{"vulnerability": "CVE-2023-3906", "sightings": [{"uuid": "91e7b453-31e1-421d-96d8-708626d105f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39063", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/4986", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aPOC of the CVE-2023-39063\nURL\uff1ahttps://github.com/AndreGNogueira/CVE-2023-39063\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-08-25T08:48:34.000000Z"}, {"uuid": "741f21a5-5f88-4d45-94db-1da7e59afe61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39063", "type": "published-proof-of-concept", "source": "https://t.me/Shade_Black_Hacker/687", "content": "\ud83e\ude85MIDHCO Data Leak : https://system32.ink/midhco-data-leak/\n\n\ud83d\udcdfNtRemoteLoad \u2013 Remote Shellcode Injector : https://system32.ink/ntremoteload-remote-shellcode-injector/\n\n\ud83d\udc00TelegramRAT : https://system32.ink/telegramrat/\n\n\ud83e\uddeeCVE-2023-38831 Winrar Exploit Generator : https://system32.ink/cve-2023-38831-winrar-exploit-generator/\n\n\ud83d\udc7eCVE-2023-39063 Poc : https://system32.ink/cve-2023-39063-poc/\n\n\ud83e\udeacJupiterX Core Premium Plugin Mass Exploit \u2013 CVE-2023-38388 : https://system32.ink/jupiterx-core-premium-plugin-mass-exploit-cve-2023-38388/\n\n\ud83d\udcefJDK CVE-2023-21939 POC : https://system32.ink/jdk-cve-2023-21939-poc/", "creation_timestamp": "2023-09-30T20:01:41.000000Z"}, {"uuid": "5e296c21-a326-4764-a683-b31b43a0626a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39063", "type": "published-proof-of-concept", "source": "Telegram/4_4xyXQTaUbA-YsFB59E5SAxyU6CIetp1U4BNxeizjZ9FQ", "content": "", "creation_timestamp": "2023-08-28T07:37:04.000000Z"}, {"uuid": "396a55ad-b16a-4b75-a963-adf623d73852", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39063", "type": "published-proof-of-concept", "source": "Telegram/Hl-xhae5gWXK7tw2HlsQ48dSVuT7dVcXsNReL7eVRTh3eA", "content": "", "creation_timestamp": "2023-09-06T15:34:58.000000Z"}, {"uuid": "31a24990-80a2-4b3f-9a66-b4ff0025a52f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39063", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3170", "content": "Hackers Factory \n\nOSCP 2023 Preparation Guide | Courses, Tricks, Tutorials, Exercises, Machines\n\nhttps://github.com/rodolfomarianocy/OSCP-Tricks-2023\n\nAwesome list of keywords for Threat Hunting sessions\n\nhttps://github.com/mthcht/ThreatHunting-Keywords\n\nA Curated list of Awesome Python Scripts that Automate Stuffs.\n\nhttps://github.com/hastagAB/Awesome-Python-Scripts\n\nCVE-2023-38389 < Wordpress < JupiterX Core < Unauthenticated Account Takeover\n\nhttps://github.com/codeb0ss/CVE-2023-38389-PoC\n\nSimple EDR that injects a DLL into a process to place a hook on specific Windows API\n\nhttps://github.com/Helixo32/SimpleEDR\n\nCobalt Strike Beacon Object File (BOF) Conversion of the Mockingjay Process Injection Technique\n\nhttps://github.com/ewby/Mockingjay_BOF\n\nRemote Shellcode Injector\n\nhttps://github.com/florylsk/NtRemoteLoad\n\nA Kerberos AP-REQ hijacking tool with DNS unsecure updates abuse.\n\nhttps://github.com/almandin/krbjack\n\nDebugAmsi\n\nDebugAmsi is another way to bypass AMSI through the Windows process debugger mechanism.