Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Mon, 04 May 2026 15:38:47 +0000 2c2d8bc7-fe8c-4953-9021-4862c374d5fc https://vulnerability.circl.lu/sighting/2c2d8bc7-fe8c-4953-9021-4862c374d5fc/export {"uuid": "2c2d8bc7-fe8c-4953-9021-4862c374d5fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44945", "type": "seen", "source": "https://t.me/cibsecurity/53841", "content": "\u203c CVE-2022-44945 \u203c\n\nRukovoditel v3.2.1 was discovered to contain a SQL injection vulnerability via the heading_field_id parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-02T22:37:17.000000Z"} {"uuid": "2c2d8bc7-fe8c-4953-9021-4862c374d5fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44945", "type": "seen", "source": "https://t.me/cibsecurity/53841", "content": "\u203c CVE-2022-44945 \u203c\n\nRukovoditel v3.2.1 was discovered to contain a SQL injection vulnerability via the heading_field_id parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-02T22:37:17.000000Z"} https://vulnerability.circl.lu/sighting/2c2d8bc7-fe8c-4953-9021-4862c374d5fc/export Fri, 02 Dec 2022 22:37:17 +0000 744386c4-aad1-483b-9441-d1314e231dab https://vulnerability.circl.lu/sighting/744386c4-aad1-483b-9441-d1314e231dab/export {"uuid": "744386c4-aad1-483b-9441-d1314e231dab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44949", "type": "seen", "source": "https://t.me/cibsecurity/53842", "content": "\u203c CVE-2022-44949 \u203c\n\nRukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add New Field function at /index.php?module=entities/fields&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Short Name field.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-02T22:37:18.000000Z"} {"uuid": "744386c4-aad1-483b-9441-d1314e231dab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44949", "type": "seen", "source": "https://t.me/cibsecurity/53842", "content": "\u203c CVE-2022-44949 \u203c\n\nRukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add New Field function at /index.php?module=entities/fields&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Short Name field.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-02T22:37:18.000000Z"} https://vulnerability.circl.lu/sighting/744386c4-aad1-483b-9441-d1314e231dab/export Fri, 02 Dec 2022 22:37:18 +0000 0bfd8481-9aba-42ef-bf95-930b52abddbd https://vulnerability.circl.lu/sighting/0bfd8481-9aba-42ef-bf95-930b52abddbd/export {"uuid": "0bfd8481-9aba-42ef-bf95-930b52abddbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44947", "type": "seen", "source": "https://t.me/cibsecurity/53847", "content": "\u203c CVE-2022-44947 \u203c\n\nRukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Highlight Row feature at /index.php?module=entities/listing_types&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Note field after clicking \"Add\".\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-02T22:37:23.000000Z"} {"uuid": "0bfd8481-9aba-42ef-bf95-930b52abddbd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44947", "type": "seen", "source": "https://t.me/cibsecurity/53847", "content": "\u203c CVE-2022-44947 \u203c\n\nRukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Highlight Row feature at /index.php?module=entities/listing_types&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Note field after clicking \"Add\".\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-02T22:37:23.000000Z"} https://vulnerability.circl.lu/sighting/0bfd8481-9aba-42ef-bf95-930b52abddbd/export Fri, 02 Dec 2022 22:37:23 +0000 171b0f38-0f6d-4f0b-94ca-3ca2952172ea https://vulnerability.circl.lu/sighting/171b0f38-0f6d-4f0b-94ca-3ca2952172ea/export {"uuid": "171b0f38-0f6d-4f0b-94ca-3ca2952172ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44944", "type": "seen", "source": "https://t.me/cibsecurity/53852", "content": "\u203c CVE-2022-44944 \u203c\n\nRukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add Announcement function at /index.php?module=help_pages/pages&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-02T22:37:28.000000Z"} {"uuid": "171b0f38-0f6d-4f0b-94ca-3ca2952172ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44944", "type": "seen", "source": "https://t.me/cibsecurity/53852", "content": "\u203c CVE-2022-44944 \u203c\n\nRukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add Announcement function at /index.php?module=help_pages/pages&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-02T22:37:28.000000Z"} https://vulnerability.circl.lu/sighting/171b0f38-0f6d-4f0b-94ca-3ca2952172ea/export Fri, 02 Dec 2022 22:37:28 +0000 db35e98c-17da-4341-9822-ffb3ceb18f12 https://vulnerability.circl.lu/sighting/db35e98c-17da-4341-9822-ffb3ceb18f12/export {"uuid": "db35e98c-17da-4341-9822-ffb3ceb18f12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4494", "type": "seen", "source": "https://t.me/cibsecurity/54503", "content": "\u203c CVE-2022-4494 \u203c\n\nA vulnerability, which was classified as critical, has been found in bspkrs MCPMappingViewer. Affected by this issue is the function extractZip of the file src/main/java/bspkrs/mmv/RemoteZipHandler.java of the component ZIP File Handler. The manipulation leads to path traversal. The attack may be launched remotely. The name of the patch is 6e602746c96b4756c271d080dae7d22ad804a1bd. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-215804.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-14T14:27:34.000000Z"} {"uuid": "db35e98c-17da-4341-9822-ffb3ceb18f12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4494", "type": "seen", "source": "https://t.me/cibsecurity/54503", "content": "\u203c CVE-2022-4494 \u203c\n\nA vulnerability, which was classified as critical, has been found in bspkrs MCPMappingViewer. Affected by this issue is the function extractZip of the file src/main/java/bspkrs/mmv/RemoteZipHandler.java of the component ZIP File Handler. The manipulation leads to path traversal. The attack may be launched remotely. The name of the patch is 6e602746c96b4756c271d080dae7d22ad804a1bd. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-215804.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-14T14:27:34.000000Z"} https://vulnerability.circl.lu/sighting/db35e98c-17da-4341-9822-ffb3ceb18f12/export Wed, 14 Dec 2022 14:27:34 +0000 d699f5bb-f489-4d2b-8b3a-478efc0921b5 https://vulnerability.circl.lu/sighting/d699f5bb-f489-4d2b-8b3a-478efc0921b5/export {"uuid": "d699f5bb-f489-4d2b-8b3a-478efc0921b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44946", "type": "seen", "source": "https://t.me/cibsecurity/53851", "content": "\u203c CVE-2022-44946 \u203c\n\nRukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add Page function at /index.php?module=help_pages/pages&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-14T21:49:08.000000Z"} {"uuid": "d699f5bb-f489-4d2b-8b3a-478efc0921b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44946", "type": "seen", "source": "https://t.me/cibsecurity/53851", "content": "\u203c CVE-2022-44946 \u203c\n\nRukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add Page function at /index.php?module=help_pages/pages&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-14T21:49:08.000000Z"} https://vulnerability.circl.lu/sighting/d699f5bb-f489-4d2b-8b3a-478efc0921b5/export Wed, 14 Dec 2022 21:49:08 +0000 eee15ca3-fe68-4317-b874-ec60b9b6cac6 https://vulnerability.circl.lu/sighting/eee15ca3-fe68-4317-b874-ec60b9b6cac6/export {"uuid": "eee15ca3-fe68-4317-b874-ec60b9b6cac6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44940", "type": "seen", "source": "https://t.me/cibsecurity/54930", "content": "\u203c CVE-2022-44940 \u203c\n\nPatchelf v0.9 was discovered to contain an out-of-bounds read via the function modifyRPath at src/patchelf.cc.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-20T00:10:42.000000Z"} {"uuid": "eee15ca3-fe68-4317-b874-ec60b9b6cac6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44940", "type": "seen", "source": "https://t.me/cibsecurity/54930", "content": "\u203c CVE-2022-44940 \u203c\n\nPatchelf v0.9 was discovered to contain an out-of-bounds read via the function modifyRPath at src/patchelf.cc.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-20T00:10:42.000000Z"} https://vulnerability.circl.lu/sighting/eee15ca3-fe68-4317-b874-ec60b9b6cac6/export Tue, 20 Dec 2022 00:10:42 +0000 eb40b221-638f-4cdb-adc8-ef92bb4eb77d https://vulnerability.circl.lu/sighting/eb40b221-638f-4cdb-adc8-ef92bb4eb77d/export {"uuid": "eb40b221-638f-4cdb-adc8-ef92bb4eb77d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44940", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12236", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44940\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Patchelf v0.9 was discovered to contain an out-of-bounds read via the function modifyRPath at src/patchelf.cc.