{"vulnerability": "cve-2023-4615", "sightings": [{"uuid": "bac818c3-e97c-4b29-bfeb-0f7f1b50509f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46153", "type": "seen", "source": "Telegram/7JPOTuPY4-NFJFgC7Pn151E_f5Y-7Y1UfAjF7O-tuiuV1A", "content": "", "creation_timestamp": "2023-10-27T12:21:50.000000Z"}, {"uuid": "18fbb769-0bd5-4965-86e1-303f9abb32e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46153", "type": "seen", "source": "https://t.me/cibsecurity/73034", "content": "\u203c CVE-2023-46153 \u203c\n\nUnauth. Stored Cross-Site Scripting (XSS) vulnerability in UserFeedback Team User Feedback plugin <=\u00c2\u00a01.0.9 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-27T12:16:56.000000Z"}, {"uuid": "604900d8-e169-4e8c-8b8f-cd8952e78bb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46158", "type": "seen", "source": "https://t.me/cibsecurity/72901", "content": "\u203c CVE-2023-46158 \u203c\n\nIBM WebSphere Application Server Liberty 23.0.0.9 through 23.0.0.10 could provide weaker than expected security due to improper resource expiration handling. IBM X-Force ID: 268775.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-25T22:52:57.000000Z"}, {"uuid": "c42e2524-d765-462d-ad96-c5ab0a7cba4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46151", "type": "seen", "source": "https://t.me/cibsecurity/72872", "content": "\u203c CVE-2023-46151 \u203c\n\nCross-Site Request Forgery (CSRF) vulnerability in AWESOME TOGI Product Category Tree plugin <=\u00c2\u00a02.5 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-25T22:49:20.000000Z"}, {"uuid": "39c16aba-5601-4eb7-985b-47348e535d93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46159", "type": "seen", "source": "https://t.me/ctinow/177909", "content": "https://ift.tt/Q2gYSFk\nCVE-2023-46159", "creation_timestamp": "2024-02-02T04:21:44.000000Z"}, {"uuid": "25fc74ab-fb8f-4274-ac4d-799c67962491", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46159", "type": "seen", "source": "https://t.me/ctinow/192583", "content": "https://ift.tt/Q5EFNHD\nCVE-2023-46159 | IBM Storage Ceph 5.3z1/5.3z5/6.1z1 denial of service (XFDB-268906)", "creation_timestamp": "2024-02-24T13:46:22.000000Z"}, {"uuid": "86b44e92-29ae-4cb4-bec1-46cdaa911efb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46157", "type": "seen", "source": "https://t.me/ctinow/161109", "content": "https://ift.tt/WDFIBNh\nCVE-2023-46157 | MGT CloudPanel up to 2.3.2 File-Manager os command injection", "creation_timestamp": "2023-12-31T15:16:43.000000Z"}, {"uuid": "b6700f74-7d1b-49e5-b931-b0ea8e706d15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46154", "type": "seen", "source": "https://t.me/ctinow/167240", "content": "https://ift.tt/bMkG20s\nCVE-2023-46154 | E2Pdf Export to Pdf Tool Plugin up to 1.20.18 on WordPress deserialization", "creation_timestamp": "2024-01-12T13:46:33.000000Z"}, {"uuid": "262754bb-0a26-4d54-bb2d-398954b341e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4615", "type": "seen", "source": "https://t.me/cibsecurity/69773", "content": "\u203c CVE-2023-4615 \u203c\n\nThis vulnerability allows remote attackers to disclose sensitive information on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/download/updateFile endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to disclose information in the context of the current user.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-04T14:16:33.000000Z"}]}