<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-15T21:35:07.484678+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/86388e4d-c3e5-4ce8-9a0f-f1c05d77df60/export</id>
    <title>86388e4d-c3e5-4ce8-9a0f-f1c05d77df60</title>
    <updated>2026-07-15T21:35:07.504052+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "86388e4d-c3e5-4ce8-9a0f-f1c05d77df60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40348", "type": "published-proof-of-concept", "source": "https://t.me/brutsecurity/724", "content": "\ud83d\udea8 CVE-2024-40348 \ud83d\udea8\n\n\ud83d\udc49 This is a bulk scanning and exploitation tool for CVE-2024-40348: Bazaar v1.4.3 allows unauthenticated attackers to execute a directory traversal. This vulnerability was discovered by 4rdr.\n\n\ud83d\udd17 Download : https://github.com/bigb0x/CVE-2024-40348", "creation_timestamp": "2026-07-12T00:00:42.282588Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/86388e4d-c3e5-4ce8-9a0f-f1c05d77df60/export"/>
    <published>2026-07-12T00:00:42.282588+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/b231711a-2a4e-4fad-9dc5-73947664a8e7/export</id>
    <title>b231711a-2a4e-4fad-9dc5-73947664a8e7</title>
    <updated>2026-07-15T21:35:07.506871+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "b231711a-2a4e-4fad-9dc5-73947664a8e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40348", "type": "published-proof-of-concept", "source": "https://t.me/brutsecurity/724", "content": "\ud83d\udea8 CVE-2024-40348 \ud83d\udea8\n\n\ud83d\udc49 This is a bulk scanning and exploitation tool for CVE-2024-40348: Bazaar v1.4.3 allows unauthenticated attackers to execute a directory traversal. This vulnerability was discovered by 4rdr.\n\n\ud83d\udd17 Download : https://github.com/bigb0x/CVE-2024-40348", "creation_timestamp": "2026-07-11T18:00:04.998751Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/b231711a-2a4e-4fad-9dc5-73947664a8e7/export"/>
    <published>2026-07-11T18:00:04.998751+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/2a35c5b1-de12-49ee-a984-814365bcb0a3/export</id>
    <title>2a35c5b1-de12-49ee-a984-814365bcb0a3</title>
    <updated>2026-07-15T21:35:07.507199+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "2a35c5b1-de12-49ee-a984-814365bcb0a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40348", "type": "seen", "source": "https://t.me/brutsecurity/724", "content": "\ud83d\udea8 CVE-2024-40348 \ud83d\udea8\n\n\ud83d\udc49 This is a bulk scanning and exploitation tool for CVE-2024-40348: Bazaar v1.4.3 allows unauthenticated attackers to execute a directory traversal. This vulnerability was discovered by 4rdr.\n\n\ud83d\udd17 Download : https://github.com/bigb0x/CVE-2024-40348", "creation_timestamp": "2026-07-10T00:00:36.805442Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/2a35c5b1-de12-49ee-a984-814365bcb0a3/export"/>
    <published>2026-07-10T00:00:36.805442+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/ab325d90-9d0b-4247-8a1c-7f3f4fc3f949/export</id>
    <title>ab325d90-9d0b-4247-8a1c-7f3f4fc3f949</title>
    <updated>2026-07-15T21:35:07.507460+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "ab325d90-9d0b-4247-8a1c-7f3f4fc3f949", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40348", "type": "seen", "source": "https://t.me/brutsecurity/724", "content": "\ud83d\udea8 CVE-2024-40348 \ud83d\udea8\n\n\ud83d\udc49 This is a bulk scanning and exploitation tool for CVE-2024-40348: Bazaar v1.4.3 allows unauthenticated attackers to execute a directory traversal. This vulnerability was discovered by 4rdr.\n\n\ud83d\udd17 Download : https://github.com/bigb0x/CVE-2024-40348", "creation_timestamp": "2026-07-09T03:00:12.987295Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/ab325d90-9d0b-4247-8a1c-7f3f4fc3f949/export"/>
    <published>2026-07-09T03:00:12.987295+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/8fe8a14d-ef40-4b3a-a1c7-990972e4354b/export</id>
    <title>8fe8a14d-ef40-4b3a-a1c7-990972e4354b</title>
