{"vulnerability": "cve-2023-4908", "sightings": [{"uuid": "d88eb164-0fd8-4c91-b3b3-7e86665a55e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-49085", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/cacti_pollers_sqli_rce.rb", "content": "", "creation_timestamp": "2024-02-02T17:02:14.000000Z"}, {"uuid": "05c05bac-2c23-4fda-a527-67ec19b496e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-49084", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/cacti_pollers_sqli_rce.rb", "content": "", "creation_timestamp": "2024-02-02T17:02:14.000000Z"}, {"uuid": "835378fc-68fb-4bbe-9b44-e87a13856355", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-49087", "type": "seen", "source": "https://t.me/ctinow/156793", "content": "https://ift.tt/5xOJHhy\nCVE-2023-49087 | SimpleSAMLphp saml2/xml-security XML Signature data authenticity", "creation_timestamp": "2023-12-20T08:02:00.000000Z"}, {"uuid": "bc48f596-50bb-4c10-9ba1-ab9bf3a9ad07", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-4908", "type": "seen", "source": "https://t.me/cibsecurity/70349", "content": "\u203c CVE-2023-4908 \u203c\n\nInappropriate implementation in Picture in Picture in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Low)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-13T00:23:15.000000Z"}, {"uuid": "335d233a-eca4-4c10-8add-781790f21db4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-49089", "type": "seen", "source": "https://t.me/ctinow/162840", "content": "https://ift.tt/tBahzRU\nCVE-2023-49089 | Umbraco CMS up to 8.18.9/10.8.0/12.2.x path traversal (GHSA-6324-52pr-h4p5)", "creation_timestamp": "2024-01-04T08:41:39.000000Z"}, {"uuid": "b5daeded-d75f-4b6c-aaa7-34c740a64867", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-49084", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "093b1015-ba95-4bfe-9358-a1142a40b986", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-49084", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:57.000000Z"}, {"uuid": "35fda1ed-f93f-449f-8abd-528cef48aa45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-49085", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:57.000000Z"}, {"uuid": "a7df92a1-ff6f-4827-8ab4-8b4ac9843431", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-49084", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:02.000000Z"}, {"uuid": "96b4d039-fe83-4d2e-84fc-869eaae21de5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-49085", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:02.000000Z"}, {"uuid": "794aacc9-23b1-44e1-a38a-d6e54fa5a743", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2023-49083", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "2b4f7d22-2c49-41da-a76d-24ecd03c2c1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-49085", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/195", "content": "\ud83c\udf35 Cacti fixed 2 high severity vulnerabilities found by our researcher Aleksey Solovev.\n\n\ud83d\udca5 CVE-2023-49084 \u2013 RCE via managing links;\n\ud83d\udca5 CVE-2023-49085 \u2013 SQLi via managing poller devices.\n\nRead the technical advisories here \u2193 \nhttps://github.com/Cacti/cacti/security", "creation_timestamp": "2023-12-28T12:41:20.000000Z"}, {"uuid": "3dd8c291-1cd9-4e89-a03c-5f111ca83c47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-49084", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/195", "content": "\ud83c\udf35 Cacti fixed 2 high severity vulnerabilities found by our researcher Aleksey Solovev.\n\n\ud83d\udca5 CVE-2023-49084 \u2013 RCE via managing links;\n\ud83d\udca5 CVE-2023-49085 \u2013 SQLi via managing poller devices.