{"vulnerability": "CVE-2023-2888", "sightings": [{"uuid": "e873d4ca-37f7-4278-ad1c-d78269650239", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2888", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2027", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-2888\n\ud83d\udd39 Description: A vulnerability, which was classified as problematic, was found in PHPOK 6.4.100. This affects an unknown part of the file /admin.php?c=upload&f=zip&_noCache=0.1683794968. The manipulation leads to unrestricted upload. It is possible to initiate the attack remotely. The identifier VDB-229953 was assigned to this vulnerability.\n\ud83d\udccf Published: 2023-05-25T13:00:04.633Z\n\ud83d\udccf Modified: 2025-01-16T19:23:31.840Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.229953\n2. https://vuldb.com/?ctiid.229953\n3. https://gitee.com/phpok/phpok/issues/I72D24", "creation_timestamp": "2025-01-16T19:56:11.000000Z"}, {"uuid": "0d3c1609-4cc8-44e2-a54c-54b97fa07a0b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28883", "type": "seen", "source": "Telegram/mM3I5WeNQfHwdN5SH1Mejf1Avz4NvPZTT7Sloch49783DIjV", "content": "", "creation_timestamp": "2025-02-19T19:13:54.000000Z"}, {"uuid": "77f2308a-b787-4b47-a397-78716b168c3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28882", "type": "seen", "source": "https://t.me/cibsecurity/63023", "content": "\u203c CVE-2023-28882 \u203c\n\nTrustwave ModSecurity 3.0.5 through 3.0.8 before 3.0.9 allows a denial of service (worker crash and unresponsiveness) because some inputs cause a segfault in the Transaction class for some configurations.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-28T07:26:59.000000Z"}, {"uuid": "d8689080-eb05-4f67-8c45-fb4fcd2d9545", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28885", "type": "seen", "source": "Telegram/izcOMuQTj0ZgcgHp-hKNz-_Veb0UGb1SOwoNGj0way6GQEcC", "content": "", "creation_timestamp": "2025-02-19T19:13:54.000000Z"}, {"uuid": "0fabcd8a-5d98-442d-8110-1c57ada3e08f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28882", "type": "seen", "source": "Telegram/VOtY_4UNcchblHsIuIYJMrsDaO3C1qGcYXxac-UUDMuaMJfa", "content": "", "creation_timestamp": "2025-01-30T23:28:04.000000Z"}, {"uuid": "8e1a7b64-da12-4ae0-ab6d-fd0f69c11094", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28885", "type": "seen", "source": "https://t.me/arpsyndicate/529", "content": "#ExploitObserverAlert\n\nCVE-2023-28885\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-28885. The MyLink infotainment system (build 2021.3.26) in General Motors Chevrolet Equinox 2021 vehicles allows attackers to cause a denial of service (temporary failure of Media Player functionality) via a crafted MP3 file.\n\nFIRST-EPSS: 0.000530000\nNVD-IS: 5.9\nNVD-ES: 0.9", "creation_timestamp": "2023-11-24T14:16:12.000000Z"}, {"uuid": "1ae62398-25b8-4637-add2-9a7456bf0f76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-28885", "type": "seen", "source": "https://t.me/arpsyndicate/1651", "content": "#ExploitObserverAlert\n\nCVE-2023-28885\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-28885. The MyLink infotainment system (build 2021.3.26) in General Motors Chevrolet Equinox 2021 vehicles allows attackers to cause a denial of service (temporary failure of Media Player functionality) via a crafted MP3 file.\n\nFIRST-EPSS: 0.000530000\nNVD-IS: 5.9\nNVD-ES: 0.9", "creation_timestamp": "2023-12-10T16:09:27.000000Z"}]}