{"vulnerability": "cve-2023-4196", "sightings": [{"uuid": "b1c581cd-ddfe-4057-9fa6-4fead2513687", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-41964", "type": "seen", "source": "https://t.me/cibsecurity/71931", "content": "\u203c CVE-2023-41964 \u203c\n\nThe BIG-IP and BIG-IQ systems do not encrypt some sensitive information written to Database (DB) variables.\u00c2\u00a0Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-10T16:16:54.000000Z"}, {"uuid": "fec7aea7-bc8c-4561-aa38-b36c8dfe5029", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-41966", "type": "seen", "source": "https://t.me/arpsyndicate/2460", "content": "#ExploitObserverAlert\n\nCVE-2023-41966\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-41966. The application suffers from a privilege escalation vulnerability. A  user with read permissions can elevate privileges by sending a HTTP POST  to set a parameter.\n\nFIRST-EPSS: 0.000500000\nNVD-IS: 5.9\nNVD-ES: 2.8", "creation_timestamp": "2024-01-04T13:01:29.000000Z"}, {"uuid": "67335adf-6dca-4f52-bd2d-a7c79589206b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-41965", "type": "seen", "source": "https://t.me/cibsecurity/70674", "content": "\u203c CVE-2023-41965 \u203c\n\n** UNSUPPPORTED WHEN ASSIGNED ** Sending some requests in the web application of the vulnerable device allows information to be obtained due to the lack of security in the authentication process.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-19T00:28:44.000000Z"}, {"uuid": "fc572ec7-ca9a-4c91-a5b3-0969f5347dd5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-41962", "type": "seen", "source": "https://t.me/cibsecurity/71085", "content": "\u203c CVE-2023-41962 \u203c\n\nCross-site scripting vulnerability in Credit Card Payment Setup page of Welcart e-Commerce versions 2.7 to 2.8.21 allows a remote unauthenticated attacker to inject an arbitrary script in the page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-27T18:42:10.000000Z"}, {"uuid": "5eef9a4e-bb29-47b8-8714-76ed862d6cbf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-41966", "type": "seen", "source": "https://t.me/cibsecurity/72979", "content": "\u203c CVE-2023-41966 \u203c\n\nThe application suffers from a privilege escalation vulnerability. A user with read permissions can elevate privileges by sending a HTTP POST to set a parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-26T20:15:58.000000Z"}, {"uuid": "eb3efdd2-a414-46b1-967c-de9f373d53b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-41963", "type": "seen", "source": "https://t.me/ctinow/161661", "content": "https://ift.tt/xlnHBXu\nCVE-2023-41963 | Jtekt Electronics GC-A22W-CW FTP Service denial of service", "creation_timestamp": "2024-01-02T10:36:32.000000Z"}, {"uuid": "fb1084a5-8ec4-4ede-a476-ccc0c9d31051", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-41967", "type": "seen", "source": "https://t.me/ctinow/167273", "content": "https://ift.tt/61r5fiK\nCVE-2023-41967 | Gallagher Controller 6000 prior CR8.70.231204a Diagnostic Web Page unknown vulnerability", "creation_timestamp": "2024-01-12T14:36:53.000000Z"}, {"uuid": "3229f7aa-da29-4536-b3c9-34f533f36cbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4196", "type": "seen", "source": "https://t.me/cibsecurity/67835", "content": "\u203c CVE-2023-4196 \u203c\n\nCross-site Scripting (XSS) - Stored in GitHub repository cockpit-hq/cockpit prior to 2.6.3.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-06T22:12:36.000000Z"}]}