<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Fri, 10 Jul 2026 00:49:29 +0000</lastBuildDate>
    <item>
      <title>1e162a6d-aab8-4c18-b2ad-f4f314b33b2f</title>
      <link>https://vulnerability.circl.lu/sighting/1e162a6d-aab8-4c18-b2ad-f4f314b33b2f/export</link>
      <description>{"uuid": "1e162a6d-aab8-4c18-b2ad-f4f314b33b2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40839", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15132", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-40839\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A SQL injection vulnerability in the height and width parameter in NdkAdvancedCustomizationFields v3.5.0 allows unauthenticated attackers to exfiltrate database data.\n\ud83d\udccf Published: 2022-11-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-06T15:13:40.240Z\n\ud83d\udd17 References:\n1. http://ndk.com\n2. http://ndkadvancedcustomizationfields.com\n3. https://github.com/daaaalllii/cve-s/blob/main/CVE-2022-40839/poc.txt", "creation_timestamp": "2025-05-06T15:21:29.000000Z"}</description>
      <content:encoded>{"uuid": "1e162a6d-aab8-4c18-b2ad-f4f314b33b2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40839", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15132", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-40839\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A SQL injection vulnerability in the height and width parameter in NdkAdvancedCustomizationFields v3.5.0 allows unauthenticated attackers to exfiltrate database data.\n\ud83d\udccf Published: 2022-11-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-06T15:13:40.240Z\n\ud83d\udd17 References:\n1. http://ndk.com\n2. http://ndkadvancedcustomizationfields.com\n3. https://github.com/daaaalllii/cve-s/blob/main/CVE-2022-40839/poc.txt", "creation_timestamp": "2025-05-06T15:21:29.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/1e162a6d-aab8-4c18-b2ad-f4f314b33b2f/export</guid>
      <pubDate>Tue, 06 May 2025 15:21:29 +0000</pubDate>
    </item>
    <item>
      <title>a5968640-6ffd-4c88-ad50-fd36e057bdd7</title>
      <link>https://vulnerability.circl.lu/sighting/a5968640-6ffd-4c88-ad50-fd36e057bdd7/export</link>
      <description>{"uuid": "a5968640-6ffd-4c88-ad50-fd36e057bdd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4083", "type": "seen", "source": "https://t.me/cibsecurity/53224", "content": "\u203c CVE-2022-4083 \u203c\n\nA vulnerability, which was classified as problematic, was found in MyTechTalky User Location and IP Plugin. Affected is an unknown function of the component HTTP Header Handler. The manipulation of the argument X-Forwarded-For leads to improper output neutralization for logs. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-214050 is the identifier assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-20T16:36:28.000000Z"}</description>
      <content:encoded>{"uuid": "a5968640-6ffd-4c88-ad50-fd36e057bdd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4083", "type": "seen", "source": "https://t.me/cibsecurity/53224", "content": "\u203c CVE-2022-4083 \u203c\n\nA vulnerability, which was classified as problematic, was found in MyTechTalky User Location and IP Plugin. Affected is an unknown function of the component HTTP Header Handler. The manipulation of the argument X-Forwarded-For leads to improper output neutralization for logs. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-214050 is the identifier assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-20T16:36:28.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/a5968640-6ffd-4c88-ad50-fd36e057bdd7/export</guid>
      <pubDate>Sun, 20 Nov 2022 16:36:28 +0000</pubDate>
    </item>
    <item>
      <title>0e8479ef-55ec-40ea-a273-13c510f2c96a</title>
      <link>https://vulnerability.circl.lu/sighting/0e8479ef-55ec-40ea-a273-13c510f2c96a/export</link>
