{"vulnerability": "CVE-2023-2467", "sightings": [{"uuid": "bc538cd7-3d97-45e2-b1cc-5552ae612f08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24671", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5554", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-24671\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: VX Search v13.8 and v14.7 was discovered to contain an unquoted service path vulnerability which allows attackers to execute arbitrary commands at elevated privileges via a crafted executable file.\n\ud83d\udccf Published: 2023-03-16T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-26T16:47:20.668Z\n\ud83d\udd17 References:\n1. https://medium.com/%40SumitVerma101/windows-privilege-escalation-part-1-unquoted-service-path-c7a011a8d8ae\n2. https://packetstormsecurity.com/files/171300/VX-Search-13.8-Unquoted-Service-Path.html", "creation_timestamp": "2025-02-26T17:24:30.000000Z"}, {"uuid": "1ee80e5e-48f4-46b6-85e2-7fd28188648c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24675", "type": "seen", "source": "https://t.me/cibsecurity/69625", "content": "\u203c CVE-2023-24675 \u203c\n\nCross Site Scripting Vulnerability in BluditCMS v.3.14.1 allows attackers to execute arbitrary code via the Categories Friendly URL.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-01T14:13:51.000000Z"}, {"uuid": "eb03767d-b42d-49ef-b666-98b1a600b623", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24676", "type": "seen", "source": "https://t.me/ctinow/187211", "content": "https://ift.tt/C3iRJK9\nCVE-2023-24676 | Processwire 3.0.210 New Module Installation download_zip_url Privilege Escalation", "creation_timestamp": "2024-02-18T11:06:12.000000Z"}, {"uuid": "397172bc-d738-4c5a-8be0-75b9efea570f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24676", "type": "seen", "source": "https://t.me/ctinow/176422", "content": "https://ift.tt/EZlkNJ8\nCVE-2023-24676 Exploit", "creation_timestamp": "2024-01-31T02:17:09.000000Z"}, {"uuid": "cb69848e-ddbc-4e05-bebd-a5db3f1c9227", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24676", "type": "seen", "source": "https://t.me/ctinow/173129", "content": "https://ift.tt/KGZF0v1\nCVE-2023-24676", "creation_timestamp": "2024-01-24T22:27:19.000000Z"}, {"uuid": "a06e51ef-8cc4-4497-a4dc-81b7739018e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24674", "type": "seen", "source": "https://t.me/cibsecurity/69624", "content": "\u203c CVE-2023-24674 \u203c\n\nPermissions vulnerability found in Bludit CMS v.4.0.0 allows local attackers to escalate privileges via the role:admin parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-21T16:34:25.000000Z"}, {"uuid": "75a981e0-e776-48d7-adbc-23ab2429b147", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2467", "type": "seen", "source": "https://t.me/cibsecurity/63196", "content": "\u203c CVE-2023-2467 \u203c\n\nInappropriate implementation in Prompts in Google Chrome on Android prior to 113.0.5672.63 allowed a remote attacker to bypass permissions restrictions via a crafted HTML page. (Chromium security severity: Low)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-03T07:30:45.000000Z"}, {"uuid": "9b3d7f84-ddd5-4844-bd13-79346398a7f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-24678", "type": "seen", "source": "https://t.me/cibsecurity/60271", "content": "\u203c CVE-2023-24678 \u203c\n\nA vulnerability in Centralite Pearl Thermostat 0x04075010 allows attackers to cause a Denial of Service (DoS) via a crafted Zigbee message.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-17T23:31:46.000000Z"}]}