<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Sat, 18 Jul 2026 01:28:23 +0000</lastBuildDate>
    <item>
      <title>dffa3e4b-7fa1-4d77-9520-fdc31f6017df</title>
      <link>https://vulnerability.circl.lu/sighting/dffa3e4b-7fa1-4d77-9520-fdc31f6017df/export</link>
      <description>{"uuid": "dffa3e4b-7fa1-4d77-9520-fdc31f6017df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44314", "type": "seen", "source": "MISP/02fb130c-7874-4693-9b66-81ed91a2e996", "content": "", "creation_timestamp": "2025-08-21T03:19:28.000000Z"}</description>
      <content:encoded>{"uuid": "dffa3e4b-7fa1-4d77-9520-fdc31f6017df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44314", "type": "seen", "source": "MISP/02fb130c-7874-4693-9b66-81ed91a2e996", "content": "", "creation_timestamp": "2025-08-21T03:19:28.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/dffa3e4b-7fa1-4d77-9520-fdc31f6017df/export</guid>
      <pubDate>Thu, 21 Aug 2025 03:19:28 +0000</pubDate>
    </item>
    <item>
      <title>e8f29b88-580e-4fd7-a3e6-7497c0c1cdd1</title>
      <link>https://vulnerability.circl.lu/sighting/e8f29b88-580e-4fd7-a3e6-7497c0c1cdd1/export</link>
      <description>{"uuid": "e8f29b88-580e-4fd7-a3e6-7497c0c1cdd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44314", "type": "seen", "source": "MISP/02fb130c-7874-4693-9b66-81ed91a2e996", "content": "", "creation_timestamp": "2025-08-12T13:33:28.000000Z"}</description>
      <content:encoded>{"uuid": "e8f29b88-580e-4fd7-a3e6-7497c0c1cdd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44314", "type": "seen", "source": "MISP/02fb130c-7874-4693-9b66-81ed91a2e996", "content": "", "creation_timestamp": "2025-08-12T13:33:28.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/e8f29b88-580e-4fd7-a3e6-7497c0c1cdd1/export</guid>
      <pubDate>Tue, 12 Aug 2025 13:33:28 +0000</pubDate>
    </item>
    <item>
      <title>b699d170-1678-451f-9d7c-57ad77507c5a</title>
      <link>https://vulnerability.circl.lu/sighting/b699d170-1678-451f-9d7c-57ad77507c5a/export</link>
      <description>{"uuid": "b699d170-1678-451f-9d7c-57ad77507c5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44313", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8720", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-44313\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the invoice() function within Orders.php which allows unauthorized users to access and generate invoices due to missing permission checks.\n\ud83d\udccf Published: 2025-03-18T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-25T18:16:50.241Z\n\ud83d\udd17 References:\n1. https://github.com/tastyigniter/TastyIgniter/blob/3.x/app/admin/controllers/Orders.php\n2. https://medium.com/@cnetsec/cve-2024-44313-incorrect-access-control-in-tastyigniter-3-7-6-01a73c548b74", "creation_timestamp": "2025-03-25T18:25:06.000000Z"}</description>
      <content:encoded>{"uuid": "b699d170-1678-451f-9d7c-57ad77507c5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44313", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8720", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-44313\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the invoice() function within Orders.php which allows unauthorized users to access and generate invoices due to missing permission checks.\n\ud83d\udccf Published: 2025-03-18T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-25T18:16:50.241Z\n\ud83d\udd17 References:\n1. https://github.com/tastyigniter/TastyIgniter/blob/3.x/app/admin/controllers/Orders.php\n2. https://medium.com/@cnetsec/cve-2024-44313-incorrect-access-control-in-tastyigniter-3-7-6-01a73c548b74", "creation_timestamp": "2025-03-25T18:25:06.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/b699d170-1678-451f-9d7c-57ad77507c5a/export</guid>
      <pubDate>Tue, 25 Mar 2025 18:25:06 +0000</pubDate>
    </item>
    <item>
      <title>941b7b22-b589-4316-bc85-30977fba9bf6</title>
      <link>https://vulnerability.circl.lu/sighting/941b7b22-b589-4316-bc85-30977fba9bf6/export</link>
      <description>{"uuid": "941b7b22-b589-4316-bc85-30977fba9bf6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44313", "type": "published-proof-of-concept", "source": "Telegram/p7hLiccLONdwM2MX7hUwrX2iUDsZPVrkGyNQ09EnNeNIo2E", "content": "", "creation_timestamp": "2025-03-20T12:00:09.000000Z"}</description>
      <content:encoded>{"uuid": "941b7b22-b589-4316-bc85-30977fba9bf6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44313", "type": "published-proof-of-concept", "source": "Telegram/p7hLiccLONdwM2MX7hUwrX2iUDsZPVrkGyNQ09EnNeNIo2E", "content": "", "creation_timestamp": "2025-03-20T12:00:09.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/941b7b22-b589-4316-bc85-30977fba9bf6/export</guid>
      <pubDate>Thu, 20 Mar 2025 12:00:09 +0000</pubDate>
    </item>
    <item>
      <title>f7f04d26-8daa-4e67-9962-5c62f024d589</title>
      <link>https://vulnerability.circl.lu/sighting/f7f04d26-8daa-4e67-9962-5c62f024d589/export</link>
