{"vulnerability": "cve-2023-3819", "sightings": [{"uuid": "aa773bb4-552a-49f3-9bb8-5ab7a36abcb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38192", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-02-04)", "content": "", "creation_timestamp": "2025-02-04T00:00:00.000000Z"}, {"uuid": "302c9b4a-ff94-4a32-87bc-af2655d81922", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38197", "type": "seen", "source": "https://gist.github.com/jakirkham/b16b96bb6b20b7a5405e686931fd28cd", "content": "", "creation_timestamp": "2026-01-14T19:38:38.000000Z"}, {"uuid": "d6d2f031-f9b9-4dc2-b83c-75b861800bd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38195", "type": "seen", "source": "https://t.me/cibsecurity/67116", "content": "\u203c CVE-2023-38195 \u203c\n\nDatalust Seq before 2023.2.9489 allows insertion of sensitive information into an externally accessible file or directory. This is exploitable only when external (SQL Server or PostgreSQL) metadata storage is used. Exploitation can only occur from a high-privileged user account.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-22T20:24:32.000000Z"}, {"uuid": "a82560ec-f42e-40a9-a1c9-2dc1f226de3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38199", "type": "seen", "source": "https://t.me/cibsecurity/66617", "content": "\u203c CVE-2023-38199 \u203c\n\ncoreruleset (aka OWASP ModSecurity Core Rule Set) through 3.3.4 does not block multiple Content-Type headers, which might allow attackers to bypass a WAF with a crafted payload, aka \"Content-Type confusion.\" This occurs when the web application relies on only the last Content-Type header.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-13T07:45:14.000000Z"}, {"uuid": "4797257d-9c03-4996-a9b7-8b7d931b2641", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38199", "type": "seen", "source": "https://bsky.app/profile/ferramentaslinux.bsky.social/post/3mfhjl3rkrk2o", "content": "", "creation_timestamp": "2026-02-22T16:09:51.463710Z"}, {"uuid": "90bd233a-59b2-4ba7-b85d-dc1cd0e604b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38191", "type": "seen", "source": "https://t.me/cibsecurity/72721", "content": "\u203c CVE-2023-38191 \u203c\n\nAn issue was discovered in SuperWebMailer 9.00.0.01710. It allows spamtest_external.php XSS via a crafted filename.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-21T02:35:32.000000Z"}, {"uuid": "8c83d280-f567-4b02-bc3b-641ccc62fdb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3819", "type": "seen", "source": "https://t.me/cibsecurity/67097", "content": "\u203c CVE-2023-3819 \u203c\n\nExposure of Sensitive Information to an Unauthorized Actor in GitHub repository pimcore/pimcore prior to 10.6.4.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-21T18:23:36.000000Z"}]}