{"vulnerability": "cve-2023-3104", "sightings": [{"uuid": "1706217e-56ff-4463-8a23-10e7429f0c2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31047", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4427", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1a\u6f0f\u6d1e\u9a8c\u8bc1\n\u63cf\u8ff0\uff1aDjango\u4fee\u590d\u6587\u4ef6\u4e0a\u4f20\u9a8c\u8bc1\u7ed5\u8fc7\u6f0f\u6d1e\uff08CVE-2023-31047\uff09\u4e0d\u5b8c\u5168\uff0c\u540c\u4e00\u63a5\u53e3\u5904\u53ef\u7ed5\u8fc7\u9a8c\u8bc1\u5bfc\u81f4rce\nURL\uff1ahttps://github.com/hheeyywweellccoommee/Django_rce-nwvba\n\n\u6807\u7b7e\uff1a#\u6f0f\u6d1e\u9a8c\u8bc1", "creation_timestamp": "2023-06-23T01:18:56.000000Z"}, {"uuid": "8d3d10ef-363e-4d4a-b2de-869c0a575534", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31043", "type": "seen", "source": "Telegram/CgUGRHw6M_DW-ikylZhRUedoj_IQ-uJfRm7ITQBBZLP8Wj_Q", "content": "", "creation_timestamp": "2025-02-06T02:41:38.000000Z"}, {"uuid": "f448a4bd-e682-494b-9c2a-459514486307", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31042", "type": "seen", "source": "https://t.me/cibsecurity/71442", "content": "\u203c CVE-2023-31042 \u203c\n\nA flaw exists in FlashBlade Purity whereby an authenticated user with access to FlashBlade\u00e2\u20ac\u2122s object store protocol can impact the availability of the system\u00e2\u20ac\u2122s data access and replication protocols.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-03T02:47:22.000000Z"}, {"uuid": "e6dfac64-3725-4c05-8428-7b0b36ca11b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31041", "type": "seen", "source": "https://t.me/cibsecurity/68443", "content": "\u203c CVE-2023-31041 \u203c\n\nAn issue was discovered in SysPasswordDxe in Insyde InsydeH2O with kernel 5.0 through 5.5. System password information could optionally be stored in cleartext, which might lead to possible information disclosure.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-14T18:24:27.000000Z"}, {"uuid": "bbe5d659-9dcf-4ee1-9cea-43cdd91f385b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31048", "type": "seen", "source": "https://t.me/arpsyndicate/1956", "content": "#ExploitObserverAlert\n\nCVE-2023-31048\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-31048.\n\nFIRST-EPSS: 0.000450000", "creation_timestamp": "2023-12-18T09:38:09.000000Z"}, {"uuid": "2642b736-b0c6-4444-ae9c-fb647e63f525", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31047", "type": "seen", "source": "https://t.me/cibsecurity/63405", "content": "\u203c CVE-2023-31047 \u203c\n\nIn Django 3.2 before 3.2.19, 4.x before 4.1.9, and 4.2 before 4.2.1, it was possible to bypass validation when using one form field to upload multiple files. This multiple upload has never been supported by forms.FileField or forms.ImageField (only the last uploaded file was validated). However, Django's \"Uploading multiple files\" documentation suggested otherwise.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-07T07:41:24.000000Z"}, {"uuid": "afb79179-6907-47b2-af74-b5b2553304c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31046", "type": "seen", "source": "https://t.me/cibsecurity/72581", "content": "\u203c CVE-2023-31046 \u203c\n\nA Path Traversal vulnerability exists in PaperCut NG before 22.1.1 and PaperCut MF before 22.1.1. Under specific conditions, this could potentially allow an attacker to achieve read-only access to the server's filesystem.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-19T19:32:09.000000Z"}, {"uuid": "3b558231-253e-4985-8f3d-f59b09e1e953", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31043", "type": "seen", "source": "https://t.me/cibsecurity/62673", "content": "\u203c CVE-2023-31043 \u203c\n\nEnterpriseDB EDB Postgres Advanced Server (EPAS) before 14.6.0 logs unredacted passwords in situations where optional parameters are used with CREATE/ALTER USER/GROUP/ROLE, and redacting was configured with edb_filter_log.redact_password_commands. The fixed versions are 10.23.33, 11.18.29, 12.13.17, 13.9.13, and 14.6.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-24T00:38:40.000000Z"}, {"uuid": "111d6972-1d23-47d8-a7ea-4d8e24a51cd3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2023-31044", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mg6lcqyppz2d", "content": "", "creation_timestamp": "2026-03-03T20:12:10.137205Z"}]}