Most recent sightings.

https://vulnerability.circl.lu/sightings/feed Most recent sightings. 2026-06-26T11:15:38.675479+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/363aca1b-ccb9-41d7-95e7-56f0ed45c145/export 363aca1b-ccb9-41d7-95e7-56f0ed45c145 2026-06-26T11:15:38.700046+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "363aca1b-ccb9-41d7-95e7-56f0ed45c145", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48326", "type": "seen", "source": "https://t.me/cibsecurity/58409", "content": "\u203c CVE-2022-48326 \u203c\n\nMultiple Cross Site Scripting (XSS) vulnerabilities in Mapos 4.39.0 allow attackers to execute arbitrary code. Affects the following parameters: (1) nome, (2) aCliente, (3) eCliente, (4) dCliente, (5) vCliente, (6) aProduto, (7) eProduto, (8) dProduto, (9) vProduto, (10) aServico, (11) eServico, (12) dServico, (13) vServico, (14) aOs, (15) eOs, (16) dOs, (17) vOs, (18) aVenda, (19) eVenda, (20) dVenda, (21) vVenda, (22) aGarantia, (23) eGarantia, (24) dGarantia, (25) vGarantia, (26) aArquivo, (27) eArquivo, (28) dArquivo, (29) vArquivo, (30) aPagamento, (31) ePagamento, (32) dPagamento, (33) vPagamento, (34) aLancamento, (35) eLancamento, (36) dLancamento, (37) vLancamento, (38) cUsuario, (39) cEmitente, (40) cPermissao, (41) cBackup, (42) cAuditoria, (43) cEmail, (44) cSistema, (45) rCliente, (46) rProduto, (47) rServico, (48) rOs, (49) rVenda, (50) rFinanceiro, (51) aCobranca, (52) eCobranca, (53) dCobranca, (54) vCobranca, (55) situacao, (56) idPermissao, (57) id in file application/controllers/Permissoes.php; (58) precoCompra, (59) precoVenda, (60) descricao, (61) unidade, (62) estoque, (63) estoqueMinimo, (64) idProdutos, (65) id, (66) estoqueAtual in file application/controllers/Produtos.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-17T00:18:39.000000Z"} 2023-02-17T00:18:39+00:00 https://vulnerability.circl.lu/sighting/0c46c5ed-035c-49a3-b132-34df82d73cab/export 0c46c5ed-035c-49a3-b132-34df82d73cab 2026-06-26T11:15:38.699922+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "0c46c5ed-035c-49a3-b132-34df82d73cab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48324", "type": "seen", "source": "https://t.me/cibsecurity/58415", "content": "\u203c CVE-2022-48324 \u203c\n\nMultiple Cross Site Scripting (XSS) vulnerabilities in Mapos 4.39.0 allow attackers to execute arbitrary code. Affects the following parameters: (1) pesquisa, (2) data, (3) data2, (4) nome, (5) descricao, (6) idDocumentos, (7) id in file application/controllers/Arquivos.php; (8) senha, (9) nomeCliente, (10) contato, (11) documento, (12) telefone, (13) celular, (14) email, (15) rua, (16) numero, (17) complemento, (18) bairro, (19) cidade, (20) estado, (21) cep, (22) idClientes, (23) id in file application/controllers/Clientes.php; (24) id, (25) tipo, (26) forma_pagamento, (27) gateway_de_pagamento, (28) excluir_id, (29) confirma_id, (30) cancela_id in file application/controllers/Cobrancas.php; (31) vencimento_de, (32) vencimento_ate, (33) cliente, (34) tipo, (35) status, (36) valor_desconto, (37) desconto, (38) periodo, (39) per_page, (40) urlAtual, (41) vencimento, (42) recebimento, (43) valor, (44) recebido, (45) formaPgto, (46) desconto_parc, (47) entrada, (48) qtdparcelas_parc, (49) valor_parc, (50) dia_pgto, (51) dia_base_pgto, (52) comissao, (53) descricao_parc, (54) cliente_parc, (55) observacoes_parc, (56) formaPgto_parc, (57) tipo_parc, (58) pagamento, (59) pago, (60) valor_desconto_editar, (61) descricao, (62) fornecedor, (63) observacoes, (64) id in file application/controllers/Financeiro.php; (65) refGarantia, (66) textoGarantia, (67) idGarantias in file application/controllers/Garantias.php; (68) email, (69) senha in file application/controllers/Login.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-17T00:18:48.000000Z"} 2023-02-17T00:18:48+00:00 https://vulnerability.circl.lu/sighting/c7625807-385c-4f78-bc8d-9832b001e1aa/export c7625807-385c-4f78-bc8d-9832b001e1aa 2026-06-26T11:15:38.699811+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "c7625807-385c-4f78-bc8d-9832b001e1aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48327", "type": "seen", "source": "https://t.me/cibsecurity/58418", "content": "\u203c CVE-2022-48327 \u203c\n\nMultiple Cross Site Scripting (XSS) vulnerabilities in Mapos 4.39.0 allow attackers to execute arbitrary code. Affects the following parameters: (1) dataInicial, (2) dataFinal, (3) tipocliente, (4) format, (5) precoInicial, (6) precoFinal, (7) estoqueInicial, (8) estoqueFinal, (9) de_id, (10) ate_id, (11) clientes_id, (12) origem, (13) cliente, (14) responsavel, (15) status, (16) tipo, (17) situacao in file application/controllers/Relatorios.php; (18) preco, (19) nome, (20) descricao, (21) idServicos, (22) id in file application/controllers/Servicos.php; (23) senha, (24) permissoes_id, (25) idUsuarios, (26) situacao, (27) nome, (28) rg, (29) cpf, (30) cep, (31) rua, (32) numero, (33) bairro, (34) cidade, (35) estado, (36) email, (37) telefone, (38) celular in file application/controllers/Usuarios.php; (39) dataVenda, (40) observacoes, (41) observacoes_cliente, (42) clientes_id, (43) usuarios_id, (44) idVendas, (45) id, (46) idVendasProduto, (47) preco, (48) quantidade, (49) idProduto, (50) produto, (51) desconto, (52) tipoDesconto, (53) resultado, (54) vendas_id, (55) vencimento, (56) recebimento, (57) valor, (58) recebido, (59) formaPgto, (60) tipo in file application/controllers/Vendas.php; (61) situacao, (62) periodo, (63) vencimento_de, (64) vencimento_ate, (65) tipo, (66) status, (67) cliente in file application/views/financeiro/lancamentos.php; (68) year in file application/views/mapos/painel.php; (69) pesquisa in file application/views/os/os.php; (70) etiquetaCode in file application/views/relatorios/imprimir/imprimirEtiquetas.