{"vulnerability": "CVE-2023-3911", "sightings": [{"uuid": "334668cb-f82a-4e26-ab0c-f7b56c13adb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-39112", "type": "seen", "source": "https://t.me/cibsecurity/67774", "content": "\u203c CVE-2023-39112 \u203c\n\nECShop v4.1.16 contains an arbitrary file deletion vulnerability in the Admin Panel.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-04T20:41:04.000000Z"}, {"uuid": "46378e74-b22f-4945-a82e-ef9aecb971a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-39113", "type": "seen", "source": "https://t.me/cibsecurity/67626", "content": "\u203c CVE-2023-39113 \u203c\n\nngiflib commit fb271 was discovered to contain a segmentation violation via the function \"main\" at gif2tag.c. This vulnerability is triggered when running the program gif2tga.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-03T02:44:31.000000Z"}, {"uuid": "c8e1792c-a38f-44b5-a8a5-aed9eca2a23a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-39110", "type": "seen", "source": "https://t.me/cibsecurity/67508", "content": "\u203c CVE-2023-39110 \u203c\n\nrconfig v3.9.4 was discovered to contain a Server-Side Request Forgery (SSRF) via the path parameter at /ajaxGetFileByPath.php. This vulnerability allows authenticated attackers to make arbitrary requests via injection of crafted URLs.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-01T18:38:36.000000Z"}, {"uuid": "4731c2e9-5a2a-4864-9b0d-ed33ce67634c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-3911", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhuloscybb23", "content": "", "creation_timestamp": "2025-02-11T02:16:27.545067Z"}, {"uuid": "43fb8df9-d57d-47a6-9a89-6774bd4ab145", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-39115", "type": "seen", "source": "https://t.me/cibsecurity/68654", "content": "\u203c CVE-2023-39115 \u203c\n\ninstall/aiz-uploader/upload in Campcodes Online Matrimonial Website System Script 3.3 allows XSS via a crafted SVG document.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-16T22:50:46.000000Z"}]}