Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Wed, 17 Jun 2026 04:28:58 +0000 c3888612-3ee7-43e2-8e65-42a7a2c47932 https://vulnerability.circl.lu/sighting/c3888612-3ee7-43e2-8e65-42a7a2c47932/export {"uuid": "c3888612-3ee7-43e2-8e65-42a7a2c47932", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35589", "type": "seen", "source": "https://t.me/cibsecurity/48092", "content": "\u203c CVE-2022-35589 \u203c\n\nA cross-site scripting (XSS) issue in the Fork version 5.9.3 allows remote attackers to inject JavaScript via the \"publish_on_time\" Parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-12T20:33:26.000000Z"} {"uuid": "c3888612-3ee7-43e2-8e65-42a7a2c47932", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35589", "type": "seen", "source": "https://t.me/cibsecurity/48092", "content": "\u203c CVE-2022-35589 \u203c\n\nA cross-site scripting (XSS) issue in the Fork version 5.9.3 allows remote attackers to inject JavaScript via the \"publish_on_time\" Parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-12T20:33:26.000000Z"} https://vulnerability.circl.lu/sighting/c3888612-3ee7-43e2-8e65-42a7a2c47932/export Fri, 12 Aug 2022 20:33:26 +0000 07c8d8f0-5e27-4c6d-b8b0-f85abd9ac2aa https://vulnerability.circl.lu/sighting/07c8d8f0-5e27-4c6d-b8b0-f85abd9ac2aa/export {"uuid": "07c8d8f0-5e27-4c6d-b8b0-f85abd9ac2aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35585", "type": "seen", "source": "https://t.me/cibsecurity/48094", "content": "\u203c CVE-2022-35585 \u203c\n\nA stored cross-site scripting (XSS) issue in the ForkCMS version 5.9.3 allows remote attackers to inject JavaScript via the \"start_date\" Parameter\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-12T20:33:28.000000Z"} {"uuid": "07c8d8f0-5e27-4c6d-b8b0-f85abd9ac2aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35585", "type": "seen", "source": "https://t.me/cibsecurity/48094", "content": "\u203c CVE-2022-35585 \u203c\n\nA stored cross-site scripting (XSS) issue in the ForkCMS version 5.9.3 allows remote attackers to inject JavaScript via the \"start_date\" Parameter\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-12T20:33:28.000000Z"} https://vulnerability.circl.lu/sighting/07c8d8f0-5e27-4c6d-b8b0-f85abd9ac2aa/export Fri, 12 Aug 2022 20:33:28 +0000 12e76bf2-210a-4d9a-8501-e143549d3167 https://vulnerability.circl.lu/sighting/12e76bf2-210a-4d9a-8501-e143549d3167/export {"uuid": "12e76bf2-210a-4d9a-8501-e143549d3167", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35587", "type": "seen", "source": "https://t.me/cibsecurity/48096", "content": "\u203c CVE-2022-35587 \u203c\n\nA cross-site scripting (XSS) issue in the Fork version 5.9.3 allows remote attackers to inject JavaScript via the \"publish_on_date\" Parameter\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-12T20:33:30.000000Z"} {"uuid": "12e76bf2-210a-4d9a-8501-e143549d3167", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35587", "type": "seen", "source": "https://t.me/cibsecurity/48096", "content": "\u203c CVE-2022-35587 \u203c\n\nA cross-site scripting (XSS) issue in the Fork version 5.9.3 allows remote attackers to inject JavaScript via the \"publish_on_date\" Parameter\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-12T20:33:30.000000Z"} https://vulnerability.circl.lu/sighting/12e76bf2-210a-4d9a-8501-e143549d3167/export Fri, 12 Aug 2022 20:33:30 +0000 ac5f610a-41b6-4d05-b6ee-5c06d2dc7e19 https://vulnerability.circl.lu/sighting/ac5f610a-41b6-4d05-b6ee-5c06d2dc7e19/export {"uuid": "ac5f610a-41b6-4d05-b6ee-5c06d2dc7e19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35582", "type": "seen", "source": "https://t.me/cibsecurity/49752", "content": "\u203c CVE-2022-35582 \u203c\n\nPenta Security Systems Inc WAPPLES 4.0.*, 5.0.0.*, 5.0.12.* are vulnerable to Incorrect Access Control. The operating system that WAPPLES runs on has a built-in non-privileged user penta with a predefined password. The password for this user, as well as its existence, is not disclosed in the documentation. Knowing the credentials, attackers can use this feature to gain uncontrolled access to the device and therefore are considered an undocumented possibility for remote control.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-14T02:25:58.000000Z"} {"uuid": "ac5f610a-41b6-4d05-b6ee-5c06d2dc7e19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35582", "type": "seen", "source": "https://t.me/cibsecurity/49752", "content": "\u203c CVE-2022-35582 \u203c\n\nPenta Security Systems Inc WAPPLES 4.0.*, 5.0.0.*, 5.0.12.* are vulnerable to Incorrect Access Control. The operating system that WAPPLES runs on has a built-in non-privileged user penta with a predefined password. The password for this user, as well as its existence, is not disclosed in the documentation. Knowing the credentials, attackers can use this feature to gain uncontrolled access to the device and therefore are considered an undocumented possibility for remote control.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-14T02:25:58.000000Z"} https://vulnerability.circl.lu/sighting/ac5f610a-41b6-4d05-b6ee-5c06d2dc7e19/export Wed, 14 Sep 2022 02:25:58 +0000 7cae0825-0c02-450f-b047-3c549324c2d4 https://vulnerability.circl.lu/sighting/7cae0825-0c02-450f-b047-3c549324c2d4/export {"uuid": "7cae0825-0c02-450f-b047-3c549324c2d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3558", "type": "seen", "source": "https://t.me/cibsecurity/52581", "content": "\u203c CVE-2022-3558 \u203c\n\nThe Import and export users and customers WordPress plugin before 1.20.5 does not properly escape data when exporting it via CSV files.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-07T12:34:10.000000Z"} {"uuid": "7cae0825-0c02-450f-b047-3c549324c2d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3558", "type": "seen", "source": "https://t.me/cibsecurity/52581", "content": "\u203c CVE-2022-3558 \u203c\n\nThe Import and export users and customers WordPress plugin before 1.20.5 does not properly escape data when exporting it via CSV files.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-07T12:34:10.000000Z"} https://vulnerability.circl.lu/sighting/7cae0825-0c02-450f-b047-3c549324c2d4/export Mon, 07 Nov 2022 12:34:10 +0000 a7973de7-5ce5-4cfe-8fe2-0f938b3f63c8 https://vulnerability.circl.lu/sighting/a7973de7-5ce5-4cfe-8fe2-0f938b3f63c8/export {"uuid": "a7973de7-5ce5-4cfe-8fe2-0f938b3f63c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35583", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/53034", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aCVE-2025-51591 Pandoc SSRF vulnerability Proof of Concept\nURL\uff1ahttps://github.com/Malayke/CVE-2022-35583-Pandoc-SSRF-POC\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-09-25T11:21:55.000000Z"} {"uuid": "a7973de7-5ce5-4cfe-8fe2-0f938b3f63c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-35583", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/53034", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aCVE-2025-51591 Pandoc SSRF vulnerability Proof of Concept\nURL\uff1ahttps://github.com/Malayke/CVE-2022-35583-Pandoc-SSRF-POC\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-09-25T11:21:55.000000Z"} https://vulnerability.circl.lu/sighting/a7973de7-5ce5-4cfe-8fe2-0f938b3f63c8/export Thu, 25 Sep 2025 11:21:55 +0000