Most recent sightings.

Most recent sightings. https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Mon, 04 May 2026 17:50:10 +0000 e5db153f-71b2-4367-bedb-eaee80f49b23 https://vulnerability.circl.lu/sighting/e5db153f-71b2-4367-bedb-eaee80f49b23/export {"uuid": "e5db153f-71b2-4367-bedb-eaee80f49b23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27130", "type": "seen", "source": "https://t.me/cibsecurity/60149", "content": "\u203c CVE-2023-27130 \u203c\n\nCross Site Scripting vulnerability found in Typecho v.1.2.0 allows a remote attacker to execute arbitrary code via an arbitrarily supplied URL parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-16T17:30:55.000000Z"} {"uuid": "e5db153f-71b2-4367-bedb-eaee80f49b23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27130", "type": "seen", "source": "https://t.me/cibsecurity/60149", "content": "\u203c CVE-2023-27130 \u203c\n\nCross Site Scripting vulnerability found in Typecho v.1.2.0 allows a remote attacker to execute arbitrary code via an arbitrarily supplied URL parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-16T17:30:55.000000Z"} https://vulnerability.circl.lu/sighting/e5db153f-71b2-4367-bedb-eaee80f49b23/export Thu, 16 Mar 2023 17:30:55 +0000 6b97cbd2-f06b-47cf-a264-a35e33120a01 https://vulnerability.circl.lu/sighting/6b97cbd2-f06b-47cf-a264-a35e33120a01/export {"uuid": "6b97cbd2-f06b-47cf-a264-a35e33120a01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27131", "type": "seen", "source": "https://t.me/cibsecurity/60160", "content": "\u203c CVE-2023-27131 \u203c\n\nCross Site Scripting vulnerability found in Typecho v.1.2.0 allows a remote attacker to execute arbitrary code viathe Post Editorparameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-16T17:31:09.000000Z"} {"uuid": "6b97cbd2-f06b-47cf-a264-a35e33120a01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27131", "type": "seen", "source": "https://t.me/cibsecurity/60160", "content": "\u203c CVE-2023-27131 \u203c\n\nCross Site Scripting vulnerability found in Typecho v.1.2.0 allows a remote attacker to execute arbitrary code viathe Post Editorparameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-16T17:31:09.000000Z"} https://vulnerability.circl.lu/sighting/6b97cbd2-f06b-47cf-a264-a35e33120a01/export Thu, 16 Mar 2023 17:31:09 +0000 2eda0743-d7f2-4047-826a-86cd80eebca0 https://vulnerability.circl.lu/sighting/2eda0743-d7f2-4047-826a-86cd80eebca0/export {"uuid": "2eda0743-d7f2-4047-826a-86cd80eebca0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27135", "type": "seen", "source": "https://t.me/cibsecurity/60579", "content": "\u203c CVE-2023-27135 \u203c\n\nTOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the enabled parameter at /setting/setWanIeCfg.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-23T17:41:52.000000Z"} {"uuid": "2eda0743-d7f2-4047-826a-86cd80eebca0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27135", "type": "seen", "source": "https://t.me/cibsecurity/60579", "content": "\u203c CVE-2023-27135 \u203c\n\nTOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the enabled parameter at /setting/setWanIeCfg.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-23T17:41:52.000000Z"} https://vulnerability.circl.lu/sighting/2eda0743-d7f2-4047-826a-86cd80eebca0/export Thu, 23 Mar 2023 17:41:52 +0000 c089fb7a-f8c2-4c08-9d36-379640fff1a4 https://vulnerability.circl.lu/sighting/c089fb7a-f8c2-4c08-9d36-379640fff1a4/export {"uuid": "c089fb7a-f8c2-4c08-9d36-379640fff1a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2713", "type": "seen", "source": "https://t.me/cibsecurity/64483", "content": "\u203c CVE-2023-2713 \u203c\n\nAuthorization Bypass Through User-Controlled Key vulnerability in \"Rental Module\" developed by third-party for Ideasoft's E-commerce Platform allows Authentication Abuse, Authentication Bypass.This issue affects Rental Module: before 23.05.15.