{"vulnerability": "CVE-2023-2464", "sightings": [{"uuid": "5199cc89-3083-4cf6-9052-195f10aded55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24643", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6749", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-24643\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Judging Management System v1.0 was discovered to contain a SQL injection vulnerability via the sid parameter at /php-jms/updateBlankTxtview.php.\n\ud83d\udccf Published: 2023-03-03T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-06T19:57:50.331Z\n\ud83d\udd17 References:\n1. https://github.com/594238758/mycve/blob/main/judging-management-system/SQLi-3.md", "creation_timestamp": "2025-03-06T20:34:12.000000Z"}, {"uuid": "276648a1-3687-4526-91dd-37bc7c0bad79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24646", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8391", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-24646\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An arbitrary file upload vulnerability in the component /fos/admin/ajax.php of Food Ordering System v2.0 allows attackers to execute arbitrary code via a crafted PHP file.\n\ud83d\udccf Published: 2023-02-13T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-21T18:05:50.454Z\n\ud83d\udd17 References:\n1. https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2023/Food-Ordering-System-v2.0", "creation_timestamp": "2025-03-21T18:19:50.000000Z"}, {"uuid": "5501a904-ded9-4dd6-9dd4-9305dbd3c79a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24648", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8393", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-24648\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Zstore v6.6.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /index.php.\n\ud83d\udccf Published: 2023-02-13T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-21T18:04:11.289Z\n\ud83d\udd17 References:\n1. https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/zippy/zstore-6.6.0", "creation_timestamp": "2025-03-21T18:19:51.000000Z"}, {"uuid": "d77955e7-c28e-4635-96ff-843c463a216e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24647", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8392", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-24647\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Food Ordering System v2.0 was discovered to contain a SQL injection vulnerability via the email parameter.\n\ud83d\udccf Published: 2023-02-13T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-21T18:05:12.770Z\n\ud83d\udd17 References:\n1. https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/oretnom23/2023/Food-Ordering-System-v2.0/SQLi", "creation_timestamp": "2025-03-21T18:19:51.000000Z"}, {"uuid": "7caa3e30-aaa1-4c9f-b077-b1edefe9cc04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24642", "type": "seen", "source": "Telegram/iSALqkl8pZdZ7f1EZHe6UaKi3XRY88I9XcREahvvYyiVTAiv", "content": "", "creation_timestamp": "2025-03-08T04:35:51.000000Z"}, {"uuid": "3e22dc6c-3229-4f96-80f1-68b9ccc4b2e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24641", "type": "seen", "source": "Telegram/LiPKoiuN6sw6UgPM2zVO1t6mYzCFXk7JxAoX5fgukXIC7mjz", "content": "", "creation_timestamp": "2025-03-08T04:35:51.000000Z"}, {"uuid": "900f5e8f-a55d-4e70-813c-28314eda88dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2464", "type": "seen", "source": "https://t.me/cibsecurity/63197", "content": "\u203c CVE-2023-2464 \u203c\n\nInappropriate implementation in PictureInPicture in Google Chrome prior to 113.0.5672.63 allowed an attacker who convinced a user to install a malicious extension to perform an origin spoof in the security UI via a crafted HTML page. (Chromium security severity: Medium)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-03T07:30:49.000000Z"}, {"uuid": "0bf87321-2e52-4d3a-820d-6e2805d71c4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24648", "type": "seen", "source": "https://t.me/cibsecurity/58038", "content": "\u203c CVE-2023-24648 \u203c\n\nZstore v6.6.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /index.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-14T00:30:10.000000Z"}, {"uuid": "705d33c4-2328-42b0-8232-752b1334eba2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24642", "type": "seen", "source": "https://t.me/cibsecurity/59399", "content": "\u203c CVE-2023-24642 \u203c\n\nJudging Management System v1.0 was discovered to contain a SQL injection vulnerability via the sid parameter at /php-jms/updateTxtview.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-03T22:35:20.000000Z"}, {"uuid": "bf92e347-d2e5-45a2-aa8d-493380ad60af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24641", "type": "seen", "source": "https://t.me/cibsecurity/59398", "content": "\u203c CVE-2023-24641 \u203c\n\nJudging Management System v1.0 was discovered to contain a SQL injection vulnerability via the sid parameter at /php-jms/updateview.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-03T22:35:19.000000Z"}, {"uuid": "1961d981-0147-46e4-b3ca-c102fb2defc4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24643", "type": "seen", "source": "https://t.me/cibsecurity/59396", "content": "\u203c CVE-2023-24643 \u203c\n\nJudging Management System v1.0 was discovered to contain a SQL injection vulnerability via the sid parameter at /php-jms/updateBlankTxtview.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-03T22:35:15.000000Z"}, {"uuid": "e075e2e3-3f4d-4c93-8c7e-f25ecc16c1fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24646", "type": "seen", "source": "https://t.me/cibsecurity/58037", "content": "\u203c CVE-2023-24646 \u203c\n\nAn arbitrary file upload vulnerability in the component /fos/admin/ajax.php of Food Ordering System v2.0 allows attackers to execute arbitrary code via a crafted PHP file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-14T00:30:09.000000Z"}, {"uuid": "8476ebc9-6fcc-404d-be5b-b2c3816355dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24647", "type": "seen", "source": "https://t.me/cibsecurity/58032", "content": "\u203c CVE-2023-24647 \u203c\n\nFood Ordering System v2.0 was discovered to contain a SQL injection vulnerability via the email parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-14T00:30:01.000000Z"}]}