https://vulnerability.circl.lu/sightings/feedMost recent sightings.2026-05-31T12:16:31.778309+00:00Vulnerability-Lookupinfo@circl.lupython-feedgenContains only the most 10 recent sightings.https://vulnerability.circl.lu/sighting/9a2b5dac-7c97-4444-8610-f8174525631f/export9a2b5dac-7c97-4444-8610-f8174525631f2026-05-31T12:16:32.208589+00:00Automation userhttps://vulnerability.circl.lu/user/automation{"uuid": "9a2b5dac-7c97-4444-8610-f8174525631f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9907", "type": "seen", "source": "https://t.me/cvedetector/7780", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-9907 - QileCMS Remote Weak Password Recovery Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-9907 \nPublished : Oct. 13, 2024, 5:15 a.m. | 38\u00a0minutes ago \nDescription : A vulnerability classified as problematic was found in QileCMS up to 1.1.3. This vulnerability affects the function sendEmail of the file /qilecms/user/controller/Forget.php of the component Verification Code Handler. The manipulation leads to weak password recovery. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 3.7 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"13 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-13T08:03:12.000000Z"}2024-10-13T08:03:12+00:00https://vulnerability.circl.lu/sighting/4fabc53a-45d6-4830-bf34-336bf5e6f2d7/export4fabc53a-45d6-4830-bf34-336bf5e6f2d72026-05-31T12:16:32.205641+00:00Automation userhttps://vulnerability.circl.lu/user/automation{"uuid": "4fabc53a-45d6-4830-bf34-336bf5e6f2d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-9907", "type": "seen", "source": "https://t.me/HackerArsenal/549", "content": "\u203c\ufe0f CVE-2024-9907 \u203c\ufe0f\n\nA vulnerability classified as problematic was found in QileCMS up to 1.1.3. This vulnerability affects the function sendEmail of the file qilecmsusercontrollerForget.php of the component Verification Code Handler. The manipulation leads to weak password recovery. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.\n\n\ud83d\udcd6 Read more.\n\n\ud83d\udd17 Via \"National Vulnerability Database\"\n\n----------\n\ud83d\udc41\ufe0f Seen on @cibsecurity_CVEs", "creation_timestamp": "2024-10-13T14:10:43.000000Z"}2024-10-13T14:10:43+00:00