{"vulnerability": "CVE-2023-3838", "sightings": [{"uuid": "89ab7657-6dab-4665-a646-ecdecddb2a0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38383", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113647050539371467", "content": "", "creation_timestamp": "2024-12-13T18:59:32.286512Z"}, {"uuid": "c51a1f98-1d6b-4150-82d5-1a4a1f74913d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38385", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113647050552958759", "content": "", "creation_timestamp": "2024-12-13T18:59:32.587707Z"}, {"uuid": "90338647-e7a0-427c-bf8a-e185c51ea279", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38389", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4999", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-38389 < Wordpress < JupiterX Core < Unauthenticated Account Takeover\nURL\uff1ahttps://github.com/codeb0ss/CVE-2023-38389-PoC\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-09-25T23:12:30.000000Z"}, {"uuid": "8c479a5c-7e01-4d72-83b5-518da306bad0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38388", "type": "published-proof-of-concept", "source": "https://t.me/hydral0gs/1494", "content": "CVE-2023-38388\nMass Exploit - CVE-2023-38389 < Wordpress < JupiterX Core < Unauthenticated Account Takeover\nDork : inurl: wp-content/plugins/jupiterx-core/\nPOC exploit", "creation_timestamp": "2023-08-30T11:33:17.000000Z"}, {"uuid": "d581ca8f-fbb0-484c-aa35-8e63ba80a330", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38389", "type": "published-proof-of-concept", "source": "https://t.me/bh_cat/30", "content": "", "creation_timestamp": "2023-08-29T21:20:03.000000Z"}, {"uuid": "1858c0f7-9752-458b-a907-99980d6bd7d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38388", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4990", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aMass Exploit - CVE-2023-38388 < Unauthenticated < Arbitrary File Upload\nURL\uff1ahttps://github.com/codeb0ss/CVE-2023-38388\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-08-26T06:42:18.000000Z"}, {"uuid": "b252c20a-8bee-45b5-bdce-a6ce77a86976", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38382", "type": "seen", "source": "https://t.me/cibsecurity/73591", "content": "\u203c CVE-2023-38382 \u203c\n\nImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Daniel S\u00c3\u00b6derstr\u00c3\u00b6m / Sidney van de Stouwe Subscribe to Category allows SQL Injection.This issue affects Subscribe to Category: from n/a through 2.7.4.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-11-06T12:25:59.000000Z"}, {"uuid": "0a6847e5-e36d-4e43-82b4-8117e6cf9821", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38389", "type": "published-proof-of-concept", "source": "Telegram/K31ufyBCOheiH5zrjD5YsNz-6uFniQWkP1bYzp0qVw3bJv9k", "content": "", "creation_timestamp": "2024-11-22T08:00:13.000000Z"}, {"uuid": "b031a720-8bd0-4aff-9433-82be532c3acf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38389", "type": "published-proof-of-concept", "source": "https://t.me/hydral0gs/1494", "content": "CVE-2023-38388\nMass Exploit - CVE-2023-38389 < Wordpress < JupiterX Core < Unauthenticated Account Takeover\nDork : inurl: wp-content/plugins/jupiterx-core/\nPOC