{"vulnerability": "CVE-2023-2363", "sightings": [{"uuid": "29a8ea9f-6bd4-477c-b120-0473b668faff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23638", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4331", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aApache Dubbo (CVE-2023-23638)\u6f0f\u6d1e\u5229\u7528\u7684\u5de5\u7a0b\u5316\u5b9e\u8df5\nURL\uff1ahttps://github.com/YYHYlh/Apache-Dubbo-CVE-2023-23638-exp\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-05-11T06:29:58.000000Z"}, {"uuid": "b6330bce-c966-4694-b785-99184fd089f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23638", "type": "published-proof-of-concept", "source": "Telegram/qjFv099hP67tEfFQ9L3OMZBOe80KsNV5h-QT3wc2XpRWSzc", "content": "", "creation_timestamp": "2023-03-17T16:21:29.000000Z"}, {"uuid": "b0e3a464-abc9-4848-a252-5b104b873cb5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23632", "type": "seen", "source": "https://t.me/cibsecurity/72201", "content": "\u203c CVE-2023-23632 \u203c\n\nBeyondTrust Privileged Remote Access (PRA) versions 22.2.x to 22.4.x are vulnerable to a local authentication bypass. Attackers can exploit a flawed secret verification process in the BYOT shell jump sessions, allowing unauthorized access to jump items by guessing only the first character of the secret.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-13T00:23:23.000000Z"}, {"uuid": "5a622ce9-925a-4fe3-b7fc-ce4acaa533ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23638", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/3591", "content": "https://www.crackcodes.in/2023/06/CVE-2023-23638%20Exploit.html?m=1", "creation_timestamp": "2023-06-01T18:30:31.000000Z"}, {"uuid": "742628fa-b434-4c1a-ad54-33038b6ce5a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23634", "type": "seen", "source": "https://t.me/ctinow/170658", "content": "https://ift.tt/Z9CzykD\nCVE-2023-23634 | Documize 5.4.2 /api/dashboard/activity user sql injection (usd-2022-0066)", "creation_timestamp": "2024-01-20T15:46:11.000000Z"}, {"uuid": "35d290fd-26a6-4f0f-847d-69c48d05255f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23637", "type": "seen", "source": "https://t.me/cibsecurity/56628", "content": "\u203c CVE-2023-23637 \u203c\n\nIMPatienT before 1.5.2 allows stored XSS via onmouseover in certain text fields within a PATCH /modify_onto request to the ontology builder. This may allow attackers to steal Protected Health Information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-18T00:15:31.000000Z"}, {"uuid": "d66e5321-c81b-4f71-9300-9eda47793703", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23638", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8095", "content": "#exploit\n1. CVE-2023-1219/CVE-2023-1220:\nChrome suffers from a heap buffer overflow vulnerability in base::debug::ActivityUserData::ActivityUserData / base::SampleVectorBase::MoveSingleSampleToCounts\nhttps://packetstormsecurity.com/files/171795/Chrome-base-debug-ActivityUserData-ActivityUserData-Heap-Buffer-Overflow.html\nhttps://packetstormsecurity.com/files/171796/Chrome-base-SampleVectorBase-MoveSingleSampleToCounts-Heap-Buffer-Overflow.html\n\n2. CVE-2023-23638:\nApache dubbo deserialization vulnerability\nhttps://xz.aliyun.com/t/12396", "creation_timestamp": "2023-04-11T12:36:54.000000Z"}, {"uuid": "c7770c9a-8674-4619-a30c-adb5f7d58f9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23638", "type": "seen", "source": "Telegram/zyh2j7QPoGimdfNrucDW8nGVJvwQaa6_ybAaByh8mMfpDfE", "content": "", "creation_timestamp": "2023-03-08T16:18:04.000000Z"}, {"uuid": "c63f252a-b15d-4f4e-a4dd-c0cf5cc52a66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23638", "type": "published-proof-of-concept", "source": "https://t.me/jokerplstaeen/17577", "content": "\u200b\u200bCVE-2023-23638\n\nApache