Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Fri, 05 Jun 2026 01:33:35 +0000 56ffc0f7-23b1-46cf-b5a5-bcc8548255b1 https://vulnerability.circl.lu/sighting/56ffc0f7-23b1-46cf-b5a5-bcc8548255b1/export {"uuid": "56ffc0f7-23b1-46cf-b5a5-bcc8548255b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-13060", "type": "seen", "source": "https://t.me/cibsecurity/10518", "content": "ATENTION\u203c New - CVE-2018-13060\n\nEasy!Appointments 1.3.0 has a Guessable CAPTCHA issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-03-16T17:46:03.000000Z"} {"uuid": "56ffc0f7-23b1-46cf-b5a5-bcc8548255b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-13060", "type": "seen", "source": "https://t.me/cibsecurity/10518", "content": "ATENTION\u203c New - CVE-2018-13060\n\nEasy!Appointments 1.3.0 has a Guessable CAPTCHA issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-03-16T17:46:03.000000Z"} https://vulnerability.circl.lu/sighting/56ffc0f7-23b1-46cf-b5a5-bcc8548255b1/export Mon, 16 Mar 2020 17:46:03 +0000 44612db7-3c02-45cf-8636-5a7b5d8d973e https://vulnerability.circl.lu/sighting/44612db7-3c02-45cf-8636-5a7b5d8d973e/export {"uuid": "44612db7-3c02-45cf-8636-5a7b5d8d973e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-13063", "type": "seen", "source": "https://t.me/cibsecurity/10517", "content": "ATENTION\u203c New - CVE-2018-13063\n\nEasy!Appointments 1.3.0 has a Missing Authorization issue allowing retrieval of hashed passwords and salts.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-03-16T17:46:03.000000Z"} {"uuid": "44612db7-3c02-45cf-8636-5a7b5d8d973e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-13063", "type": "seen", "source": "https://t.me/cibsecurity/10517", "content": "ATENTION\u203c New - CVE-2018-13063\n\nEasy!Appointments 1.3.0 has a Missing Authorization issue allowing retrieval of hashed passwords and salts.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-03-16T17:46:03.000000Z"} https://vulnerability.circl.lu/sighting/44612db7-3c02-45cf-8636-5a7b5d8d973e/export Mon, 16 Mar 2020 17:46:03 +0000 8eebc6a9-5873-497f-a5c3-61e1778fc7fe https://vulnerability.circl.lu/sighting/8eebc6a9-5873-497f-a5c3-61e1778fc7fe/export {"uuid": "8eebc6a9-5873-497f-a5c3-61e1778fc7fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-1306", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/204", "content": "#exploit\n1. CVE-2018-1304:\nSecurity constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1-9.0.4, 8.5.0-8.5.27, 8.0.0.RC1-8.0.49, 7.0.0-7.0.84 were only applied once a Servlet had been loaded. Because security constraints defined in this way apply to the URL pattern and any URLs below that point, it was possible - depending on the order Servlets were loaded - for some security constraints not to be applied. This could have exposed resources to users who were not authorised to access them\nhttps://github.com/knqyf263/CVE-2018-1304\nhttps://github.com/thariyarox/tomcat_CVE-2018-1304_testing \n\n2. CVE-2018-1306:\nThe PortletV3AnnotatedDemo Multipart Portlet war file code provided in Apache Pluto 3.0.0 could allow a remote attacker to obtain sensitive information, caused by the failure to restrict path information provided during a file upload\nhttps://github.com/JJSO12/Apache-Pluto-3.0.0--CVE-2018-1306 \n\n3. CVE-2018-1313:\nIn Apache Derby 10.3.1.4-10.14.1.0, a specially-crafted network packet can be used to request the Derby Network Server to boot a database whose location and contents are under the user's control\nhttps://github.com/tafamace/CVE-2018-1313", "creation_timestamp": "2022-06-18T11:47:22.000000Z"} {"uuid": "8eebc6a9-5873-497f-a5c3-61e1778fc7fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-1306", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/204", "content": "#exploit\n1. CVE-2018-1304:\nSecurity constraints defined by annotations of Servlets in Apache Tomcat 9.0.0.M1-9.0.4, 8.5.0-8.5.27, 8.0.0.RC1-8.0.49, 7.0.0-7.0.84 were only applied once a Servlet had been