupon service) Data Leak : https://www.system32.ink/2023/06/telstra-myrewards-australian.html\n\n\ud83d\udcccDoctorAki (Colombian health website) Data Leak : https://www.system32.ink/2023/06/doctoraki-colombian-health-website-data.html\n\n\ud83d\udcccNovaPay data leak : https://www.system32.ink/2023/06/novapay-data-leak.html\n\n\ud83d\udccc3S Castle Real Estate (3skalegayrimenkul.com.tr) Data Leak : https://www.system32.ink/2023/06/3s-castle-real-estate.html\n\n\ud83e\uddeeExploits: \n\n\ud83d\udcccCVE-2023-34843 POC Traggo/server : https://www.system32.ink/2023/06/cve-2023-34843-poc-traggoserver.html\n\n\ud83d\udcccCVE-2023-2982 Exploit WordPress Social Login and Register Plugin : https://www.system32.ink/2023/06/cve-2023-2982-exploit-wordpress-social.html\n\n\ud83d\udee0Tools:\n\n\ud83d\udcccATSCAN SCANNER - Advanced dork Search & Mass Exploit Scanner : https://www.system32.ink/2023/06/atscan-scanner-advanced-dork-search.html\n\n\ud83d\udcccDecrypt FortiManager configuration secrets (CVE-2020-9289) : https://www.system32.ink/2023/06/decrypt-fortimanager-configuration.html\n\n\ud83d\udcccNoMoreCookies - Browser Protector against various Stealers : https://www.system32.ink/2023/06/nomorecookies-browser-protector-against.html\n\n\ud83d\udc00RAT:\n\n\ud83d\udcccEverspy v1.1 Rat : https://www.system32.ink/2023/06/everspy-v11-rat-cracked-download.html\n\n\ud83e\udee5SCAMPAGE:\n\n\ud83d\udcccBellco Credit Union Scampage : https://www.system32.ink/2023/06/bellco-credit-union-phishing-page.html", "creation_timestamp": "2023-06-30T15:51:30.000000Z"}, {"uuid": "dcc83f4d-680e-4e1d-8567-a8e2ca4c4671", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34840", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/3787", "content": "\ud83d\udcdfDataLeak:\n\n\ud83d\udcccAsia Vital Components Leak : https://www.system32.ink/2023/06/asia-vital-components-leak.html\n\n\ud83d\udcccposkok_info Data Leak : https://www.system32.ink/2023/06/poskokinfo-data-leak.html\n\n\ud83d\udcccGeotecsacr Digital Marketing Agency Leak : https://www.system32.ink/2023/06/geotecsacr-digital-marketing-agency-leak.html\n\n\ud83d\udcccDarkForum Leak : https://www.system32.ink/2023/06/darkforums-data-leak.html\n\n\ud83d\udcccRussian Champion Tennis Club in Tomsk Leak : https://www.system32.ink/2023/06/russian-champion-tennis-club-in-tomsk.html\n\n\ud83e\uddeeExploits:\n\n\ud83d\udcccLightdash Exploit (CVE-2023-35844) : https://www.system32.ink/2023/06/lightdash-exploit-cve-2023-35844.html\n\n\ud83d\udcccCVE-2023-33140 OneNote Exploit : https://www.system32.ink/2023/06/cve-2023-33140-onenote-exploit.html\n\n\ud83d\udcccCVE-2023-34840 XSS POC OF angular-ui-notification : https://www.system32.ink/2023/06/cve-2023-34840-xss-poc-of-angular-ui.html\n\n\u2699\ufe0fTools:\n\n\ud83d\udcccCrackMapExec : https://www.system32.ink/2023/06/crackmapexec.html\n\n\ud83d\udcccSAFIREFUZZ - Same-Architecture Firmware Rehosting and Fuzzing : https://www.system32.ink/2023/06/safirefuzz-same-architecture-firmware.html\n\n\ud83d\udcccPwnDoc-ng - Pentest Report Generator : https://www.system32.ink/2023/06/pwndoc-ng-pentest-report-generator.html\n\n\ud83d\udcccVulnX - An Intelligent Bot Auto Shell Injector that detects vulnerabilities in multiple types of Cms : https://www.system32.ink/2023/06/vulnx-intelligent-bot-auto-shell.html\n\n\ud83d\udcccNetwork Signal Guru APK : https://www.system32.ink/2023/06/network-signal-guru-apk.html\n\n\ud83d\udcccGoogle CTF : https://www.system32.ink/2023/06/google-ctf.html\n\n\ud83e\udda0Rootkit ANd RAT:\n\n\ud83d\udccc888 RAT New Version 2023 ( 1.2.6 Full Setup ) For Lifetime : https://www.system32.ink/2023/06/888-rat-new-version-2023-126-full-setup.html\n\n\ud83d\udcccreveng_rtkit