{"vulnerability": "cve-2023-7159", "sightings": [{"uuid": "1b589ff1-fd64-4f81-a7a4-347ee2a2683d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-7159", "type": "seen", "source": "https://t.me/ctinow/170621", "content": "https://ift.tt/mM6lD8U\nCVE-2023-7159 | gopeak MasterLab up to 3.3.10 app/ctrl/admin/User.php add/update avatar unrestricted upload", "creation_timestamp": "2024-01-20T13:46:06.000000Z"}, {"uuid": "e92dd848-a39f-4f28-92af-26d7a2e45775", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-7159", "type": "seen", "source": "https://t.me/ctinow/160377", "content": "https://ift.tt/MVqrDng\nCVE-2023-7159", "creation_timestamp": "2023-12-29T08:26:54.000000Z"}, {"uuid": "e485bd05-ec0b-4ae2-85ea-9c3f86f583cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2023-7159", "type": "seen", "source": "https://t.me/cibsecurity/73909", "content": "\u203c\ufe0fCVE-2023-7159\u203c\ufe0f\n\nA vulnerability was found in gopeak MasterLab up to 3.3.10. It has been declared as critical. Affected by this vulnerability is the function addupdate of the file appctrladminUser.php. The manipulation of the argument avatar leads to unrestricted upload. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB249181 was assigned to this vulnerability.\n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2023-12-30T01:35:21.000000Z"}]}