https://vulnerability.circl.lu/sightings/feedMost recent sightings.2026-05-04T17:50:23.128315+00:00Vulnerability-Lookupinfo@circl.lupython-feedgenContains only the most 10 recent sightings.https://vulnerability.circl.lu/sighting/e5db153f-71b2-4367-bedb-eaee80f49b23/exporte5db153f-71b2-4367-bedb-eaee80f49b232026-05-04T17:50:23.566531+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "e5db153f-71b2-4367-bedb-eaee80f49b23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27130", "type": "seen", "source": "https://t.me/cibsecurity/60149", "content": "\u203c CVE-2023-27130 \u203c\n\nCross Site Scripting vulnerability found in Typecho v.1.2.0 allows a remote attacker to execute arbitrary code via an arbitrarily supplied URL parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-16T17:30:55.000000Z"}2023-03-16T17:30:55+00:00https://vulnerability.circl.lu/sighting/6b97cbd2-f06b-47cf-a264-a35e33120a01/export6b97cbd2-f06b-47cf-a264-a35e33120a012026-05-04T17:50:23.566446+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "6b97cbd2-f06b-47cf-a264-a35e33120a01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27131", "type": "seen", "source": "https://t.me/cibsecurity/60160", "content": "\u203c CVE-2023-27131 \u203c\n\nCross Site Scripting vulnerability found in Typecho v.1.2.0 allows a remote attacker to execute arbitrary code viathe Post Editorparameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-16T17:31:09.000000Z"}2023-03-16T17:31:09+00:00https://vulnerability.circl.lu/sighting/2eda0743-d7f2-4047-826a-86cd80eebca0/export2eda0743-d7f2-4047-826a-86cd80eebca02026-05-04T17:50:23.566363+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "2eda0743-d7f2-4047-826a-86cd80eebca0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27135", "type": "seen", "source": "https://t.me/cibsecurity/60579", "content": "\u203c CVE-2023-27135 \u203c\n\nTOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the enabled parameter at /setting/setWanIeCfg.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-23T17:41:52.000000Z"}2023-03-23T17:41:52+00:00https://vulnerability.circl.lu/sighting/c089fb7a-f8c2-4c08-9d36-379640fff1a4/exportc089fb7a-f8c2-4c08-9d36-379640fff1a42026-05-04T17:50:23.566259+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "c089fb7a-f8c2-4c08-9d36-379640fff1a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2713", "type": "seen", "source": "https://t.me/cibsecurity/64483", "content": "\u203c CVE-2023-2713 \u203c\n\nAuthorization Bypass Through User-Controlled Key vulnerability in \"Rental Module\" developed by third-party for Ideasoft's E-commerce Platform allows Authentication Abuse, Authentication Bypass.This issue affects Rental Module: before 23.05.15.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-20T14:23:51.000000Z"}2023-05-20T14:23:51+00:00https://vulnerability.circl.lu/sighting/53d061c1-1648-4967-b1e0-9392e6da8c3d/export53d061c1-1648-4967-b1e0-9392e6da8c3d2026-05-04T17:50:23.566165+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "53d061c1-1648-4967-b1e0-9392e6da8c3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27133", "type": "seen", "source": "https://t.me/cibsecurity/72443", "content": "\u203c CVE-2023-27133 \u203c\n\nTSplus Remote Work 16.0.0.0 has weak permissions for .exe, .js, and .html files under the %PROGRAMFILES(X86)%\\TSplus-RemoteWork\\Clients\\www folder. This may enable privilege escalation if a different local user modifies a file. NOTE: CVE-2023-31067 and CVE-2023-31068 are only about the TSplus Remote Access product, not the TSplus Remote Work product.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-17T20:33:01.000000Z"}2023-10-17T20:33:01+00:00https://vulnerability.circl.lu/sighting/1841c890-09b6-4d27-be9a-36cb66a8dcff/export1841c890-09b6-4d27-be9a-36cb66a8dcff2026-05-04T17:50:23.566068+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "1841c890-09b6-4d27-be9a-36cb66a8dcff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27132", "type": "seen", "source": "https://t.me/cibsecurity/72444", "content": "\u203c CVE-2023-27132 \u203c\n\nTSplus Remote Work 16.0.0.0 places a cleartext password on the \"var pass\" line of the HTML source code for the secure single sign-on web portal. NOTE: CVE-2023-31069 is only about the TSplus Remote Access product, not the TSplus Remote Work product.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-17T20:33:04.000000Z"}2023-10-17T20:33:04+00:00https://vulnerability.circl.lu/sighting/4654342a-7774-484b-9f70-2d830e6eedb2/export4654342a-7774-484b-9f70-2d830e6eedb22026-05-04T17:50:23.565935+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "4654342a-7774-484b-9f70-2d830e6eedb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27133", "type": "seen", "source": "https://t.me/arpsyndicate/2428", "content": "#ExploitObserverAlert\n\nCVE-2023-27133\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-27133. TSplus Remote Work 16.0.0.0 has weak permissions for .exe, .js, and .html files under the %PROGRAMFILES(X86)%\\TSplus-RemoteWork\\Clients\\www folder. This may enable privilege escalation if a different local user modifies a file. NOTE: CVE-2023-31067 and CVE-2023-31068 are only about the TSplus Remote Access product, not the TSplus Remote Work product.\n\nFIRST-EPSS: 0.001300000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2024-01-04T04:19:43.000000Z"}2024-01-04T04:19:43+00:00https://vulnerability.circl.lu/sighting/b3684a85-1b37-4534-8cce-4c21005003d6/exportb3684a85-1b37-4534-8cce-4c21005003d62026-05-04T17:50:23.563655+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "b3684a85-1b37-4534-8cce-4c21005003d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27130", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6269", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-27130\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Cross Site Scripting vulnerability found in Typecho v.1.2.0 allows a remote attacker to execute arbitrary code via an arbitrarily supplied URL parameter.\n\ud83d\udccf Published: 2023-03-16T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-03T19:08:28.843Z\n\ud83d\udd17 References:\n1. https://github.com/typecho/typecho/issues/1535\n2. https://github.com/typecho/typecho/commit/f9ede542c9052ba22a6096d8412e2f02d9de872b", "creation_timestamp": "2025-03-03T19:31:06.000000Z"}2025-03-03T19:31:06+00:00