      <description>{"uuid": "f7f04d26-8daa-4e67-9962-5c62f024d589", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44313", "type": "published-proof-of-concept", "source": "Telegram/YBrr9bnrMsHvjVMlNhE_R_T9Bu1Hec2ynwQC5xZi-avV8gw", "content": "", "creation_timestamp": "2025-03-20T04:00:07.000000Z"}</description>
      <content:encoded>{"uuid": "f7f04d26-8daa-4e67-9962-5c62f024d589", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44313", "type": "published-proof-of-concept", "source": "Telegram/YBrr9bnrMsHvjVMlNhE_R_T9Bu1Hec2ynwQC5xZi-avV8gw", "content": "", "creation_timestamp": "2025-03-20T04:00:07.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/f7f04d26-8daa-4e67-9962-5c62f024d589/export</guid>
      <pubDate>Thu, 20 Mar 2025 04:00:07 +0000</pubDate>
    </item>
    <item>
      <title>812ba695-5fd2-4c3e-b123-628fd1212f5b</title>
      <link>https://vulnerability.circl.lu/sighting/812ba695-5fd2-4c3e-b123-628fd1212f5b/export</link>
      <description>{"uuid": "812ba695-5fd2-4c3e-b123-628fd1212f5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44314", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkobidrba52s", "content": "", "creation_timestamp": "2025-03-18T18:13:36.122851Z"}</description>
      <content:encoded>{"uuid": "812ba695-5fd2-4c3e-b123-628fd1212f5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44314", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkobidrba52s", "content": "", "creation_timestamp": "2025-03-18T18:13:36.122851Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/812ba695-5fd2-4c3e-b123-628fd1212f5b/export</guid>
      <pubDate>Tue, 18 Mar 2025 18:13:36 +0000</pubDate>
    </item>
    <item>
      <title>97a4a2b5-42a5-4502-bdee-060f2a10ae51</title>
      <link>https://vulnerability.circl.lu/sighting/97a4a2b5-42a5-4502-bdee-060f2a10ae51/export</link>
      <description>{"uuid": "97a4a2b5-42a5-4502-bdee-060f2a10ae51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44313", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkobicnrvt26", "content": "", "creation_timestamp": "2025-03-18T18:13:30.606112Z"}</description>
      <content:encoded>{"uuid": "97a4a2b5-42a5-4502-bdee-060f2a10ae51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44313", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkobicnrvt26", "content": "", "creation_timestamp": "2025-03-18T18:13:30.606112Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/97a4a2b5-42a5-4502-bdee-060f2a10ae51/export</guid>
      <pubDate>Tue, 18 Mar 2025 18:13:30 +0000</pubDate>
    </item>
    <item>
      <title>afc49744-2d4a-4b0e-8ad3-c99db446fab3</title>
      <link>https://vulnerability.circl.lu/sighting/afc49744-2d4a-4b0e-8ad3-c99db446fab3/export</link>
      <description>{"uuid": "afc49744-2d4a-4b0e-8ad3-c99db446fab3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44314", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7907", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-44314\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the Orders Management System, allowing unauthorized users to update order statuses. The issue occurs in the index_onUpdateStatus() function within Orders.php, which fails to verify if the user has permission to modify an order's status. This flaw can be exploited remotely, leading to unauthorized order manipulation.\n\ud83d\udccf Published: 2025-03-18T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-18T14:43:27.351Z\n\ud83d\udd17 References:\n1. https://github.com/tastyigniter/TastyIgniter/blob/3.x/app/admin/controllers/Orders.php\n2. https://medium.com/@cnetsec/cve-2024-44314-incorrect-access-control-in-function-updateorder-fc5f2b1b0467", "creation_timestamp": "2025-03-18T14:49:56.000000Z"}</description>
      <content:encoded>{"uuid": "afc49744-2d4a-4b0e-8ad3-c99db446fab3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-44314", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7907", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-44314\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the Orders Management System, allowing unauthorized users to update order statuses. The issue occurs in the index_onUpdateStatus() function within Orders.php, which fails to verify if the user has permission to modify an order's status. This flaw can be exploited remotely, leading to unauthorized order manipulation.\n\ud83d\udccf Published: 2025-03-18T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-18T14:43:27.351Z\n\ud83d\udd17 References:\n1. https://github.com/tastyigniter/TastyIgniter/blob/3.x/app/admin/controllers/Orders.php\n2. https://medium.com/@cnetsec/cve-2024-44314-incorrect-access-control-in-function-updateorder-fc5f2b1b0467", "creation_timestamp": "2025-03-18T14:49:56.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/afc49744-2d4a-4b0e-8ad3-c99db446fab3/export</guid>
      <pubDate>Tue, 18 Mar 2025 14:49:56 +0000</pubDate>
    </item>
  </channel>
</rss>