    <updated>2026-07-15T21:35:07.507581+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "8fe8a14d-ef40-4b3a-a1c7-990972e4354b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40348", "type": "published-proof-of-concept", "source": "https://t.me/cyber_hsecurity/3301", "content": "CvEploiterv2 x xWPv3 [Ultimate/Beast Software.]\n\n[The most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n     with the latest version/method.]\n\n1x =&amp;gt; CVE-2024-38761 - Wordpress [Zephyr Project Manager] &amp;lt; Unauthenticated Information Exposure.\n\n2x =&amp;gt; CVE-2024-38759 - Wordpress [Search &amp;amp; Replace] &amp;lt; Unauthenticated PHP Object Injection.\n\n3x =&amp;gt; CVE-2024-6313 - Wordpress [Gutenberg Forms] &amp;lt; Unauthenticated Arbitrary File Upload.\n\n4x =&amp;gt; CVE-2024-6164 - Wordpress [Filter &amp;amp; Grids] &amp;lt; Unauthenticated Local File Inclusion.\n\n5x =&amp;gt; CVE-2024-40348 - \n[Bazarr] &amp;lt; Unauthenticated Arbitrary File Read.\n\n6x =&amp;gt; CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] &amp;lt; Unauthenticated SQL Injection via Hash.\n\n7x =&amp;gt; CVE-2024-4577 - PHP [CGI] &amp;lt; Unauthenticated Command Injection.\n\n8x =&amp;gt; CVE-2024-4836 - [Edito CMS] &amp;lt; Unauthenticated Sensitive Data Leak.\n\n9x =&amp;gt; CVE-2024-32399 - RaidenMAILD [MailServer] &amp;lt; Unauthenticated Path Traversal.\n\nEnjoy;", "creation_timestamp": "2025-03-16T00:41:48.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/8fe8a14d-ef40-4b3a-a1c7-990972e4354b/export"/>
    <published>2025-03-16T00:41:48+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/c55cb8d7-05e8-40b3-9484-3d6f60ea3799/export</id>
    <title>c55cb8d7-05e8-40b3-9484-3d6f60ea3799</title>
    <updated>2026-07-15T21:35:07.507697+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "c55cb8d7-05e8-40b3-9484-3d6f60ea3799", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40348", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9525", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aBazaar v1.4.3 \u4efb\u610f\u6587\u4ef6\u8bfb\u53d6\u6f0f\u6d1e(CVE-2024-40348)\nURL\uff1ahttps://github.com/NingXin2002/Bazaar_poc\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-20T09:52:46.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/c55cb8d7-05e8-40b3-9484-3d6f60ea3799/export"/>
    <published>2024-12-20T09:52:46+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/ee2b1c92-465f-4e51-8031-1acc917d0807/export</id>
    <title>ee2b1c92-465f-4e51-8031-1acc917d0807</title>
    <updated>2026-07-15T21:35:07.507796+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "ee2b1c92-465f-4e51-8031-1acc917d0807", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40348", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1653", "content": "CvEploiterv2 x xWPv3 [Ultimate/Beast Software.]\n\n[The most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n     with the latest version/method.]\n\n1x =&amp;gt; CVE-2024-38761 - Wordpress [Zephyr Project Manager] &amp;lt; Unauthenticated Information Exposure.\n\n2x =&amp;gt; CVE-2024-38759 - Wordpress [Search &amp;amp; Replace] &amp;lt; Unauthenticated PHP Object Injection.\n\n3x =&amp;gt; CVE-2024-6313 - Wordpress [Gutenberg Forms] &amp;lt; Unauthenticated Arbitrary File Upload.\n\n4x =&amp;gt; CVE-2024-6164 - Wordpress [Filter &amp;amp; Grids] &amp;lt; Unauthenticated Local File Inclusion.\n\n5x =&amp;gt; CVE-2024-40348 - \n[Bazarr] &amp;lt; Unauthenticated Arbitrary File Read.\n\n6x =&amp;gt; CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] &amp;lt; Unauthenticated SQL Injection via Hash.\n\n7x =&amp;gt; CVE-2024-4577 - PHP [CGI] &amp;lt; Unauthenticated Command Injection.\n\n8x =&amp;gt; CVE-2024-4836 - [Edito CMS] &amp;lt; Unauthenticated Sensitive Data Leak.\n\n9x =&amp;gt; CVE-2024-32399 - RaidenMAILD [MailServer] &amp;lt; Unauthenticated Path Traversal.\n\nEnjoy;", "creation_timestamp": "2024-12-18T18:01:34.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/ee2b1c92-465f-4e51-8031-1acc917d0807/export"/>
    <published>2024-12-18T18:01:34+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/6bf456b8-0101-4c36-9541-7c4289f8f516/export</id>
    <title>6bf456b8-0101-4c36-9541-7c4289f8f516</title>
