{"vulnerability": "cve-2023-3877", "sightings": [{"uuid": "9ec0626d-7332-442f-b8bd-b37297ac7d6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38771", "type": "seen", "source": "https://t.me/cibsecurity/68015", "content": "\u203c CVE-2023-38771 \u203c\n\nSQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the volopp parameter within the /QueryView.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-08T20:14:28.000000Z"}, {"uuid": "476758f3-5318-4ca5-aa26-c821df6ce753", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38773", "type": "seen", "source": "https://t.me/cibsecurity/68006", "content": "\u203c CVE-2023-38773 \u203c\n\nSQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the volopp1 and volopp2 parameters within the /QueryView.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-08T20:14:16.000000Z"}, {"uuid": "1356d143-d60b-4dd4-9c42-6fafa8ef6aab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38770", "type": "seen", "source": "https://t.me/cibsecurity/68004", "content": "\u203c CVE-2023-38770 \u203c\n\nSQL injection vulnerability in ChurchCRM v.5.0.0 allows a remote attacker to obtain sensitive information via the group parameter within the /QueryView.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-08T20:14:14.000000Z"}, {"uuid": "0c8e71c2-fa68-48e2-869e-b13b5b1c4203", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3877", "type": "seen", "source": "https://t.me/cibsecurity/67199", "content": "\u203c CVE-2023-3877 \u203c\n\nA vulnerability was found in Campcodes Beauty Salon Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/add-services.php. The manipulation of the argument cost leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-235239.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-25T07:26:40.000000Z"}]}