{"vulnerability": "CVE-2023-4650", "sightings": [{"uuid": "81b678f0-e0b6-42ae-accb-a8f911504685", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46501", "type": "published-proof-of-concept", "source": "Telegram/tf1Z8oVn0IvrXcTEceuD9f4gYCdk2tLMSyNSVRp43tOUcg", "content": "", "creation_timestamp": "2023-11-02T04:45:24.000000Z"}, {"uuid": "d6d72102-c0e3-4ef4-aa56-3bd8cec8a6e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46502", "type": "seen", "source": "https://t.me/cibsecurity/73189", "content": "\u203c CVE-2023-46502 \u203c\n\nAn issue in OpenCRX v.5.2.2 allows a remote attacker to execute arbitrary code via a crafted request.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-31T01:20:21.000000Z"}, {"uuid": "8e801570-a93a-4067-a9d6-ce275c0286e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46509", "type": "seen", "source": "https://t.me/cibsecurity/73087", "content": "\u203c CVE-2023-46509 \u203c\n\nAn issue in Contec SolarView Compact v.6.0 and before allows an attacker to execute arbitrary code via the texteditor.php component.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-28T00:17:27.000000Z"}, {"uuid": "df487a35-00d9-40f5-8f91-c6395701448f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4650", "type": "seen", "source": "https://t.me/cibsecurity/69500", "content": "\u203c CVE-2023-4650 \u203c\n\nImproper Access Control in GitHub repository instantsoft/icms2 prior to 2.16.1-git.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-31T07:12:39.000000Z"}, {"uuid": "6795c53c-721d-4336-86ce-b4f9fe9a96b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46501", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3219", "content": "Hackers Factory \n\ncheck_cve_2023_22518.py\n\nhttps://github.com/RootUp/PersonalStuff/blob/master/check_cve_2023_22518.py\n\nVitogate300_RCE.md\n\nhttps://github.com/Push3AX/vul/blob/main/viessmann/Vitogate300_RCE.md\n\nunwyze - a Wyze Cam v3 RCE Exploit\n\nhttps://github.com/blasty/unwyze\n\nPoC CVE-2023-5044\n\nhttps://github.com/r0binak/CVE-2023-5044\n\nExploit for CVE-2023-36802 targeting MSKSSRV.SYS driver\n\nhttps://github.com/Nero22k/cve-2023-36802\n\nexploit for cve-2023-46747\n\nhttps://github.com/W01fh4cker/CVE-2023-46747-RCE\n\nRCE Exploit For Maltrail-v0.53\n\nhttps://github.com/spookier/Maltrail-v0.53-Exploit\n\nAdded CVE-2023-46747 (5 BIG-IP - Unauthenticated RCE via AJP Smuggling\n\nhttps://github.com/projectdiscovery/nuclei-templates/pull/8496\n\ncisco-webui-detection.yaml\n\nhttps://github.com/xscorp/Notes/blob/master/PublicTemplates/cisco-webui-detection.yaml\n\nF5 BIG-IP unauthenticated remote code execution (RCE) and authentication bypass vulnerability!\n\nhttps://github.com/AliBrTab/CVE-2023-46747-POC\n\nCVE-2023-22515: Confluence Broken Access Control Exploit\n\nhttps://github.com/Chocapikk/CVE-2023-22515\n\nImage horizontal reel scroll slideshow <= 13.2 - Authenticated (Subscriber+) SQL Injection via Shortcode\n\nhttps://github.com/RandomRobbieBF/CVE-2023-5412\n\nCVE-2023-35078 Remote Unauthenticated API Access Vulnerability Exploit POC\n\nhttps://github.com/vchan-in/CVE-2023-35078-Exploit-POC\n\nBoltWire v6.03 vulnerable to \"Improper Access Control\"\n\nhttps://github.com/Cyber-Wo0dy/CVE-2023-46501\n\nhttps://www.kitploit.com/2023/10/looneypwner-exploit-tool-for-cve-2023.html?m=1\n\n#HackersFactory \ud83d\ude0f#GHOSTS\ud83d\ude0f", "creation_timestamp": "2023-11-09T05:43:54.000000Z"}, {"uuid": "b55eec6c-f40a-4622-8b12-84541ae2034a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46501", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9309", "content": "#exploit\n1. CVE-2023-5412:\nWordPress Image horizontal reel scroll slideshow <=13.2 - Authenticated SQL Injection via Shortcode\nhttps://github.com/RandomRobbieBF/CVE-2023-5412\n\n2. CVE-2023-35078:\nRemote Unauth API Access in MobileIron Core\nhttps://github.com/vchan-in/CVE-2023-35078-Exploit-POC\n\n3. CVE-2023-46501:\nBoltWire v6.03 - Improper Access Control\nhttps://github.com/Cyber-Wo0dy/CVE-2023-46501", "creation_timestamp": "2023-11-02T10:59:01.000000Z"}, {"uuid": "2e407c7a-5992-4abe-8aab-92b9237da3cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46501", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1611", "content": "#exploit\n1. CVE-2023-5412:\nWordPress Image horizontal reel scroll slideshow <=13.2 - Authenticated SQL Injection via Shortcode\nhttps://github.com/RandomRobbieBF/CVE-2023-5412\n\n2. CVE-2023-35078:\nRemote Unauth API Access in MobileIron Core\nhttps://github.com/vchan-in/CVE-2023-35078-Exploit-POC\n\n3. CVE-2023-46501:\nBoltWire v6.03 - Improper Access Control\nhttps://github.com/Cyber-Wo0dy/CVE-2023-46501", "creation_timestamp": "2024-08-16T08:43:27.000000Z"}]}