https://vulnerability.circl.lu/sightings/feedMost recent sightings.2026-05-05T02:38:29.278099+00:00Vulnerability-Lookupinfo@circl.lupython-feedgenContains only the most 10 recent sightings.https://vulnerability.circl.lu/sighting/f652d58a-dca9-4f12-8f4c-3eb9c25eaadc/exportf652d58a-dca9-4f12-8f4c-3eb9c25eaadc2026-05-05T02:38:29.601421+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "f652d58a-dca9-4f12-8f4c-3eb9c25eaadc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29517", "type": "seen", "source": "https://t.me/cibsecurity/62429", "content": "\u203c CVE-2023-29517 \u203c\n\nXWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. The office document viewer macro was allowing anyone to see any file content from the hosting server, provided that the office server was connected and depending on the permissions of the user running the servlet engine (e.g. tomcat) running XWiki. The same vulnerability also allowed to perform internal requests to resources from the hosting server. The problem has been patched in XWiki 13.10.11, 14.10.1, 14.4.8, 15.0-rc-1. Users are advised to upgrade. It might be possible to workaround this vulnerability by running XWiki in a sandbox with a user with very low privileges on the machine.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-19T07:43:12.000000Z"}2023-04-19T07:43:12+00:00https://vulnerability.circl.lu/sighting/dd708d0a-f96b-4e1f-9000-1a69f5538ac2/exportdd708d0a-f96b-4e1f-9000-1a69f5538ac22026-05-05T02:38:29.601345+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "dd708d0a-f96b-4e1f-9000-1a69f5538ac2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29510", "type": "seen", "source": "https://t.me/cibsecurity/62433", "content": "\u203c CVE-2023-29510 \u203c\n\nXWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. In XWiki, every user can add translations that are only applied to the current user. This also allows overriding existing translations. Such translations are often included in privileged contexts without any escaping which allows remote code execution for any user who has edit access on at least one document which could be the user's own profile where edit access is enabled by default. A mitigation for this vulnerability is part of XWiki 14.10.2 and XWiki 15.0 RC1: translations with user scope now require script right. This means that regular users cannot exploit this anymore as users don't have script right by default anymore starting with XWiki 14.10. There are no known workarounds apart from upgrading to a patched versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-19T07:43:16.000000Z"}2023-04-19T07:43:16+00:00https://vulnerability.circl.lu/sighting/7dfc3b57-54a8-410e-ab5d-5c11677b6d75/export7dfc3b57-54a8-410e-ab5d-5c11677b6d752026-05-05T02:38:29.601266+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "7dfc3b57-54a8-410e-ab5d-5c11677b6d75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29515", "type": "seen", "source": "https://t.me/cibsecurity/62434", "content": "\u203c CVE-2023-29515 \u203c\n\nXWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user who can create a space can become admin of that space through App Within Minutes. The admin right implies the script right and thus allows JavaScript injection. The vulnerability can be exploited by creating an app in App Within Minutes. If the button should be disabled because the user doesn't have global edit right, the app can also be created by directly opening `/xwiki/bin/view/AppWithinMinutes/CreateApplication?wizard=true` on the XWiki installation. This has been patched in XWiki 13.10.11, 14.4.8, 14.10.1 and 15.0 RC1 by not granting the space admin right if the user doesn't have script right on the space where the app is created. Error message are displayed to warn the user that the app will be broken in this case. Users who became space admin through this vulnerability won't loose the space admin right due to the fix, so it is advised to check if all users who created AWM apps should keep their space admin rights. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-19T07:43:20.000000Z"}2023-04-19T07:43:20+00:00https://vulnerability.circl.lu/sighting/e6320cc1-0b30-45d3-883f-14a32937683e/exporte6320cc1-0b30-45d3-883f-14a32937683e2026-05-05T02:38:29.601187+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "e6320cc1-0b30-45d3-883f-14a32937683e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29519", "type": "seen", "source": "https://t.me/cibsecurity/62443", "content": "\u203c CVE-2023-29519 \u203c\n\nXWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A registered user can perform remote code execution leading to privilege escalation by injecting the proper code in the \"property\" field of an attachment selector, as a gadget of their own dashboard. Note that the vulnerability does not impact comments of a wiki. The vulnerability has been patched in XWiki 13.10.11, 14.4.8, 14.10.2, 15.0-rc-1. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-19T07:43:31.000000Z"}2023-04-19T07:43:31+00:00https://vulnerability.circl.lu/sighting/5a9a3c3e-571b-4966-99f8-8e0e12c02fc5/export5a9a3c3e-571b-4966-99f8-8e0e12c02fc52026-05-05T02:38:29.601107+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "5a9a3c3e-571b-4966-99f8-8e0e12c02fc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29514", "type": "seen", "source": "https://t.me/cibsecurity/62446", "content": "\u203c CVE-2023-29514 \u203c\n\nXWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with edit rights on any document (e.g., their own user profile) can execute code with programming rights, leading to remote code execution. This vulnerability has been patched in XWiki 13.10.11, 14.4.8, 14.10.1 and 15.0 RC1. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-19T07:43:37.000000Z"}2023-04-19T07:43:37+00:00https://vulnerability.circl.lu/sighting/7abc7142-72a1-49c6-af9f-0aaa7dffbe52/export7abc7142-72a1-49c6-af9f-0aaa7dffbe522026-05-05T02:38:29.601029+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "7abc7142-72a1-49c6-af9f-0aaa7dffbe52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-29518", "type": "seen", "source": "https://t.me/cibsecurity/62447", "content": "\u203c CVE-2023-29518 \u203c\n\nXWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Any user with view rights can execute arbitrary Groovy, Python or Velocity code in XWiki leading to full access to the XWiki installation. The root cause is improper escaping of `Invitation.InvitationCommon`. This page is installed by default. The vulnerability has been patched in XWiki 15.0-rc-1, 14.10.1, 14.4.8, and 13.10.11. Users are advised to upgrade. There are no known workarounds for this issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-19T07:43:38.000000Z"}2023-04-19T07:43:38+00:00https://vulnerability.circl.lu/sighting/29dd958c-2bbd-4b33-bc85-187fc630969f/export29dd958c-2bbd-4b33-bc85-187fc630969f2026-05-05T02:38:29.600930+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "29dd958c-2bbd-4b33-bc85-187fc630969f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2951", "type": "seen", "source": "https://t.me/cibsecurity/64747", "content": "\u203c CVE-2023-2951 \u203c\n\nA vulnerability classified as critical has been found in code-projects Bus Dispatch and Information System 1.0. Affected is an unknown function of the file delete_bus.php. The manipulation of the argument busid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-230112.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-28T13:24:45.000000Z"}2023-05-28T13:24:45+00:00https://vulnerability.circl.lu/sighting/9be21ed6-722d-46d1-8405-5155e0ff61c8/export9be21ed6-722d-46d1-8405-5155e0ff61c82026-05-05T02:38:29.600664+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "9be21ed6-722d-46d1-8405-5155e0ff61c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2951", "type": "seen", "source": "https://t.me/arpsyndicate/575", "content": "#ExploitObserverAlert\n\nCVE-2023-2951\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-2951. A vulnerability classified as critical has been found in code-projects Bus Dispatch and Information System 1.0. Affected is an unknown function of the file delete_bus.php. The manipulation of the argument busid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-230112.\n\nFIRST-EPSS: 0.000670000\nNVD-IS: 5.2\nNVD-ES: 3.9", "creation_timestamp": "2023-11-25T06:45:07.000000Z"}2023-11-25T06:45:07+00:00https://vulnerability.circl.lu/sighting/5314248f-fc72-4c20-9f77-f5bdda9c0bbf/export5314248f-fc72-4c20-9f77-f5bdda9c0bbf2026-05-05T02:38:29.597290+00:00Automation userhttp://vulnerability.circl.lu/user/automation{"uuid": "5314248f-fc72-4c20-9f77-f5bdda9c0bbf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2951", "type": "seen", "source": "https://t.me/arpsyndicate/1623", "content": "#ExploitObserverAlert\n\nCVE-2023-2951\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-2951. A vulnerability classified as critical has been found in code-projects Bus Dispatch and Information System 1.0. Affected is an unknown function of the file delete_bus.php. The manipulation of the argument busid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-230112.\n\nFIRST-EPSS: 0.000670000\nNVD-IS: 5.2\nNVD-ES: 3.9", "creation_timestamp": "2023-12-10T13:02:53.000000Z"}2023-12-10T13:02:53+00:00