<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://vulnerability.circl.lu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Thu, 16 Jul 2026 10:47:05 +0000</lastBuildDate>
    <item>
      <title>726a5b9d-a4d3-44fc-95c4-ef0f3fcc6130</title>
      <link>https://vulnerability.circl.lu/sighting/726a5b9d-a4d3-44fc-95c4-ef0f3fcc6130/export</link>
      <description>{"uuid": "726a5b9d-a4d3-44fc-95c4-ef0f3fcc6130", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46367", "type": "seen", "source": "https://t.me/cvedetector/6560", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46367 - Webkul Krayin CRM Stored Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2024-46367 \nPublished : Sept. 27, 2024, 5:15 p.m. | 43\u00a0minutes ago \nDescription : A Stored Cross-Site Scripting (XSS) vulnerability in Webkul Krayin CRM 1.3.0 allows remote attackers to inject arbitrary JavaScript code by submitting a malicious payload within the username field. This can lead to privilege escalation when the payload is executed, granting the attacker elevated permissions within the CRM system. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-27T20:04:56.000000Z"}</description>
      <content:encoded>{"uuid": "726a5b9d-a4d3-44fc-95c4-ef0f3fcc6130", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46367", "type": "seen", "source": "https://t.me/cvedetector/6560", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46367 - Webkul Krayin CRM Stored Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2024-46367 \nPublished : Sept. 27, 2024, 5:15 p.m. | 43\u00a0minutes ago \nDescription : A Stored Cross-Site Scripting (XSS) vulnerability in Webkul Krayin CRM 1.3.0 allows remote attackers to inject arbitrary JavaScript code by submitting a malicious payload within the username field. This can lead to privilege escalation when the payload is executed, granting the attacker elevated permissions within the CRM system. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-27T20:04:56.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/726a5b9d-a4d3-44fc-95c4-ef0f3fcc6130/export</guid>
      <pubDate>Fri, 27 Sep 2024 20:04:56 +0000</pubDate>
    </item>
    <item>
      <title>acafc19a-922d-4e9a-a040-37a2022b6a30</title>
      <link>https://vulnerability.circl.lu/sighting/acafc19a-922d-4e9a-a040-37a2022b6a30/export</link>
      <description>{"uuid": "acafc19a-922d-4e9a-a040-37a2022b6a30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46366", "type": "seen", "source": "https://t.me/cvedetector/6559", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46366 - Webkul Krayin CRM Client-Side Template Injection\", \n  \"Content\": \"CVE ID : CVE-2024-46366 \nPublished : Sept. 27, 2024, 5:15 p.m. | 43\u00a0minutes ago \nDescription : A Client-side Template Injection (CSTI) vulnerability in Webkul Krayin CRM 1.3.0 allows remote attackers to execute arbitrary client-side template code by injecting a malicious payload during the lead creation process. This can lead to privilege escalation when the payload is executed, granting the attacker elevated permissions within the CRM system. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-27T20:04:56.000000Z"}</description>
      <content:encoded>{"uuid": "acafc19a-922d-4e9a-a040-37a2022b6a30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46366", "type": "seen", "source": "https://t.me/cvedetector/6559", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46366 - Webkul Krayin CRM Client-Side Template Injection\", \n  \"Content\": \"CVE ID : CVE-2024-46366 \nPublished : Sept. 27, 2024, 5:15 p.m. | 43\u00a0minutes ago \nDescription : A Client-side Template Injection (CSTI) vulnerability in Webkul Krayin CRM 1.3.0 allows remote attackers to execute arbitrary client-side template code by injecting a malicious payload during the lead creation process. This can lead to privilege escalation when the payload is executed, granting the attacker elevated permissions within the CRM system. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-27T20:04:56.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/acafc19a-922d-4e9a-a040-37a2022b6a30/export</guid>
      <pubDate>Fri, 27 Sep 2024 20:04:56 +0000</pubDate>
    </item>
    <item>
      <title>30a03631-c33a-427a-996b-6309d9d6ab51</title>
      <link>https://vulnerability.circl.lu/sighting/30a03631-c33a-427a-996b-6309d9d6ab51/export</link>
      <description>{"uuid": "30a03631-c33a-427a-996b-6309d9d6ab51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46362", "type": "seen", "source": "https://t.me/cvedetector/5810", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46362 - FrogCMS CSRF Web Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-46362 \nPublished : Sept. 17, 2024, 1:15 p.m. | 18\u00a0minutes ago \nDescription : FrogCMS V0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/plugin/file_manager/create_directory \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-17T15:36:32.000000Z"}</description>
      <content:encoded>{"uuid": "30a03631-c33a-427a-996b-6309d9d6ab51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46362", "type": "seen", "source": "https://t.me/cvedetector/5810", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46362 - FrogCMS CSRF Web Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-46362 \nPublished : Sept. 17, 2024, 1:15 p.m. | 18\u00a0minutes ago \nDescription : FrogCMS V0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/plugin/file_manager/create_directory \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-17T15:36:32.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://vulnerability.circl.lu/sighting/30a03631-c33a-427a-996b-6309d9d6ab51/export</guid>
      <pubDate>Tue, 17 Sep 2024 15:36:32 +0000</pubDate>
    </item>
  </channel>
</rss>
