<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-03T07:26:07.465180+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/a84ecd11-f17e-48b1-aa56-c6c72572ee9d/export</id>
    <title>a84ecd11-f17e-48b1-aa56-c6c72572ee9d</title>
    <updated>2026-07-03T07:26:07.495582+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "a84ecd11-f17e-48b1-aa56-c6c72572ee9d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39655", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18766", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-39655\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A host header injection vulnerability exists in the NPM package @perfood/couch-auth versions &amp;lt;= 0.20.0. By sending a specially crafted host header in the forgot password request, it is possible to send password reset links to users which, once clicked, lead to an attacker-controlled server and thus leak the password reset token. This may allow an attacker to reset other users' passwords and take over their accounts.\n\ud83d\udccf Published: 2024-01-03T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-18T15:24:04.602Z\n\ud83d\udd17 References:\n1. https://www.npmjs.com/package/%40perfood/couch-auth\n2. https://github.com/dub-flow/vulnerability-research/tree/main/CVE-2023-39655", "creation_timestamp": "2025-06-18T15:42:57.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/a84ecd11-f17e-48b1-aa56-c6c72572ee9d/export"/>
    <published>2025-06-18T15:42:57+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/7dd6cd02-e8d3-4f02-8e96-a47176007fb4/export</id>
    <title>7dd6cd02-e8d3-4f02-8e96-a47176007fb4</title>
    <updated>2026-07-03T07:26:07.497379+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "7dd6cd02-e8d3-4f02-8e96-a47176007fb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39655", "type": "seen", "source": "https://t.me/ctinow/172148", "content": "https://ift.tt/EGtZbin\nCVE-2023-39655 | perfood couch-auth up to 0.20.0 Header Host password recovery", "creation_timestamp": "2024-01-23T17:26:50.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/7dd6cd02-e8d3-4f02-8e96-a47176007fb4/export"/>
    <published>2024-01-23T17:26:50+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/fc7a0d0b-fa90-4ce6-9a46-9006174a2c56/export</id>
    <title>fc7a0d0b-fa90-4ce6-9a46-9006174a2c56</title>
    <updated>2026-07-03T07:26:07.497546+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "fc7a0d0b-fa90-4ce6-9a46-9006174a2c56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39655", "type": "seen", "source": "https://t.me/cibsecurity/74317", "content": "\u203c\ufe0fCVE-2023-39655\u203c\ufe0f\n\nA host header injection vulnerability exists in the NPM package perfoodcouchauth versions  0.20.0. By sending a specially crafted host header in the forgot password request, it is possible to send password reset links to users which, once clicked, lead to an attackercontrolled server and thus leak the password reset token. This may allow an attacker to reset other users' passwords and take over their accounts.\n\n\ud83d\udcd6 Read more\n\nVia \"National Vulnerability Database\"", "creation_timestamp": "2024-01-04T01:35:39.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/fc7a0d0b-fa90-4ce6-9a46-9006174a2c56/export"/>
    <published>2024-01-04T01:35:39+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/bd1e5c64-64ec-44f2-9c0c-6dc9acc970a4/export</id>
    <title>bd1e5c64-64ec-44f2-9c0c-6dc9acc970a4</title>
    <updated>2026-07-03T07:26:07.497689+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "bd1e5c64-64ec-44f2-9c0c-6dc9acc970a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39650", "type": "seen", "source": "https://t.me/arpsyndicate/2361", "content": "#ExploitObserverAlert\n\nCVE-2023-39650\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2023-39650. Theme Volty CMS Blog up to version v4.0.1 was discovered to contain a SQL injection vulnerability via the id parameter at /tvcmsblog/single.\n\nFIRST-EPSS: 0.000760000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2024-01-03T21:07:56.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/bd1e5c64-64ec-44f2-9c0c-6dc9acc970a4/export"/>
    <published>2024-01-03T21:07:56+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/14b819ec-399f-4635-a8b5-aa1d04dc363e/export</id>
    <title>14b819ec-399f-4635-a8b5-aa1d04dc363e</title>
