{"vulnerability": "cve-2023-3149", "sightings": [{"uuid": "81b4fada-a8c7-482b-ad5f-0019698c209b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31493", "type": "seen", "source": "https://t.me/cvedetector/7924", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-31493 - ZoneMinder Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2023-31493 \nPublished : Oct. 15, 2024, 3:15 p.m. | 29\u00a0minutes ago \nDescription : RCE (Remote Code Execution) exists in ZoneMinder through 1.36.33 as an attacker can create a new .php log file in language folder, while executing a crafted payload and escalate privileges allowing execution of any commands on the remote system. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-15T17:46:36.000000Z"}, {"uuid": "dbf158a7-0dec-4d1d-ba6b-58a4fd3b981c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31492", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/1082", "content": "CVE-2023-31492: Zoho ManageEngine ADManager Plus Build 7180 - \u0627\u0641\u0634\u0627\u06cc \u0631\u0645\u0632 \u0639\u0628\u0648\u0631 \u0628\u0627\u0632\u06cc\u0627\u0628\u06cc - ZVE-2023-0176\n\u0627\u062b\u0628\u0627\u062a \u0645\u0641\u0647\u0648\u0645: https://github.com/passtheticket/vulnerability-research/blob/main/manage-engine-apps/admanager-recovery-password-disclosure.md\n\nCVE-2023-31492 : Zoho ManageEngine ADManager Plus Build 7180 - Recovery Password Disclosure - ZVE-2023-0176\nPOC : https://github.com/passtheticket/vulnerability-research/blob/main/manage-engine-apps/admanager-recovery-password-disclosure.md", "creation_timestamp": "2024-05-08T13:26:12.000000Z"}, {"uuid": "8ee076f9-1bcc-4ce2-ac83-97a91ba3f04d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31497", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4339", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aExploit for elevation of privilege vulnerability in QuickHeal's Seqrite EPS (CVE-2023-31497).\nURL\uff1ahttps://github.com/0xInfection/EPScalate\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-05-13T05:15:56.000000Z"}, {"uuid": "1dc67ea3-32e1-460c-9d6d-b6be35e017eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31497", "type": "seen", "source": "https://t.me/cibsecurity/63924", "content": "\u203c CVE-2023-31497 \u203c\n\nIncorrect access control in Quick Heal Technologies Limited Seqrite Endpoint Security (EPS) all versions prior to v8.0 allows attackers to escalate privileges to root via supplying a crafted binary to the target system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-12T00:15:40.000000Z"}, {"uuid": "c1dfdf7c-a39a-443f-8670-93e413c5ac90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31490", "type": "seen", "source": "https://t.me/cibsecurity/63639", "content": "\u203c CVE-2023-31490 \u203c\n\nAn issue found in Frrouting bgpd v.8.4.2 allows a remote attacker to cause a denial of service via the bgp_attr_psid_sub() function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-09T20:38:54.000000Z"}, {"uuid": "8bce4254-cee9-4721-a99d-a6493d726245", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-31492", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9971", "content": "#exploit\n1. CVE-2023-47218:\nQNAP QTS/QuTS Hero Unauthenticated Command Injection\nhttps://www.rapid7.com/blog/post/2024/02/13/cve-2023-47218-qnap-qts-and-quts-hero-unauthenticated-command-injection-fixed\n\n2. POC Pdf-exploit builder on C#\nhttps://github.com/K3rnel-Dev/pdf-exploit\n\n3. CVE-2023-31492:\nManageEngine ADManager Plus Recovery Password Disclosure\nhttps://docs.unsafe-inline.com/0day/manageengine-admanager-plus-build-less-than-7183-recovery-password-disclosure-cve-2023-31492", "creation_timestamp": "2024-02-14T22:24:47.000000Z"}]}