\n\nRead the technical advisories here \u2193 \nhttps://github.com/Cacti/cacti/security", "creation_timestamp": "2023-12-28T12:41:20.000000Z"}, {"uuid": "26de8e2c-a749-45f9-8b78-410de8f4a2db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-49082", "type": "seen", "source": "https://t.me/ctinow/155620", "content": "https://ift.tt/0cVvBkm\nCVE-2023-49082 | aio-libs aiohttp crlf injection (GHSA-qvrw-v9rv-5rjx)", "creation_timestamp": "2023-12-17T15:11:48.000000Z"}, {"uuid": "3aac7110-a5ef-4cac-afc2-dabfba708bea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-49081", "type": "seen", "source": "https://t.me/ctinow/155619", "content": "https://ift.tt/yPwzBen\nCVE-2023-49081 | aio-libs aiohttp ClientSession crlf injection (GHSA-q3qx-c6g2-7pw2)", "creation_timestamp": "2023-12-17T15:11:47.000000Z"}, {"uuid": "74d2b2a4-e94b-415c-9460-84b096298848", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-49083", "type": "seen", "source": "https://t.me/ctinow/156829", "content": "https://ift.tt/mRWA8JG\nCVE-2023-49083 | pyca cryptography prior 41.0.6 PKCS7 Certificate null pointer dereference", "creation_timestamp": "2023-12-20T09:42:33.000000Z"}, {"uuid": "28be15e6-442d-497d-9a93-1f1b7421df21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-49087", "type": "seen", "source": "https://t.me/arpsyndicate/4403", "content": "#ExploitObserverAlert\n\nCVE-2023-49087\n\nDESCRIPTION: Exploit Observer has 7 entries in 2 file formats related to CVE-2023-49087. xml-security is a library that implements XML signatures and encryption. Validation of an XML signature requires verification that the hash value of the related XML-document matches a specific DigestValue-value, but also that the cryptographic signature on the SignedInfo-tree (the one that contains the DigestValue) verifies and matches a trusted public key. If an attacker somehow (i.e. by exploiting a bug in PHP's canonicalization function) manages to manipulate the canonicalized version's DigestValue, it would be possible to forge the signature. This issue has been patched in version 1.6.12 and 5.0.0-alpha.13.\n\nFIRST-EPSS: 0.000480000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2024-04-09T19:27:30.000000Z"}, {"uuid": "b30b4ab4-a4d2-4b1a-9e2d-7a12635c5bd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-49088", "type": "seen", "source": "https://t.me/ctinow/160683", "content": "https://ift.tt/ZP0eNH3\nCVE-2023-49088 Exploit", "creation_timestamp": "2023-12-29T21:17:14.000000Z"}, {"uuid": "41c0fdac-9d9d-431e-b8bb-492081e11402", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-49080", "type": "seen", "source": "https://t.me/ctinow/158781", "content": "https://ift.tt/cvw04V3\nCVE-2023-49080 | Jupyter Server 2.11.2 API information exposure (GHSA-h56g-gq9v-vc8r)", "creation_timestamp": "2023-12-23T11:41:48.000000Z"}, {"uuid": "4627b2be-45a3-42a1-b412-8e2fd4de8f94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-49085", "type": "seen", "source": "https://t.me/ctinow/160688", "content": "https://ift.tt/Ku1iAfN\nCVE-2023-49085 Exploit", "creation_timestamp": "2023-12-29T21:17:21.000000Z"}, {"uuid": "59594769-85c1-4faa-8e39-631d0a2e1334", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-49084", "type": "seen", "source": "https://t.me/ctinow/160709", "content": "https://ift.tt/lzROmDI\nCVE-2023-49084 Exploit", "creation_timestamp": "2023-12-29T23:16:42.000000Z"}, {"uuid": "c94b8e45-3184-40ea-aa27-1eca804686b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-49086", "type": "seen", "source": "https://t.me/ctinow/160708", "content": "https://ift.tt/wZYcf9r\nCVE-2023-49086 Exploit", "creation_timestamp": "2023-12-29T23:16:40.000000Z"}, {"uuid": "65157a36-b66d-4fc5-9307-8280f98b3d0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-49088", "type": "seen", "source": "https://t.me/ctinow/158513", "content": "https://ift.tt/KyHxu2d\nCVE-2023-49088", "creation_timestamp": "2023-12-22T18:23:26.000000Z"}, {"uuid": "ab9630fe-0c26-4cbc-82bb-88157bcb9828", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-49085", "type": "seen", "source": "https://t.me/ctinow/158512", "content": "https://ift.tt/8djESFn\nCVE-2023-49085", "creation_timestamp": "2023-12-22T18:23:25.000000Z"}, {"uuid": "46107637-e2c5-4a70-986d-d65e757d85fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-49084", "type": "seen", "source": "https://t.me/ctinow/158070", "content": "https://ift.tt/fPICE1D\nCVE-2023-49084", "creation_timestamp": "2023-12-22T00:22:18.000000Z"}, {"uuid": "d25deda7-6952-421f-858c-ded52641eaf7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-49085", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "53450214-dda8-4c45-a315-be59f7df258c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-49086", "type": "seen", "source": "https://t.me/ctinow/158120", "content": "https://ift.tt/50D6JlP\nCVE-2023-49086", "creation_timestamp": "2023-12-22T01:21:55.000000Z"}]}