{"vulnerability": "CVE-2023-4437", "sightings": [{"uuid": "da43a3ea-a2e4-4e33-b95c-bbacd8ed597f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44373", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-111-07", "content": "", "creation_timestamp": "2026-04-21T10:00:00.000000Z"}, {"uuid": "50866399-4de2-4b13-9b81-a8c69b854498", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44373", "type": "seen", "source": "https://bsky.app/profile/o2cloud.bsky.social/post/3mjhhd6zgtz2a", "content": "", "creation_timestamp": "2026-04-14T13:10:24.198562Z"}, {"uuid": "269ecbe7-f1b8-41f4-9c76-0c190e980afe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2023-44373", "type": "seen", "source": "https://www.acn.gov.it/portale/w/aggiornamenti-per-prodotti-siemens-20", "content": "", "creation_timestamp": "2026-04-14T03:04:52.000000Z"}, {"uuid": "d22309d2-9a44-4fce-89a6-9325ae29c3cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44379", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12912", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-44379\n\ud83d\udd25 CVSS Score: 6.1 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: baserCMS is a website development framework. Prior to version 5.0.9, there is a cross-site scripting vulnerability in the site search feature. Version 5.0.9 contains a fix for this vulnerability.\n\ud83d\udccf Published: 2024-02-22T14:47:14.333Z\n\ud83d\udccf Modified: 2025-04-22T16:19:39.790Z\n\ud83d\udd17 References:\n1. https://github.com/baserproject/basercms/security/advisories/GHSA-66c2-p8rh-qx87\n2. https://github.com/baserproject/basercms/commit/18549396e5a9b8294306a54a876af164b0b57da4\n3. https://basercms.net/security/JVN_73283159", "creation_timestamp": "2025-04-22T17:03:36.000000Z"}, {"uuid": "1db20a4c-2554-440b-a3b7-876aabfd36de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44379", "type": "seen", "source": "https://t.me/ctinow/190878", "content": "https://ift.tt/jelf1Ay\nCVE-2023-44379", "creation_timestamp": "2024-02-22T16:26:09.000000Z"}, {"uuid": "62ac497a-f503-46ee-8e31-67a6a0fdce6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44377", "type": "seen", "source": "https://t.me/cibsecurity/73051", "content": "\u203c CVE-2023-44377 \u203c\n\nOnline Art Gallery v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'add3' parameter of the header.php resource does not validate the characters received and they are sent unfiltered to the database.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-27T16:17:05.000000Z"}, {"uuid": "9cc033c7-f87e-41a7-867c-3707a0a2519f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44376", "type": "seen", "source": "https://t.me/cibsecurity/73049", "content": "\u203c CVE-2023-44376 \u203c\n\nOnline Art Gallery v1.0 is vulnerable to multiple Unauthenticated SQL Injection vulnerabilities. The 'add2' parameter of the header.php resource does not validate the characters received and they are sent unfiltered to the database.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-27T16:17:03.000000Z"}, {"uuid": "843a53be-6f3c-44e1-bc54-d3f05aec660a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44378", "type": "seen", "source": "https://t.me/cibsecurity/71842", "content": "\u203c CVE-2023-44378 \u203c\n\ngnark is a zk-SNARK library that offers a high-level API to design circuits. Prior to version 0.9.0, for some in-circuit values, it is possible to construct two valid decomposition to bits. In addition to the canonical decomposition of `a`, for small values there exists a second decomposition for `a+r` (where `r` is the modulus the values are being reduced by). The second decomposition was possible due to overflowing the field where the values are defined. Upgrading to version 0.9.0 should fix the issue without needing to change the calls to value comparison methods.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-09T18:15:56.000000Z"}, {"uuid": "c3dbcdc1-3897-4282-aa31-d7bf7f8e7278", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44379", "type": "seen", "source": "https://t.me/ctinow/206701", "content": "https://ift.tt/5ANnBpv\nCVE-2023-44379 | baserCMS up to 5.0.8 Site Search cross site scripting", "creation_timestamp": "2024-03-13T14:11:54.000000Z"}, {"uuid": "89f771e7-f04e-449c-853b-7a31d4a7b673", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4437", "type": "seen", "source": "https://t.me/cibsecurity/68867", "content": "\u203c CVE-2023-4437 \u203c\n\nA vulnerability, which was classified as critical, was found in SourceCodester Inventory Management System 1.0. Affected is an unknown function of the file app/ajax/search_sell_paymen_report.php. The manipulation of the argument customer leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-237558 is the identifier assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-21T02:53:33.000000Z"}, {"uuid": "20b676aa-9c35-4014-8eb0-c652e5cb7f64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-44379", "type": "seen", "source": "https://t.me/ctinow/190893", "content": "https://ift.tt/jelf1Ay\nCVE-2023-44379", "creation_timestamp": "2024-02-22T16:32:01.000000Z"}]}