{"vulnerability": "CVE-2023-4838", "sightings": [{"uuid": "86d8b494-c8f1-403b-acc6-4ee48a0b7066", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48380", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17122", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-48380\n\ud83d\udd25 CVSS Score: 7.4 (cvssV3_1, Vector: CVSS:3.1/AV:A/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Softnext Mail SQR Expert is an email management platform, it has insufficient filtering for a special character within a spcific function. A remote attacker authenticated as a localhost can exploit this vulnerability to perform command injection attacks, to execute arbitrary system command, manipulate system or disrupt service.\n\ud83d\udccf Published: 2023-12-15T08:12:44.486Z\n\ud83d\udccf Modified: 2025-05-21T14:26:40.553Z\n\ud83d\udd17 References:\n1. https://www.twcert.org.tw/tw/cp-132-7598-37b03-1.html", "creation_timestamp": "2025-05-21T14:45:31.000000Z"}, {"uuid": "a608af5e-2677-41ce-bc8c-711515c02188", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48382", "type": "seen", "source": "https://t.me/kasraone_com/645", "content": "\ud83d\udd34 CVE\n\nCVE-2023-48382\n\nSoftnext Mail SQR Expert \n\n\u06cc\u06a9 \u067e\u0644\u062a\u0641\u0631\u0645 \u0645\u062f\u06cc\u0631\u06cc\u062a \u0627\u06cc\u0645\u06cc\u0644 \u0627\u0633\u062a \u06a9\u0647 \u062f\u0627\u0631\u0627\u06cc \u06cc\u06a9 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc Local File Inclusion (LFI) \u062f\u0631 URL \u0645\u0631\u0628\u0648\u0637 \u0628\u0647 \u062a\u062d\u0648\u06cc\u0644 \u0627\u06cc\u0645\u06cc\u0644 \u0627\u0633\u062a. \u06cc\u06a9 \u0645\u0647\u0627\u062c\u0645\u00a0 \u0627\u0632\u0631\u0627\u0647 \u062f\u0648\u0631 \u062a\u0623\u06cc\u06cc\u062f \u0646\u0634\u062f\u0647 \u0645\u06cc\u200c\u062a\u0648\u0627\u0646\u062f \u0627\u0632 \u0627\u06cc\u0646 \u0622\u0633\u06cc\u0628\u200c\u067e\u0630\u06cc\u0631\u06cc \u0628\u0631\u0627\u06cc \u0627\u062c\u0631\u0627\u06cc \u0641\u0627\u06cc\u0644 PHP \u062f\u0644\u062e\u0648\u0627\u0647 \u0628\u0627 \u067e\u0633\u0648\u0646\u062f \u0641\u0627\u06cc\u0644 .asp \u062f\u0631 \u0645\u0633\u06cc\u0631\u0647\u0627\u06cc \u062e\u0627\u0635 \u0633\u06cc\u0633\u062a\u0645\u060c \u0628\u0631\u0627\u06cc \u062f\u0633\u062a\u0631\u0633\u06cc \u0648 \u0627\u0635\u0644\u0627\u062d \u0627\u0637\u0644\u0627\u0639\u0627\u062a \u062c\u0632\u0626\u06cc \u0633\u06cc\u0633\u062a\u0645 \u0633\u0648\u0621 \u0627\u0633\u062a\u0641\u0627\u062f\u0647 \u06a9\u0646\u062f\u060c \u0627\u0645\u0627 \u062f\u0631 \u062f\u0633\u062a\u0631\u0633 \u0628\u0648\u062f\u0646 \u0633\u0631\u0648\u06cc\u0633 \u062a\u0623\u062b\u06cc\u0631\u06cc \u0646\u062f\u0627\u0631\u062f.\n\nLINK\n\n\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 \u2661 \u2800\u2800 \u3007\u2800\u00a0 \u2800 \u2399\u2800\u200c \u200c \u2332\u2063 \n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 \u02e1\u2071\u1d4f\u1d49\u00a0 \u1d9c\u1d52\u1d50\u1d50\u1d49\u207f\u1d57\u00a0 \u02e2\u1d43\u1d5b\u1d49\u00a0 \u02e2\u02b0\u1d43\u02b3\u1d49\n\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 K1\n\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0 kasraone", "creation_timestamp": "2024-01-26T16:20:24.000000Z"}, {"uuid": "7d9ed2ee-6226-470a-b43a-ab31f1e22309", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48383", "type": "seen", "source": "https://t.me/ctinow/168137", "content": "https://ift.tt/akln5yu\nCVE-2023-48383", "creation_timestamp": "2024-01-15T04:26:29.000000Z"}, {"uuid": "200356e4-8f7c-4c26-93ff-775d92ca1616", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-48380", "type": "seen", "source": "https://t.me/ctinow/166487", "content": "https://ift.tt/qd6jxUo\nCVE-2023-48380 | Softnext Mail SQR Expert up to 230330 os command injection", "creation_timestamp": "2024-01-11T12:56:45.000000Z"}]}