{"vulnerability": "CVE-2023-3984", "sightings": [{"uuid": "edc56167-233e-425e-9901-f05f672379af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39848", "type": "seen", "source": "Telegram/8_4D4KvZy_-_I7z8penMp3lTiTQlBtQYUA_N7H7VC1WBTLQ", "content": "", "creation_timestamp": "2023-08-17T19:23:21.000000Z"}, {"uuid": "331f7c05-36b6-4205-b9fe-f230645f30e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39846", "type": "seen", "source": "https://t.me/cibsecurity/68714", "content": "\u203c CVE-2023-39846 \u203c\n\nAn issue in Konga v0.14.9 allows attackers to bypass authentication via a crafted JWT token.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-17T02:37:03.000000Z"}, {"uuid": "5707619c-d77b-43e3-b818-97df1d0613e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39846", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/1035", "content": "CVE-2023-39846: Konga \u0646\u0633\u062e\u0647 0.14.9 - \u0627\u062d\u0631\u0627\u0632 \u0647\u0648\u06cc\u062a \u0627\u0632 \u0637\u0631\u06cc\u0642 \u06cc\u06a9 \u062a\u0648\u06a9\u0646 JWT \u0633\u0627\u062e\u062a\u0647 \u0634\u062f\u0647 (\u062f\u0633\u062a\u0631\u0633\u06cc \u063a\u06cc\u0631\u0645\u062c\u0627\u0632 Konga) \u062f\u0648\u0631 \u0632\u062f\u0646\n\u0644\u06cc\u0646\u06a9: https://abyssaler.github.io/post/konga%20Unauthorized%20access\n\nCVE-2023-39846 :  Konga v0.14.9 - Bypass authentication via a crafted JWT token (Konga Unauthorized access)\nLink : https://abyssaler.github.io/post/konga%20Unauthorized%20access", "creation_timestamp": "2024-04-28T16:31:10.000000Z"}, {"uuid": "bef76de9-7e0a-4f4a-89ea-20523a8c87b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39848", "type": "seen", "source": "https://t.me/BugBountyRu/105", "content": "\u041a\u0430\u043a \u0432\u0430\u043c CVE?\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-39848", "creation_timestamp": "2023-08-17T11:27:18.000000Z"}, {"uuid": "b84d3393-57e8-44f6-86be-e4e4976b3467", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39848", "type": "seen", "source": "https://t.me/CyberSecurityIL/26458", "content": "\u05e7\u05d7\u05d5 \u05e1\u05d9\u05e4\u05d5\u05e8 \u05d7\u05e6\u05d9 \u05de\u05e6\u05d7\u05d9\u05e7 \u05d7\u05e6\u05d9 \u05de\u05d5\u05d6\u05e8 \u05de\u05d4\u05d9\u05de\u05de\u05d4 \u05d4\u05d0\u05d7\u05e8\u05d5\u05e0\u05d4\n\n\u05d1\u05e4\u05d9\u05d3 \u05d4\u05d7\u05d5\u05dc\u05e9\u05d5\u05ea \u05e7\u05e4\u05e6\u05d4 \u05d7\u05d5\u05dc\u05e9\u05d4 \u05de\u05e1\u05e4\u05e8 CVE-2023-39848 \u05e9\u05d8\u05d5\u05e2\u05e0\u05ea \u05e9\u05d9\u05e9 \u05d7\u05d5\u05dc\u05e9\u05ea SQL Injection \u05d1\u05e4\u05e8\u05d5\u05d9\u05e7\u05d8 DVWA.