Dubbo Vulnerability Exploitation Engineering Practice, covering Dubbo 3.x from service discovery to vulnerability exploitation and reverse display. \n\nhttps://github.com/YYHYlh/Apache-Dubbo-CVE-2023-23638-exp\n\n#cve #poc #cybersecurity #infosec", "creation_timestamp": "2023-06-01T20:44:17.000000Z"}, {"uuid": "9068098f-77f7-4a64-8a26-58a614c53724", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23638", "type": "seen", "source": "https://t.me/cibsecurity/59662", "content": "\u203c CVE-2023-23638 \u203c\n\nA deserialization vulnerability existed when dubbo generic invoke, which could lead to malicious code execution. This issue affects Apache Dubbo 2.7.x version 2.7.21 and prior versions; Apache Dubbo 3.0.x version 3.0.13 and prior versions; Apache Dubbo 3.1.x version 3.1.5 and prior versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-08T14:23:12.000000Z"}, {"uuid": "8f2ae1da-0917-40a5-89a0-736d92adfa19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23638", "type": "seen", "source": "https://t.me/webpwn/356", "content": "\u041a\u043e\u0440\u043e\u0447, Apache Dubbo \u2014 \u044d\u0442\u043e \u0442\u0430\u043a\u0430\u044f \u0448\u0442\u0443\u043a\u0430, \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u0447\u0430\u0441\u0442\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u0435\u0442\u0441\u044f \u0434\u043b\u044f \u0445\u0430\u0439\u043b\u043e\u0430\u0434\u0430, \u0440\u044f\u0434\u043e\u043c. \u0420\u0430\u0437\u0440\u0430\u0431\u043e\u0442\u0447\u0438\u043a\u0438 \u0433\u043e\u0432\u043e\u0440\u044f\u0442, \u0447\u0442\u043e \u0443\u043c\u0435\u0435\u0442 \u043f\u043e\u043c\u0438\u043c\u043e RPC \u0435\u0449\u0435 \u0438 \u0432 WEB, \u043f\u043e\u044d\u0442\u043e\u043c\u0443 \u0434\u0430\u0432\u0430\u0439\u0442\u0435 \u043d\u0430 \u043d\u0435\u043c \u0434\u0435\u043b\u0430\u0442\u044c \u043c\u0438\u043a\u0440\u043e\u0441\u0435\u0440\u0432\u0438\u0441\u044b, \u043d\u043e \u044f \u043e\u0441\u043e\u0431\u043e \u0438\u0445 \u043d\u0435 \u0432\u0438\u0434\u0435\u043b (\u043c\u043e\u0436\u0435\u0442 \u043d\u0435 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0439 \u0432 \u0421\u041d\u0413). \u0410 \u0435\u0449\u0435 \u043d\u0430 \u043c\u0438\u043d\u0443\u0442\u043e\u0447\u043a\u0443, \u044d\u0442\u043e \u043e\u0434\u0438\u043d \u0438\u0437 \u0441\u0430\u043c\u044b\u0445 \u043f\u043e\u043f\u0443\u043b\u044f\u0440\u043d\u044b\u0445 \u043f\u0440\u043e\u0435\u043a\u0442\u043e\u0432 \u043d\u0430 github (~40k \u0437\u0432\u0435\u0437\u0434 \u043d\u0430 \u043c\u043e\u043c\u0435\u043d\u0442 \u043d\u0430\u043f\u0438\u0441\u0430\u043d\u0438\u044f).\n\n\u041f\u043e\u0440\u0442 28080, \u043f\u043e\u043b\u0435\u0437\u0435\u043d \u0441\u0430\u043c \u043f\u043e \u0441\u0435\u0431\u0435, \u0442\u0430\u043a \u043a\u0430\u043a \u0447\u0435\u0440\u0435\u0437 \u043d\u0435\u0433\u043e \u043c\u043e\u0436\u043d\u043e \u043f\u043e\u0441\u043c\u043e\u0442\u0440\u0435\u0442\u044c \u0432\u0441\u0435 \u043a\u043b\u0430\u0441\u0441\u044b \u0438 \u043c\u0435\u0442\u043e\u0434\u044b, \u0438 \u0447\u0430\u0441\u0442\u043e \u0434\u0430\u0451\u0442 RCE. \u041d\u0430\u043f\u0440\u0438\u043c\u0435\u0440 \u0438\u0437 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0435\u0433\u043e CVE-2023-23638, \u0438\u043b\u0438 \u0447\u0443\u0442\u044c \u0441\u0442\u0430\u0440\u0435\u0435.