    <updated>2026-07-15T21:35:07.507908+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "6bf456b8-0101-4c36-9541-7c4289f8f516", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40348", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1634", "content": "CvEploiterv2 x xWPv3 [Ultimate/Beast Software.]\n\n[The most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n     with the latest version/method.]\n\n1x =&amp;gt; CVE-2024-38761 - Wordpress [Zephyr Project Manager] &amp;lt; Unauthenticated Information Exposure.\n\n2x =&amp;gt; CVE-2024-38759 - Wordpress [Search &amp;amp; Replace] &amp;lt; Unauthenticated PHP Object Injection.\n\n3x =&amp;gt; CVE-2024-6313 - Wordpress [Gutenberg Forms] &amp;lt; Unauthenticated Arbitrary File Upload.\n\n4x =&amp;gt; CVE-2024-6164 - Wordpress [Filter &amp;amp; Grids] &amp;lt; Unauthenticated Local File Inclusion.\n\n5x =&amp;gt; CVE-2024-40348 - \n[Bazarr] &amp;lt; Unauthenticated Arbitrary File Read.\n\n6x =&amp;gt; CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] &amp;lt; Unauthenticated SQL Injection via Hash.\n\n7x =&amp;gt; CVE-2024-4577 - PHP [CGI] &amp;lt; Unauthenticated Command Injection.\n\n8x =&amp;gt; CVE-2024-4836 - [Edito CMS] &amp;lt; Unauthenticated Sensitive Data Leak.\n\n9x =&amp;gt; CVE-2024-32399 - RaidenMAILD [MailServer] &amp;lt; Unauthenticated Path Traversal.\n\nEnjoy;", "creation_timestamp": "2024-11-30T13:27:14.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/6bf456b8-0101-4c36-9541-7c4289f8f516/export"/>
    <published>2024-11-30T13:27:14+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/a17622c4-d893-4126-8aa5-ddcb5385c028/export</id>
    <title>a17622c4-d893-4126-8aa5-ddcb5385c028</title>
    <updated>2026-07-15T21:35:07.508012+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "a17622c4-d893-4126-8aa5-ddcb5385c028", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40348", "type": "seen", "source": "https://t.me/HackerInvestigationZone/9", "content": "\ud83d\udea8_CvEploiterv2 x xWPv3 Ultimate/Beast Software\n\n\ud83c\udfafThe most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n\u00a0\u00a0\u00a0\u00a0 with the latest version/method.]\n\n\u2699\ufe0fCVE-2024-38761 - Wordpress [Zephyr Project Manager] &amp;lt; Unauthenticated Information Exposure.\n\n \u2699\ufe0fCVE-2024-38759 - Wordpress [Search &amp;amp; Replace] &amp;lt; Unauthenticated PHP Object Injection.\n\n\u2699\ufe0fCVE-2024-6313 - Wordpress [Gutenberg Forms] &amp;lt; Unauthenticated Arbitrary File Upload.\n\n\u2699\ufe0fCVE-2024-6164 - Wordpress [Filter &amp;amp; Grids] &amp;lt; Unauthenticated Local File Inclusion.\n\n\u2699\ufe0fCVE-2024-40348 - \n[Bazarr] &amp;lt; Unauthenticated Arbitrary File Read.\n\n\u2699\ufe0f#CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] &amp;lt; Unauthenticated SQL Injection via Hash.\n\n\u2699\ufe0fCVE-2024-4577 - PHP [CGI] &amp;lt; Unauthenticated Command Injection.\n\n\u2699\ufe0fCVE-2024-4836 - [Edito CMS] &amp;lt; Unauthenticated Sensitive Data Leak.\n\n\u2699\ufe0fCVE-2024-32399 - RaidenMAILD [MailServer] &amp;lt; Unauthenticated Path Traversal.\n\n#Investigation_of_hacking \n#Cyber_Security_News\n#codeb0ss", "creation_timestamp": "2024-11-12T20:45:56.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/a17622c4-d893-4126-8aa5-ddcb5385c028/export"/>
    <published>2024-11-12T20:45:56+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/78d2af46-d27d-4e51-aeb3-abf38213fbb9/export</id>
    <title>78d2af46-d27d-4e51-aeb3-abf38213fbb9</title>
    <updated>2026-07-15T21:35:07.508121+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "78d2af46-d27d-4e51-aeb3-abf38213fbb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40348", "type": "exploited", "source": "https://t.me/Unik4tsG4ng/9792", "content": "This is a bulk scanning and exploitation tool for CVE-2024-40348, Bazaar v1.4.3 and prior. Will attempt to read /etc/passwd from target.\n\nhttps://github.com/bigb0x/CVE-2024-40348", "creation_timestamp": "2024-10-25T04:22:47.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/78d2af46-d27d-4e51-aeb3-abf38213fbb9/export"/>
    <published>2024-10-25T04:22:47+00:00</published>
  </entry>
</feed>
