Most recent sightings.

https://vulnerability.circl.lu/sightings/feed Most recent sightings. 2026-05-08T23:06:02.877997+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/8677c17d-76e3-45df-9e5b-0ac9adb8c63d/export 8677c17d-76e3-45df-9e5b-0ac9adb8c63d 2026-05-08T23:06:03.286164+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "8677c17d-76e3-45df-9e5b-0ac9adb8c63d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40921", "type": "seen", "source": "https://t.me/cibsecurity/29816", "content": "\u203c CVE-2021-40921 \u203c\n\nCross-site scripting (XSS) vulnerability in _contactform.inc.php in Detector 0.8.5 and below version allows remote attackers to inject arbitrary web script or HTML via the cid parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-01T20:15:27.000000Z"} 2021-10-01T20:15:27+00:00 https://vulnerability.circl.lu/sighting/fc74f54b-9a38-4bdd-8adf-bda9613d9bb2/export fc74f54b-9a38-4bdd-8adf-bda9613d9bb2 2026-05-08T23:06:03.286055+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "fc74f54b-9a38-4bdd-8adf-bda9613d9bb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40925", "type": "seen", "source": "https://t.me/cibsecurity/29817", "content": "\u203c CVE-2021-40925 \u203c\n\nCross-site scripting (XSS) vulnerability in dompdf/dompdf/www/demo.php infaveo-helpdesk v1.11.0 and below allow remote attackers to inject arbitrary web script or HTML via the $_SERVER[\"PHP_SELF\"] parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-01T20:15:28.000000Z"} 2021-10-01T20:15:28+00:00 https://vulnerability.circl.lu/sighting/f0e27852-4e15-4806-8ab9-b567bf217a08/export f0e27852-4e15-4806-8ab9-b567bf217a08 2026-05-08T23:06:03.285935+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "f0e27852-4e15-4806-8ab9-b567bf217a08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40923", "type": "seen", "source": "https://t.me/cibsecurity/29823", "content": "\u203c CVE-2021-40923 \u203c\n\nCross-site scripting (XSS) vulnerability in install/index.php in bugs 1.8 and below version allows remote attackers to inject arbitrary web script or HTML via the email parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-01T20:15:34.000000Z"} 2021-10-01T20:15:34+00:00 https://vulnerability.circl.lu/sighting/4b738b31-70c4-41a9-ac4b-ae2a8a21af9c/export 4b738b31-70c4-41a9-ac4b-ae2a8a21af9c 2026-05-08T23:06:03.285789+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "4b738b31-70c4-41a9-ac4b-ae2a8a21af9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40927", "type": "seen", "source": "https://t.me/cibsecurity/29824", "content": "\u203c CVE-2021-40927 \u203c\n\nCross-site scripting (XSS) vulnerability in callback.php in Spotify-for-Alfred 0.13.9 and below allows remote attackers to inject arbitrary web script or HTML via the error parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-01T20:15:38.000000Z"} 2021-10-01T20:15:38+00:00 https://vulnerability.circl.lu/sighting/a2bdfcd3-fecc-4d6d-ac1d-2d4ba0f6104f/export a2bdfcd3-fecc-4d6d-ac1d-2d4ba0f6104f 2026-05-08T23:06:03.285629+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "a2bdfcd3-fecc-4d6d-ac1d-2d4ba0f6104f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40928", "type": "seen", "source": "https://t.me/cibsecurity/29825", "content": "\u203c CVE-2021-40928 \u203c\n\nCross-site scripting (XSS) vulnerability in index.php in FlexTV beta development version allows remote attackers to inject arbitrary web script or HTML via the PHP_SELF parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-01T20:15:39.000000Z"} 2021-10-01T20:15:39+00:00 https://vulnerability.circl.lu/sighting/8fa1fd10-6c95-4d53-b3fe-6da8ff4fef6d/export 8fa1fd10-6c95-4d53-b3fe-6da8ff4fef6d 2026-05-08T23:06:03.285468+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "8fa1fd10-6c95-4d53-b3fe-6da8ff4fef6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40926", "type": "seen", "source": "https://t.me/cibsecurity/29827", "content": "\u203c CVE-2021-40926 \u203c\n\nCross-site scripting (XSS) vulnerability in demos/demo.mysqli.php in getID3 1.X and v2.0.0-beta allows remote attackers to inject arbitrary web script or HTML via the showtagfiles parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-01T20:15:41.000000Z"} 2021-10-01T20:15:41+00:00 https://vulnerability.circl.lu/sighting/16d32652-54d7-419e-9564-c9b73e53365f/export 16d32652-54d7-419e-9564-c9b73e53365f 2026-05-08T23:06:03.285296+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "16d32652-54d7-419e-9564-c9b73e53365f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40922", "type": "seen", "source": "https://t.me/cibsecurity/29829", "content": "\u203c CVE-2021-40922 \u203c\n\nCross-site scripting (XSS) vulnerability in install/index.php in bugs 1.8 and below version allows remote attackers to inject arbitrary web script or HTML via the last_name parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-01T20:15:43.000000Z"} 2021-10-01T20:15:43+00:00 https://vulnerability.circl.lu/sighting/d4689631-47ce-486e-aa9a-1fdb310412ad/export d4689631-47ce-486e-aa9a-1fdb310412ad 2026-05-08T23:06:03.285063+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "d4689631-47ce-486e-aa9a-1fdb310412ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40924", "type": "seen", "source": "https://t.me/cibsecurity/29831", "content": "\u203c CVE-2021-40924 \u203c\n\nCross-site scripting (XSS) vulnerability in install/index.php in bugs 1.8 and below version allows remote attackers to inject arbitrary web script or HTML via the first_name parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-01T20:15:45.000000Z"} 2021-10-01T20:15:45+00:00 https://vulnerability.circl.lu/sighting/92bf7162-5e63-4481-83e1-3e8275e93276/export 92bf7162-5e63-4481-83e1-3e8275e93276 2026-05-08T23:06:03.282675+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "92bf7162-5e63-4481-83e1-3e8275e93276", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4092", "type": "seen", "source": "https://t.me/cibsecurity/33768", "content": "\u203c CVE-2021-4092 \u203c\n\nyetiforcecrm is vulnerable to Cross-Site Request Forgery (CSRF)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-11T16:26:08.000000Z"} 2021-12-11T16:26:08+00:00