\n\n&gt;", "creation_timestamp": "2024-02-29T17:05:18.000000Z"}, {"uuid": "a78459a2-ac0b-43a7-b370-cde7aa15dba6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23638", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/604", "content": "https://github.com/YYHYlh/Apache-Dubbo-CVE-2023-23638-exp\nApache-Dubbo\n#github  #Java", "creation_timestamp": "2023-06-01T16:13:55.000000Z"}, {"uuid": "6f4fcbaa-9839-4f85-a145-73982d46d741", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23638", "type": "published-proof-of-concept", "source": "https://t.me/poxek/2855", "content": "Apache-Dubbo-CVE-2023-23638-exp-main.zip", "creation_timestamp": "2023-05-12T03:26:39.000000Z"}, {"uuid": "45f80d11-45f0-44d2-a16f-0e5ab52a8f00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23638", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3073", "content": "Tools - Hackers Factory \n\nCVE-2023-3009\n\nStored #XSS on item name - Bypassing CVE-2023-2516 in TeamPass &lt; 3.0.9 - by M Nadeem Qazi.\n\nhttps://github.com/mnqazi/CVE-2023-3009\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bApplywdac \n\nPowerShell script for applying WDAC policies.\n\nhttps://github.com/vu-ls/applywdac\n\n#cybersecurity #infosec\n\n\u200b\u200bfake-useragent\n\nUp-to-date simple useragent faker with real world database.\n\nhttps://github.com/fake-useragent/fake-useragent\n\n#cybersecurity #infosec #privacy\n\n\u200b\u200bProxiFyre \n\nAdvanced SOCKS5 Routing Solution for Windows.\n\nhttps://github.com/wiresock/socksify\n\n#cybersecurity #infosec #privacy\n\n\u200b\u200bThe DEF CON CTF 2023 Qualifier\n\nThis repository contains the open source release for Nautilus Institute's 2023 DEF CON CTF qualifier.\n\nhttps://github.com/Nautilus-Institute/quals-2023\n\n#cybersecurity #infosec\n\n\u200b\u200bWordlists\n\nReal-world infosec wordlists, updated regularly! These wordlists are based on the source code of the CMSes/servers/frameworks listed here. The current wordlists include:\n\n\u2022 Wordpress\n\u2022 Joomla\n\u2022 Drupal\n\u2022 Magento\n\u2022 Ghost\n\u2022 Tomcat\n\nhttps://github.com/trickest/wordlists\n\n#infosec #pentesting #bugbounty\n\n\u200b\u200bNanorobeus\n\nCOFF file (BOF) for managing #Kerberos tickets.\n\nhttps://github.com/wavvs/nanorobeus\n\n#infosec #pentesting #redteam\n\n\u200b\u200bCVE-2023-23638\n\nApache Dubbo Vulnerability Exploitation Engineering Practice, covering Dubbo 3.x from service discovery to vulnerability exploitation and reverse display. \n\nhttps://github.com/YYHYlh/Apache-Dubbo-CVE-2023-23638-exp\n\n#cve #poc #cybersecurity #infosec\n\n\u200b\u200bEPI\n\nProcess injection through entry points hijacking.\n\nhttps://github.com/Kudaes/EPI\n\n#infosec #pentesting #redteam\n\n\u200b\u200bCRTER\n\nA command-line tool for fetching subdomains using the CRT.SH certificate search engine. It allows you to provide a list of domain names or fully-qualified domain names (FQDNs) and retrieve the associated subdomains. The tool fetches the subdomains from CRT.SH and saves them to an output file.\n\nhttps://github.com/Micro0x00/CRTER\n\n#infosec #pentesting #bugbounty\n\n\u200b\u200bHALA\n\nHALA offers a powerful capability that enables you to identify reflected parameters within the response, providing valuable assistance in your testing and hacking endeavors.\n\nhttps://github.com/whalebone7/Hala\n\n#cybersecurity #infosec\n\nhttps://t.me/dilagrafie\nhttps://t.me/HackerFactory", "creation_timestamp": "2023-06-02T09:34:10.000000Z"}, {"uuid": "8cd6ccc8-0c0d-47d9-ae64-e6fdaeae8cb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23638", "type": "published-proof-of-concept", "source": "Telegram/aRAX0Qf5H8Fc8A9FZ5Qjrtiasmv9syVVzZ-16DoeDNNORg", "content": "", "creation_timestamp": "2023-06-01T18:31:45.000000Z"}, {"uuid": "20b00224-60f9-4888-9119-9a04afd746d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23638", "type": "published-proof-of-concept", "source": "Telegram/S9M5_Cj10SIZvIDK-oq7aw7sMza78OOmcg_MbOnhcmr66hM", "content": "", "creation