{"vulnerability": "CVE-2023-2346", "sightings": [{"uuid": "9e3bac99-94a4-477f-86c1-047db89511c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23461", "type": "seen", "source": "https://t.me/cibsecurity/58270", "content": "\u203c CVE-2023-23461 \u203c\n\nLibpeconv \u00e2\u20ac\u201c access violation, before commit b076013 (30/11/2022).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-15T22:36:49.000000Z"}, {"uuid": "50ec824f-ad3a-46fe-944f-1cc43f763f24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23469", "type": "seen", "source": "https://t.me/cibsecurity/57342", "content": "\u203c CVE-2023-23469 \u203c\n\nIBM ICP4A - Automation Decision Services 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 244504.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-01T22:14:14.000000Z"}, {"uuid": "8ad05d58-31c1-48d7-bcfe-b6e9ff2bf22d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23464", "type": "seen", "source": "https://t.me/cibsecurity/58267", "content": "\u203c CVE-2023-23464 \u203c\n\nMedia CP Media Control Panel latest version. A Permissive Flash Cross-domain Policy may allow information disclosure.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-27T18:27:48.000000Z"}, {"uuid": "8493925e-02fe-4a84-9b20-e67ad0bea1a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23466", "type": "seen", "source": "https://t.me/cibsecurity/58265", "content": "\u203c CVE-2023-23466 \u203c\n\nMedia CP Media Control Panel latest version. Insufficiently protected credential change.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-15T22:36:42.000000Z"}, {"uuid": "b67c4936-2896-4937-a677-0e270a092d1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23462", "type": "seen", "source": "https://t.me/cibsecurity/58276", "content": "\u203c CVE-2023-23462 \u203c\n\nLibpeconv \u00e2\u20ac\u201c integer overflow, before commit 75b1565 (30/11/2022).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-15T22:36:56.000000Z"}, {"uuid": "ce1d4ec0-9a59-4aad-a5e4-a3334396d756", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23467", "type": "seen", "source": "https://t.me/cibsecurity/58274", "content": "\u203c CVE-2023-23467 \u203c\n\nMedia CP Media Control Panel latest version. Reflected XSS possible through unspecified endpoint.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-15T22:36:55.000000Z"}, {"uuid": "fc8a0564-f181-4516-8754-2f78b781d31a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23460", "type": "seen", "source": "https://t.me/cibsecurity/58272", "content": "\u203c CVE-2023-23460 \u203c\n\nPriority Web version 19.1.0.68, parameter manipulation on an unspecified end-point may allow authentication bypass.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-15T22:36:50.000000Z"}, {"uuid": "f42e456f-383c-4d0b-97e5-cddeec410464", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23463", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8074", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-23463\n\ud83d\udd25 CVSS Score: 5.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: Sunell DVR, latest version, Insufficiently Protected Credentials (CWE-522) may be exposed through an unspecified request.\n\ud83d\udccf Published: 2023-02-15T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-19T16:05:49.323Z\n\ud83d\udd17 References:\n1. https://www.gov.il/en/Departments/faq/cve_advisories", "creation_timestamp": "2025-03-19T16:17:51.000000Z"}, {"uuid": "f3ea0d24-3722-4e08-b1cf-8c03ecd7072c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23466", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8079", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-23466\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N)\n\ud83d\udd39 Description: Media CP Media Control Panel latest version. Insufficiently protected credential change.\n\ud83d\udccf Published: 2023-02-15T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-19T16:03:30.823Z\n\ud83d\udd17 References:\n1. https://www.gov.il/en/Departments/faq/cve_advisories", "creation_timestamp": "2025-03-19T16:17:59.000000Z"}, {"uuid": "aa47f816-89b6-4a1f-a174-9ebb209b5336", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23467", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8081", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-23467\n\ud83d\udd25 CVSS Score: 8.