\n\ngithub.com/MzHmO/DebugAmsi\n\nPOC of the CVE-2023-39063\n\nhttps://github.com/AndreGNogueira/CVE-2023-39063 \n\nICSE'23 - CoFuzz: Coordinated hybrid fuzzing framework with advanced coordination mode\n\nhttps://github.com/Tricker-z/CoFuzz\n\n#infosec #cybersecurity #hackersfactory \n\nhttps://t.me/dilagrafie", "creation_timestamp": "2023-08-28T18:21:49.000000Z"}, {"uuid": "23094527-0e2a-45e5-b8f2-e95f26c18748", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39063", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/4212", "content": "\ud83e\ude85MIDHCO Data Leak : https://system32.ink/midhco-data-leak/\n\n\ud83d\udcdfNtRemoteLoad \u2013 Remote Shellcode Injector : https://system32.ink/ntremoteload-remote-shellcode-injector/\n\n\ud83d\udc00TelegramRAT : https://system32.ink/telegramrat/\n\n\ud83e\uddeeCVE-2023-38831 Winrar Exploit Generator : https://system32.ink/cve-2023-38831-winrar-exploit-generator/\n\n\ud83d\udc7eCVE-2023-39063 Poc : https://system32.ink/cve-2023-39063-poc/\n\n\ud83e\udeacJupiterX Core Premium Plugin Mass Exploit \u2013 CVE-2023-38388 : https://system32.ink/jupiterx-core-premium-plugin-mass-exploit-cve-2023-38388/\n\n\ud83d\udcefJDK CVE-2023-21939 POC : https://system32.ink/jdk-cve-2023-21939-poc/", "creation_timestamp": "2023-08-28T07:49:18.000000Z"}, {"uuid": "5004c5ad-50e6-4446-8e48-5c8f5e253028", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39063", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/4263", "content": "\ud83e\ude85MIDHCO Data Leak : https://system32.ink/midhco-data-leak/\n\n\ud83d\udcdfNtRemoteLoad \u2013 Remote Shellcode Injector : https://system32.ink/ntremoteload-remote-shellcode-injector/\n\n\ud83d\udc00TelegramRAT : https://system32.ink/telegramrat/\n\n\ud83e\uddeeCVE-2023-38831 Winrar Exploit Generator : https://system32.ink/cve-2023-38831-winrar-exploit-generator/\n\n\ud83d\udc7eCVE-2023-39063 Poc : https://system32.ink/cve-2023-39063-poc/\n\n\ud83e\udeacJupiterX Core Premium Plugin Mass Exploit \u2013 CVE-2023-38388 : https://system32.ink/jupiterx-core-premium-plugin-mass-exploit-cve-2023-38388/\n\n\ud83d\udcefJDK CVE-2023-21939 POC : https://system32.ink/jdk-cve-2023-21939-poc/", "creation_timestamp": "2023-09-06T18:21:21.000000Z"}, {"uuid": "0feef6df-788b-4b48-a6be-c4acf625f82d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39063", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/4217", "content": "\ud83e\ude85MIDHCO Data Leak : https://system32.ink/midhco-data-leak/\n\n\ud83d\udcdfNtRemoteLoad \u2013 Remote Shellcode Injector : https://system32.ink/ntremoteload-remote-shellcode-injector/\n\n\ud83d\udc00TelegramRAT : https://system32.ink/telegramrat/\n\n\ud83e\uddeeCVE-2023-38831 Winrar Exploit Generator : https://system32.ink/cve-2023-38831-winrar-exploit-generator/\n\n\ud83d\udc7eCVE-2023-39063 Poc : https://system32.ink/cve-2023-39063-poc/\n\n\ud83e\udeacJupiterX Core Premium Plugin Mass Exploit \u2013 CVE-2023-38388 : https://system32.ink/jupiterx-core-premium-plugin-mass-exploit-cve-2023-38388/\n\n\ud83d\udcefJDK CVE-2023-21939 POC : https://system32.ink/jdk-cve-2023-21939-poc/", "creation_timestamp": "2023-08-29T06:55:55.000000Z"}, {"uuid": "92b1bc39-1f55-4487-84b3-84869de6a1ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3906", "type": "seen", "source": "https://t.me/cibsecurity/71254", "content": "\u203c CVE-2023-3906 \u203c\n\nAn input validation issue in the asset proxy in GitLab EE, affecting all versions from 12.3 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1, allowed an authenticated attacker to craft image urls which bypass the asset proxy.