{"vulnerability": "cve-2023-2998", "sightings": [{"uuid": "eea0522c-e0cf-44ce-bb09-b15bb04f4065", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-2998", "type": "seen", "source": "https://t.me/cibsecurity/64803", "content": "\u203c CVE-2023-2998 \u203c\n\nCross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.14.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-31T07:24:08.000000Z"}, {"uuid": "ad5703c3-ba27-4bf9-bb59-e5b9ffbded42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-29984", "type": "seen", "source": "https://t.me/cibsecurity/66450", "content": "\u203c CVE-2023-29984 \u203c\n\nNull pointer dereference vulnerability exists in multiple vendors MFPs and printers which implement Debut web server 1.2 or 1.3. Processing a specially crafted request may lead an affected product to a denial-of-service (DoS) condition. As for the affected products/models/versions, see the detailed information provided by each vendor.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-12T00:29:49.000000Z"}, {"uuid": "5381f73f-76a8-436c-8ea0-b65ccf4f7143", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-29985", "type": "seen", "source": "https://t.me/cibsecurity/64362", "content": "\u203c CVE-2023-29985 \u203c\n\nSourcecodester Student Study Center Desk Management System v1.0 admin\\reports\\index.php#date_from has a SQL Injection vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-18T07:31:59.000000Z"}, {"uuid": "cf03aef8-7696-47ce-8790-bec7800e5038", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-29983", "type": "seen", "source": "https://t.me/cibsecurity/64004", "content": "\u203c CVE-2023-29983 \u203c\n\nCross Site Scripting vulnerability found in Maximilian Vogt cmaps v.8.0 allows a remote attacker to execute arbitrary code via the auditlog tab in the admin panel.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-12T14:27:02.000000Z"}, {"uuid": "1d7a89fa-b357-490e-a087-01fd935bd48f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-29986", "type": "seen", "source": "https://t.me/cibsecurity/63855", "content": "\u203c CVE-2023-29986 \u203c\n\nspring-boot-actuator-logview 0.2.13 allows Directory Traversal to sibling directories via LogViewEndpoint.view.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-11T07:14:57.000000Z"}, {"uuid": "291d30a4-397e-4340-a69a-0da0efc092e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-29985", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2586", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-29985\n\ud83d\udd39 Description: Sourcecodester Student Study Center Desk Management System v1.0 admin\\reports\\index.php#date_from has a SQL Injection vulnerability.\n\ud83d\udccf Published: 2023-05-18T00:00:00\n\ud83d\udccf Modified: 2025-01-22T16:20:00.612Z\n\ud83d\udd17 References:\n1. https://liaorj.github.io/2023/03/17/admin-reports-date-from-has-sql-injection-vulnerability/#more", "creation_timestamp": "2025-01-22T17:02:00.000000Z"}]}