\n\ud83d\udccf Published: 2022-12-19T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-17T14:40:42.761Z\n\ud83d\udd17 References:\n1. https://github.com/NixOS/patchelf/pull/419", "creation_timestamp": "2025-04-17T14:58:19.000000Z"} {"uuid": "eb40b221-638f-4cdb-adc8-ef92bb4eb77d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44940", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12236", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44940\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Patchelf v0.9 was discovered to contain an out-of-bounds read via the function modifyRPath at src/patchelf.cc.\n\ud83d\udccf Published: 2022-12-19T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-17T14:40:42.761Z\n\ud83d\udd17 References:\n1. https://github.com/NixOS/patchelf/pull/419", "creation_timestamp": "2025-04-17T14:58:19.000000Z"} https://vulnerability.circl.lu/sighting/eb40b221-638f-4cdb-adc8-ef92bb4eb77d/export Thu, 17 Apr 2025 14:58:19 +0000 daa8cdad-0f5d-48d1-9be1-66a7dcfe8141 https://vulnerability.circl.lu/sighting/daa8cdad-0f5d-48d1-9be1-66a7dcfe8141/export {"uuid": "daa8cdad-0f5d-48d1-9be1-66a7dcfe8141", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44942", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13033", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44942\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Casdoor before v1.126.1 was discovered to contain an arbitrary file deletion vulnerability via the uploadFile function.\n\ud83d\udccf Published: 2022-12-07T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-23T13:50:36.260Z\n\ud83d\udd17 References:\n1. https://github.com/casdoor/casdoor/issues/1171", "creation_timestamp": "2025-04-23T14:05:10.000000Z"} {"uuid": "daa8cdad-0f5d-48d1-9be1-66a7dcfe8141", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44942", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13033", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44942\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Casdoor before v1.126.1 was discovered to contain an arbitrary file deletion vulnerability via the uploadFile function.\n\ud83d\udccf Published: 2022-12-07T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-23T13:50:36.260Z\n\ud83d\udd17 References:\n1. https://github.com/casdoor/casdoor/issues/1171", "creation_timestamp": "2025-04-23T14:05:10.000000Z"} https://vulnerability.circl.lu/sighting/daa8cdad-0f5d-48d1-9be1-66a7dcfe8141/export Wed, 23 Apr 2025 14:05:10 +0000 fa6c9d8e-e229-4e43-8c1e-b41bd7bd6597 https://vulnerability.circl.lu/sighting/fa6c9d8e-e229-4e43-8c1e-b41bd7bd6597/export {"uuid": "fa6c9d8e-e229-4e43-8c1e-b41bd7bd6597", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44949", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13219", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44949\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add New Field function at /index.php?module=entities/fields&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Short Name field.\n\ud83d\udccf Published: 2022-12-02T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-24T14:02:23.607Z\n\ud83d\udd17 References:\n1. http://rukovoditel.com\n2. https://github.com/anhdq201/rukovoditel/issues/12", "creation_timestamp": "2025-04-24T14:05:33.000000Z"} {"uuid": "fa6c9d8e-e229-4e43-8c1e-b41bd7bd6597", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-44949", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13219", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44949\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Rukovoditel v3.2.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Add New Field function at /index.php?module=entities/fields&entities_id=24. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Short Name field.\n\ud83d\udccf Published: 2022-12-02T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-24T14:02:23.607Z\n\ud83d\udd17 References:\n1. http://rukovoditel.com\n2. https://github.com/anhdq201/rukovoditel/issues/12", "creation_timestamp": "2025-04-24T14:05:33.000000Z"} https://vulnerability.circl.lu/sighting/fa6c9d8e-e229-4e43-8c1e-b41bd7bd6597/export Thu, 24 Apr 2025 14:05:33 +0000