<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-19T07:07:00.958611+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/dffa3e4b-7fa1-4d77-9520-fdc31f6017df/export</id>
    <title>dffa3e4b-7fa1-4d77-9520-fdc31f6017df</title>
    <updated>2026-07-19T07:07:00.983176+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "dffa3e4b-7fa1-4d77-9520-fdc31f6017df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44314", "type": "seen", "source": "MISP/02fb130c-7874-4693-9b66-81ed91a2e996", "content": "", "creation_timestamp": "2025-08-21T03:19:28.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/dffa3e4b-7fa1-4d77-9520-fdc31f6017df/export"/>
    <published>2025-08-21T03:19:28+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/e8f29b88-580e-4fd7-a3e6-7497c0c1cdd1/export</id>
    <title>e8f29b88-580e-4fd7-a3e6-7497c0c1cdd1</title>
    <updated>2026-07-19T07:07:00.986707+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "e8f29b88-580e-4fd7-a3e6-7497c0c1cdd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44314", "type": "seen", "source": "MISP/02fb130c-7874-4693-9b66-81ed91a2e996", "content": "", "creation_timestamp": "2025-08-12T13:33:28.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/e8f29b88-580e-4fd7-a3e6-7497c0c1cdd1/export"/>
    <published>2025-08-12T13:33:28+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/b699d170-1678-451f-9d7c-57ad77507c5a/export</id>
    <title>b699d170-1678-451f-9d7c-57ad77507c5a</title>
    <updated>2026-07-19T07:07:00.986861+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "b699d170-1678-451f-9d7c-57ad77507c5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44313", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8720", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-44313\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the invoice() function within Orders.php which allows unauthorized users to access and generate invoices due to missing permission checks.\n\ud83d\udccf Published: 2025-03-18T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-25T18:16:50.241Z\n\ud83d\udd17 References:\n1. https://github.com/tastyigniter/TastyIgniter/blob/3.x/app/admin/controllers/Orders.php\n2. https://medium.com/@cnetsec/cve-2024-44313-incorrect-access-control-in-tastyigniter-3-7-6-01a73c548b74", "creation_timestamp": "2025-03-25T18:25:06.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/b699d170-1678-451f-9d7c-57ad77507c5a/export"/>
    <published>2025-03-25T18:25:06+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/941b7b22-b589-4316-bc85-30977fba9bf6/export</id>
    <title>941b7b22-b589-4316-bc85-30977fba9bf6</title>
    <updated>2026-07-19T07:07:00.986976+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "941b7b22-b589-4316-bc85-30977fba9bf6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44313", "type": "published-proof-of-concept", "source": "Telegram/p7hLiccLONdwM2MX7hUwrX2iUDsZPVrkGyNQ09EnNeNIo2E", "content": "", "creation_timestamp": "2025-03-20T12:00:09.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/941b7b22-b589-4316-bc85-30977fba9bf6/export"/>
    <published>2025-03-20T12:00:09+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/f7f04d26-8daa-4e67-9962-5c62f024d589/export</id>
    <title>f7f04d26-8daa-4e67-9962-5c62f024d589</title>
    <updated>2026-07-19T07:07:00.987074+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "f7f04d26-8daa-4e67-9962-5c62f024d589", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44313", "type": "published-proof-of-concept", "source": "Telegram/YBrr9bnrMsHvjVMlNhE_R_T9Bu1Hec2ynwQC5xZi-avV8gw", "content": "", "creation_timestamp": "2025-03-20T04:00:07.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/f7f04d26-8daa-4e67-9962-5c62f024d589/export"/>
    <published>2025-03-20T04:00:07+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/812ba695-5fd2-4c3e-b123-628fd1212f5b/export</id>
    <title>812ba695-5fd2-4c3e-b123-628fd1212f5b</title>
    <updated>2026-07-19T07:07:00.987172+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "812ba695-5fd2-4c3e-b123-628fd1212f5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44314", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkobidrba52s", "content": "", "creation_timestamp": "2025-03-18T18:13:36.122851Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/812ba695-5fd2-4c3e-b123-628fd1212f5b/export"/>
    <published>2025-03-18T18:13:36.122851+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/97a4a2b5-42a5-4502-bdee-060f2a10ae51/export</id>
    <title>97a4a2b5-42a5-4502-bdee-060f2a10ae51</title>
    <updated>2026-07-19T07:07:00.987290+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "97a4a2b5-42a5-4502-bdee-060f2a10ae51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44313", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkobicnrvt26", "content": "", "creation_timestamp": "2025-03-18T18:13:30.606112Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/97a4a2b5-42a5-4502-bdee-060f2a10ae51/export"/>
    <published>2025-03-18T18:13:30.606112+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/afc49744-2d4a-4b0e-8ad3-c99db446fab3/export</id>
    <title>afc49744-2d4a-4b0e-8ad3-c99db446fab3</title>
    <updated>2026-07-19T07:07:00.987387+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cvepremium.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "afc49744-2d4a-4b0e-8ad3-c99db446fab3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44314", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7907", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-44314\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the Orders Management System, allowing unauthorized users to update order statuses. The issue occurs in the index_onUpdateStatus() function within Orders.php, which fails to verify if the user has permission to modify an order's status. This flaw can be exploited remotely, leading to unauthorized order manipulation.\n\ud83d\udccf Published: 2025-03-18T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-18T14:43:27.351Z\n\ud83d\udd17 References:\n1. https://github.com/tastyigniter/TastyIgniter/blob/3.x/app/admin/controllers/Orders.php\n2. https://medium.com/@cnetsec/cve-2024-44314-incorrect-access-control-in-function-updateorder-fc5f2b1b0467", "creation_timestamp": "2025-03-18T14:49:56.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/afc49744-2d4a-4b0e-8ad3-c99db446fab3/export"/>
    <published>2025-03-18T14:49:56+00:00</published>
  </entry>
</feed>