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-17T00:18:51.000000Z"} 2023-02-17T00:18:51+00:00 https://vulnerability.circl.lu/sighting/b6ea12b4-71b3-4150-bc51-20ca6052d60e/export b6ea12b4-71b3-4150-bc51-20ca6052d60e 2026-06-26T11:15:38.699708+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "b6ea12b4-71b3-4150-bc51-20ca6052d60e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48329", "type": "seen", "source": "https://t.me/cibsecurity/58513", "content": "\u203c CVE-2022-48329 \u203c\n\nMISP before 2.4.166 unsafely allows users to use the order parameter, related to app/Model/Attribute.php, app/Model/GalaxyCluster.php, app/Model/Workflow.php, and app/Plugin/Assets/models/behaviors/LogableBehavior.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-20T07:28:48.000000Z"} 2023-02-20T07:28:48+00:00 https://vulnerability.circl.lu/sighting/093a39cd-2152-4a3f-bdf8-5b987c3ec32e/export 093a39cd-2152-4a3f-bdf8-5b987c3ec32e 2026-06-26T11:15:38.699604+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "093a39cd-2152-4a3f-bdf8-5b987c3ec32e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48328", "type": "seen", "source": "https://t.me/cibsecurity/58512", "content": "\u203c CVE-2022-48328 \u203c\n\napp/Controller/Component/IndexFilterComponent.php in MISP before 2.4.167 mishandles ordered_url_params and additional_delimiters.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-20T10:45:42.000000Z"} 2023-02-20T10:45:42+00:00 https://vulnerability.circl.lu/sighting/0628231d-9929-4a98-9b46-1103814064bc/export 0628231d-9929-4a98-9b46-1103814064bc 2026-06-26T11:15:38.699493+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "0628231d-9929-4a98-9b46-1103814064bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48321", "type": "seen", "source": "https://t.me/cibsecurity/58530", "content": "\u203c CVE-2022-48321 \u203c\n\nLimited Server-Side Request Forgery (SSRF) in agent-receiver in Tribe29's Checkmk <= 2.1.0p11 allows an attacker to communicate with local network restricted endpoints by use of the host registration API.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-20T20:15:55.000000Z"} 2023-02-20T20:15:55+00:00 https://vulnerability.circl.lu/sighting/c217d824-bc83-4448-8814-78f920c9f1b7/export c217d824-bc83-4448-8814-78f920c9f1b7 2026-06-26T11:15:38.699386+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "c217d824-bc83-4448-8814-78f920c9f1b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48320", "type": "seen", "source": "https://t.me/cibsecurity/58538", "content": "\u203c CVE-2022-48320 \u203c\n\nCross-site Request Forgery (CSRF) in Tribe29's Checkmk <= 2.1.0p17, Checkmk <= 2.0.0p31, and all versions of Checkmk 1.6.0 (EOL) allow an attacker to add new visual elements to multiple pages.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-20T20:16:04.000000Z"} 2023-02-20T20:16:04+00:00 https://vulnerability.circl.lu/sighting/c18f208d-2b91-4ae8-9b41-ddb5dc7b706b/export c18f208d-2b91-4ae8-9b41-ddb5dc7b706b 2026-06-26T11:15:38.699279+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "c18f208d-2b91-4ae8-9b41-ddb5dc7b706b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48321", "type": "seen", "source": "https://t.me/ctinow/164843", "content": "https://ift.tt/1QJ3mo9\nCVE-2022-48321 Exploit", "creation_timestamp": "2024-01-09T08:16:08.000000Z"} 2024-01-09T08:16:08+00:00 https://vulnerability.circl.lu/sighting/f44f8c33-749c-4901-8b0d-f02d0f8429b4/export f44f8c33-749c-4901-8b0d-f02d0f8429b4 2026-06-26T11:15:38.699143+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "f44f8c33-749c-4901-8b0d-f02d0f8429b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48328", "type": "seen", "source": "https://t.me/ctinow/186679", "content": "https://ift.tt/ZMFIijk\nCVE-2022-48328 Exploit", "creation_timestamp": "2024-02-16T23:16:52.000000Z"} 2024-02-16T23:16:52+00:00 https://vulnerability.circl.lu/sighting/496b3220-5ca3-46d7-b59c-16c47f796a29/export 496b3220-5ca3-46d7-b59c-16c47f796a29 2026-06-26T11:15:38.696543+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "496b3220-5ca3-46d7-b59c-16c47f796a29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48323", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m3l76g26rx2g", "content": "", "creation_timestamp": "2025-10-19T21:02:28.644483Z"} 2025-10-19T21:02:28.644483+00:00