https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Tue, 16 Jun 2026 18:03:09 +0000 https://vulnerability.circl.lu/sighting/4bc8cfa4-fdc8-46bd-81be-4e12b4c986ef/export {"uuid": "4bc8cfa4-fdc8-46bd-81be-4e12b4c986ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35488", "type": "seen", "source": "https://t.me/cibsecurity/32129", "content": "\u203c CVE-2021-35488 \u203c\n\nThruk 2.40-2 allows /thruk/#cgi-bin/status.cgi?style=combined&title={TITLE] Reflected XSS via the host or title parameter. An attacker could inject arbitrary JavaScript into status.cgi. The payload would be triggered every time an authenticated user browses the page containing it.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-10T02:35:28.000000Z"} {"uuid": "4bc8cfa4-fdc8-46bd-81be-4e12b4c986ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35488", "type": "seen", "source": "https://t.me/cibsecurity/32129", "content": "\u203c CVE-2021-35488 \u203c\n\nThruk 2.40-2 allows /thruk/#cgi-bin/status.cgi?style=combined&title={TITLE] Reflected XSS via the host or title parameter. An attacker could inject arbitrary JavaScript into status.cgi. The payload would be triggered every time an authenticated user browses the page containing it.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-10T02:35:28.000000Z"} https://vulnerability.circl.lu/sighting/4bc8cfa4-fdc8-46bd-81be-4e12b4c986ef/export Wed, 10 Nov 2021 02:35:28 +0000 https://vulnerability.circl.lu/sighting/984ebd6a-a6ed-44c1-b3df-76020a348180/export {"uuid": "984ebd6a-a6ed-44c1-b3df-76020a348180", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35489", "type": "seen", "source": "https://t.me/cibsecurity/32130", "content": "\u203c CVE-2021-35489 \u203c\n\nThruk 2.40-2 allows /thruk/#cgi-bin/extinfo.cgi?type=2&host={HOSTNAME]&service={SERVICENAME]&backend={BACKEND] Reflected XSS via the host or service parameter. An attacker could inject arbitrary JavaScript into extinfo.cgi. The malicious payload would be triggered every time an authenticated user browses the page containing it.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-10T02:35:30.000000Z"} {"uuid": "984ebd6a-a6ed-44c1-b3df-76020a348180", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35489", "type": "seen", "source": "https://t.me/cibsecurity/32130", "content": "\u203c CVE-2021-35489 \u203c\n\nThruk 2.40-2 allows /thruk/#cgi-bin/extinfo.cgi?type=2&host={HOSTNAME]&service={SERVICENAME]&backend={BACKEND] Reflected XSS via the host or service parameter. An attacker could inject arbitrary JavaScript into extinfo.cgi. The malicious payload would be triggered every time an authenticated user browses the page containing it.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-10T02:35:30.000000Z"} https://vulnerability.circl.lu/sighting/984ebd6a-a6ed-44c1-b3df-76020a348180/export Wed, 10 Nov 2021 02:35:30 +0000 https://vulnerability.circl.lu/sighting/ebebb056-644b-4d52-87d8-103721536702/export {"uuid": "ebebb056-644b-4d52-87d8-103721536702", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35487", "type": "seen", "source": "https://t.me/cibsecurity/43342", "content": "\u203c CVE-2021-35487 \u203c\n\nNokia Broadcast Message Center through 11.1.0 allows an authenticated user to perform a Boolean Blind SQL Injection attack on the endpoint /owui/block/send-receive-updates (for the Manage Alerts page) via the extIdentifier HTTP POST parameter. This allows an attacker to obtain the database user, database name, and database version information, and potentially database data.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-25T18:38:21.000000Z"} {"uuid": "ebebb056-644b-4d52-87d8-103721536702", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35487", "type": "seen", "source": "https://t.me/cibsecurity/43342", "content": "\u203c CVE-2021-35487 \u203c\n\nNokia Broadcast Message Center through 11.1.0 allows an authenticated user to perform a Boolean Blind SQL Injection attack on the endpoint /owui/block/send-receive-updates (for the Manage Alerts page) via the extIdentifier HTTP POST parameter. This allows an attacker to obtain the database user, database name, and database version information, and potentially database data.