_timestamp": "2023-07-12T11:01:34.000000Z"}, {"uuid": "2dd6219d-27d9-4d6b-87c4-cd0465faa895", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23638", "type": "published-proof-of-concept", "source": "Telegram/oezBCzhMAzT_48YIeTFwAxrziCdwcunM2hYmrq2oi6Z5sr0", "content": "", "creation_timestamp": "2023-07-25T14:28:05.000000Z"}, {"uuid": "b15ed66a-8b66-4605-88c8-dad3280d5a71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23634", "type": "seen", "source": "https://t.me/cibsecurity/73907", "content": "\u203c\ufe0fCVE-2023-23634\u203c\ufe0f\n\nSQL Injection vulnerability in Documize version 5.4.2, allows remote attackers to execute arbitrary code via the user parameter of the apidashboardactivity endpoint.\n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2023-12-30T01:35:11.000000Z"}, {"uuid": "13f5b8c1-621c-4726-b10f-7407ca39fb43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23634", "type": "seen", "source": "https://t.me/ctinow/160375", "content": "https://ift.tt/QmNVs4e\nCVE-2023-23634", "creation_timestamp": "2023-12-29T08:26:51.000000Z"}, {"uuid": "442a520c-0dd3-4791-aeec-694743b3c8c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23634", "type": "seen", "source": "https://t.me/ctinow/163603", "content": "https://ift.tt/Mdz9Tyu\nCVE-2023-23634 Exploit", "creation_timestamp": "2024-01-05T17:16:24.000000Z"}, {"uuid": "1d87f10d-81ff-40de-b358-086868b8b3df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2363", "type": "seen", "source": "https://t.me/cibsecurity/63034", "content": "\u203c CVE-2023-2363 \u203c\n\nA vulnerability, which was classified as critical, has been found in SourceCodester Resort Reservation System 1.0. This issue affects some unknown processing of the file view_room.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-227639.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-28T14:27:10.000000Z"}, {"uuid": "c5badbd4-22c9-4e02-8336-b1d4af5fb13f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23636", "type": "seen", "source": "https://t.me/cibsecurity/57442", "content": "\u203c CVE-2023-23636 \u203c\n\nIn Jellyfin 10.8.x through 10.8.3, the name of a playlist is vulnerable to stored XSS. This allows an attacker to steal access tokens from the localStorage of the victim.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-03T07:25:35.000000Z"}, {"uuid": "77437795-c343-4d4c-b39a-03782b85da5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23635", "type": "seen", "source": "https://t.me/cibsecurity/57433", "content": "\u203c CVE-2023-23635 \u203c\n\nIn Jellyfin 10.8.x through 10.8.3, the name of a collection is vulnerable to stored XSS. This allows an attacker to steal access tokens from the localStorage of the victim.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-03T07:25:20.000000Z"}, {"uuid": "bc309b06-baf0-428b-9e9e-63a7f8054b59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23630", "type": "seen", "source": "https://t.me/cibsecurity/57243", "content": "\u203c CVE-2023-23630 \u203c\n\nEta is an embedded JS templating engine that works inside Node, Deno, and the browser. XSS attack - anyone using the Express API is impacted. The problem has been resolved. Users should upgrade to version 2.0.0. As a workaround, don't pass user supplied things directly to `res.render`.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-01T07:13:55.000000Z"}, {"uuid": "a594921f-1422-4136-81ea-d993e9396a67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-23638", "type": "published-proof-of-concept", "source": "https://t.me/ckeArsenal/97", "content": "https://github.com/YYHYlh/Apache-Dubbo-CVE-2023-23638-exp\nApache-Dubbo\n#github  #Java", "creation_timestamp": "2024-12-21T15:48:50.000000Z"}]}