https://vulnerability.circl.lu/sightings/feed 2026-05-04T19:19:44.302927+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/5730b35c-8ee6-4da6-b417-b78348426673/export 2026-05-04T19:19:44.729450+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "5730b35c-8ee6-4da6-b417-b78348426673", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32115", "type": "seen", "source": "https://t.me/cibsecurity/45806", "content": "\u203c CVE-2022-32115 \u203c\n\nAn issue in the isSVG() function of Known v1.2.2+2020061101 allows attackers to execute arbitrary code via a crafted SVG file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-09T03:51:47.000000Z"} 2022-07-09T03:51:47+00:00 https://vulnerability.circl.lu/sighting/b71cbeb3-835c-41d0-987f-6e80720aca53/export 2026-05-04T19:19:44.729340+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "b71cbeb3-835c-41d0-987f-6e80720aca53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32114", "type": "seen", "source": "https://t.me/cibsecurity/46206", "content": "\u203c CVE-2022-32114 \u203c\n\nAn unrestricted file upload vulnerability in the Add New Assets function of Strapi v4.1.12 allows attackers to execute arbitrary code via a crafted file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-14T00:37:03.000000Z"} 2022-07-14T00:37:03+00:00 https://vulnerability.circl.lu/sighting/ae5396c2-5139-4b47-8712-d8990df91b28/export 2026-05-04T19:19:44.729225+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "ae5396c2-5139-4b47-8712-d8990df91b28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32119", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2712", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-32119 - Arox-Unrestricted-File-Upload\nURL\uff1ahttps://github.com/JC175/CVE-2022-32119\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-07-15T02:49:06.000000Z"} 2022-07-15T02:49:06+00:00 https://vulnerability.circl.lu/sighting/34ed1e6c-d6ed-4086-9cbe-77293814f053/export 2026-05-04T19:19:44.729103+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "34ed1e6c-d6ed-4086-9cbe-77293814f053", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32118", "type": "seen", "source": "https://t.me/cibsecurity/46305", "content": "\u203c CVE-2022-32118 \u203c\n\nArox School ERP Pro v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the dispatchcategory parameter in backoffice.inc.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-15T16:35:24.000000Z"} 2022-07-15T16:35:24+00:00 https://vulnerability.circl.lu/sighting/abf8ce08-b3c5-4a29-91a7-4a4272e0c6be/export 2026-05-04T19:19:44.728990+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "abf8ce08-b3c5-4a29-91a7-4a4272e0c6be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32119", "type": "seen", "source": "https://t.me/cibsecurity/46306", "content": "\u203c CVE-2022-32119 \u203c\n\nArox School ERP Pro v1.0 was discovered to contain multiple arbitrary file upload vulnerabilities via the Add Photo function at photogalleries.inc.php and the import staff excel function at 1finance_master.inc.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-15T16:35:25.000000Z"} 2022-07-15T16:35:25+00:00 https://vulnerability.circl.lu/sighting/3276e484-3c53-457f-9db2-9b6b7adff7eb/export 2026-05-04T19:19:44.728874+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "3276e484-3c53-457f-9db2-9b6b7adff7eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32119", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6417", "content": "#exploit\n1. CVE-2022-32119:\nArox-Unrestricted-File-Upload\nhttps://github.com/JC175/CVE-2022-32119\n\n2. Android Penetration Tool (RAT for Android)\nhttps://github.com/anirudhmalik/xhunter", "creation_timestamp": "2022-07-17T18:51:02.000000Z"} 2022-07-17T18:51:02+00:00 https://vulnerability.circl.lu/sighting/fef5ee90-d676-489e-ba8d-813d111d0d81/export 2026-05-04T19:19:44.728750+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "fef5ee90-d676-489e-ba8d-813d111d0d81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32119", "type": "published-proof-of-concept", "source": "Telegram/BnM5S5zNNeaAgZhmsQ5GC58SGsVwUigmzA5S5tsXcbsUcw", "content": "", "creation_timestamp": "2022-07-19T12:12:47.000000Z"} 2022-07-19T12:12:47+00:00 https://vulnerability.circl.lu/sighting/ac4c1aa1-ba2c-4871-8f95-ec653b207c0e/export 2026-05-04T19:19:44.728542+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "ac4c1aa1-ba2c-4871-8f95-ec653b207c0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32119", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/862", "content": "Updates On Hackbyte Forum:-\n\n\ud83d\udcccSmbpentest: Test Samba Servers which may have been configured improperly for anonymous access to vulnerable shares\n\n\ud83d\udcccLBOZO: A hybrid Windows Ransomware\n\n\ud83d\udcccHoaxshell: An unconventional Windows reverse shell, currently undetected by Microsoft Defender and other AV solutions, solely based on http(s) traffic\n\n\ud83d\udcccPing Castle Cloud\n\n\ud83d\udcccCoffeeLdr\n\n\ud83d\udcccZimbra #Exploit CVE-2022-30333\n\n\ud83d\udcccCVE-2022-24086 RCE POC\n\n\ud83d\udcccdata.gov.uk \u2013 UK Government Backups\n\n\ud83d\udccctelefonica Ecuador CRM Files Leaks\n\n\ud83d\udcccSvetlogorsk39.ru leak\n\n\ud83d\udcccrbcd-attack\n\n\ud83d\udcccRustyTokenManipulation\n\n\ud83d\udcccOralyzer - Open Redirection Analyzer\n\n\ud83d\udcccSalus \u2013 SBOM Tool\n\n\ud83d\udcccSliver GUI client.\n\n\ud83d\udcccCVE-2022-32119 - Arox-Unrestricted-File-Upload\n\n\ud83d\udcccNodeJS Ransomware\n\n\ud83d\udcccDirble - Fast directory scanning and scraping tool\n\n\ud83d\udcccWebView2-Cookie-Stealer\n\n\ud83d\udcccZombieThread - Another meterpreter injection technique using C# that attempts to bypass WD.\n\n\ud83d\udcccEvil Clippy\n\n\ud83d\udcccEvtx Log (xml) Browser\n\n\ud83d\udcccCVE-2022-30333\n\n\ud83d\udcccCVE-2022-23614: PoC for CVE-2022-23614 (Twig sort filter code execution/sandbox bypass)\n\n\ud83d\udcccCVE-2022-33891 - Apache Spark shell command injection\n\n\ud83d\udcccEJS, Server side template injection RCE (CVE-2022-29078)\n\n\ud83d\udcccBinary Ninja Commercial 3.1.3469 (2022-05-31)\n\n\ud83d\udccccitycollege.edu Health University Leak\n\n\ud83d\udcccFull HHIDE.ORG forum dump\n\n\ud83d\udcccdanish.my Leak\n\n\ud83d\udcccstripchat.com Leak\n\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014\u2014-\n\n\ud83d\udc49\ud83c\udffb\ud83d\udc49\ud83c\udffb Updates:- https://bit.ly/3yRyah3 \ud83d\udc48\ud83c\udffb\ud83d\udc48\ud83c\udffb", "creation_timestamp": "2022-07-19T13:38:52.000000Z"} 2022-07-19T13:38:52+00:00 https://vulnerability.circl.lu/sighting/32a35eb8-93ac-4b72-bf06-040019e5260f/export 2026-05-04T19:19:44.725946+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "32a35eb8-93ac-4b72-bf06-040019e5260f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3211", "type": "seen", "source": "https://t.me/cibsecurity/49826", "content": "\u203c CVE-2022-3211 \u203c\n\nCross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.6.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-15T22:58:20.000000Z"} 2022-09-15T22:58:20+00:00