    <updated>2026-07-03T07:26:07.497808+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "14b819ec-399f-4635-a8b5-aa1d04dc363e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39655", "type": "seen", "source": "https://t.me/ctinow/162373", "content": "https://ift.tt/X3dJOmE\nCVE-2023-39655", "creation_timestamp": "2024-01-03T14:26:30.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/14b819ec-399f-4635-a8b5-aa1d04dc363e/export"/>
    <published>2024-01-03T14:26:30+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/ed07df18-4278-4983-9854-5bf628828a35/export</id>
    <title>ed07df18-4278-4983-9854-5bf628828a35</title>
    <updated>2026-07-03T07:26:07.497919+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "ed07df18-4278-4983-9854-5bf628828a35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-3965", "type": "seen", "source": "https://t.me/cibsecurity/72702", "content": "\u203c CVE-2023-3965 \u203c\n\nThe nsc theme for WordPress is vulnerable to Reflected Cross-Site Scripting via prototype pollution in versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-20T20:35:23.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/ed07df18-4278-4983-9854-5bf628828a35/export"/>
    <published>2023-10-20T20:35:23+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/b56b3e62-90df-4554-a435-f583fd5de676/export</id>
    <title>b56b3e62-90df-4554-a435-f583fd5de676</title>
    <updated>2026-07-03T07:26:07.498048+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "b56b3e62-90df-4554-a435-f583fd5de676", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39651", "type": "seen", "source": "https://t.me/cibsecurity/71544", "content": "\u203c CVE-2023-39651 \u203c\n\nImproper neutralization of SQL parameter in Theme Volty CMS BrandList module for PrestaShop In the module \u00e2\u20ac\u0153Theme Volty CMS BrandList\u00e2\u20ac\ufffd (tvcmsbrandlist) up to version 4.0.1 from Theme Volty for PrestaShop, a guest can perform SQL injection in affected versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-04T02:24:33.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/b56b3e62-90df-4554-a435-f583fd5de676/export"/>
    <published>2023-10-04T02:24:33+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/de8464af-7ea4-47b4-925d-25fb1baf54cb/export</id>
    <title>de8464af-7ea4-47b4-925d-25fb1baf54cb</title>
    <updated>2026-07-03T07:26:07.498163+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "de8464af-7ea4-47b4-925d-25fb1baf54cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39654", "type": "seen", "source": "https://t.me/cibsecurity/69912", "content": "\u203c CVE-2023-39654 \u203c\n\nabupy up to v0.4.0 was discovered to contain a SQL injection vulnerability via the component abupy.MarketBu.ABuSymbol.search_to_symbol_dict.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-06T00:17:32.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/de8464af-7ea4-47b4-925d-25fb1baf54cb/export"/>
    <published>2023-09-06T00:17:32+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/3ddcb74b-39cf-4fd8-9ae3-1e6c46373b82/export</id>
    <title>3ddcb74b-39cf-4fd8-9ae3-1e6c46373b82</title>
    <updated>2026-07-03T07:26:07.498279+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "3ddcb74b-39cf-4fd8-9ae3-1e6c46373b82", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39650", "type": "seen", "source": "https://t.me/cibsecurity/69333", "content": "\u203c CVE-2023-39650 \u203c\n\nTheme Volty CMS Blog up to version v4.0.1 was discovered to contain a SQL injection vulnerability via the id parameter at /tvcmsblog/single.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-29T02:20:11.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/3ddcb74b-39cf-4fd8-9ae3-1e6c46373b82/export"/>
    <published>2023-08-29T02:20:11+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/f69a4641-5991-491b-8fb4-11ef7144b494/export</id>
    <title>f69a4641-5991-491b-8fb4-11ef7144b494</title>
    <updated>2026-07-03T07:26:07.498394+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://vulnerability.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "f69a4641-5991-491b-8fb4-11ef7144b494", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-39652", "type": "seen", "source": "https://t.me/cibsecurity/69320", "content": "\u203c CVE-2023-39652 \u203c\n\ntheme volty tvcmsvideotab up to v4.0.0 was discovered to contain a SQL injection vulnerability via the component TvcmsVideoTabConfirmDeleteModuleFrontController::run().\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-29T00:16:57.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/f69a4641-5991-491b-8fb4-11ef7144b494/export"/>
    <published>2023-08-29T00:16:57+00:00</published>
  </entry>
</feed>