exploit", "creation_timestamp": "2023-08-30T11:33:17.000000Z"}, {"uuid": "ebf509e1-f51b-4968-bf39-46d8822c88de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38389", "type": "published-proof-of-concept", "source": "Telegram/aNBNwC3LqvhfS3xWgK9JoNqSxDpP_Nhnlu2qMp5ab4fj1A", "content": "", "creation_timestamp": "2024-01-16T18:04:27.000000Z"}, {"uuid": "01759fcf-3eb6-45f7-b6ee-b6afa25fa0d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38386", "type": "seen", "source": "Telegram/TVzNbCj39jddHJ0wyo_RxjoN5ENQMo13tFhhm0Se71_sQw", "content": "", "creation_timestamp": "2023-07-31T10:36:25.000000Z"}, {"uuid": "54abb700-4086-455e-ab7e-8a11fc596b71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38389", "type": "published-proof-of-concept", "source": "Telegram/iqLSoyttquXsvqmb_GzoQ077CrhYNJaM3BJRNf5DCmByEVqG", "content": "", "creation_timestamp": "2024-11-22T08:00:14.000000Z"}, {"uuid": "abc3d5a8-3152-4e35-9753-fb5f24a8db49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38386", "type": "seen", "source": "https://t.me/KomunitiSiber/572", "content": "Multiple Flaws Found in Ninja Forms Plugin Leave 800,000 Sites Vulnerable\nhttps://thehackernews.com/2023/07/multiple-flaws-found-in-ninja-forms.html\n\nMultiple security vulnerabilities have been disclosed in the Ninja Forms plugin for WordPress that could be exploited by threat actors to escalate privileges and steal sensitive data.\nThe flaws, tracked as CVE-2023-37979, CVE-2023-38386, and CVE-2023-38393, impact versions 3.6.25 and below, Patchstack\u00a0said\u00a0in a report last week. Ninja Forms is installed on over 800,000 sites.\nA brief description", "creation_timestamp": "2023-07-31T10:49:30.000000Z"}, {"uuid": "96a2a73b-43a0-4ee9-8c98-f73e96b9c2cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38388", "type": "published-proof-of-concept", "source": "https://t.me/Shade_Black_Hacker/687", "content": "\ud83e\ude85MIDHCO Data Leak : https://system32.ink/midhco-data-leak/\n\n\ud83d\udcdfNtRemoteLoad \u2013 Remote Shellcode Injector : https://system32.ink/ntremoteload-remote-shellcode-injector/\n\n\ud83d\udc00TelegramRAT : https://system32.ink/telegramrat/\n\n\ud83e\uddeeCVE-2023-38831 Winrar Exploit Generator : https://system32.ink/cve-2023-38831-winrar-exploit-generator/\n\n\ud83d\udc7eCVE-2023-39063 Poc : https://system32.ink/cve-2023-39063-poc/\n\n\ud83e\udeacJupiterX Core Premium Plugin Mass Exploit \u2013 CVE-2023-38388 : https://system32.ink/jupiterx-core-premium-plugin-mass-exploit-cve-2023-38388/\n\n\ud83d\udcefJDK CVE-2023-21939 POC : https://system32.ink/jdk-cve-2023-21939-poc/", "creation_timestamp": "2023-09-30T20:01:41.000000Z"}, {"uuid": "f56ddd00-124e-4548-88fb-bf655d0b76a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38389", "type": "seen", "source": "Telegram/AB2bOACOtIPEwgSY9b_jMaZBmH53gvFTnSXIOuBOso_udVo", "content": "", "creation_timestamp": "2023-09-01T03:47:43.000000Z"}, {"uuid": "e83aceef-7190-42e9-ad92-dc4dc6d7df95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38388", "type": "seen", "source": "Telegram/AB2bOACOtIPEwgSY9b_jMaZBmH53gvFTnSXIOuBOso_udVo", "content": "", "creation_timestamp": "2023-09-01T03:47:43.000000Z"}, {"uuid": "fbe14d38-dd61-4416-a26f-c22198f05b28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38388", "type": "published-proof-of-concept", "source": "Telegram/Hl-xhae5gWXK7tw2HlsQ48dSVuT7dVcXsNReL7eVRTh3eA", "content": "", "creation_timestamp": "2023-09-06T15:34:58.000000Z"}, {"uuid": "b7b78efd-6730-4a3d-a2e9-4c4c6bdbd110", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38388", "type": "published-proof-of-concept", "source": "Telegram/4_4xyXQTaUbA-YsFB59E5SAxyU6CIetp1U4BNxeizjZ9FQ", "content": "", "creation_timestamp": "2023-08-28T07:37:04.000000Z"}, {"uuid": "6f63d71c-b51a-4bb7-b331-cca