https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sun, 14 Jun 2026 15:12:44 +0000 https://vulnerability.circl.lu/sighting/656ed8c1-2e1e-42bf-82c4-6b2f10e31680/export {"uuid": "656ed8c1-2e1e-42bf-82c4-6b2f10e31680", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36675", "type": "seen", "source": "https://t.me/cibsecurity/65500", "content": "\u203c CVE-2023-36675 \u203c\n\nAn issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. BlockLogFormatter.php in BlockLogFormatter allows XSS in the partial blocks feature.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-26T12:20:46.000000Z"} {"uuid": "656ed8c1-2e1e-42bf-82c4-6b2f10e31680", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36675", "type": "seen", "source": "https://t.me/cibsecurity/65500", "content": "\u203c CVE-2023-36675 \u203c\n\nAn issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. BlockLogFormatter.php in BlockLogFormatter allows XSS in the partial blocks feature.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-26T12:20:46.000000Z"} https://vulnerability.circl.lu/sighting/656ed8c1-2e1e-42bf-82c4-6b2f10e31680/export Mon, 26 Jun 2023 12:20:46 +0000 https://vulnerability.circl.lu/sighting/7a6a908d-d875-49d2-b7a6-c9694725fab7/export {"uuid": "7a6a908d-d875-49d2-b7a6-c9694725fab7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36670", "type": "seen", "source": "https://t.me/cibsecurity/66934", "content": "\u203c CVE-2023-36670 \u203c\n\nA remotely exploitable command injection vulnerability was found on the Kratos NGC-IDU 9.1.0.4. An attacker can execute arbitrary Linux commands as root by sending crafted TCP requests to the device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-18T22:31:08.000000Z"} {"uuid": "7a6a908d-d875-49d2-b7a6-c9694725fab7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36670", "type": "seen", "source": "https://t.me/cibsecurity/66934", "content": "\u203c CVE-2023-36670 \u203c\n\nA remotely exploitable command injection vulnerability was found on the Kratos NGC-IDU 9.1.0.4. An attacker can execute arbitrary Linux commands as root by sending crafted TCP requests to the device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-07-18T22:31:08.000000Z"} https://vulnerability.circl.lu/sighting/7a6a908d-d875-49d2-b7a6-c9694725fab7/export Tue, 18 Jul 2023 22:31:08 +0000 https://vulnerability.circl.lu/sighting/8d17af8d-df2d-4e84-a035-a45150aadc6b/export {"uuid": "8d17af8d-df2d-4e84-a035-a45150aadc6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36678", "type": "seen", "source": "https://t.me/cibsecurity/67818", "content": "\u203c CVE-2023-36678 \u203c\n\nAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WP-buy WP Content Copy Protection & No Right Click plugin <=\u00c2\u00a03.5.5 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-06T02:11:56.000000Z"} {"uuid": "8d17af8d-df2d-4e84-a035-a45150aadc6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36678", "type": "seen", "source": "https://t.me/cibsecurity/67818", "content": "\u203c CVE-2023-36678 \u203c\n\nAuth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WP-buy WP Content Copy Protection & No Right Click plugin <=\u00c2\u00a03.5.5 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-06T02:11:56.000000Z"} https://vulnerability.circl.lu/sighting/8d17af8d-df2d-4e84-a035-a45150aadc6b/export Sun, 06 Aug 2023 02:11:56 +0000 https://vulnerability.circl.lu/sighting/c174f91f-2a7a-480b-8262-d7d40e06ee49/export {"uuid": "c174f91f-2a7a-480b-8262-d7d40e06ee49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36672", "type": "seen", "source": "https://t.me/kasperskyb2b/793", "content": "\ud83d\udd35 \u0410 \u0438\u0437 \u0432\u0430\u0448\u0435\u0433\u043e VPN \u0443\u0442\u0435\u043a\u0430\u0435\u0442 \u0442\u0440\u0430\u0444\u0438\u043a?\n\n\u0414\u0432\u0430 \u0441\u0432\u0435\u0436\u0438\u0445 \u043f\u0430\u0442\u0447\u0430 Cisco AnyConnect \u0437\u0430\u043a\u0440\u044b\u0432\u0430\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0435\u0441\u0442\u044c \u0432 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0435 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 VPN, \u043a\u0430\u043a \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445, \u0442\u0430\u043a \u0438 \u0431\u044b\u0442\u043e\u0432\u044b\u0445. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 (CVE-2023-36672, -35838, -36673 \u0438 -36671) \u0438\u043c\u0435\u044e\u0442 \u043e\u0431\u0449\u0435\u0435 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 TunnelCrack \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u0443 \u0440\u043e\u0443\u0442\u0435\u0440\u0430 Wi-Fi \u0438\u043b\u0438 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442-\u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440\u0443 \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0442\u0430\u0431\u043b\u0438\u0446\u0430\u043c\u0438 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0446\u0438\u0438 \u0438 \u043e\u0442\u0432\u0435\u0442\u0430\u043c\u0438 DNS-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0442\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c, \u0447\u0442\u043e\u0431\u044b \u0442\u0440\u0430\u0444\u0438\u043a \u0441 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0443\u0445\u043e\u0434\u0438\u043b \u043c\u0438\u043c\u043e \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0442\u0443\u043d\u043d\u0435\u043b\u044f \u043f\u0440\u044f\u043c\u043e \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443, \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0432\u0438\u0434\u0435.\n\n\u0414\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0434\u0432\u0430 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u044b\u0445 \u0438\u0441\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0432 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0435 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u2014 \u043c\u0438\u043c\u043e VPN \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0442\u0440\u0430\u0444\u0438\u043a \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0435\u0442\u0438 \u0438 \u0442\u0440\u0430\u0444\u0438\u043a \u043d\u0430 \u0441\u0430\u043c VPN-\u0441\u0435\u0440\u0432\u0435\u0440.\n\n\u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u0430\u0432\u0442\u043e\u0440\u043e\u0432, \u0432\u0441\u0435 VPN-\u043a\u043b\u0438\u0435\u043d\u0442\u044b \u0434\u043b\u044f iOS \u043e\u043a\u0430\u0437\u0430\u043b\u0438\u0441\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u043a \u0430\u0442\u0430\u043a\u0435. \u0414\u043b\u044f Windows, Linux \u0438 macOS \u0443\u044f\u0437\u0432\u0438\u043c\u043e \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432, \u0430 \u043d\u0430 Android \u2014 \u00ab\u0432\u0441\u0435\u0433\u043e\u00bb 25% \u043f\u0440\u043e\u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439. \u041a\u0440\u043e\u043c\u0435 Cisco, \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f, \u0437\u0430\u043a\u0440\u044b\u0432\u0430\u044e\u0449\u0438\u0435 \u0434\u044b\u0440\u0443, \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u0430\u0432\u0442\u043e\u0440\u043e\u0432 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 Cloudflare, Mozilla VPN, Surfshark \u0438 \u043f\u0440\u043e\u0447. \u0422\u0435\u043c, \u0447\u0435\u0439 \u043a\u043b\u0438\u0435\u043d\u0442 \u043d\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0451\u043d, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u043e\u0432\u0430\u043d\u043e \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0435\u0442\u0438 \u0432 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430\u0445 VPN-\u043a\u043b\u0438\u0435\u043d\u0442\u0430. \n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2023-08-09T12:30:33.000000Z"} {"uuid": "c174f91f-2a7a-480b-8262-d7d40e06ee49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36672", "type": "seen", "source": "https://t.me/kasperskyb2b/793", "content": "\ud83d\udd35 \u0410 \u0438\u0437 \u0432\u0430\u0448\u0435\u0433\u043e VPN \u0443\u0442\u0435\u043a\u0430\u0435\u0442 \u0442\u0440\u0430\u0444\u0438\u043a?