{"vulnerability": "CVE-2023-4161", "sightings": [{"uuid": "53352b5f-e6ba-4d8a-99cf-b1b82836dd24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-41619", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18622", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-41619\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Emlog Pro v2.1.14 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /admin/article.php?action=write.\n\ud83d\udccf Published: 2024-01-16T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-17T16:05:51.048Z\n\ud83d\udd17 References:\n1. https://github.com/emlog/emlog\n2. https://github.com/GhostBalladw/wuhaozhe-s-CVE/blob/main/CVE-2023-41619", "creation_timestamp": "2025-06-17T16:41:19.000000Z"}, {"uuid": "953aab4f-72db-4ecf-b0dc-f96535763cf1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-41618", "type": "seen", "source": "https://t.me/ctinow/156541", "content": "https://ift.tt/8nXN2Q4\nCVE-2023-41618 Exploit", "creation_timestamp": "2023-12-19T19:18:25.000000Z"}, {"uuid": "ec80242d-bc2c-4995-8a86-707397449ff8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-41612", "type": "seen", "source": "https://t.me/cvedetector/6015", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-41612 - Victure PC420 Weak Encryption Key Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2023-41612 \nPublished : Sept. 18, 2024, 6:15 p.m. | 31\u00a0minutes ago \nDescription : Victure PC420 1.1.39 was discovered to use a weak encryption key for the file enabled_telnet.dat on the Micro SD card. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-18T20:56:10.000000Z"}, {"uuid": "60053ed2-e8f7-43c1-83e9-4c2af34a009d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-41611", "type": "seen", "source": "https://t.me/cvedetector/6014", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-41611 - Victure PC420 Cryptographic Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2023-41611 \nPublished : Sept. 18, 2024, 6:15 p.m. | 31\u00a0minutes ago \nDescription : Victure PC420 1.1.39 was discovered to use a weak and partially hardcoded key to encrypt data. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-18T20:56:09.000000Z"}, {"uuid": "ef115ae9-830a-41d1-a244-9ba2c34c3568", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-41610", "type": "seen", "source": "https://t.me/cvedetector/6013", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2023-41610 - Victure PC420 Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2023-41610 \nPublished : Sept. 18, 2024, 6:15 p.m. | 31\u00a0minutes ago \nDescription : Victure PC420 1.1.39 was discovered to contain a hardcoded root password which is stored in plaintext. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-18T20:56:05.000000Z"}, {"uuid": "5e86ae2a-4121-400d-a31d-82f10a6e59c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-41619", "type": "seen", "source": "https://t.me/arpsyndicate/2956", "content": "#ExploitObserverAlert\n\nCVE-2023-41619\n\nDESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2023-41619. Emlog Pro v2.1.14 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /admin/article.php?action=write.\n\nFIRST-EPSS: 0.000430000", "creation_timestamp": "2024-01-19T20:01:16.000000Z"}, {"uuid": "e55c7d06-4dd2-49ae-8a96-40b31d1e0a45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-41619", "type": "seen", "source": "https://t.me/ctinow/178595", "content": "https://ift.tt/EUkagAb\nCVE-2023-41619 | Emlog Pro 2.1.14 article.php cross site scripting", "creation_timestamp": "2024-02-03T16:26:52.000000Z"}, {"uuid": "0d1f2787-82d6-42df-86af-13d453e9b9f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-41619", "type": "seen", "source": "https://t.me/ctinow/171522", "content": "https://ift.tt/H34CpxN\nCVE-2023-41619 Exploit", "creation_timestamp": "2024-01-22T23:16:44.000000Z"}, {"uuid": "b528dd23-9d77-44e4-8b62-715cfccde112", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-41619", "type": "seen", "source": "https://t.me/ctinow/168588", "content": "https://ift.tt/xkFh3BY\nCVE-2023-41619", "creation_timestamp": "2024-01-16T02:26:36.000000Z"}, {"uuid": "4eb93454-0fec-4e6b-8550-ac86d30433ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-41615", "type": "seen", "source": "https://t.me/ctinow/160157", "content": "https://ift.tt/NE69Veq\nCVE-2023-41615 Exploit", "creation_timestamp": "2023-12-28T19:16:29.000000Z"}, {"uuid": "bded59d3-610f-441b-a23f-7c58e4b1d6c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-41618", "type": "seen", "source": "https://t.me/ctinow/165872", "content": "https://ift.tt/ma3s6xb\nCVE-2023-41618 | Emlog Pro 2.1.14 article.php cross site scripting", "creation_timestamp": "2024-01-10T15:41:36.000000Z"}, {"uuid": "de359e03-bc2f-4c9d-9eef-4447e9955a11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-41615", "type": "seen", "source": "https://t.me/cibsecurity/70134", "content": "\u203c CVE-2023-41615 \u203c\n\nZoo Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities in the Admin sign-in page via the username and password fields.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-08T07:19:29.000000Z"}, {"uuid": "bbd80f13-2949-493a-ab7d-b14006f3d881", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-41613", "type": "seen", "source": "https://t.me/ctinow/158749", "content": "https://ift.tt/xB8QTqv\nCVE-2023-41613 | EzViz Studio 2.2.0 uncontrolled search path (ID 175684)", "creation_timestamp": "2023-12-23T09:41:55.000000Z"}, {"uuid": "0d070a7a-3e36-4235-b8a1-4040c9fffe10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4161", "type": "seen", "source": "https://t.me/cibsecurity/69529", "content": "\u203c CVE-2023-4161 \u203c\n\nThe WooCommerce PDF Invoice Builder for WordPress is vulnerable to Cross-Site Request Forgery due to a missing nonce check on the SaveCustomField function in versions up to, and including, 1.2.90. This makes it possible for unauthenticated attackers to create invoice fields provided they can trick an admin into performing an action such as clicking on a link.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-31T12:13:07.000000Z"}]}