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-29T12:37:31.000000Z"}, {"uuid": "3dcc5b04-e7db-4713-beb1-4c9fcab62685", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39069", "type": "seen", "source": "https://t.me/cibsecurity/70240", "content": "\u203c CVE-2023-39069 \u203c\n\nAn issue in StrangeBee TheHive v.5.0.8, v.4.1.21 and Cortex v.3.1.6 allows a remote attacker to gain privileges via Active Directory authentication mechanism.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-12T02:22:23.000000Z"}, {"uuid": "e4c81847-7d51-4d56-a596-17875b83b398", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39063", "type": "seen", "source": "https://t.me/cibsecurity/70233", "content": "\u203c CVE-2023-39063 \u203c\n\nBuffer Overflow vulnerability in RaidenFTPD 2.4.4005 allows a local attacker to execute arbitrary code via the Server name field of the Step by step setup wizard.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-11T22:27:57.000000Z"}, {"uuid": "573d042a-41d9-4e80-a8b4-310867a1badd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39067", "type": "seen", "source": "https://t.me/cibsecurity/70224", "content": "\u203c CVE-2023-39067 \u203c\n\nCross Site Scripting vulnerability in ZLMediaKiet v.4.0 and v.5.0 allows an attacker to execute arbitrary code via a crafted script to the URL.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-11T22:27:48.000000Z"}, {"uuid": "5e3aa7b0-d13f-488d-9e8b-f0552b420d80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39068", "type": "seen", "source": "https://t.me/cibsecurity/70222", "content": "\u203c CVE-2023-39068 \u203c\n\nBuffer Overflow vulnerability in NBD80S09S-KLC v.YK_HZXM_NBD80S09S-KLC_V4.03.R11.7601.Nat.OnvifC.20230414.bin and NBD80N32RA-KL-V3 v.YK_HZXM_NBD80N32RA-KL_V4.03.R11.7601.Nat.OnvifC.20220120.bin allows a remote attacker to casue a denial of service via a crafted request to the service.XM component.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-11T22:27:45.000000Z"}, {"uuid": "62630faa-1950-4c47-9533-b535dc22ad5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39062", "type": "seen", "source": "https://t.me/cibsecurity/69310", "content": "\u203c CVE-2023-39062 \u203c\n\nCross Site Scripting vulnerability in Spipu HTML2PDF before v.5.2.8 allows a remote attacker to execute arbitrary code via a crafted script to the forms.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-28T22:26:21.000000Z"}, {"uuid": "0bc96f3d-1904-47cd-842f-c0edecbc77db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39061", "type": "seen", "source": "https://t.me/cibsecurity/68889", "content": "\u203c CVE-2023-39061 \u203c\n\nCross Site Request Forgery (CSRF) vulnerability in Chamilo v.1.11 thru v.1.11.20 allows a remote authenticated privileged attacker to execute arbitrary code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-21T20:41:03.000000Z"}, {"uuid": "020f42ec-5fad-42f3-9ae7-f0255dc7673b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39063", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8921", "content": "#exploit\n1. CVE-2023-36844, CVE-2023-36845,\nCVE-2023-36846, CVE-2023-36847:\nRCE in Juniper JunOS within SRX/EX Series products\nhttps://github.com/watchtowrlabs/juniper-rce_cve-2023-36844\n\n2. CVE-2023-41080:\nApache Tomcat FORM Authentication redirect\nhttps://github.com/shiomiyan/CVE-2023-41080\n\n3. CVE-2023-39063:\nRaidenFTPD Buffer Overflow\nhttps://github.com/AndreGNogueira/CVE-2023-39063", "creation_timestamp": "2023-08-27T15:11:36.000000Z"}]}