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-25T18:38:21.000000Z"} https://vulnerability.circl.lu/sighting/ebebb056-644b-4d52-87d8-103721536702/export Wed, 25 May 2022 18:38:21 +0000 https://vulnerability.circl.lu/sighting/01bed164-a777-4240-8fd4-5b915208d5ac/export {"uuid": "01bed164-a777-4240-8fd4-5b915208d5ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35488", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-35488.yaml", "content": "", "creation_timestamp": "2023-04-27T09:58:59.000000Z"} {"uuid": "01bed164-a777-4240-8fd4-5b915208d5ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35488", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-35488.yaml", "content": "", "creation_timestamp": "2023-04-27T09:58:59.000000Z"} https://vulnerability.circl.lu/sighting/01bed164-a777-4240-8fd4-5b915208d5ac/export Thu, 27 Apr 2023 09:58:59 +0000 https://vulnerability.circl.lu/sighting/8635aaf8-f138-4663-bda7-f554f100f4db/export {"uuid": "8635aaf8-f138-4663-bda7-f554f100f4db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35484", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mg6kpuv6wy2e", "content": "", "creation_timestamp": "2026-03-03T20:01:36.436260Z"} {"uuid": "8635aaf8-f138-4663-bda7-f554f100f4db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35484", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mg6kpuv6wy2e", "content": "", "creation_timestamp": "2026-03-03T20:01:36.436260Z"} https://vulnerability.circl.lu/sighting/8635aaf8-f138-4663-bda7-f554f100f4db/export Tue, 03 Mar 2026 20:01:36 +0000 https://vulnerability.circl.lu/sighting/143de7bc-b90f-4bd1-b3fe-738b98e3a6da/export {"uuid": "143de7bc-b90f-4bd1-b3fe-738b98e3a6da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35486", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mg6l5eytbs2v", "content": "", "creation_timestamp": "2026-03-03T20:09:09.883702Z"} {"uuid": "143de7bc-b90f-4bd1-b3fe-738b98e3a6da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35486", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mg6l5eytbs2v", "content": "", "creation_timestamp": "2026-03-03T20:09:09.883702Z"} https://vulnerability.circl.lu/sighting/143de7bc-b90f-4bd1-b3fe-738b98e3a6da/export Tue, 03 Mar 2026 20:09:09 +0000 https://vulnerability.circl.lu/sighting/2e1bbdb8-427c-4138-98e0-eaa8d0ff1090/export {"uuid": "2e1bbdb8-427c-4138-98e0-eaa8d0ff1090", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35485", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mg6liq3m342v", "content": "", "creation_timestamp": "2026-03-03T20:15:30.271554Z"} {"uuid": "2e1bbdb8-427c-4138-98e0-eaa8d0ff1090", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35485", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mg6liq3m342v", "content": "", "creation_timestamp": "2026-03-03T20:15:30.271554Z"} https://vulnerability.circl.lu/sighting/2e1bbdb8-427c-4138-98e0-eaa8d0ff1090/export Tue, 03 Mar 2026 20:15:30 +0000 https://vulnerability.circl.lu/sighting/6a78a8d4-7c4a-430a-b491-bc36bf6607cb/export {"uuid": "6a78a8d4-7c4a-430a-b491-bc36bf6607cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35483", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mg6nduq6tx2x", "content": "", "creation_timestamp": "2026-03-03T20:48:34.883237Z"} {"uuid": "6a78a8d4-7c4a-430a-b491-bc36bf6607cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-35483", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mg6nduq6tx2x", "content": "", "creation_timestamp": "2026-03-03T20:48:34.883237Z"} https://vulnerability.circl.lu/sighting/6a78a8d4-7c4a-430a-b491-bc36bf6607cb/export Tue, 03 Mar 2026 20:48:34 +0000