Rootkit : https://www.system32.ink/2023/06/revengrtkit-rootkit.html", "creation_timestamp": "2023-07-02T12:30:36.000000Z"}, {"uuid": "8039b251-6b04-405d-b206-5f5db72bfb63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34840", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/3767", "content": "\ud83d\udcdfDataLeak:\n\n\ud83d\udcccAsia Vital Components Leak : https://www.system32.ink/2023/06/asia-vital-components-leak.html\n\n\ud83d\udcccposkok_info Data Leak : https://www.system32.ink/2023/06/poskokinfo-data-leak.html\n\n\ud83d\udcccGeotecsacr Digital Marketing Agency Leak : https://www.system32.ink/2023/06/geotecsacr-digital-marketing-agency-leak.html\n\n\ud83d\udcccDarkForum Leak : https://www.system32.ink/2023/06/darkforums-data-leak.html\n\n\ud83d\udcccRussian Champion Tennis Club in Tomsk Leak : https://www.system32.ink/2023/06/russian-champion-tennis-club-in-tomsk.html\n\n\ud83e\uddeeExploits:\n\n\ud83d\udcccLightdash Exploit (CVE-2023-35844) : https://www.system32.ink/2023/06/lightdash-exploit-cve-2023-35844.html\n\n\ud83d\udcccCVE-2023-33140 OneNote Exploit : https://www.system32.ink/2023/06/cve-2023-33140-onenote-exploit.html\n\n\ud83d\udcccCVE-2023-34840 XSS POC OF angular-ui-notification : https://www.system32.ink/2023/06/cve-2023-34840-xss-poc-of-angular-ui.html\n\n\u2699\ufe0fTools:\n\n\ud83d\udcccCrackMapExec : https://www.system32.ink/2023/06/crackmapexec.html\n\n\ud83d\udcccSAFIREFUZZ - Same-Architecture Firmware Rehosting and Fuzzing : https://www.system32.ink/2023/06/safirefuzz-same-architecture-firmware.html\n\n\ud83d\udcccPwnDoc-ng - Pentest Report Generator : https://www.system32.ink/2023/06/pwndoc-ng-pentest-report-generator.html\n\n\ud83d\udcccVulnX - An Intelligent Bot Auto Shell Injector that detects vulnerabilities in multiple types of Cms : https://www.system32.ink/2023/06/vulnx-intelligent-bot-auto-shell.html\n\n\ud83d\udcccNetwork Signal Guru APK : https://www.system32.ink/2023/06/network-signal-guru-apk.html\n\n\ud83d\udcccGoogle CTF : https://www.system32.ink/2023/06/google-ctf.html\n\n\ud83e\udda0Rootkit ANd RAT:\n\n\ud83d\udccc888 RAT New Version 2023 ( 1.2.6 Full Setup ) For Lifetime : https://www.system32.ink/2023/06/888-rat-new-version-2023-126-full-setup.html\n\n\ud83d\udcccreveng_rtkit Rootkit : https://www.system32.ink/2023/06/revengrtkit-rootkit.html", "creation_timestamp": "2023-06-28T21:51:53.000000Z"}, {"uuid": "72e25680-e7ca-4d52-8a39-acc389f88401", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3484", "type": "seen", "source": "https://t.me/cibsecurity/67094", "content": "\u203c CVE-2023-3484 \u203c\n\nAn issue has been discovered in GitLab EE affecting all versions starting from 12.8 before 15.11.11, all versions starting from 16.0 before 16.0.7, all versions starting from 16.1 before 16.1.2. An attacker could change the name or path of a public top-level group in certain situations.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-21T18:23:34.000000Z"}, {"uuid": "8f12d8ed-ece6-4f2d-979c-42e7d53f96c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34845", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10503", "content": "#exploit\n1. CVE-2023-34845\nStored XSS in Bludit\nhttps://github.com/r4vanan/CVE-2023-34845\n\n2. CVE-2024-0671:\nUaF in ARM Midgard GPU Kernel Driver\nhttps://packetstormsecurity.com/files/cve/CVE-2024-0671", "creation_timestamp": "2024-05-14T13:41:04.000000Z"}, {"uuid": "779bf0bc-e964-4611-8638-e30f40e7749d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34840", "type": "seen", "source": "https://t.me/cibsecurity/65812", "content": "\u203c CVE-2023-34840 \u203c\n\nangular-ui-notification v0.1.0, v0.2.0, and v0.3.6 was discovered to