{"vulnerability": "CVE-2023-2366", "sightings": [{"uuid": "9caacf00-f416-4204-ae2a-9c0f26c6c6f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2366", "type": "seen", "source": "https://t.me/cibsecurity/63041", "content": "\u203c CVE-2023-2366 \u203c\n\nA vulnerability was found in SourceCodester Faculty Evaluation System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file ajax.php?action=delete_class. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-227642 is the identifier assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-28T16:27:14.000000Z"}, {"uuid": "0dda089a-449c-4d8b-a68a-bbac89e746f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23660", "type": "seen", "source": "https://t.me/cibsecurity/66890", "content": "\u203c CVE-2023-23660 \u203c\n\nAuth. (subscriber+) SQL Injection (SQLi) vulnerability in MainWP MainWP Maintenance Extension plugin <=\u00c2\u00a04.1.1 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-18T16:31:02.000000Z"}, {"uuid": "e8cbc9b9-647a-48f7-9490-608604ab29a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23668", "type": "seen", "source": "https://t.me/cibsecurity/63425", "content": "\u203c CVE-2023-23668 \u203c\n\nAuth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in GiveWP plugin\u00c2\u00a0<= 2.25.1 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-08T16:51:28.000000Z"}, {"uuid": "fce8c6ad-c126-4579-9496-3ae05e1616ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2366", "type": "seen", "source": "https://t.me/arpsyndicate/2438", "content": "#ExploitObserverAlert\n\nCVE-2023-2366\n\nDESCRIPTION: Exploit Observer has 3 entries related to CVE-2023-2366. A vulnerability was found in SourceCodester Faculty Evaluation System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file ajax.php?action=delete_class. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-227642 is the identifier assigned to this vulnerability.\n\nFIRST-EPSS: 0.000630000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2024-01-04T05:52:00.000000Z"}, {"uuid": "b99ebafc-02de-42b0-9bd8-b8d93f1bb891", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23667", "type": "seen", "source": "https://t.me/cibsecurity/64382", "content": "\u203c CVE-2023-23667 \u203c\n\nAuth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in BeRocket Brands for WooCommerce plugin <=\u00c2\u00a03.7.0.6 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-18T14:32:07.000000Z"}, {"uuid": "ff788fb4-7569-415e-9c57-3a493634a132", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23664", "type": "seen", "source": "https://t.me/cibsecurity/63580", "content": "\u203c CVE-2023-23664 \u203c\n\nAuth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in ConvertBox ConvertBox Auto Embed WordPress plugin <=\u00c2\u00a01.0.19 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-09T14:38:27.000000Z"}]}