{"vulnerability": "CVE-2023-29689", "sightings": [{"uuid": "bf29c7c2-a92a-4d6a-92de-608aa5001d88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29689", "type": "published-proof-of-concept", "source": "Telegram/3k_3pB9wWTeQLd9FDqiX71riScW-Z9ZR8y_Y7s59L4VI09M", "content": "", "creation_timestamp": "2026-01-10T03:00:05.000000Z"}, {"uuid": "7d0658c6-2a5b-4849-96d1-25d9995aab74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29689", "type": "seen", "source": "https://bsky.app/profile/throwable.bsky.social/post/3mbzf6pa2fq2c", "content": "", "creation_timestamp": "2026-01-09T20:58:26.310867Z"}, {"uuid": "d7d776c0-d3c8-455b-a9f3-396625bac83a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29689", "type": "seen", "source": "https://bsky.app/profile/throwable.bsky.social/post/3mbzihyite42a", "content": "", "creation_timestamp": "2026-01-09T21:57:19.208267Z"}, {"uuid": "e7927358-c43d-4ed9-b5ee-3204dda6b966", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29689", "type": "seen", "source": "https://bsky.app/profile/throwable.bsky.social/post/3mbzihyyxxr2a", "content": "", "creation_timestamp": "2026-01-09T21:57:20.100351Z"}, {"uuid": "26b118ae-f6cd-4e28-bef6-89827a3925f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29689", "type": "seen", "source": "https://t.me/cibsecurity/67762", "content": "\u203c CVE-2023-29689 \u203c\n\nPyroCMS 3.9 contains a remote code execution (RCE) vulnerability that can be exploited through a server-side template injection (SSTI) flaw. This vulnerability allows a malicious attacker to send customized commands to the server and execute arbitrary code on the affected system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-04T18:40:51.000000Z"}, {"uuid": "cbd4cdb5-e72f-4f67-8b1b-0e21949378ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29689", "type": "seen", "source": "https://t.me/arpsyndicate/1995", "content": "#ExploitObserverAlert\n\nCVE-2023-29689\n\nDESCRIPTION: Exploit Observer has 6 entries related to CVE-2023-29689. PyroCMS 3.9 contains a remote code execution (RCE) vulnerability that can be exploited through a server-side template injection (SSTI) flaw. This vulnerability allows a malicious attacker to send customized commands to the server and execute arbitrary code on the affected system.\n\nFIRST-EPSS: 0.005910000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-18T13:39:41.000000Z"}]}