https://vulnerability.circl.lu/sightings/feed 2026-06-08T15:30:37.429915+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/4026c738-b5f0-4e70-9d25-a26f896a06a0/export 2026-06-08T15:30:37.870692+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "4026c738-b5f0-4e70-9d25-a26f896a06a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23314", "type": "seen", "source": "https://t.me/cibsecurity/56823", "content": "\u203c CVE-2023-23314 \u203c\n\nAn arbitrary file upload vulnerability in the /api/upload component of zdir v3.2.0 allows attackers to execute arbitrary code via a crafted .ssh file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-23T07:52:58.000000Z"} 2023-01-23T07:52:58+00:00 https://vulnerability.circl.lu/sighting/a92983c7-d5ce-4009-bfad-37f0e3a7ca9c/export 2026-06-08T15:30:37.870593+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "a92983c7-d5ce-4009-bfad-37f0e3a7ca9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23315", "type": "seen", "source": "https://t.me/cibsecurity/59246", "content": "\u203c CVE-2023-23315 \u203c\n\nThe PrestaShop e-commerce platform module stripejs contains a Blind SQL injection vulnerability up to version 4.5.5. The method `stripejsValidationModuleFrontController::initContent()` has sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-01T18:33:47.000000Z"} 2023-03-01T18:33:47+00:00 https://vulnerability.circl.lu/sighting/218bcf4a-3246-4e22-829f-12a8d5f64e7f/export 2026-06-08T15:30:37.870466+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "218bcf4a-3246-4e22-829f-12a8d5f64e7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23313", "type": "seen", "source": "https://t.me/cibsecurity/59407", "content": "\u203c CVE-2023-23313 \u203c\n\nCertain Draytek products are vulnerable to Cross Site Scripting (XSS) via the wlogin.cgi script and user_login.cgi script of the router's web application management portal. This affects Vigor3910, Vigor1000B, Vigor2962 v4.3.2.1; Vigor2865 and Vigor2866 v4.4.1.0; Vigor2927 v4.4.2.2; and Vigor2915, Vigor2765, Vigor2766, Vigor2135 v4.4.2.0; Vigor2763 v4.4.2.1; Vigor2862 and Vigor2926 v3.9.9.0; Vigor2925 v3.9.3; Vigor2952 and Vigor3220 v3.9.7.3; Vigor2133 and Vigor2762 v3.9.6.4; and Vigor2832 v3.9.6.2.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-04T00:46:16.000000Z"} 2023-03-04T00:46:16+00:00 https://vulnerability.circl.lu/sighting/a035fbb2-e415-4e2a-b7c1-49e2714fad25/export 2026-06-08T15:30:37.867840+00:00 Automation user https://cvepremium.circl.lu/user/automation {"uuid": "a035fbb2-e415-4e2a-b7c1-49e2714fad25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-23313", "type": "seen", "source": "Telegram/17ZYnYNwGc7hi90P6lbJvfp9zUKGBjCh-mcg-8mBzHQ0OLdz", "content": "", "creation_timestamp": "2025-03-08T04:35:51.000000Z"} 2025-03-08T04:35:51+00:00