0ea0f9bf6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38388", "type": "published-proof-of-concept", "source": "Telegram/yAr6FHXH_Ehyg6o_DNu3EkF3oiV-jp3YhqQywNW4mpL9o_0", "content": "", "creation_timestamp": "2024-07-24T05:38:35.000000Z"}, {"uuid": "b4827d1c-4aac-49c7-b152-aa1ce27d2596", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38389", "type": "published-proof-of-concept", "source": "Telegram/_-2yCzX9XNA59xLVISXtaEHHGZFKO07z2rd05VhSEtgb", "content": "", "creation_timestamp": "2023-08-30T11:33:17.000000Z"}, {"uuid": "4de972da-5002-41d0-a708-e38e7a2a18a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38389", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3175", "content": "Hackers Factory \n\nCVE-2023-38389 < Wordpress < JupiterX Core < Unauthenticated Account Takeover\n\nhttps://github.com/codeb0ss/CVE-2023-38389-PoC\n\nShodan Dorks\n\nhttps://github.com/HernanRodriguez1/Dorks-Shodan-2023\n\nA modern tool written in Python that automates your xss findings.\n\nhttps://github.com/faiyazahmad07/xss_vibes\n\nAn open-source intelligence (OSINT) analysis tool leveraging GPT-powered embeddings and vector search engines for efficient data processing\n\nhttps://github.com/estebanpdl/osintgpt\n\nThe only graphql wordlists you'll ever need. Operations, field names, type names... Collected on more than 60k distinct GraphQL schemas.\n\nhttps://github.com/Escape-Technologies/graphql-wordlist\n\nNucleiFuzzer is a Powerful Automation tool for detecting XSS, SQLi, SSRF, Open-Redirect, etc.. Vulnerabilities in Web Applications\n\nhttps://github.com/0xKayala/NucleiFuzzer\n\nTunnlTo is a lightweight, fast, Windows WireGuard VPN client built for split tunneling.\n\nhttps://github.com/TunnlTo/desktop-app\n\nA list of writeups from the Google VRP Bug Bounty program\n\nhttps://github.com/xdavidhu/awesome-google-vrp-writeups\n\nReading an Arbitrary ThinkPHP 5.X File.\n\nhttps://github.com/momika233/TP5_Arbitrary_file_read/blob/main/TP5_Arbitrary_file_read.yaml\n\nA simple utility to perform reverse WHOIS lookups using whoisxml API\n\nhttps://github.com/devanshbatham/revwhoix\n\n#infosec #cybersecurity #hackersfactory \n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-09-02T10:33:45.000000Z"}, {"uuid": "ec3141b5-a159-4672-8bec-fc3fd77277af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38389", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3170", "content": "Hackers Factory \n\nOSCP 2023 Preparation Guide | Courses, Tricks, Tutorials, Exercises, Machines\n\nhttps://github.com/rodolfomarianocy/OSCP-Tricks-2023\n\nAwesome list of keywords for Threat Hunting sessions\n\nhttps://github.com/mthcht/ThreatHunting-Keywords\n\nA Curated list of Awesome Python Scripts that Automate Stuffs.\n\nhttps://github.com/hastagAB/Awesome-Python-Scripts\n\nCVE-2023-38389 < Wordpress < JupiterX Core < Unauthenticated Account Takeover\n\nhttps://github.com/codeb0ss/CVE-2023-38389-PoC\n\nSimple EDR that injects a DLL into a process to place a hook on specific Windows API\n\nhttps://github.com/Helixo32/SimpleEDR\n\nCobalt Strike Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique\n\nhttps://github.com/ewby/Mockingjay_BOF\n\nRemote Shellcode Injector\n\nhttps://github.com/florylsk/NtRemoteLoad\n\nA Kerberos AP-REQ hijacking tool with DNS unsecure updates abuse.\n\nhttps://github.com/almandin/krbjack\n\nDebugAmsi\n\nDebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.