      <description>{"uuid": "0e8479ef-55ec-40ea-a273-13c510f2c96a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40839", "type": "seen", "source": "https://t.me/cibsecurity/52399", "content": "\u203c CVE-2022-40839 \u203c\n\nA SQL injection vulnerability in the height and width parameter in NdkAdvancedCustomizationFields v3.5.0 allows unauthenticated attackers to exfiltrate database data.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-01T19:13:59.000000Z"}</description>
      <content:encoded>{"uuid": "0e8479ef-55ec-40ea-a273-13c510f2c96a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40839", "type": "seen", "source": "https://t.me/cibsecurity/52399", "content": "\u203c CVE-2022-40839 \u203c\n\nA SQL injection vulnerability in the height and width parameter in NdkAdvancedCustomizationFields v3.5.0 allows unauthenticated attackers to exfiltrate database data.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-01T19:13:59.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/0e8479ef-55ec-40ea-a273-13c510f2c96a/export</guid>
      <pubDate>Tue, 01 Nov 2022 19:13:59 +0000</pubDate>
    </item>
    <item>
      <title>23fc0148-ecf2-429e-9af5-ddb94125056e</title>
      <link>https://vulnerability.circl.lu/sighting/23fc0148-ecf2-429e-9af5-ddb94125056e/export</link>
      <description>{"uuid": "23fc0148-ecf2-429e-9af5-ddb94125056e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40833", "type": "seen", "source": "https://t.me/cibsecurity/50966", "content": "\u203c CVE-2022-40833 \u203c\n\nB.C. Institute of Technology CodeIgniter &amp;lt;=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php or_where_in() function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-07T14:17:28.000000Z"}</description>
      <content:encoded>{"uuid": "23fc0148-ecf2-429e-9af5-ddb94125056e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40833", "type": "seen", "source": "https://t.me/cibsecurity/50966", "content": "\u203c CVE-2022-40833 \u203c\n\nB.C. Institute of Technology CodeIgniter &amp;lt;=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php or_where_in() function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-07T14:17:28.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/23fc0148-ecf2-429e-9af5-ddb94125056e/export</guid>
      <pubDate>Fri, 07 Oct 2022 14:17:28 +0000</pubDate>
    </item>
    <item>
      <title>023c593e-7ee3-4b91-a98f-f3488e29c839</title>
      <link>https://vulnerability.circl.lu/sighting/023c593e-7ee3-4b91-a98f-f3488e29c839/export</link>
      <description>{"uuid": "023c593e-7ee3-4b91-a98f-f3488e29c839", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40831", "type": "seen", "source": "https://t.me/cibsecurity/50965", "content": "\u203c CVE-2022-40831 \u203c\n\nB.C. Institute of Technology CodeIgniter &amp;lt;=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php like() function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-07T14:17:27.000000Z"}</description>
      <content:encoded>{"uuid": "023c593e-7ee3-4b91-a98f-f3488e29c839", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40831", "type": "seen", "source": "https://t.me/cibsecurity/50965", "content": "\u203c CVE-2022-40831 \u203c\n\nB.C. Institute of Technology CodeIgniter &amp;lt;=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php like() function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-07T14:17:27.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/023c593e-7ee3-4b91-a98f-f3488e29c839/export</guid>
      <pubDate>Fri, 07 Oct 2022 14:17:27 +0000</pubDate>
    </item>
    <item>
      <title>df888f77-c342-40bc-92a4-37f6f5c168c8</title>
      <link>https://vulnerability.circl.lu/sighting/df888f77-c342-40bc-92a4-37f6f5c168c8/export</link>
      <description>{"uuid": "df888f77-c342-40bc-92a4-37f6f5c168c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40834", "type": "seen", "source": "https://t.me/cibsecurity/50963", "content": "\u203c CVE-2022-40834 \u203c\n\nB.C. Institute of Technology CodeIgniter &amp;lt;=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php or_not_like() function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-07T14:17:25.000000Z"}</description>
