{"vulnerability": "cve-2023-3506", "sightings": [{"uuid": "1b9d683f-847d-4654-b39a-89dab82f8213", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2023-35061", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "24494943-827a-434a-b08a-5f869ddad614", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35068", "type": "seen", "source": "https://t.me/cibsecurity/69880", "content": "\u203c CVE-2023-35068 \u203c\n\nImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in BMA Personnel Tracking System allows SQL Injection.This issue affects Personnel Tracking System: before 20230904.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-05T22:16:42.000000Z"}, {"uuid": "5e887edb-3e50-4143-882b-f448147f294c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35069", "type": "seen", "source": "https://t.me/cibsecurity/66634", "content": "\u203c CVE-2023-35069 \u203c\n\nImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Bullwark allows Path Traversal.This issue affects Bullwark: before BLW-2016E-960H.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-13T12:36:21.000000Z"}, {"uuid": "e09adea8-99c8-45ca-8f04-04287d9580b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35060", "type": "seen", "source": "https://t.me/ctinow/201341", "content": "https://ift.tt/Qic25zg\nCVE-2023-35060 | Intel Battery Life Diagnostic Tool Software prior 2.3.1 uncontrolled search path (intel-sa-00987)", "creation_timestamp": "2024-03-06T13:41:11.000000Z"}, {"uuid": "bcd9112b-7492-41f4-855f-39aa01d78948", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35061", "type": "seen", "source": "https://t.me/ctinow/201340", "content": "https://ift.tt/VwNZpar\nCVE-2023-35061 | Intel PROSet/Wireless WiFi/Killer WiFi prior 22.240 information disclosure (intel-sa-00947)", "creation_timestamp": "2024-03-06T13:41:10.000000Z"}, {"uuid": "5c5ecdd0-e83c-4945-ae56-44596ec2d3b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-3506", "type": "seen", "source": "https://t.me/cibsecurity/65941", "content": "\u203c CVE-2023-3506 \u203c\n\nA vulnerability was found in Active It Zone Active eCommerce CMS 6.5.0. It has been declared as problematic. This vulnerability affects unknown code of the file /ecommerce/support_ticket of the component Create Ticket Page. The manipulation of the argument details with the input alert(1) leads to cross site scripting. The attack can be initiated remotely. VDB-232954 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-04T20:39:36.000000Z"}, {"uuid": "d0eb9618-28a5-4cb9-b184-92fc227c93db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35067", "type": "seen", "source": "https://t.me/cibsecurity/67215", "content": "\u203c CVE-2023-35067 \u203c\n\nPlaintext Storage of a Password vulnerability in Infodrom Software E-Invoice Approval System allows Read Sensitive Strings Within an Executable.This issue affects E-Invoice Approval System: before v.20230701.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-25T12:28:08.000000Z"}, {"uuid": "6feb8823-67fc-4d79-aeca-a99929556d59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35066", "type": "seen", "source": "https://t.me/cibsecurity/67210", "content": "\u203c CVE-2023-35066 \u203c\n\nImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Infodrom Software E-Invoice Approval System allows SQL Injection.This issue affects E-Invoice Approval System: before v.20230701.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-25T12:28:00.000000Z"}, {"uuid": "08b50a76-73fc-4be7-acd7-4013350bcbd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35065", "type": "seen", "source": "https://t.me/cibsecurity/69891", "content": "\u203c CVE-2023-35065 \u203c\n\nImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Osoft Paint Production Management allows SQL Injection.This issue affects Paint Production Management: before 2.1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-05T22:16:58.000000Z"}, {"uuid": "963b1ab5-dc80-432a-8452-ffd8f69427e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35060", "type": "seen", "source": "https://t.me/ctinow/184804", "content": "https://ift.tt/8p76UQA\nCVE-2023-35060", "creation_timestamp": "2024-02-14T17:02:57.000000Z"}, {"uuid": "a52e771e-2c16-44e0-a41d-bb11c3a2fc0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35062", "type": "seen", "source": "https://t.me/ctinow/184806", "content": "https://ift.tt/zdUa68P\nCVE-2023-35062", "creation_timestamp": "2024-02-14T17:02:59.000000Z"}, {"uuid": "eab51383-b5c5-429e-a767-9c11c4431aeb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35061", "type": "seen", "source": "https://t.me/ctinow/184805", "content": "https://ift.tt/b1PI26g\nCVE-2023-35061", "creation_timestamp": "2024-02-14T17:02:58.000000Z"}, {"uuid": "2ede304f-e91e-4ec5-9b84-e9f12b7e9107", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-35064", "type": "seen", "source": "https://t.me/cibsecurity/65162", "content": "\u203c CVE-2023-35064 \u203c\n\nImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Satos Satos Mobile allows SQL Injection through SOAP Parameter Tampering.This issue affects Satos Mobile: before 20230607.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-13T18:15:41.000000Z"}]}