\n\ngithub.com/MzHmO/DebugAmsi\n\nPOC of the CVE-2023-39063\n\nhttps://github.com/AndreGNogueira/CVE-2023-39063 \n\nICSE'23 - CoFuzz: Coordinated hybrid fuzzing framework with advanced coordination mode\n\nhttps://github.com/Tricker-z/CoFuzz\n\n#infosec #cybersecurity #hackersfactory \n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-08-28T18:21:49.000000Z"}, {"uuid": "f81e6ef3-c823-4ac5-964f-2ff70bc46ccb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38389", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1716", "content": "CVE-2023-38388\nMass Exploit - CVE-2023-38389 < Wordpress < JupiterX Core < Unauthenticated Account Takeover\nDork : inurl: wp-content/plugins/jupiterx-core/\nPOC exploit", "creation_timestamp": "2023-08-29T17:30:41.000000Z"}, {"uuid": "9016c538-1358-456f-95b8-0a00a63d834f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38388", "type": "published-proof-of-concept", "source": "Telegram/_-2yCzX9XNA59xLVISXtaEHHGZFKO07z2rd05VhSEtgb", "content": "", "creation_timestamp": "2023-08-30T11:33:17.000000Z"}, {"uuid": "09a0e829-51b9-48ba-81db-16b9abf842b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38388", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/1716", "content": "CVE-2023-38388\nMass Exploit - CVE-2023-38389 < Wordpress < JupiterX Core < Unauthenticated Account Takeover\nDork : inurl: wp-content/plugins/jupiterx-core/\nPOC exploit", "creation_timestamp": "2023-08-29T17:30:41.000000Z"}, {"uuid": "a2d76532-fb46-4a66-8e51-341985f74bb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38389", "type": "published-proof-of-concept", "source": "https://t.me/breachdetector/327053", "content": "{\n  \"Source\": \"https://spy.gen.tr/forum/\",\n  \"Content\": \"WP PoC CVE-2023-38389\", \n  \"author\": \" (MrSynox)\",\n  \"Detection Date\": \"30 Aug 2023\",\n  \"Type\": \"Data leak\"\n}\n\ud83d\udd39 t.me/breachdetector \ud83d\udd39", "creation_timestamp": "2023-08-30T22:18:39.000000Z"}, {"uuid": "5fa0b1f8-e89d-438c-ae93-256c7c22f2d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38389", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1077", "content": "CVE-2023-38389 < Wordpress < JupiterX Core < Unauthenticated Account Takeover", "creation_timestamp": "2024-09-17T21:30:02.000000Z"}, {"uuid": "a5ce68cf-f758-459b-af3c-d62402e401ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38388", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1074", "content": "Mass WordPress Exploit - CVE-2023-38388 < Unauthenticated < Arbitrary File Upload", "creation_timestamp": "2024-09-17T21:30:02.000000Z"}, {"uuid": "59fa0199-99e0-4aa3-9464-a59444c0251d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38389", "type": "published-proof-of-concept", "source": "Telegram/nVGpCCGFJfFBbMqbuDDb7uj5pTNZK0IVOOf9utDz1IH_1YA", "content": "", "creation_timestamp": "2024-01-15T11:51:58.000000Z"}, {"uuid": "e7c4ff4c-1ff4-4616-b1e0-8834e75122f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38388", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1073", "content": "https://github.com/codeb0ss/CVE-2023-38388", "creation_timestamp": "2024-09-17T21:30:02.000000Z"}, {"uuid": "c3f06723-8ebe-4f82-8cc1-b444e3c1812d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38388", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/4212", "content": "\ud83e\ude85MIDHCO Data Leak : https://system32.ink/midhco-data-leak/\n\n\ud83d\udcdfNtRemoteLoad \u2013 Remote Shellcode Injector : https://system32.ink/ntremoteload-remote-shellcode-injector/\n\n\ud83d\udc00TelegramRAT : https://system32.ink/telegramrat/\n\n\ud83e\uddeeCVE-2023-38831 