{"vulnerability": "CVE-2023-2765", "sightings": [{"uuid": "b74d68db-d622-42f0-9b0c-8900ea10e4ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2765", "type": "seen", "source": "https://t.me/cibsecurity/64332", "content": "\u203c CVE-2023-2765 \u203c\n\nA vulnerability has been found in Weaver OA up to 9.5 and classified as problematic. This vulnerability affects unknown code of the file /E-mobile/App/System/File/downfile.php. The manipulation of the argument url leads to absolute path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-229270 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-17T20:42:20.000000Z"}, {"uuid": "dfe4f487-5950-4705-8290-95c7a55cac00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27650", "type": "seen", "source": "Telegram/SSlc_8fAl2AWWymcM1-l_NurEMh5b-YBE-qcyv69Pvlg79CG", "content": "", "creation_timestamp": "2025-02-14T10:03:09.000000Z"}, {"uuid": "9e8ec72d-61cd-4ad1-9a33-cae84a674442", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27653", "type": "seen", "source": "https://t.me/cibsecurity/62138", "content": "\u203c CVE-2023-27653 \u203c\n\nAn issue found in WHOv.1.0.28, v.1.0.30, v.1.0.32 allows an attacker to cause a denial of service via the SharedPreference files.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-14T16:26:09.000000Z"}, {"uuid": "6472ebed-3ae3-41ac-97be-3e40b8074987", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27651", "type": "seen", "source": "https://t.me/cibsecurity/62130", "content": "\u203c CVE-2023-27651 \u203c\n\nAn issue found in Ego Studio SuperClean v.1.1.9 and v.1.1.5 allows an attacker to gain privileges via the update_info field of the _default_.xml file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-14T16:25:55.000000Z"}, {"uuid": "b224ece3-b2e4-4170-bb0a-8ccbbe93b146", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27650", "type": "seen", "source": "https://t.me/cibsecurity/61778", "content": "\u203c CVE-2023-27650 \u203c\n\nAn issue found in APUS Group Launcher v.3.10.73 and v.3.10.88 allows a remote attacker to execute arbitrary code via the FONT_FILE parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-10T20:27:39.000000Z"}, {"uuid": "abb04465-2276-4397-afc0-7ff769622a16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27654", "type": "seen", "source": "https://t.me/cibsecurity/62185", "content": "\u203c CVE-2023-27654 \u203c\n\nAn issue found in WHOv.1.0.28, v.1.0.30, v.1.0.32 allows an attacker to cause a escalation of privileges via the TTMultiProvider component.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-15T00:26:07.000000Z"}, {"uuid": "a5cf116b-4997-4328-9ecb-3ee3ba1df727", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27655", "type": "seen", "source": "https://t.me/cibsecurity/60582", "content": "\u203c CVE-2023-27655 \u203c\n\nxpdf v4.04 was discovered to contain a stack overflow in the component pdftotext.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-23T17:41:58.000000Z"}, {"uuid": "ca961de6-fe08-4138-a680-0ddf668223f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27652", "type": "seen", "source": "https://t.me/cibsecurity/62529", "content": "\u203c CVE-2023-27652 \u203c\n\nAn issue found in Ego Studio SuperClean v.1.1.9 and v.1.1.5 allows an attacker to gain privileges cause a denial of service via the update_info field of the _default_.xml file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-20T18:30:57.000000Z"}]}