\n\n\u0414\u0432\u0430 \u0441\u0432\u0435\u0436\u0438\u0445 \u043f\u0430\u0442\u0447\u0430 Cisco AnyConnect \u0437\u0430\u043a\u0440\u044b\u0432\u0430\u044e\u0442 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u0435\u0441\u0442\u044c \u0432 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0435 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 VPN, \u043a\u0430\u043a \u043a\u043e\u0440\u043f\u043e\u0440\u0430\u0442\u0438\u0432\u043d\u044b\u0445, \u0442\u0430\u043a \u0438 \u0431\u044b\u0442\u043e\u0432\u044b\u0445. \u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 (CVE-2023-36672, -35838, -36673 \u0438 -36671) \u0438\u043c\u0435\u044e\u0442 \u043e\u0431\u0449\u0435\u0435 \u043d\u0430\u0437\u0432\u0430\u043d\u0438\u0435 TunnelCrack \u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0432\u043b\u0430\u0434\u0435\u043b\u044c\u0446\u0443 \u0440\u043e\u0443\u0442\u0435\u0440\u0430 Wi-Fi \u0438\u043b\u0438 \u0438\u043d\u0442\u0435\u0440\u043d\u0435\u0442-\u043f\u0440\u043e\u0432\u0430\u0439\u0434\u0435\u0440\u0443 \u043c\u0430\u043d\u0438\u043f\u0443\u043b\u0438\u0440\u043e\u0432\u0430\u0442\u044c \u0442\u0430\u0431\u043b\u0438\u0446\u0430\u043c\u0438 \u043c\u0430\u0440\u0448\u0440\u0443\u0442\u0438\u0437\u0430\u0446\u0438\u0438 \u0438 \u043e\u0442\u0432\u0435\u0442\u0430\u043c\u0438 DNS-\u0441\u0435\u0440\u0432\u0435\u0440\u0430 \u0442\u0430\u043a\u0438\u043c \u043e\u0431\u0440\u0430\u0437\u043e\u043c, \u0447\u0442\u043e\u0431\u044b \u0442\u0440\u0430\u0444\u0438\u043a \u0441 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0443\u0445\u043e\u0434\u0438\u043b \u043c\u0438\u043c\u043e \u0448\u0438\u0444\u0440\u043e\u0432\u0430\u043d\u043d\u043e\u0433\u043e \u0442\u0443\u043d\u043d\u0435\u043b\u044f \u043f\u0440\u044f\u043c\u043e \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443, \u0432 \u043e\u0442\u043a\u0440\u044b\u0442\u043e\u043c \u0432\u0438\u0434\u0435.\n\n\u0414\u043b\u044f \u044d\u0442\u043e\u0433\u043e \u044d\u043a\u0441\u043f\u043b\u0443\u0430\u0442\u0438\u0440\u0443\u044e\u0442\u0441\u044f \u0434\u0432\u0430 \u0441\u0442\u0430\u043d\u0434\u0430\u0440\u0442\u043d\u044b\u0445 \u0438\u0441\u043a\u043b\u044e\u0447\u0435\u043d\u0438\u044f \u0432 \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u0435 \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432 \u2014 \u043c\u0438\u043c\u043e VPN \u043d\u0430\u043f\u0440\u0430\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u0442\u0440\u0430\u0444\u0438\u043a \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0435\u0442\u0438 \u0438 \u0442\u0440\u0430\u0444\u0438\u043a \u043d\u0430 \u0441\u0430\u043c VPN-\u0441\u0435\u0440\u0432\u0435\u0440.\n\n\u041f\u043e \u0441\u043b\u043e\u0432\u0430\u043c \u0430\u0432\u0442\u043e\u0440\u043e\u0432, \u0432\u0441\u0435 VPN-\u043a\u043b\u0438\u0435\u043d\u0442\u044b \u0434\u043b\u044f iOS \u043e\u043a\u0430\u0437\u0430\u043b\u0438\u0441\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u044b \u043a \u0430\u0442\u0430\u043a\u0435. \u0414\u043b\u044f Windows, Linux \u0438 macOS \u0443\u044f\u0437\u0432\u0438\u043c\u043e \u0431\u043e\u043b\u044c\u0448\u0438\u043d\u0441\u0442\u0432\u043e \u043a\u043b\u0438\u0435\u043d\u0442\u043e\u0432, \u0430 \u043d\u0430 Android \u2014 \u00ab\u0432\u0441\u0435\u0433\u043e\u00bb 25% \u043f\u0440\u043e\u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u0445 \u043f\u0440\u0438\u043b\u043e\u0436\u0435\u043d\u0438\u0439. \u041a\u0440\u043e\u043c\u0435 Cisco, \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f, \u0437\u0430\u043a\u0440\u044b\u0432\u0430\u044e\u0449\u0438\u0435 \u0434\u044b\u0440\u0443, \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c \u0430\u0432\u0442\u043e\u0440\u043e\u0432 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0438 Cloudflare, Mozilla VPN, Surfshark \u0438 \u043f\u0440\u043e\u0447. \u0422\u0435\u043c, \u0447\u0435\u0439 \u043a\u043b\u0438\u0435\u043d\u0442 \u043d\u0435 \u043e\u0431\u043d\u043e\u0432\u043b\u0451\u043d, \u0440\u0435\u043a\u043e\u043c\u0435\u043d\u0434\u043e\u0432\u0430\u043d\u043e \u043e\u0442\u043a\u043b\u044e\u0447\u0438\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u043a \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0435\u0442\u0438 \u0432 \u043d\u0430\u0441\u0442\u0440\u043e\u0439\u043a\u0430\u0445 VPN-\u043a\u043b\u0438\u0435\u043d\u0442\u0430. \n\n#\u043d\u043e\u0432\u043e\u0441\u0442\u0438 @\u041f2\u0422", "creation_timestamp": "2023-08-09T12:30:33.000000Z"} https://vulnerability.circl.lu/sighting/c174f91f-2a7a-480b-8262-d7d40e06ee49/export Wed, 09 Aug 2023 12:30:33 +0000 https://vulnerability.circl.lu/sighting/f2127282-9096-4cc3-9996-83eac7ef35f7/export {"uuid": "f2127282-9096-4cc3-9996-83eac7ef35f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36674", "type": "seen", "source": "https://t.me/cibsecurity/68866", "content": "\u203c CVE-2023-36674 \u203c\n\nAn issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. It is possible to bypass the Bad image list (aka badFile) by using the thumb parameter (aka Manualthumb) of the File syntax.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-20T22:41:28.000000Z"} {"uuid": "f2127282-9096-4cc3-9996-83eac7ef35f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36674", "type": "seen", "source": "https://t.me/cibsecurity/68866", "content": "\u203c CVE-2023-36674 \u203c\n\nAn issue was discovered in MediaWiki before 1.35.11, 1.36.x through 1.38.x before 1.38.7, 1.39.x before 1.39.4, and 1.40.x before 1.40.1. It is possible to bypass the Bad image list (aka badFile) by using the thumb parameter (aka Manualthumb) of the File syntax.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-20T22:41:28.000000Z"} https://vulnerability.circl.lu/sighting/f2127282-9096-4cc3-9996-83eac7ef35f7/export Sun, 20 Aug 2023 22:41:28 +0000 https://vulnerability.circl.lu/sighting/0b6f22cc-5eae-4954-9d76-6cb1f5a037f3/export {"uuid": "0b6f22cc-5eae-4954-9d76-6cb1f5a037f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3667", "type": "seen", "source": "https://t.me/cibsecurity/68890", "content": "\u203c CVE-2023-3667 \u203c\n\nThe Bit Assist WordPress plugin before 1.1.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-21T20:41:05.000000Z"} {"uuid": "0b6f22cc-5eae-4954-9d76-6cb1f5a037f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3667", "type": "seen", "source": "https://t.me/cibsecurity/68890", "content": "\u203c CVE-2023-3667 \u203c\n\nThe Bit Assist WordPress plugin before 1.1.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-21T20:41:05.000000Z"} https://vulnerability.circl.lu/sighting/0b6f22cc-5eae-4954-9d76-6cb1f5a037f3/export Mon, 21 Aug 2023 20:41:05 +0000 https://vulnerability.circl.lu/sighting/5c092990-dc6b-4fdb-b3c4-fc9b8e2b9b94/export {"uuid": "5c092990-dc6b-4fdb-b3c4-fc9b8e2b9b94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36677", "type": "seen", "source": "https://t.me/cibsecurity/73550", "content": "\u203c CVE-2023-36677 \u203c\n\nImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Smartypants SP Project & Document Manager allows SQL Injection.This issue affects SP Project & Document Manager: from n/a through 4.67.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-11-04T01:23:38.000000Z"} {"uuid": "5c092990-dc6b-4fdb-b3c4-fc9b8e2b9b94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36677", "type": "seen", "source": "https://t.me/cibsecurity/73550", "content": "\u203c CVE-2023-36677 \u203c\n\nImproper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Smartypants SP Project & Document Manager allows SQL Injection.This issue affects SP Project & Document Manager: from n/a through 4.67.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-11-04T01:23:38.000000Z"} https://vulnerability.circl.lu/sighting/5c092990-dc6b-4fdb-b3c4-fc9b8e2b9b94/export Sat, 04 Nov 2023 01:23:38 +0000 https://vulnerability.circl.lu/sighting/134fe6c8-1aeb-4ec9-99a9-5b8b3e249e8a/export {"uuid": "134fe6c8-1aeb-4ec9-99a9-5b8b3e249e8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36679", "type": "seen", "source": "Telegram/1UvIFO3w_AXuXcZNSyTx5uNMMkcsAysJsxJsUFXDfIepplf6", "content": "", "creation_timestamp": "2025-03-06T02:17:23.000000Z"} {"uuid": "134fe6c8-1aeb-4ec9-99a9-5b8b3e249e8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-36679", "type": "seen", "source": "Telegram/1UvIFO3w_AXuXcZNSyTx5uNMMkcsAysJsxJsUFXDfIepplf6", "content": "", "creation_timestamp": "2025-03-06T02:17:23.000000Z"} https://vulnerability.circl.lu/sighting/134fe6c8-1aeb-4ec9-99a9-5b8b3e249e8a/export Thu, 06 Mar 2025 02:17:23 +0000