{"vulnerability": "CVE-2023-3018", "sightings": [{"uuid": "5578b449-524c-469b-a4fd-4f6fde58cc71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-30189", "type": "seen", "source": "https://t.me/cibsecurity/64266", "content": "\u203c CVE-2023-30189 \u203c\n\nPrestashop posstaticblocks <= 1.0.0 is vulnerable to SQL Injection via posstaticblocks::getPosCurrentHook().\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-17T00:32:33.000000Z"}, {"uuid": "a84e5c12-7a1d-44e8-a8e4-6b5b50de4e29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-30185", "type": "seen", "source": "https://t.me/cibsecurity/63409", "content": "\u203c CVE-2023-30185 \u203c\n\nCRMEB v4.4 to v4.6 was discovered to contain an arbitrary file upload vulnerability via the component \\attachment\\SystemAttachmentServices.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-26T18:57:36.000000Z"}, {"uuid": "a2060d20-1248-4a8e-a919-4e3070ef3f25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-30183", "type": "seen", "source": "https://t.me/cibsecurity/63055", "content": "\u203c CVE-2023-30183 \u203c\n\nWangmarket CMS v4.10 was discovered to contain a SQL injection vulnerability via the component /plugin/dataDictionary/tableView.do?tableName=.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-28T18:27:20.000000Z"}, {"uuid": "c396c3db-1108-41a1-bac7-be50e6dd5134", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-30188", "type": "seen", "source": "https://t.me/cibsecurity/68433", "content": "\u203c CVE-2023-30188 \u203c\n\nMemory Exhaustion vulnerability in ONLYOFFICE Document Server 4.0.3 through 7.3.2 allows remote attackers to cause a denial of service via crafted JavaScript file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-14T16:19:19.000000Z"}, {"uuid": "58b3647c-9782-4f6d-9664-d741d1d70cec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-30187", "type": "seen", "source": "https://t.me/cibsecurity/68432", "content": "\u203c CVE-2023-30187 \u203c\n\nAn out of bounds memory access vulnerability in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote attackers to run arbitrary code via crafted JavaScript file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-14T16:19:18.000000Z"}, {"uuid": "60c427e0-ad77-4a3d-b113-dc82f0f6a21f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-30186", "type": "seen", "source": "https://t.me/cibsecurity/68431", "content": "\u203c CVE-2023-30186 \u203c\n\nA use after free issue discovered in ONLYOFFICE DocumentServer 4.0.3 through 7.3.2 allows remote attackers to run arbitrary code via crafted JavaScript file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-14T16:19:17.000000Z"}, {"uuid": "53f3d7d8-0fb5-4536-a99e-cf62276e415e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-30184", "type": "seen", "source": "https://t.me/cibsecurity/63305", "content": "\u203c CVE-2023-30184 \u203c\n\nA stored cross-site scripting (XSS) vulnerability in Typecho v1.2.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the url parameter at /index.php/archives/1/comment.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-04T20:31:57.000000Z"}]}