<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Tue, 07 Jul 2026 09:54:39 +0000</lastBuildDate>
    <item>
      <title>a881a61d-4543-43c5-9e1a-95b2dad009d4</title>
      <link>https://vulnerability.circl.lu/sighting/a881a61d-4543-43c5-9e1a-95b2dad009d4/export</link>
      <description>{"uuid": "a881a61d-4543-43c5-9e1a-95b2dad009d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29577", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lwrspzui2225", "content": "", "creation_timestamp": "2025-08-19T21:02:27.036604Z"}</description>
      <content:encoded>{"uuid": "a881a61d-4543-43c5-9e1a-95b2dad009d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29577", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lwrspzui2225", "content": "", "creation_timestamp": "2025-08-19T21:02:27.036604Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/a881a61d-4543-43c5-9e1a-95b2dad009d4/export</guid>
      <pubDate>Tue, 19 Aug 2025 21:02:27 +0000</pubDate>
    </item>
    <item>
      <title>18dba0fb-370f-494a-a6eb-bfbd60bd3a85</title>
      <link>https://vulnerability.circl.lu/sighting/18dba0fb-370f-494a-a6eb-bfbd60bd3a85/export</link>
      <description>{"uuid": "18dba0fb-370f-494a-a6eb-bfbd60bd3a85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2957", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11805", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-2957\n\ud83d\udd25 CVSS Score: 6.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L)\n\ud83d\udd39 Description: A vulnerability classified as critical was found in SourceCodester Simple and Nice Shopping Cart Script. Affected by this vulnerability is an unknown functionality of the file /mkshop/Men/profile.php. The manipulation of the argument mem_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-207001 was assigned to this vulnerability.\n\ud83d\udccf Published: 2022-08-25T06:10:11.000Z\n\ud83d\udccf Modified: 2025-04-15T13:48:18.683Z\n\ud83d\udd17 References:\n1. https://s1.ax1x.com/2022/08/14/vUSruD.png\n2. https://vuldb.com/?id.207001", "creation_timestamp": "2025-04-15T13:54:26.000000Z"}</description>
      <content:encoded>{"uuid": "18dba0fb-370f-494a-a6eb-bfbd60bd3a85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2957", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11805", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-2957\n\ud83d\udd25 CVSS Score: 6.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L)\n\ud83d\udd39 Description: A vulnerability classified as critical was found in SourceCodester Simple and Nice Shopping Cart Script. Affected by this vulnerability is an unknown functionality of the file /mkshop/Men/profile.php. The manipulation of the argument mem_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-207001 was assigned to this vulnerability.\n\ud83d\udccf Published: 2022-08-25T06:10:11.000Z\n\ud83d\udccf Modified: 2025-04-15T13:48:18.683Z\n\ud83d\udd17 References:\n1. https://s1.ax1x.com/2022/08/14/vUSruD.png\n2. https://vuldb.com/?id.207001", "creation_timestamp": "2025-04-15T13:54:26.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/18dba0fb-370f-494a-a6eb-bfbd60bd3a85/export</guid>
      <pubDate>Tue, 15 Apr 2025 13:54:26 +0000</pubDate>
    </item>
    <item>
      <title>dd463de5-cc1f-4853-9099-10896a04ac15</title>
      <link>https://vulnerability.circl.lu/sighting/dd463de5-cc1f-4853-9099-10896a04ac15/export</link>
      <description>{"uuid": "dd463de5-cc1f-4853-9099-10896a04ac15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2957", "type": "seen", "source": "https://t.me/cibsecurity/48696", "content": "\u203c CVE-2022-2957 \u203c\n\nA vulnerability classified as critical was found in SourceCodester Simple and Nice Shopping Cart Script. Affected by this vulnerability is an unknown functionality of the file /mkshop/Men/profile.php. The manipulation of the argument mem_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-207001 was assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-25T12:28:25.000000Z"}</description>
      <content:encoded>{"uuid": "dd463de5-cc1f-4853-9099-10896a04ac15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2957", "type": "seen", "source": "https://t.me/cibsecurity/48696", "content": "\u203c CVE-2022-2957 \u203c\n\nA vulnerability classified as critical was found in SourceCodester Simple and Nice Shopping Cart Script. Affected by this vulnerability is an unknown functionality of the file /mkshop/Men/profile.php. The manipulation of the argument mem_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-207001 was assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-25T12:28:25.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/dd463de5-cc1f-4853-9099-10896a04ac15/export</guid>
      <pubDate>Thu, 25 Aug 2022 12:28:25 +0000</pubDate>
    </item>
    <item>
      <title>75d05a5a-3712-46f2-8a2c-1b8d75774853</title>
      <link>https://vulnerability.circl.lu/sighting/75d05a5a-3712-46f2-8a2c-1b8d75774853/export</link>
      <description>{"uuid": "75d05a5a-3712-46f2-8a2c-1b8d75774853", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29578", "type": "seen", "source": "https://t.me/cibsecurity/45104", "content": "\u203c CVE-2022-29578 \u203c\n\nMeridian Cooperative Utility Software versions 22.02 and 22.03 allows remote attackers to obtain sensitive information such as name, address, and daily energy usage.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-24T20:31:08.000000Z"}</description>
      <content:encoded>{"uuid": "75d05a5a-3712-46f2-8a2c-1b8d75774853", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29578", "type": "seen", "source": "https://t.me/cibsecurity/45104", "content": "\u203c CVE-2022-29578 \u203c\n\nMeridian Cooperative Utility Software versions 22.02 and 22.03 allows remote attackers to obtain sensitive information such as name, address, and daily energy usage.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-24T20:31:08.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/75d05a5a-3712-46f2-8a2c-1b8d75774853/export</guid>
      <pubDate>Fri, 24 Jun 2022 20:31:08 +0000</pubDate>
    </item>
    <item>
      <title>820d9c4e-19c9-42ed-be4d-3f418d218f8e</title>
      <link>https://vulnerability.circl.lu/sighting/820d9c4e-19c9-42ed-be4d-3f418d218f8e/export</link>
      <description>{"uuid": "820d9c4e-19c9-42ed-be4d-3f418d218f8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29577", "type": "seen", "source": "https://t.me/cibsecurity/41294", "content": "\u203c CVE-2022-29577 \u203c\n\nOWASP AntiSamy before 1.6.7 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does not properly encode the supposed Cascading Style Sheets (CSS) content. NOTE: this issue exists because of an incomplete fix for CVE-2022-28367.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-22T02:27:09.000000Z"}</description>
      <content:encoded>{"uuid": "820d9c4e-19c9-42ed-be4d-3f418d218f8e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-29577", "type": "seen", "source": "https://t.me/cibsecurity/41294", "content": "\u203c CVE-2022-29577 \u203c\n\nOWASP AntiSamy before 1.6.7 allows XSS via HTML tag smuggling on STYLE content with crafted input. The output serializer does not properly encode the supposed Cascading Style Sheets (CSS) content. NOTE: this issue exists because of an incomplete fix for CVE-2022-28367.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-22T02:27:09.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/820d9c4e-19c9-42ed-be4d-3f418d218f8e/export</guid>
      <pubDate>Fri, 22 Apr 2022 02:27:09 +0000</pubDate>
    </item>
  </channel>
</rss>