      <content:encoded>{"uuid": "df888f77-c342-40bc-92a4-37f6f5c168c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40834", "type": "seen", "source": "https://t.me/cibsecurity/50963", "content": "\u203c CVE-2022-40834 \u203c\n\nB.C. Institute of Technology CodeIgniter &amp;lt;=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php or_not_like() function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-07T14:17:25.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/df888f77-c342-40bc-92a4-37f6f5c168c8/export</guid>
      <pubDate>Fri, 07 Oct 2022 14:17:25 +0000</pubDate>
    </item>
    <item>
      <title>7d863b9c-7b90-46cb-8f34-ca6dd9ff9567</title>
      <link>https://vulnerability.circl.lu/sighting/7d863b9c-7b90-46cb-8f34-ca6dd9ff9567/export</link>
      <description>{"uuid": "7d863b9c-7b90-46cb-8f34-ca6dd9ff9567", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40830", "type": "seen", "source": "https://t.me/cibsecurity/50960", "content": "\u203c CVE-2022-40830 \u203c\n\nB.C. Institute of Technology CodeIgniter &amp;lt;=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php where_not_in() function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-07T14:17:21.000000Z"}</description>
      <content:encoded>{"uuid": "7d863b9c-7b90-46cb-8f34-ca6dd9ff9567", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40830", "type": "seen", "source": "https://t.me/cibsecurity/50960", "content": "\u203c CVE-2022-40830 \u203c\n\nB.C. Institute of Technology CodeIgniter &amp;lt;=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php where_not_in() function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-07T14:17:21.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/7d863b9c-7b90-46cb-8f34-ca6dd9ff9567/export</guid>
      <pubDate>Fri, 07 Oct 2022 14:17:21 +0000</pubDate>
    </item>
    <item>
      <title>e00a2548-6f6c-44ea-b312-ba7a3a8daed2</title>
      <link>https://vulnerability.circl.lu/sighting/e00a2548-6f6c-44ea-b312-ba7a3a8daed2/export</link>
      <description>{"uuid": "e00a2548-6f6c-44ea-b312-ba7a3a8daed2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40835", "type": "seen", "source": "https://t.me/cibsecurity/50957", "content": "\u203c CVE-2022-40835 \u203c\n\nB.C. Institute of Technology CodeIgniter &amp;lt;=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-07T14:17:16.000000Z"}</description>
      <content:encoded>{"uuid": "e00a2548-6f6c-44ea-b312-ba7a3a8daed2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40835", "type": "seen", "source": "https://t.me/cibsecurity/50957", "content": "\u203c CVE-2022-40835 \u203c\n\nB.C. Institute of Technology CodeIgniter &amp;lt;=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-07T14:17:16.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/e00a2548-6f6c-44ea-b312-ba7a3a8daed2/export</guid>
      <pubDate>Fri, 07 Oct 2022 14:17:16 +0000</pubDate>
    </item>
    <item>
      <title>401f99bc-a85f-4a74-8ad1-dcc898db816d</title>
      <link>https://vulnerability.circl.lu/sighting/401f99bc-a85f-4a74-8ad1-dcc898db816d/export</link>
      <description>{"uuid": "401f99bc-a85f-4a74-8ad1-dcc898db816d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40832", "type": "seen", "source": "https://t.me/cibsecurity/50954", "content": "\u203c CVE-2022-40832 \u203c\n\nB.C. Institute of Technology CodeIgniter &amp;lt;=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php having() function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-07T14:17:13.000000Z"}</description>
      <content:encoded>{"uuid": "401f99bc-a85f-4a74-8ad1-dcc898db816d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40832", "type": "seen", "source": "https://t.me/cibsecurity/50954", "content": "\u203c CVE-2022-40832 \u203c\n\nB.C. Institute of Technology CodeIgniter &amp;lt;=3.1.13 is vulnerable to SQL Injection via system\\database\\DB_query_builder.php having() function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-07T14:17:13.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/401f99bc-a85f-4a74-8ad1-dcc898db816d/export</guid>
      <pubDate>Fri, 07 Oct 2022 14:17:13 +0000</pubDate>
    </item>
  </channel>
</rss>