Winrar Exploit Generator : https://system32.ink/cve-2023-38831-winrar-exploit-generator/\n\n\ud83d\udc7eCVE-2023-39063 Poc : https://system32.ink/cve-2023-39063-poc/\n\n\ud83e\udeacJupiterX Core Premium Plugin Mass Exploit \u2013 CVE-2023-38388 : https://system32.ink/jupiterx-core-premium-plugin-mass-exploit-cve-2023-38388/\n\n\ud83d\udcefJDK CVE-2023-21939 POC : https://system32.ink/jdk-cve-2023-21939-poc/", "creation_timestamp": "2023-08-28T07:49:18.000000Z"}, {"uuid": "62dab655-6c88-4875-8b38-d9a0382e385d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38388", "type": "published-proof-of-concept", "source": "https://t.me/DailyToolz/1009", "content": "Mass WordPress Exploit - CVE-2023-38388 < Unauthenticated < Arbitrary File Upload", "creation_timestamp": "2023-08-27T02:09:58.000000Z"}, {"uuid": "649966c3-bed3-40cf-a230-e3fe8e8d845f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38388", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/4263", "content": "\ud83e\ude85MIDHCO Data Leak : https://system32.ink/midhco-data-leak/\n\n\ud83d\udcdfNtRemoteLoad \u2013 Remote Shellcode Injector : https://system32.ink/ntremoteload-remote-shellcode-injector/\n\n\ud83d\udc00TelegramRAT : https://system32.ink/telegramrat/\n\n\ud83e\uddeeCVE-2023-38831 Winrar Exploit Generator : https://system32.ink/cve-2023-38831-winrar-exploit-generator/\n\n\ud83d\udc7eCVE-2023-39063 Poc : https://system32.ink/cve-2023-39063-poc/\n\n\ud83e\udeacJupiterX Core Premium Plugin Mass Exploit \u2013 CVE-2023-38388 : https://system32.ink/jupiterx-core-premium-plugin-mass-exploit-cve-2023-38388/\n\n\ud83d\udcefJDK CVE-2023-21939 POC : https://system32.ink/jdk-cve-2023-21939-poc/", "creation_timestamp": "2023-09-06T18:21:21.000000Z"}, {"uuid": "f9fca74f-9053-4623-b8e7-88da01b7c57b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38388", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/4217", "content": "\ud83e\ude85MIDHCO Data Leak : https://system32.ink/midhco-data-leak/\n\n\ud83d\udcdfNtRemoteLoad \u2013 Remote Shellcode Injector : https://system32.ink/ntremoteload-remote-shellcode-injector/\n\n\ud83d\udc00TelegramRAT : https://system32.ink/telegramrat/\n\n\ud83e\uddeeCVE-2023-38831 Winrar Exploit Generator : https://system32.ink/cve-2023-38831-winrar-exploit-generator/\n\n\ud83d\udc7eCVE-2023-39063 Poc : https://system32.ink/cve-2023-39063-poc/\n\n\ud83e\udeacJupiterX Core Premium Plugin Mass Exploit \u2013 CVE-2023-38388 : https://system32.ink/jupiterx-core-premium-plugin-mass-exploit-cve-2023-38388/\n\n\ud83d\udcefJDK CVE-2023-21939 POC : https://system32.ink/jdk-cve-2023-21939-poc/", "creation_timestamp": "2023-08-29T06:55:55.000000Z"}, {"uuid": "c32c88e1-94ac-4169-ad89-7044f08877f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38387", "type": "seen", "source": "https://t.me/cibsecurity/69708", "content": "\u203c CVE-2023-38387 \u203c\n\nAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Elastic Email Sender plugin <=\u00c2\u00a01.2.6 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-03T16:15:33.000000Z"}, {"uuid": "4d6ef19e-1155-427a-8c16-24e54e96ef89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3838", "type": "seen", "source": "https://t.me/cibsecurity/67122", "content": "\u203c CVE-2023-3838 \u203c\n\nA vulnerability classified as problematic was found in DedeBIZ 6.2.10. Affected by this vulnerability is an unknown functionality of the file /admin/vote_edit.php. