{"vulnerability": "cve-2023-4101", "sightings": [{"uuid": "68b01037-91ef-408d-9c94-1d6f55780e27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41011", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m3npnfjwck2v", "content": "", "creation_timestamp": "2025-10-20T21:02:31.538611Z"}, {"uuid": "a31eb4c7-c1fa-49ab-82cd-9df7c809e322", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41014", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8960", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-41014\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: code-projects.org Online Job Portal 1.0 is vulnerable to SQL Injection via the Username parameter for \"Employer.\"\n\ud83d\udccf Published: 2024-03-07T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-26T20:11:11.451Z\n\ud83d\udd17 References:\n1. https://github.com/ASR511-OO7/CVE-2023-41014/blob/main/CVE-28", "creation_timestamp": "2025-03-26T20:25:50.000000Z"}, {"uuid": "9fec44f8-8b32-4eb4-a302-e567f8b9b1c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41010", "type": "seen", "source": "https://t.me/cibsecurity/70533", "content": "\u203c CVE-2023-41010 \u203c\n\nInsecure Permissions vulnerability in Sichuan Tianyi Kanghe Communication Co., Ltd China Telecom Tianyi Home Gateway v.TEWA-700G allows a local attacker to obtain sensitive information via the default password parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-14T22:41:01.000000Z"}, {"uuid": "e8cd8737-6a9a-4bcd-86b6-19fac8ef7e90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41013", "type": "seen", "source": "https://t.me/cibsecurity/70283", "content": "\u203c CVE-2023-41013 \u203c\n\nCross Site Scripting (XSS) in Webmail Calendar in IceWarp 10.3.1 allows remote attackers to inject arbitrary web script or HTML via the \"p4\" field.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-12T16:22:57.000000Z"}, {"uuid": "1dabd5f9-6767-4afa-b8c8-d9e8458dc3f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-4101", "type": "seen", "source": "https://t.me/cibsecurity/71497", "content": "\u203c CVE-2023-4101 \u203c\n\nThe QSige login SSO does not have an access control mechanism to verify whether the user requesting a resource has sufficient permissions to do so. As a prerequisite, it is necessary to log into the application.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-03T16:41:22.000000Z"}, {"uuid": "6f7acfe3-d473-45fe-bc9f-7c0ac6456c2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41015", "type": "seen", "source": "https://t.me/ctinow/202255", "content": "https://ift.tt/tJXbcBh\nCVE-2023-41015", "creation_timestamp": "2024-03-07T10:26:58.000000Z"}, {"uuid": "a9a33249-cceb-4a04-ad72-062fd11a3452", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41014", "type": "seen", "source": "https://t.me/ctinow/202254", "content": "https://ift.tt/eLObV0K\nCVE-2023-41014", "creation_timestamp": "2024-03-07T10:26:57.000000Z"}, {"uuid": "ac447335-a0bd-4676-aa82-7731255f1441", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41014", "type": "seen", "source": "https://t.me/ctinow/202268", "content": "https://ift.tt/eLObV0K\nCVE-2023-41014", "creation_timestamp": "2024-03-07T10:27:13.000000Z"}, {"uuid": "bf7294b9-fb90-4d3a-9010-43c40aa781c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-41012", "type": "seen", "source": "https://t.me/cibsecurity/69867", "content": "\u203c CVE-2023-41012 \u203c\n\nAn issue in China Mobile Communications China Mobile Intelligent Home Gateway v.HG6543C4 allows a remote attacker to execute arbitrary code via the authentication mechanism.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-05T20:17:15.000000Z"}]}