{"vulnerability": "cve-2023-3612", "sightings": [{"uuid": "30bd328d-e0dc-46a6-991a-2e17c5e32ef2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36121", "type": "seen", "source": "https://t.me/cibsecurity/67563", "content": "\u203c CVE-2023-36121 \u203c\n\nCross Site Scripting vulnerability in e107 v.2.3.2 allows a remote attacker to execute arbitrary code via the description function in the SEO project.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-02T07:39:20.000000Z"}, {"uuid": "5d75fb7e-2582-4135-b017-e463b4f84540", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36126", "type": "seen", "source": "https://t.me/cibsecurity/72054", "content": "\u203c CVE-2023-36126 \u203c\n\nThere is a Cross Site Scripting (XSS) vulnerability in the \"theme\" parameter of preview.php in PHPJabbers Appointment Scheduler v3.0\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-11T02:22:04.000000Z"}, {"uuid": "f7436798-80de-4637-aefe-595b4c7f81fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36127", "type": "seen", "source": "https://t.me/cibsecurity/72053", "content": "\u203c CVE-2023-36127 \u203c\n\nUser enumeration is found in in PHPJabbers Appointment Scheduler 3.0. This issue occurs during password recovery, where a difference in messages could allow an attacker to determine if the user is valid or not, enabling a brute force attack with valid users.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-11T02:16:54.000000Z"}, {"uuid": "bd23d820-9a50-423e-bbb5-447b387d8ac8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36123", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5095", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aThe PoC of CVE-2023-36123\nURL\uff1ahttps://github.com/9Bakabaka/CVE-2023-36123\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-09-07T12:29:43.000000Z"}, {"uuid": "bbb6c437-1c42-45bd-9116-70f3289a7eaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36123", "type": "seen", "source": "https://t.me/cibsecurity/71771", "content": "\u203c CVE-2023-36123 \u203c\n\nDirectory Traversal vulnerability in Hex-Dragon Plain Craft Launcher 2 version Alpha 1.3.9, allows local attackers to execute arbitrary code and gain sensitive information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-07T07:13:59.000000Z"}]}