https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Tue, 05 May 2026 21:17:12 +0000 https://vulnerability.circl.lu/sighting/329a6026-9422-4e6e-8282-b3ea3fb55b29/export {"uuid": "329a6026-9422-4e6e-8282-b3ea3fb55b29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45529", "type": "seen", "source": "https://t.me/cibsecurity/53381", "content": "\u203c CVE-2022-45529 \u203c\n\nAeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the post_category_id parameter at \\admin\\includes\\edit_post.php. This vulnerability allows attackers to access database information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-23T00:13:17.000000Z"} {"uuid": "329a6026-9422-4e6e-8282-b3ea3fb55b29", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45529", "type": "seen", "source": "https://t.me/cibsecurity/53381", "content": "\u203c CVE-2022-45529 \u203c\n\nAeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the post_category_id parameter at \\admin\\includes\\edit_post.php. This vulnerability allows attackers to access database information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-23T00:13:17.000000Z"} https://vulnerability.circl.lu/sighting/329a6026-9422-4e6e-8282-b3ea3fb55b29/export Wed, 23 Nov 2022 00:13:17 +0000 https://vulnerability.circl.lu/sighting/91a5840e-47e1-4a92-ad2b-17d079ee6cfa/export {"uuid": "91a5840e-47e1-4a92-ad2b-17d079ee6cfa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45523", "type": "seen", "source": "https://t.me/cibsecurity/54163", "content": "\u203c CVE-2022-45523 \u203c\n\nTenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the page parameter at /goform/L7Im.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-08T18:17:37.000000Z"} {"uuid": "91a5840e-47e1-4a92-ad2b-17d079ee6cfa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45523", "type": "seen", "source": "https://t.me/cibsecurity/54163", "content": "\u203c CVE-2022-45523 \u203c\n\nTenda W30E V1.0.1.25(633) was discovered to contain a stack overflow via the page parameter at /goform/L7Im.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-08T18:17:37.000000Z"} https://vulnerability.circl.lu/sighting/91a5840e-47e1-4a92-ad2b-17d079ee6cfa/export Thu, 08 Dec 2022 18:17:37 +0000 https://vulnerability.circl.lu/sighting/5d453832-3d52-4be9-85da-d13ddf8e4857/export {"uuid": "5d453832-3d52-4be9-85da-d13ddf8e4857", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45526", "type": "seen", "source": "https://t.me/cibsecurity/57803", "content": "\u203c CVE-2022-45526 \u203c\n\nSQL Injection vulnerability in Future-Depth Institutional Management Website (IMS) 1.0, allows attackers to execute arbitrary commands via the ad parameter to /admin_area/login_transfer.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-08T22:25:38.000000Z"} {"uuid": "5d453832-3d52-4be9-85da-d13ddf8e4857", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45526", "type": "seen", "source": "https://t.me/cibsecurity/57803", "content": "\u203c CVE-2022-45526 \u203c\n\nSQL Injection vulnerability in Future-Depth Institutional Management Website (IMS) 1.0, allows attackers to execute arbitrary commands via the ad parameter to /admin_area/login_transfer.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-08T22:25:38.000000Z"} https://vulnerability.circl.lu/sighting/5d453832-3d52-4be9-85da-d13ddf8e4857/export Wed, 08 Feb 2023 22:25:38 +0000 https://vulnerability.circl.lu/sighting/0aeafc18-6e90-44a2-99f8-c498bf77affd/export {"uuid": "0aeafc18-6e90-44a2-99f8-c498bf77affd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45527", "type": "seen", "source": "https://t.me/cibsecurity/57806", "content": "\u203c CVE-2022-45527 \u203c\n\nFile upload vulnerability in Future-Depth Institutional Management Website (IMS) 1.0, allows unauthorized attackers to directly upload malicious files to the courseimg directory.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-08T22:25:41.000000Z"} {"uuid": "0aeafc18-6e90-44a2-99f8-c498bf77affd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45527", "type": "seen", "source": "https://t.me/cibsecurity/57806", "content": "\u203c CVE-2022-45527 \u203c\n\nFile upload vulnerability in Future-Depth Institutional Management Website (IMS) 1.0, allows unauthorized attackers to directly upload malicious files to the courseimg directory.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-08T22:25:41.000000Z"} https://vulnerability.circl.lu/sighting/0aeafc18-6e90-44a2-99f8-c498bf77affd/export Wed, 08 Feb 2023 22:25:41 +0000 https://vulnerability.circl.lu/sighting/3b76e584-cb9a-4596-a239-2e688a942917/export {"uuid": "3b76e584-cb9a-4596-a239-2e688a942917", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4552", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9179", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-4552\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The FL3R FeelBox WordPress plugin through 8.1 does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack\n\ud83d\udccf Published: 2023-01-30T20:31:51.944Z\n\ud83d\udccf Modified: 2025-03-27T19:13:12.983Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/307b0fe4-39de-4fbb-8bb0-f7f15ec6ef52", "creation_timestamp": "2025-03-27T19:26:51.000000Z"} {"uuid": "3b76e584-cb9a-4596-a239-2e688a942917", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4552", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9179", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-4552\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The FL3R FeelBox WordPress plugin through 8.1 does not have CSRF check when updating its settings, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack\n\ud83d\udccf Published: 2023-01-30T20:31:51.944Z\n\ud83d\udccf Modified: 2025-03-27T19:13:12.983Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/307b0fe4-39de-4fbb-8bb0-f7f15ec6ef52", "creation_timestamp": "2025-03-27T19:26:51.000000Z"} https://vulnerability.circl.lu/sighting/3b76e584-cb9a-4596-a239-2e688a942917/export Thu, 27 Mar 2025 19:26:51 +0000 https://vulnerability.circl.lu/sighting/b328cf52-8961-4ed0-b111-116b47c06c3e/export {"uuid": "b328cf52-8961-4ed0-b111-116b47c06c3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45529", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13554", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-45529\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the post_category_id parameter at \\admin\\includes\\edit_post.php. This vulnerability allows attackers to access database information.\n\ud83d\udccf Published: 2022-11-22T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-25T21:02:24.173Z\n\ud83d\udd17 References:\n1. https://rdyx0.github.io/2018/09/05/AeroCMS-v0.0.1-SQLi%20edit_post_post_category_id_sql_injectin/\n2. https://github.com/rdyx0/CVE/blob/master/AeroCMS/AeroCMS-v0.0.1-SQLi/edit_post_post_category_id_sql_injection/edit_post_post_category_id_sql_injection.md", "creation_timestamp": "2025-04-25T22:07:32.000000Z"} {"uuid": "b328cf52-8961-4ed0-b111-116b47c06c3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-45529", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13554", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-45529\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the post_category_id parameter at \\admin\\includes\\edit_post.php. This vulnerability allows attackers to access database information.\n\ud83d\udccf Published: 2022-11-22T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-25T21:02:24.173Z\n\ud83d\udd17 References:\n1. https://rdyx0.github.io/2018/09/05/AeroCMS-v0.0.1-SQLi%20edit_post_post_category_id_sql_injectin/\n2. https://github.com/rdyx0/CVE/blob/master/AeroCMS/AeroCMS-v0.0.1-SQLi/edit_post_post_category_id_sql_injection/edit_post_post_category_id_sql_injection.md", "creation_timestamp": "2025-04-25T22:07:32.000000Z"} https://vulnerability.circl.lu/sighting/b328cf52-8961-4ed0-b111-116b47c06c3e/export Fri, 25 Apr 2025 22:07:32 +0000