{"vulnerability": "CVE-2023-3607", "sightings": [{"uuid": "73e17170-e836-4e6f-8723-226770608d98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36076", "type": "seen", "source": "https://t.me/cibsecurity/69657", "content": "\u203c CVE-2023-36076 \u203c\n\nSQL Injection vulnerability in smanga version 3.1.9 and earlier, allows remote attackers to execute arbitrary code and gain sensitive information via mediaId, mangaId, and userId parameters in php/history/add.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-01T20:15:07.000000Z"}, {"uuid": "b41ff92a-ede0-4173-b596-9af4bc2c60f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3607", "type": "seen", "source": "https://t.me/cibsecurity/66312", "content": "\u203c CVE-2023-3607 \u203c\n\nA vulnerability was found in kodbox 1.26. It has been declared as critical. This vulnerability affects the function Execute of the file webconsole.php.txt of the component WebConsole Plug-In. The manipulation leads to os command injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-233476. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-11T00:24:13.000000Z"}]}