Most recent sightings.

https://vulnerability.circl.lu/sightings/feed Most recent sightings. 2026-05-04T21:00:06.511047+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/f96d79dc-6a82-4807-8c75-ba87ad5ccd26/export f96d79dc-6a82-4807-8c75-ba87ad5ccd26 2026-05-04T21:00:06.876164+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "f96d79dc-6a82-4807-8c75-ba87ad5ccd26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49681", "type": "seen", "source": "https://t.me/cvedetector/8796", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-49681 - SWIT WP Sessions Time Monitoring Full Automatic SQL Injection Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-49681 \nPublished : Oct. 24, 2024, 12:15 p.m. | 39\u00a0minutes ago \nDescription : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in SWIT WP Sessions Time Monitoring Full Automatic allows SQL Injection.This issue affects WP Sessions Time Monitoring Full Automatic: from n/a through 1.0.9. \nSeverity: 9.3 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"24 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-24T15:08:51.000000Z"} 2024-10-24T15:08:51+00:00 https://vulnerability.circl.lu/sighting/8e457089-1bb6-4d5a-a35b-f2a80e9490d7/export 8e457089-1bb6-4d5a-a35b-f2a80e9490d7 2026-05-04T21:00:06.876061+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "8e457089-1bb6-4d5a-a35b-f2a80e9490d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49681", "type": "seen", "source": "https://t.me/CyberDilara/1286", "content": "Tools - Hackers Factory \n\n#Purple_Team_Exercises\n\nPurple Team Exercise Framework (PTEF)\n\nhttps://github.com/scythe-io/purple-team-exercise-framework\n\nA new sandbox escape vulnerabilities at #POC2024\n \nblog post: https://jhftss.github.io/A-New-Era-of-macOS-Sandbox-Escapes/\n\nSlides:\nhttps://github.com/jhftss/jhftss.github.io/blob/main/res/slides/A%20New%20Era%20of%20macOS%20Sandbox%20Escapes.pdf\n\n#exploit\n\n1. CVE-2024-49681:\nWP Sessions Time Monitoring Full Automatic <=1.0.9 - Unauthenticated SQLI\n\nhttps://github.com/RandomRobbieBF/CVE-2024-49681\n\n2. CVE-2024-10914:\nD-Link NAS Command Injection\n\nhttps://github.com/imnotcha0s/CVE-2024-10914\n\n3. CVE-2024-50483:\nWP Meetup 0.1 Authentication Bypass\n\nA web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CK\u00ae framework.\n\nhttps://github.com/cisagov/decider\n\n#HackersFactory", "creation_timestamp": "2024-12-08T03:36:04.000000Z"} 2024-12-08T03:36:04+00:00 https://vulnerability.circl.lu/sighting/c5df7ef2-819b-42bb-8f23-617a4c50fe10/export c5df7ef2-819b-42bb-8f23-617a4c50fe10 2026-05-04T21:00:06.875958+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "c5df7ef2-819b-42bb-8f23-617a4c50fe10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49681", "type": "seen", "source": "https://t.me/dilagrafie/3963", "content": "Tools - Hackers Factory \n\n#Purple_Team_Exercises\n\nPurple Team Exercise Framework (PTEF)\n\nhttps://github.com/scythe-io/purple-team-exercise-framework\n\nA new sandbox escape vulnerabilities at #POC2024\n \nblog post: https://jhftss.github.io/A-New-Era-of-macOS-Sandbox-Escapes/\n\nSlides:\nhttps://github.com/jhftss/jhftss.github.io/blob/main/res/slides/A%20New%20Era%20of%20macOS%20Sandbox%20Escapes.pdf\n\n#exploit\n\n1. CVE-2024-49681:\nWP Sessions Time Monitoring Full Automatic <=1.0.9 - Unauthenticated SQLI\n\nhttps://github.com/RandomRobbieBF/CVE-2024-49681\n\n2. CVE-2024-10914:\nD-Link NAS Command Injection\n\nhttps://github.com/imnotcha0s/CVE-2024-10914\n\n3. CVE-2024-50483:\nWP Meetup 0.1 Authentication Bypass\n\nA web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CK\u00ae framework.