{"vulnerability": "CVE-2023-4314", "sightings": [{"uuid": "8d25bdcd-17e8-475f-a211-ab83858998ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43149", "type": "seen", "source": "https://t.me/cibsecurity/72198", "content": "\u203c CVE-2023-43149 \u203c\n\nSPA-Cart 1.9.0.3 is vulnerable to Cross Site Request Forgery (CSRF) that allows a remote attacker to add an admin user with role status.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-12T22:33:22.000000Z"}, {"uuid": "ed28dcb7-9436-4729-80e8-7883e1270bf3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43149", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/5387", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-43149\nURL\uff1ahttps://github.com/MinoTauro2020/CVE-2023-43149\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-10-12T16:20:03.000000Z"}, {"uuid": "85d095aa-1780-449f-b6fc-5e350a87016c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43148", "type": "seen", "source": "https://t.me/cibsecurity/72195", "content": "\u203c CVE-2023-43148 \u203c\n\nSPA-Cart 1.9.0.3 has a Cross Site Request Forgery (CSRF) vulnerability that allows a remote attacker to delete all accounts.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-12T22:33:19.000000Z"}, {"uuid": "9b09cf86-8349-4f35-af3b-b948525126c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43147", "type": "seen", "source": "https://t.me/cibsecurity/72189", "content": "\u203c CVE-2023-43147 \u203c\n\nPHPJabbers Limo Booking Software 1.0 is vulnerable to Cross Site Request Forgery (CSRF) via the Add Users Function, aka an index.php?controller=pjAdminUsers&action=pjActionCreate URI.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-12T20:23:28.000000Z"}, {"uuid": "295904bd-a954-438e-9338-7c462a4ff20b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-43144", "type": "seen", "source": "https://t.me/cibsecurity/70947", "content": "\u203c CVE-2023-43144 \u203c\n\nProjectworldsl Assets-management-system-in-php 1.0 is vulnerable to SQL Injection via the \"id\" parameter in delete.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-22T18:31:50.000000Z"}]}