contain a cross-site scripting (XSS) vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-01T06:08:49.000000Z"}, {"uuid": "111ffe49-5b1c-4c71-a66e-9ba7b22d11f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34840", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8570", "content": "#exploit\n1. CVE-2023-35844:\nLightdash routers path traversal\nhttps://github.com/Szlein/CVE-2023-35844\n\n2. CVE-2023-34840:\nXSS in angular-ui-notification\nhttps://github.com/Xh4H/CVE-2023-34840\n\n3. Office Suite Premium 10.9.1 - Cross Site Scripting\nhttps://packetstormsecurity.com/files/173143", "creation_timestamp": "2023-06-28T18:46:56.000000Z"}, {"uuid": "434e7e35-b797-4355-b07a-dcb7b08d2e69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34843", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8578", "content": "#exploit\n1. CVE-2023-26258:\nRCE in ArcServe UDP Backup\nhttps://www.mdsec.co.uk/2023/06/cve-2023-26258-remote-code-execution-in-arcserve-udp-backup\n\n2. CVE-2023-34843:\ntraggo/server ver. 0.3 - directory traversal\nhttps://github.com/rootd4ddy/CVE-2023-34843\n\n3. A Python script for generating exploits targeting CVE-2022-4510 RCE Binwalk\nhttps://github.com/adhikara13/CVE-2022-4510-WalkingPath", "creation_timestamp": "2023-06-29T11:03:01.000000Z"}, {"uuid": "ac1edc20-2842-4f66-8ad1-65e3866c3be5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34842", "type": "seen", "source": "https://t.me/cibsecurity/67457", "content": "\u203c CVE-2023-34842 \u203c\n\nRemote Code Execution vulnerability in DedeCMS through 5.7.109 allows remote attackers to run arbitrary code via crafted POST request to /dede/tpl.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-31T18:37:50.000000Z"}, {"uuid": "eb9e8b69-9061-4752-aa04-ab6287e43615", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34845", "type": "seen", "source": "https://t.me/cibsecurity/65290", "content": "\u203c CVE-2023-34845 \u203c\n\nBludit v3.14.1 was discovered to contain an arbitrary file upload vulnerability in the component /admin/new-content. This vulnerability allows attackers to execute arbitrary web scripts or HTML via uploading a crafted SVG file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-16T07:22:15.000000Z"}, {"uuid": "c6d8beca-aebc-4819-912e-d90ffaf57fdc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34844", "type": "seen", "source": "https://t.me/cibsecurity/65719", "content": "\u203c CVE-2023-34844 \u203c\n\nPlay With Docker < 0.0.2 has an insecure CAP_SYS_ADMIN privileged mode causing the docker container to escape.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-29T18:14:24.000000Z"}, {"uuid": "f8da7169-d37a-46b4-9911-05be5e1076bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34849", "type": "seen", "source": "https://t.me/cibsecurity/65718", "content": "\u203c CVE-2023-34849 \u203c\n\nAn unauthorized command injection vulnerability exists in the ActionLogin function of the webman.lua file in Ikuai router OS through 3.7.1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-29T18:14:23.000000Z"}, {"uuid": "649e07d5-cb0f-4f81-9bb3-4eba47d371c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34845", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2485", "content": "https://github.com/r4vanan/CVE-2023-34845\n\nCVE-2023-34845\n#github #poc #xss", "creation_timestamp": "2024-05-14T05:02:42.000000Z"}, {"uuid": "7bb8c637-60de-4191-9c6a-1494c621afd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-34845", "type": "published-proof-of-concept", "source": "https://t.me/ckeArsenal/114", "content": "https://github.com/r4vanan/CVE-2023-34845\n\nCVE-2023-34845\n#github #poc #xss", "creation_timestamp": "2024-12-21T15:54:02.000000Z"}]}