loaded. Because security constraints defined in this way apply to the URL pattern and any URLs below that point, it was possible - depending on the order Servlets were loaded - for some security constraints not to be applied. This could have exposed resources to users who were not authorised to access them\nhttps://github.com/knqyf263/CVE-2018-1304\nhttps://github.com/thariyarox/tomcat_CVE-2018-1304_testing \n\n2. CVE-2018-1306:\nThe PortletV3AnnotatedDemo Multipart Portlet war file code provided in Apache Pluto 3.0.0 could allow a remote attacker to obtain sensitive information, caused by the failure to restrict path information provided during a file upload\nhttps://github.com/JJSO12/Apache-Pluto-3.0.0--CVE-2018-1306 \n\n3. CVE-2018-1313:\nIn Apache Derby 10.3.1.4-10.14.1.0, a specially-crafted network packet can be used to request the Derby Network Server to boot a database whose location and contents are under the user's control\nhttps://github.com/tafamace/CVE-2018-1313", "creation_timestamp": "2022-06-18T11:47:22.000000Z"} https://vulnerability.circl.lu/sighting/8eebc6a9-5873-497f-a5c3-61e1778fc7fe/export Sat, 18 Jun 2022 11:47:22 +0000 498f36ec-c528-424d-a6e1-2df85c2d3d56 https://vulnerability.circl.lu/sighting/498f36ec-c528-424d-a6e1-2df85c2d3d56/export {"uuid": "498f36ec-c528-424d-a6e1-2df85c2d3d56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-13060", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/434", "content": "#exploit\n1. CVE-2018-13060:\nEasy!Appointments - Captcha bypass\nhttps://sysdream.com/news/lab/2019-10-25-cve-2018-13060-easy-appointments-captcha-bypass\n\n2. CVE-2018-13063:\nEasy!Appointments - Multiple confidential information leakage\nhttps://sysdream.com/news/lab/2019-10-25-cve-2018-13063-easy-appointments-multiple-confidential-information-leakage", "creation_timestamp": "2024-05-07T23:20:27.000000Z"} {"uuid": "498f36ec-c528-424d-a6e1-2df85c2d3d56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-13060", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/434", "content": "#exploit\n1. CVE-2018-13060:\nEasy!Appointments - Captcha bypass\nhttps://sysdream.com/news/lab/2019-10-25-cve-2018-13060-easy-appointments-captcha-bypass\n\n2. CVE-2018-13063:\nEasy!Appointments - Multiple confidential information leakage\nhttps://sysdream.com/news/lab/2019-10-25-cve-2018-13063-easy-appointments-multiple-confidential-information-leakage", "creation_timestamp": "2024-05-07T23:20:27.000000Z"} https://vulnerability.circl.lu/sighting/498f36ec-c528-424d-a6e1-2df85c2d3d56/export Tue, 07 May 2024 23:20:27 +0000 82bc7cb5-b97f-4ae2-abe2-6e5afce142ab https://vulnerability.circl.lu/sighting/82bc7cb5-b97f-4ae2-abe2-6e5afce142ab/export {"uuid": "82bc7cb5-b97f-4ae2-abe2-6e5afce142ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-13063", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/434", "content": "#exploit\n1. CVE-2018-13060:\nEasy!Appointments - Captcha bypass\nhttps://sysdream.com/news/lab/2019-10-25-cve-2018-13060-easy-appointments-captcha-bypass\n\n2. CVE-2018-13063:\nEasy!Appointments - Multiple confidential information leakage\nhttps://sysdream.com/news/lab/2019-10-25-cve-2018-13063-easy-appointments-multiple-confidential-information-leakage", "creation_timestamp": "2024-05-07T23:20:27.000000Z"} {"uuid": "82bc7cb5-b97f-4ae2-abe2-6e5afce142ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-13063", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/434", "content": "#exploit\n1. CVE-2018-13060:\nEasy!Appointments - Captcha bypass\nhttps://sysdream.com/news/lab/2019-10-25-cve-2018-13060-easy-appointments-captcha-bypass\n\n2. CVE-2018-13063:\nEasy!Appointments - Multiple confidential information leakage\nhttps://sysdream.com/news/lab/2019-10-25-cve-2018-13063-easy-appointments-multiple-confidential-information-leakage", "creation_timestamp": "2024-05-07T23:20:27.000000Z"} https://vulnerability.circl.lu/sighting/82bc7cb5-b97f-4ae2-abe2-6e5afce142ab/export Tue, 07 May 2024 23:20:27 +0000