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N)\n\ud83d\udd39 Description: Media CP Media Control Panel latest version. Reflected XSS possible through unspecified endpoint.\n\ud83d\udccf Published: 2023-02-15T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-19T16:02:35.148Z\n\ud83d\udd17 References:\n1. https://www.gov.il/en/Departments/faq/cve_advisories", "creation_timestamp": "2025-03-19T16:18:00.000000Z"}, {"uuid": "41462c82-1bf5-45d3-8e26-1a7d968f3ea3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23465", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8077", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-23465\n\ud83d\udd25 CVSS Score: 9.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N)\n\ud83d\udd39 Description: Media CP Media Control Panel latest version. CSRF possible through unspecified endpoint.\n\ud83d\udccf Published: 2023-02-15T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-19T16:03:54.314Z\n\ud83d\udd17 References:\n1. https://www.gov.il/en/Departments/faq/cve_advisories", "creation_timestamp": "2025-03-19T16:17:54.000000Z"}, {"uuid": "34632b52-23e0-4027-a366-8ab51ee66324", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23464", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8075", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-23464\n\ud83d\udd25 CVSS Score: 8.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N)\n\ud83d\udd39 Description: Media CP Media Control Panel latest version. A Permissive Flash Cross-domain Policy may allow information disclosure.\n\ud83d\udccf Published: 2023-02-15T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-19T16:04:49.548Z\n\ud83d\udd17 References:\n1. https://www.gov.il/en/Departments/faq/cve_advisories", "creation_timestamp": "2025-03-19T16:17:52.000000Z"}, {"uuid": "acff27b9-9a60-4502-b85c-3311a75fd815", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23461", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8124", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-23461\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Libpeconv \u2013 access violation, before commit b076013 (30/11/2022).\n\ud83d\udccf Published: 2023-02-15T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-19T19:02:39.088Z\n\ud83d\udd17 References:\n1. https://www.gov.il/en/Departments/faq/cve_advisories", "creation_timestamp": "2025-03-19T19:18:18.000000Z"}, {"uuid": "2012df34-9f4d-49b9-b503-2e9f7a63b0cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23460", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8123", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-23460\n\ud83d\udd25 CVSS Score: 9.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N)\n\ud83d\udd39 Description: Priority Web version 19.1.0.68, parameter manipulation on an unspecified end-point may allow authentication bypass.\n\ud83d\udccf Published: 2023-02-15T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-19T19:03:33.525Z\n\ud83d\udd17 References:\n1. https://www.gov.il/en/Departments/faq/cve_advisories", "creation_timestamp": "2025-03-19T19:18:17.000000Z"}, {"uuid": "fd48f815-3ffd-4e38-891a-276831786bfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23469", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/8876", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-23469\n\ud83d\udd25 CVSS Score: 4 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)\n\ud83d\udd39 Description: \nIBM ICP4A - Automation Decision Services 18.0.0, 18.0.1, 18.0.2, 19.0.1, 19.0.2, 19.0.3, 20.0.1, 20.0.2, 20.0.3, 21.0.1, 21.0.2, 21.0.3, 22.0.1, and 22.0.2 allows web pages to be stored locally which can be read by another user on the system. IBM X-Force ID: 244504.\n\n\n\ud83d\udccf Published: 2023-02-01T18:12:22.589Z\n\ud83d\udccf Modified: 2025-03-26T15:08:13.712Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/6857999\n2. https://exchange.xforce.ibmcloud.com/vulnerabilities/244504", "creation_timestamp": "2025-03-26T15:26:26.000000Z"}, {"uuid": "fcf87260-ec57-47b2-86eb-97f2358e8c83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2346", "type": "seen", "source": "https://t.me/cibsecurity/62982", "content": "\u203c CVE-2023-2346 \u203c\n\nA vulnerability was found in SourceCodester Service Provider Management System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/inquiries/view_inquiry.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-227589 was assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-27T18:40:09.000000Z"}]}