\n\nhttps://github.com/cisagov/decider\n\n#HackersFactory", "creation_timestamp": "2024-12-08T03:37:01.000000Z"} 2024-12-08T03:37:01+00:00 https://vulnerability.circl.lu/sighting/e0e1571c-b168-40b3-ab14-6e5474188db0/export e0e1571c-b168-40b3-ab14-6e5474188db0 2026-05-04T21:00:06.875848+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "e0e1571c-b168-40b3-ab14-6e5474188db0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49681", "type": "seen", "source": "https://t.me/GrayHatsHack/9111", "content": "Tools - Hackers Factory \n\n#Purple_Team_Exercises\n\nPurple Team Exercise Framework (PTEF)\n\nhttps://github.com/scythe-io/purple-team-exercise-framework\n\nA new sandbox escape vulnerabilities at #POC2024\n \nblog post: https://jhftss.github.io/A-New-Era-of-macOS-Sandbox-Escapes/\n\nSlides:\nhttps://github.com/jhftss/jhftss.github.io/blob/main/res/slides/A%20New%20Era%20of%20macOS%20Sandbox%20Escapes.pdf\n\n#exploit\n\n1. CVE-2024-49681:\nWP Sessions Time Monitoring Full Automatic <=1.0.9 - Unauthenticated SQLI\n\nhttps://github.com/RandomRobbieBF/CVE-2024-49681\n\n2. CVE-2024-10914:\nD-Link NAS Command Injection\n\nhttps://github.com/imnotcha0s/CVE-2024-10914\n\n3. CVE-2024-50483:\nWP Meetup 0.1 Authentication Bypass\n\nA web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CK\u00ae framework.\n\nhttps://github.com/cisagov/decider\n\n#HackersFactory", "creation_timestamp": "2024-12-08T03:49:57.000000Z"} 2024-12-08T03:49:57+00:00 https://vulnerability.circl.lu/sighting/9ebe82b2-4755-4e0a-a003-5bf753ac9cba/export 9ebe82b2-4755-4e0a-a003-5bf753ac9cba 2026-05-04T21:00:06.875740+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "9ebe82b2-4755-4e0a-a003-5bf753ac9cba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49681", "type": "seen", "source": "https://t.me/GrayHatsHack/7705", "content": "Tools - Hackers Factory \n\n#Purple_Team_Exercises\n\nPurple Team Exercise Framework (PTEF)\n\nhttps://github.com/scythe-io/purple-team-exercise-framework\n\nA new sandbox escape vulnerabilities at #POC2024\n \nblog post: https://jhftss.github.io/A-New-Era-of-macOS-Sandbox-Escapes/\n\nSlides:\nhttps://github.com/jhftss/jhftss.github.io/blob/main/res/slides/A%20New%20Era%20of%20macOS%20Sandbox%20Escapes.pdf\n\n#exploit\n\n1. CVE-2024-49681:\nWP Sessions Time Monitoring Full Automatic <=1.0.9 - Unauthenticated SQLI\n\nhttps://github.com/RandomRobbieBF/CVE-2024-49681\n\n2. CVE-2024-10914:\nD-Link NAS Command Injection\n\nhttps://github.com/imnotcha0s/CVE-2024-10914\n\n3. CVE-2024-50483:\nWP Meetup 0.1 Authentication Bypass\n\nA web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CK\u00ae framework.