{"vulnerability": "cve-2023-4698", "sightings": [{"uuid": "9ca45f36-cb1a-4523-ae6f-a2b23406242c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46988", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3llrxuepqvx2s", "content": "", "creation_timestamp": "2025-04-01T22:57:08.803137Z"}, {"uuid": "637fa203-c406-4274-ac57-cac9f8889db9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46988", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114265037010819061", "content": "", "creation_timestamp": "2025-04-01T22:21:37.818024Z"}, {"uuid": "999fca3e-671f-4eca-a3f8-c6889f0fb07b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46988", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114265037010819061", "content": "", "creation_timestamp": "2025-04-01T22:21:37.820649Z"}, {"uuid": "103c8892-25e5-4145-96c0-4fd6b5c5de2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46988", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10025", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-46988\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Directory Traversal vulnerability in ONLYOFFICE Document Server v.7.5.0 and before allows a remote attacker to obtain sensitive information via a crafted file upload.\n\ud83d\udccf Published: 2025-04-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-01T21:39:10.806Z\n\ud83d\udd17 References:\n1. https://medium.com/@mihat2/onlyoffice-document-server-path-traversal-fdd573fec291", "creation_timestamp": "2025-04-01T22:32:46.000000Z"}, {"uuid": "813d9d9b-e52d-450d-bcfe-fa70681b85f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46988", "type": "seen", "source": "https://t.me/cvedetector/21827", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-46988 - ONLYOFFICE Document Server File Path Traversal Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2023-46988 \nPublished : April 1, 2025, 10:15 p.m. | 1\u00a0hour, 30\u00a0minutes ago \nDescription : Directory Traversal vulnerability in ONLYOFFICE Document Server v.7.5.0 and before allows a remote attacker to obtain sensitive information via a crafted file upload. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-02T02:26:41.000000Z"}, {"uuid": "3962158c-bc8a-4715-a3ad-695df35c6702", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4698", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8971", "content": "#exploit\n1. CVE-2023-40217:\nBypass TLS handshake on closed sockets\nhttps://github.com/AapoOksman/writeups/tree/master/CVE-2023-40217\n\n2. CVE-2023-4698:\nLFI in usememos/memos <0.13.2\nhttps://github.com/mnqazi/CVE-2023-4698", "creation_timestamp": "2024-12-18T12:00:21.000000Z"}, {"uuid": "f286943f-21f5-48b7-874a-feac066e01aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46987", "type": "seen", "source": "https://t.me/ctinow/170624", "content": "https://ift.tt/KiAC1WO\nCVE-2023-46987 | SeaCMS 12.9 /augap/adminip.php code injection", "creation_timestamp": "2024-01-20T14:16:20.000000Z"}, {"uuid": "fdddf4b3-d566-49c1-93b1-a3aebdde813c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46989", "type": "seen", "source": "https://t.me/ctinow/170344", "content": "https://ift.tt/OmYSb4c\nCVE-2023-46989 | Innovadeluxe Quick Order module up to 1.3.x on PrestaShop productlist.php getProducts sql injection", "creation_timestamp": "2024-01-19T18:47:01.000000Z"}, {"uuid": "601519f0-1143-4694-b23b-24330f19c992", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46987", "type": "seen", "source": "https://t.me/ctinow/160090", "content": "https://ift.tt/9JSNR1d\nCVE-2023-46987", "creation_timestamp": "2023-12-28T16:26:45.000000Z"}, {"uuid": "feccf106-5e9e-4076-9516-41b191d58f4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46989", "type": "seen", "source": "https://t.me/ctinow/159951", "content": "https://ift.tt/3alT1oC\nCVE-2023-46989", "creation_timestamp": "2023-12-28T07:26:25.000000Z"}]}