{"vulnerability": "cve-2023-3890", "sightings": [{"uuid": "968e0080-1be4-41ec-845d-f2c2517419a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38907", "type": "seen", "source": "https://t.me/cibsecurity/71029", "content": "\u203c CVE-2023-38907 \u203c\n\nAn issue in TPLink Smart bulb Tapo series L530 v.1.0.0 and Tapo Application v.2.8.14 allows a remote attacker to obtain sensitive information via session key in the message function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-26T02:39:28.000000Z"}, {"uuid": "f6a5cd93-191d-42d9-9959-2643a96389da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38908", "type": "seen", "source": "https://t.me/cibsecurity/68919", "content": "\u203c CVE-2023-38908 \u203c\n\nAn issue in TPLink Smart bulb Tapo series L530 v.1.0.0 and Tapo Application v.2.8.14 allows a remote attacker to obtain sensitive information via the TSKEP authentication function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-22T07:26:43.000000Z"}, {"uuid": "a6240fe8-5b51-439e-baf9-3de08eb1b0f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38909", "type": "seen", "source": "https://t.me/cibsecurity/68920", "content": "\u203c CVE-2023-38909 \u203c\n\nAn issue in TPLink Smart bulb Tapo series L530 v.1.0.0 and Tapo Application v.2.8.14 allows a remote attacker to obtain sensitive information via the IV component in the AES128-CBC function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-22T08:32:47.000000Z"}, {"uuid": "6b5ca780-9aab-4ed5-ae98-06dc87ffd821", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38906", "type": "seen", "source": "https://t.me/cibsecurity/68918", "content": "\u203c CVE-2023-38906 \u203c\n\nAn issue in TPLink Smart bulb Tapo series L530 v.1.0.0 and Tapo Application v.2.8.14 allows a remote attacker to obtain sensitive information via the authentication code for the UDP message.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-22T07:23:42.000000Z"}, {"uuid": "11e0b63a-057d-4ea9-9d4c-68364fe5dd27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38905", "type": "seen", "source": "https://t.me/cibsecurity/68780", "content": "\u203c CVE-2023-38905 \u203c\n\nSQL injection vulnerability in Jeecg-boot v.3.5.0 and before allows a local attacker to cause a denial of service via the Benchmark, PG_Sleep, DBMS_Lock.Sleep, Waitfor, DECODE, and DBMS_PIPE.RECEIVE_MESSAGE functions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-17T22:38:11.000000Z"}, {"uuid": "faa1fcc3-8560-43e0-9af2-0a43d07544fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38902", "type": "seen", "source": "https://t.me/cibsecurity/68750", "content": "\u203c CVE-2023-38902 \u203c\n\nAn issue in RG-EW series home routers and repeaters v.EW_3.0(1)B11P204, RG-NBS and RG-S1930 series switches v.SWITCH_3.0(1)B11P218, RG-EG series business VPN routers v.EG_3.0(1)B11P216, EAP and RAP series wireless access points v.AP_3.0(1)B11P218, and NBC series wireless controllers v.AC_3.0(1)B11P86 allows a remote attacker to execute arbitrary code via the unifyframe-sgi.elf component in sub_40DA38.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-17T16:37:17.000000Z"}, {"uuid": "51738377-b4ad-430b-b9f2-e2bcef4309bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38904", "type": "seen", "source": "https://t.me/cibsecurity/68656", "content": "\u203c CVE-2023-38904 \u203c\n\nA Cross Site Scripting (XSS) vulnerability in Netlify CMS v.2.10.192 allows a remote attacker to execute arbitrary code via a crafted payload to the body parameter of the new post function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-16T18:49:46.000000Z"}, {"uuid": "2ba9ba21-cbe8-455b-b147-372aa94ba028", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3890", "type": "seen", "source": "https://t.me/cibsecurity/67224", "content": "\u203c CVE-2023-3890 \u203c\n\nA vulnerability classified as problematic has been found in Campcodes Beauty Salon Management System 1.0. This affects an unknown part of the file /admin/edit-accepted-appointment.php. The manipulation of the argument id leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-235251.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-25T12:28:22.000000Z"}]}