\n\nhttps://github.com/cisagov/decider\n\n#HackersFactory", "creation_timestamp": "2024-12-08T03:49:57.000000Z"} 2024-12-08T03:49:57+00:00 https://vulnerability.circl.lu/sighting/3beb3939-7fad-4b22-8720-b4bdade5e6b9/export 3beb3939-7fad-4b22-8720-b4bdade5e6b9 2026-05-04T21:00:06.875626+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "3beb3939-7fad-4b22-8720-b4bdade5e6b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49681", "type": "seen", "source": "https://t.me/GrayHatsHack/9113", "content": "Tools - Hackers Factory \n\n#Purple_Team_Exercises\n\nPurple Team Exercise Framework (PTEF)\n\nhttps://github.com/scythe-io/purple-team-exercise-framework\n\nA new sandbox escape vulnerabilities at #POC2024\n \nblog post: https://jhftss.github.io/A-New-Era-of-macOS-Sandbox-Escapes/\n\nSlides:\nhttps://github.com/jhftss/jhftss.github.io/blob/main/res/slides/A%20New%20Era%20of%20macOS%20Sandbox%20Escapes.pdf\n\n#exploit\n\n1. CVE-2024-49681:\nWP Sessions Time Monitoring Full Automatic <=1.0.9 - Unauthenticated SQLI\n\nhttps://github.com/RandomRobbieBF/CVE-2024-49681\n\n2. CVE-2024-10914:\nD-Link NAS Command Injection\n\nhttps://github.com/imnotcha0s/CVE-2024-10914\n\n3. CVE-2024-50483:\nWP Meetup 0.1 Authentication Bypass\n\nA web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CK\u00ae framework.\n\nhttps://github.com/cisagov/decider\n\n#HackersFactory", "creation_timestamp": "2024-12-10T04:28:56.000000Z"} 2024-12-10T04:28:56+00:00 https://vulnerability.circl.lu/sighting/01d702ff-31b1-4c9f-936a-2cfcdfc4fca4/export 01d702ff-31b1-4c9f-936a-2cfcdfc4fca4 2026-05-04T21:00:06.875470+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "01d702ff-31b1-4c9f-936a-2cfcdfc4fca4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49681", "type": "seen", "source": "https://t.me/GrayHatsHack/7706", "content": "Tools - Hackers Factory \n\n#Purple_Team_Exercises\n\nPurple Team Exercise Framework (PTEF)\n\nhttps://github.com/scythe-io/purple-team-exercise-framework\n\nA new sandbox escape vulnerabilities at #POC2024\n \nblog post: https://jhftss.github.io/A-New-Era-of-macOS-Sandbox-Escapes/\n\nSlides:\nhttps://github.com/jhftss/jhftss.github.io/blob/main/res/slides/A%20New%20Era%20of%20macOS%20Sandbox%20Escapes.pdf\n\n#exploit\n\n1. CVE-2024-49681:\nWP Sessions Time Monitoring Full Automatic <=1.0.9 - Unauthenticated SQLI\n\nhttps://github.com/RandomRobbieBF/CVE-2024-49681\n\n2. CVE-2024-10914:\nD-Link NAS Command Injection\n\nhttps://github.com/imnotcha0s/CVE-2024-10914\n\n3. CVE-2024-50483:\nWP Meetup 0.1 Authentication Bypass\n\nA web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CK\u00ae framework.\n\nhttps://github.com/cisagov/decider\n\n#HackersFactory", "creation_timestamp": "2024-12-10T04:28:56.000000Z"} 2024-12-10T04:28:56+00:00 https://vulnerability.circl.lu/sighting/c50a117a-1ea9-4259-9dc7-f21d905ff24b/export c50a117a-1ea9-4259-9dc7-f21d905ff24b 2026-05-04T21:00:06.873170+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "c50a117a-1ea9-4259-9dc7-f21d905ff24b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49681", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11414", "content": "#exploit\n1. CVE-2024-49681:\nWP Sessions Time Monitoring Full Automatic <=1.0.9 - Unauthenticated SQLI\nhttps://github.com/RandomRobbieBF/CVE-2024-49681\n\n2. CVE-2024-10914:\nD-Link NAS Command Injection\nhttps://github.com/imnotcha0s/CVE-2024-10914\n]-> Exploitation + Fix\n\n3. CVE-2024-50483:\nWP Meetup 0.1 Authentication Bypass\nhttps://github.com/RandomRobbieBF/CVE-2024-50483", "creation_timestamp": "2025-01-15T00:36:56.000000Z"} 2025-01-15T00:36:56+00:00