{"vulnerability": "CVE-2023-5207", "sightings": [{"uuid": "aec50c22-fed9-438e-beb7-21e7606698c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52076", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m7lgxebfdo2f", "content": "", "creation_timestamp": "2025-12-09T21:02:31.585785Z"}, {"uuid": "123c5922-65f2-461a-8af3-d3798bd82cc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52076", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6442", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1a CVE-2023-44451, CVE-2023-52076: RCE Vulnerability affected popular Linux Distros including Mint, Kali, Parrot, Manjaro etc. EPUB File Parsing Directory Traversal Remote Code Execution\nURL\uff1ahttps://github.com/febinrev/slippy-book-exploit\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-05-25T05:54:06.000000Z"}, {"uuid": "b5b00f9d-e4c5-4dc6-951c-60ac33f44f64", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52071", "type": "seen", "source": "https://t.me/ctinow/190187", "content": "https://ift.tt/4lHhfTS\nCVE-2023-52071 | cURL up to 8.3.x on Windows src/tool_cb_wrt.c tool_cb_wrt array index", "creation_timestamp": "2024-02-21T23:21:44.000000Z"}, {"uuid": "b6ce4f24-a91d-4fb3-b79b-7cc11ef454fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-5207", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17252", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-5207\n\ud83d\udd25 CVSS Score: 8.2 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:N)\n\ud83d\udd39 Description: A vulnerability was discovered in GitLab CE and EE affecting all versions starting 16.0 prior to 16.2.8, 16.3 prior to 16.3.5, and 16.4 prior to 16.4.1. An authenticated attacker could perform arbitrary pipeline execution under the context of another user.\n\ud83d\udccf Published: 2023-09-30T08:30:30.788Z\n\ud83d\udccf Modified: 2025-05-22T04:09:16.333Z\n\ud83d\udd17 References:\n1. https://gitlab.com/gitlab-org/gitlab/-/issues/425604\n2. https://gitlab.com/gitlab-org/gitlab/-/issues/425857\n3. https://hackerone.com/reports/2174141", "creation_timestamp": "2025-05-22T04:44:29.000000Z"}, {"uuid": "9b3ad9cd-ce8b-429f-b278-5db81030d220", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52074", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18310", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-52074\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: FlyCms v1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) via the component system/site/webconfig_updagte.\n\ud83d\udccf Published: 2024-01-08T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-13T16:06:38.028Z\n\ud83d\udd17 References:\n1. https://github.com/zouyang0714/cms/blob/main/1.md", "creation_timestamp": "2025-06-13T16:37:15.000000Z"}, {"uuid": "d9af088b-9334-468e-aa96-7b3e7bea0565", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52076", "type": "seen", "source": "https://t.me/ctinow/173595", "content": "https://ift.tt/dSu5Ikx\nCVE-2023-52076", "creation_timestamp": "2024-01-25T17:26:34.000000Z"}, {"uuid": "baee4a6e-98e1-4abe-9cf7-b30c16395a86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52071", "type": "seen", "source": "https://t.me/ctinow/175732", "content": "https://ift.tt/y31eZC2\nCVE-2023-52071", "creation_timestamp": "2024-01-30T08:31:58.000000Z"}, {"uuid": "b95952cb-e367-4be7-bd4b-3a4bff216559", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52076", "type": "seen", "source": "https://t.me/ctinow/187279", "content": "https://ift.tt/PHiojx2\nCVE-2023-52076 | mate-desktop atril up to 1.26.1 on Linux Document path traversal (GHSA-6mf6-mxpc-jc37)", "creation_timestamp": "2024-02-18T15:41:19.000000Z"}, {"uuid": "4dab5288-7d86-429c-8715-9285fe3d2787", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52076", "type": "seen", "source": "https://t.me/ctinow/178276", "content": "https://ift.tt/5XSiF7q\nCVE-2023-52076 