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-235189 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-23T07:24:55.000000Z"}, {"uuid": "e475173a-5782-4e22-b27f-ffb7bdaf3641", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38386", "type": "seen", "source": "https://t.me/thehackernews/3671", "content": "\ud83d\udd13 Urgent: Protect your WordPress site now! Critical security update required for Ninja Forms plugin. Over 800,000 sites at risk from vulnerabilities CVE-2023-37979, CVE-2023-38386, and CVE-2023-38393. \n \nGet the full scoop here: https://thehackernews.com/2023/07/multiple-flaws-found-in-ninja-forms.html", "creation_timestamp": "2023-07-31T09:13:42.000000Z"}, {"uuid": "463e67e1-f761-46ce-89f2-06e4511d4ec6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38388", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8919", "content": "#exploit\n1. CVE-2023-21939:\nOracle Java SE Vulnerability\nhttps://github.com/Y4Sec-Team/CVE-2023-21939\n\n2. CVE-2023-38388:\nJupiterX Core Premium Plugin - unrestricted upload\nhttps://github.com/codeb0ss/CVE-2023-38388", "creation_timestamp": "2023-08-26T21:07:12.000000Z"}, {"uuid": "786ded82-7bad-46e4-a5f8-720e60bef1a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38389", "type": "published-proof-of-concept", "source": "https://t.me/LearnExploit/5439", "content": "#Exploit #Wordpress #JupiterX #Plugin\nWordpress JupiterX Core Plugin Unauthenticated Account Takeover Vuln\n\nDork : inurl: wp-content/plugins/jupiterx-core/\n\n\u0646\u06a9\u062a\u0647: \u0628\u0627 \u067e\u0627\u06cc\u062a\u0648\u0646 2.7 \u0627\u062c\u0631\u0627 \u06a9\u0646\u06cc\u062f \u062f\u0631 \u063a\u06cc\u0631 \u0627\u06cc\u0646 \u0635\u0648\u0631\u062a \u0628\u0627 \u0627\u0631\u0631\u0648\u0631 \u0645\u0648\u0627\u062c\u0647 \u0645\u06cc\u0634\u06cc\u062f.\n\nShared By XP4\n\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\u2796\nIR0Day.Today Bax\n@LearnExploit\n@Tech_Army", "creation_timestamp": "2023-08-30T11:55:42.000000Z"}, {"uuid": "01509d92-3c25-4681-b6b2-491a9b2d7aa0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38389", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8928", "content": "#exploit\n1. CVE-2023-38389:\nWordpress JupiterX Core - Unauthenticated Account Takeover\nhttps://github.com/codeb0ss/CVE-2023-38389-PoC\n\n2. CVE-2023-35150:\nArbitrary Code Injection in XWiki*org XWiki\nhttps://www.zerodayinitiative.com/blog/2023/8/22/cve-2023-35150-arbitrary-code-injection-in-xwikiorg-xwiki", "creation_timestamp": "2023-08-28T11:01:00.000000Z"}, {"uuid": "f76faccc-d985-4598-bbfc-007cb0057166", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38388", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/831", "content": "Mass WordPress Exploit - CVE-2023-38388 < Unauthenticated < Arbitrary File Upload", "creation_timestamp": "2024-08-16T08:20:41.000000Z"}, {"uuid": "73da8683-da90-4f1b-90b9-66f81af65c9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-38389", "type": "published-proof-of-concept", "source": "https://t.me/DEVIL_La_RSx/682", "content": "CVE-2023-38389 < Wordpress < JupiterX Core < Unauthenticated Account Takeover\n\nA relatively new and quite effective exploit, designed for unauthorized authentication with subsequent takeover of a worldpress account. Based on vulnerabilities in the third-party add-on JupiterX Core. Vulnerable machines can be found using the following google door: inurl: wp-content/plugins/jupiterx-core/\n\nhttps://github.com/codeb0ss/CVE-2023-38389-PoC", "creation_timestamp": "2024-11-22T09:56:56.000000Z"}]}