{"vulnerability": "cve-2023-4036", "sightings": [{"uuid": "b0f8646d-ff87-4a07-90b8-bbfaf4e336d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40362", "type": "published-proof-of-concept", "source": "https://t.me/Kelvinseccommunity/18", "content": "https://github.com/ally-petitt/CVE-2023-40362\n\nCVE-2023-40362 \u6f0f\u6d1e\u8be6\u7ec6\u4fe1\u606f\u548c\u6982\u5ff5\u8bc1\u660e\n\n#github", "creation_timestamp": "2023-12-26T08:55:53.000000Z"}, {"uuid": "a04e2634-feaf-442d-97a6-117909df0a40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40361", "type": "seen", "source": "https://t.me/cibsecurity/72660", "content": "\u203c CVE-2023-40361 \u203c\n\nSECUDOS Qiata (DOMOS OS) 4.13 has Insecure Permissions for the previewRm.sh daily cronjob. To exploit this, an attacker needs access as a low-privileged user to the underlying DOMOS system. Every user on the system has write permission for previewRm.sh, which is executed by the root user.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-20T12:35:17.000000Z"}, {"uuid": "2b3ab92a-85c8-41fb-9adb-ce396e8167ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40362", "type": "published-proof-of-concept", "source": "https://t.me/darkcommunityofficial/302", "content": "https://github.com/ally-petitt/CVE-2023-40362\n\nCVE-2023-40362 \u6f0f\u6d1e\u8be6\u7ec6\u4fe1\u606f\u548c\u6982\u5ff5\u8bc1\u660e\n\n#github", "creation_timestamp": "2024-01-12T16:36:47.000000Z"}, {"uuid": "3f8222b8-aed4-4b9d-8dc6-669846b0eaf3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40362", "type": "seen", "source": "https://t.me/ctinow/177985", "content": "https://ift.tt/WCi24H6\nCVE-2023-40362 | CentralSquare Click2Gov Building Permit access control", "creation_timestamp": "2024-02-02T08:36:51.000000Z"}, {"uuid": "aa2683da-5628-4016-a4b5-44ad1759f125", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40368", "type": "seen", "source": "https://t.me/cibsecurity/70832", "content": "\u203c CVE-2023-40368 \u203c\n\nIBM Storage Protect 8.1.0.0 through 8.1.19.0 could allow a privileged user to obtain sensitive information from the administrative command line client. IBM X-Force ID: 263456.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-20T22:29:40.000000Z"}, {"uuid": "c43eb560-a2ed-414f-a869-69a46ab04c65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40362", "type": "seen", "source": "https://t.me/ctinow/170094", "content": "https://ift.tt/jgdk7mG\nCVE-2023-40362 Exploit", "creation_timestamp": "2024-01-19T08:17:04.000000Z"}, {"uuid": "12b2e9f3-2ae7-45e0-aa51-26459f9cc958", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40362", "type": "seen", "source": "https://t.me/ctinow/167148", "content": "https://ift.tt/K2cV3qb\nCVE-2023-40362", "creation_timestamp": "2024-01-12T09:26:41.000000Z"}, {"uuid": "a7cb8cb3-2da5-403a-b70b-049edddeb765", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4036", "type": "seen", "source": "https://t.me/cibsecurity/69449", "content": "\u203c CVE-2023-4036 \u203c\n\nThe Simple Blog Card WordPress plugin before 1.32 does not ensure that posts to be displayed via a shortcode are public, allowing any authenticated users, such as subscriber, to retrieve arbitrary post title and their content such as draft, private and password protected ones\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-30T18:12:38.000000Z"}, {"uuid": "c42032c3-7613-4c12-ade1-1f2da68691ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40360", "type": "seen", "source": "https://t.me/cibsecurity/68467", "content": "\u203c CVE-2023-40360 \u203c\n\nQEMU through 8.0.4 accesses a NULL pointer in nvme_directive_receive in hw/nvme/ctrl.c because there is no check for whether an endurance group is configured before checking whether Flexible Data Placement is enabled.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-15T04:08:52.000000Z"}, {"uuid": "2ed4418a-946c-43d2-9ffc-09197cf98b4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40362", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1763", "content": "https://github.com/ally-petitt/CVE-2023-40362\n\nCVE-2023-40362 Vulnerabilitiy details and proof of concept\n\n#github", "creation_timestamp": "2023-12-29T19:37:05.000000Z"}, {"uuid": "fa59f561-7fc0-4caf-b984-69d04658fa15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40362", "type": "published-proof-of-concept", "source": "https://t.me/Kelvinseccommunity/32", "content": "https://github.com/ally-petitt/CVE-2023-40362\n\nCVE-2023-40362 \u6f0f\u6d1e\u8be6\u7ec6\u4fe1\u606f\u548c\u6982\u5ff5\u8bc1\u660e\n\n#github", "creation_timestamp": "2023-12-26T08:55:53.000000Z"}, {"uuid": "3d5268d5-bc9f-4d74-a690-950594cb9864", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40362", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/2600", "content": "#exploit\n1. CVE-2023-6710:\nApache HTTP Server mod_proxy_cluster XSS\nhttps://github.com/DedSec-47/CVE-2023-6710\n\n2. CVE-2023-40362:\nAccess control vulnerability in Click2Gov\nhttps://github.com/ally-petitt/CVE-2023-40362", "creation_timestamp": "2024-08-16T09:08:01.000000Z"}, {"uuid": "5421e143-d2f9-4b25-bd68-e77e33981602", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-40362", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9660", "content": "#exploit\n1. CVE-2023-6710:\nApache HTTP Server mod_proxy_cluster XSS\nhttps://github.com/DedSec-47/CVE-2023-6710\n\n2. CVE-2023-40362:\nAccess control vulnerability in Click2Gov\nhttps://github.com/ally-petitt/CVE-2023-40362", "creation_timestamp": "2024-11-12T02:00:35.000000Z"}]}