{"vulnerability": "CVE-2023-3697", "sightings": [{"uuid": "3c1c5c1c-7718-4d6c-840a-0d6c4e0ffc5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3697", "type": "seen", "source": "https://t.me/cibsecurity/68740", "content": "\u203c CVE-2023-3697 \u203c\n\nPrinter service fails to adequately handle user input, allowing an remote unauthorized users to navigate beyond the intended directory structure and create files. Affected products and versions include: ADM 4.0.6.RIS1, 4.1.0 and below as well as ADM 4.2.2.RI61 and below.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-17T14:37:14.000000Z"}, {"uuid": "4885bf6d-c213-4d75-bada-3b3337ba7073", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36970", "type": "seen", "source": "https://t.me/cibsecurity/66130", "content": "\u203c CVE-2023-36970 \u203c\n\nA Cross-site scripting (XSS) vulnerability in CMS Made Simple v2.2.17 allows remote attackers to inject arbitrary web script or HTML via the File Upload function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-06T18:36:27.000000Z"}]}