Exploit", "creation_timestamp": "2024-02-02T21:16:48.000000Z"}, {"uuid": "b8d46cb5-615d-45b1-b91a-207f5cf08795", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52079", "type": "seen", "source": "https://t.me/ctinow/170626", "content": "https://ift.tt/rezPkmK\nCVE-2023-52079 | kriszyp msgpackr up to 1.10.0 MessagePack Message recursion (GHSA-7hpj-7hhx-2fgx)", "creation_timestamp": "2024-01-20T14:16:22.000000Z"}, {"uuid": "b08b3aee-1d3f-46f6-9891-987f6a55d588", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52073", "type": "seen", "source": "https://t.me/ctinow/174032", "content": "https://ift.tt/0AthUHB\nCVE-2023-52073 | sunkaifei FlyCMS 1.0 config_footer_updagte cross-site request forgery", "creation_timestamp": "2024-01-26T08:11:10.000000Z"}, {"uuid": "a4b13e71-c155-444d-ba93-84c1f03e9033", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52072", "type": "seen", "source": "https://t.me/ctinow/174031", "content": "https://ift.tt/30zK1Dc\nCVE-2023-52072 | sunkaifei FlyCMS 1.0 userconfig_updagte cross-site request forgery", "creation_timestamp": "2024-01-26T08:11:09.000000Z"}, {"uuid": "568922c1-1f8b-407f-855e-7a57d31d32fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52077", "type": "seen", "source": "https://t.me/ctinow/170258", "content": "https://ift.tt/1K8glqO\nCVE-2023-52077 | nexryai nexkey prior 12.23Q4.5 API Token authorization (GHSA-pjj7-7hcj-9cpc)", "creation_timestamp": "2024-01-19T16:11:59.000000Z"}, {"uuid": "f4ed8468-8d80-4a28-a548-cf187558e053", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52075", "type": "seen", "source": "https://t.me/ctinow/159787", "content": "https://ift.tt/RkwsWGa\nCVE-2023-52075", "creation_timestamp": "2023-12-27T21:26:34.000000Z"}, {"uuid": "cf810d3d-8e65-4611-b112-e4e8ba56fa34", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52072", "type": "seen", "source": "https://t.me/ctinow/164715", "content": "https://ift.tt/NCwRUiM\nCVE-2023-52072", "creation_timestamp": "2024-01-08T23:27:39.000000Z"}, {"uuid": "03c466c0-2f0f-4e4d-a25c-2a66b99792ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52074", "type": "seen", "source": "https://t.me/ctinow/164717", "content": "https://ift.tt/wzT2S1g\nCVE-2023-52074", "creation_timestamp": "2024-01-08T23:27:41.000000Z"}, {"uuid": "72a439ac-8ad3-4292-aa8f-6353a3221be2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52073", "type": "seen", "source": "https://t.me/ctinow/164716", "content": "https://ift.tt/IASbLx1\nCVE-2023-52073", "creation_timestamp": "2024-01-08T23:27:40.000000Z"}, {"uuid": "e21d457a-65b2-4505-81a5-9c5278217420", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52074", "type": "seen", "source": "https://t.me/ctinow/174033", "content": "https://ift.tt/XDx1Qoc\nCVE-2023-52074 | sunkaifei FlyCMS 1.0 webconfig_updagte cross-site request forgery", "creation_timestamp": "2024-01-26T08:11:11.000000Z"}, {"uuid": "c400fe0d-f1dd-4fe9-bb23-9fceb03a3baa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52077", "type": "seen", "source": "https://t.me/ctinow/159762", "content": "https://ift.tt/BA5EdhF\nCVE-2023-52077", "creation_timestamp": "2023-12-27T20:26:23.000000Z"}, {"uuid": "07621a27-44bf-4bf4-820f-8a6930412d09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52076", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/1911", "content": "https://github.com/febinrev/slippy-book-exploit\n\nCVE-2023-44451, CVE-2023-52076: RCE Vulnerability affected popular Linux Distros including Mint, Kali, Parrot, Manjaro etc. EPUB File Parsing Directory Traversal Remote Code Execution\n\n#github #exploit", "creation_timestamp": "2024-01-27T08:06:46.000000Z"}, {"uuid": "ca4173d1-d521-4265-90dc-31d7c6de5883", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52079", "type": "seen", "source": "https://t.me/ctinow/160119", "content": "https://ift.tt/kgjq18p\nCVE-2023-52079", "creation_timestamp": "2023-12-28T17:26:23.000000Z"}, {"uuid": "e0feec05-b07a-449e-b0ea-6d07905dcea8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52076", "type": "published-proof-of-concept", "source": "https://t.me/S_E_Reborn/4445", "content": "Slippy-book: CVE-2023-44451 & CVE-2023-52076\n\nDirectory Traversal -> RCE \u043f\u0440\u0438 \u043e\u0442\u043a\u0440\u044b\u0442\u0438\u0438 \u044d\u043b\u0435\u043a\u0442\u0440\u043e\u043d\u043d\u044b\u0445 \u043a\u043d\u0438\u0433 EPUB. \u0417\u0430\u0442\u0440\u0430\u0433\u0438\u0432\u0430\u0435\u0442 \u0432\u0441\u0435 \u0434\u0438\u0441\u0442\u0440\u0438\u0431\u0443\u0442\u0438\u0432\u044b, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0435 DE Mate, \u0432\u043a\u043b\u044e\u0447\u0430\u044f Mint, Kali, Parrot, Manjaro, Xubuntu.