\n\n\u05de\u05d3\u05d5\u05d1\u05e8 \u05d1\u05e4\u05e8\u05d5\u05d9\u05e7\u05d8 \u05e9\u05db\u05dc \u05d4\u05de\u05d4\u05d5\u05ea \u05e9\u05dc\u05d5 \u05d4\u05d9\u05d0 \u05dc\u05d4\u05d9\u05d5\u05ea \u05d0\u05e4\u05dc\u05d9\u05e7\u05e6\u05d9\u05d9\u05ea \u05d5\u05d5\u05d1 \u05de\u05dc\u05d0\u05d4 \u05d1\u05e4\u05d2\u05d9\u05e2\u05d5\u05d9\u05d5\u05ea \u05dc\u05e6\u05e8\u05db\u05d9 \u05dc\u05de\u05d9\u05d3\u05d4, \u05ea\u05e8\u05d2\u05d5\u05dc \u05d5\u05e2\u05d5\u05d3 \u05db\u05e9\u05d4\u05e9\u05dd \u05d4\u05de\u05dc\u05d0 \u05d4\u05d5\u05d0:\nDamn Vulnerable Web Application \ud83d\ude04\n\n\u05d0\u05e0\u05d9 \u05dc\u05d0 \u05d9\u05d5\u05d3\u05e2 \u05de\u05d9 \u05d0\u05d9\u05e9\u05e8 \u05d0\u05ea \u05d4\u05d7\u05d5\u05dc\u05e9\u05d4 \u05d4\u05d6\u05d5 \u05d5\u05e2\u05d5\u05d3 \u05d4\u05e7\u05e6\u05d4 \u05dc\u05d4 CVE \u05e8\u05e9\u05de\u05d9 \u05d1\u05d0\u05ea\u05e8 NVD \u05d0\u05d1\u05dc \u05d6\u05d4 \u05d1\u05d4\u05d7\u05dc\u05d8 \u05de\u05d5\u05d6\u05e8 \ud83e\uddd0\n\n\u05d0\u05d2\u05d1, \u05e4\u05d9\u05d3 \u05d4\u05d7\u05d5\u05dc\u05e9\u05d5\u05ea \u05e4\u05ea\u05d5\u05d7 \u05db\u05d7\u05dc\u05e7 \u05de\u05d4\u05d4\u05d8\u05d1\u05d5\u05ea \u05dc\u05de\u05d9 \u05e9\u05ea\u05d5\u05de\u05da \u05d1\u05e2\u05e8\u05d5\u05e5.\n\nhttps://t.me/CyberSecurityIL/3568\n\n#\u05d7\u05d5\u05dc\u05e9\u05d5\u05ea\n\n\u05e2\u05d3\u05db\u05d5\u05df - NVD \u05d3\u05d7\u05d5 \u05d0\u05ea \u05d4-CVE \u05e2\u05dd \u05d4\u05d5\u05d3\u05e2\u05d4 \u05e8\u05e9\u05de\u05d9\u05ea \u05d1\u05d0\u05ea\u05e8.", "creation_timestamp": "2023-08-17T23:35:36.000000Z"}, {"uuid": "c12b299f-e311-4083-b022-741a7e14cf7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39849", "type": "seen", "source": "https://t.me/cibsecurity/68611", "content": "\u203c CVE-2023-39849 \u203c\n\nPikachu v1.0 was discovered to contain a SQL injection vulnerability via the $username parameter at \\inc\\function.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-16T02:30:50.000000Z"}, {"uuid": "d99b0274-2af9-406d-80ca-78004e1bae2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39842", "type": "seen", "source": "https://t.me/cibsecurity/68607", "content": "\u203c CVE-2023-39842 \u203c\n\nMissing encryption in the RFID tag of Digoo DG-HAMB Smart Home Security System v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-16T00:30:49.000000Z"}, {"uuid": "6ff72d3f-84ba-441b-bbb2-3bcafe6c3e1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39841", "type": "seen", "source": "https://t.me/cibsecurity/68606", "content": "\u203c CVE-2023-39841 \u203c\n\nMissing encryption in the RFID tag of Etekcity 3-in-1 Smart Door Lock v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-16T00:30:48.000000Z"}, {"uuid": "504f5bf0-9ccc-416b-9988-277a16c45939", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39843", "type": "seen", "source": "https://t.me/cibsecurity/68604", "content": "\u203c CVE-2023-39843 \u203c\n\nMissing encryption in the RFID tag of Suleve 5-in-1 Smart Door Lock v1.0 allows attackers to create a cloned tag via brief physical proximity to the original device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-16T00:30:46.000000Z"}, {"uuid": "4b77c390-326b-4408-becc-476c3ad55c3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39848", "type": "seen", "source": "https://t.me/cibsecurity/68603", "content": "\u203c CVE-2023-39848 \u203c\n\nDVWA v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at blind\\source\\high.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-16T00:30:45.000000Z"}]}