\n\n\ud83d\udd39 \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u043d\u0430\u0439\u0434\u0435\u043d\u044b \u0432 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c\u0430\u0445 Atril Document Viewer and Xreader Document Viewer, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0442\u0441\u044f \u043f\u043e \u0443\u043c\u043e\u043b\u0447\u0430\u043d\u0438\u044e \u0434\u043b\u044f \u0447\u0442\u0435\u043d\u0438\u044f \u0444\u043e\u0440\u043c\u0430\u0442\u0430 EPUB.\n\n\ud83d\udd39 \u042d\u043a\u0441\u043f\u043b\u043e\u0438\u0442 \u0441\u043e\u0437\u0434\u0430\u0435\u0442 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u0444\u0430\u0439\u043b \u0432 \u0441\u0438\u0441\u0442\u0435\u043c\u0435. \u041d\u0430 \u0432\u0438\u0434\u0435\u043e \u043f\u0440\u0438\u043c\u0435\u0440 \u0437\u0430\u043f\u0438\u0441\u0438 .desktop \u0432 $HOME/.config/autostart, \u043a\u043e\u0442\u043e\u0440\u044b\u0439 \u0437\u0430\u043f\u0443\u0441\u0442\u0438\u0442 \u043a\u0430\u043b\u044c\u043a\u0443\u043b\u044f\u0442\u043e\u0440 \u043f\u043e\u0441\u043b\u0435 \u043f\u0435\u0440\u0435\u0437\u0430\u0433\u0440\u0443\u0437\u043a\u0438.\n\n\ud83d\udd39Atril \u0438 Xreader \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u0438\u0432\u0430\u044e\u0442 \u0444\u043e\u0440\u043c\u0430\u0442\u044b PDF \u0438 EPUB. \u0415\u0441\u043b\u0438 \u0438\u0437\u043c\u0435\u043d\u0438\u0442\u044c \u0440\u0430\u0441\u0448\u0438\u0440\u0435\u043d\u0438\u0435 .epub \u043d\u0430 .pdf \u0438 \u043e\u0442\u043f\u0440\u0430\u0432\u0438\u0442\u044c \u0435\u0433\u043e \u0446\u0435\u043b\u0438, \u043a\u043e\u0434 \u0432\u0441\u0435 \u0440\u0430\u0432\u043d\u043e \u0441\u0440\u0430\u0431\u043e\u0442\u0430\u0435\u0442.\n\n\ud83d\udd39 \u041c\u043e\u0436\u043d\u043e \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043b\u044f \u043f\u0440\u043e\u043a\u0438\u0434\u044b\u0432\u0430\u043d\u0438\u044f \u0440\u0435\u0432\u0435\u0440\u0441-\u0448\u0435\u043b\u043b\u0430 \u0438\u043b\u0438 \u0437\u0430\u043f\u0438\u0441\u0438 \u0441\u0432\u043e\u0438\u0445 \u043f\u0443\u0431\u043b\u0438\u0447\u043d\u044b\u0445 \u043a\u043b\u044e\u0447\u0435\u0439 \u0432 authorized_keys, \u0438 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u043a \u043c\u0430\u0448\u0438\u043d\u0435 \u0447\u0435\u0440\u0435\u0437 SSH.", "creation_timestamp": "2024-01-26T13:59:57.000000Z"}, {"uuid": "8ddf2b08-5db5-422a-9f4b-4736c8d6a498", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52076", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9858", "content": "#exploit\n1. Win32k.sys LPE PoC\nhttps://github.com/Rootkitsmm-zz/MS15-061\n\n2. CVE-2023-44451, CVE-2023-52076:\nSlippy-book: EPUB File Parsing Directory Traversal RCE\nhttps://github.com/febinrev/slippy-book-exploit\n\n3. CVE-2024-0844:\nPath traversal in the popup-more WordPress plugin\nhttps://github.com/0x9567b/CVE-2024-0844", "creation_timestamp": "2024-01-27T19:05:02.000000Z"}, {"uuid": "71dd0f15-0557-4e44-986c-f989e73c433c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-52076", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/2584", "content": "#exploit\n1. Win32k.sys LPE PoC\nhttps://github.com/Rootkitsmm-zz/MS15-061\n\n2. CVE-2023-44451, CVE-2023-52076:\nSlippy-book: EPUB File Parsing Directory Traversal RCE\nhttps://github.com/febinrev/slippy-book-exploit", "creation_timestamp": "2024-08-16T09:02:41.000000Z"}]}