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-20T14:23:51.000000Z"} {"uuid": "c089fb7a-f8c2-4c08-9d36-379640fff1a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-2713", "type": "seen", "source": "https://t.me/cibsecurity/64483", "content": "\u203c CVE-2023-2713 \u203c\n\nAuthorization Bypass Through User-Controlled Key vulnerability in \"Rental Module\" developed by third-party for Ideasoft's E-commerce Platform allows Authentication Abuse, Authentication Bypass.This issue affects Rental Module: before 23.05.15.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-20T14:23:51.000000Z"} https://vulnerability.circl.lu/sighting/c089fb7a-f8c2-4c08-9d36-379640fff1a4/export Sat, 20 May 2023 14:23:51 +0000 53d061c1-1648-4967-b1e0-9392e6da8c3d https://vulnerability.circl.lu/sighting/53d061c1-1648-4967-b1e0-9392e6da8c3d/export {"uuid": "53d061c1-1648-4967-b1e0-9392e6da8c3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27133", "type": "seen", "source": "https://t.me/cibsecurity/72443", "content": "\u203c CVE-2023-27133 \u203c\n\nTSplus Remote Work 16.0.0.0 has weak permissions for .exe, .js, and .html files under the %PROGRAMFILES(X86)%\\TSplus-RemoteWork\\Clients\\www folder. This may enable privilege escalation if a different local user modifies a file. NOTE: CVE-2023-31067 and CVE-2023-31068 are only about the TSplus Remote Access product, not the TSplus Remote Work product.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-17T20:33:01.000000Z"} {"uuid": "53d061c1-1648-4967-b1e0-9392e6da8c3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27133", "type": "seen", "source": "https://t.me/cibsecurity/72443", "content": "\u203c CVE-2023-27133 \u203c\n\nTSplus Remote Work 16.0.0.0 has weak permissions for .exe, .js, and .html files under the %PROGRAMFILES(X86)%\\TSplus-RemoteWork\\Clients\\www folder. This may enable privilege escalation if a different local user modifies a file. NOTE: CVE-2023-31067 and CVE-2023-31068 are only about the TSplus Remote Access product, not the TSplus Remote Work product.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-17T20:33:01.000000Z"} https://vulnerability.circl.lu/sighting/53d061c1-1648-4967-b1e0-9392e6da8c3d/export Tue, 17 Oct 2023 20:33:01 +0000 1841c890-09b6-4d27-be9a-36cb66a8dcff https://vulnerability.circl.lu/sighting/1841c890-09b6-4d27-be9a-36cb66a8dcff/export {"uuid": "1841c890-09b6-4d27-be9a-36cb66a8dcff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27132", "type": "seen", "source": "https://t.me/cibsecurity/72444", "content": "\u203c CVE-2023-27132 \u203c\n\nTSplus Remote Work 16.0.0.0 places a cleartext password on the \"var pass\" line of the HTML source code for the secure single sign-on web portal. NOTE: CVE-2023-31069 is only about the TSplus Remote Access product, not the TSplus Remote Work product.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-17T20:33:04.000000Z"} {"uuid": "1841c890-09b6-4d27-be9a-36cb66a8dcff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27132", "type": "seen", "source": "https://t.me/cibsecurity/72444", "content": "\u203c CVE-2023-27132 \u203c\n\nTSplus Remote Work 16.0.0.0 places a cleartext password on the \"var pass\" line of the HTML source code for the secure single sign-on web portal. NOTE: CVE-2023-31069 is only about the TSplus Remote Access product, not the TSplus Remote Work product.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-10-17T20:33:04.000000Z"} https://vulnerability.circl.lu/sighting/1841c890-09b6-4d27-be9a-36cb66a8dcff/export Tue, 17 Oct 2023 20:33:04 +0000 4654342a-7774-484b-9f70-2d830e6eedb2 https://vulnerability.circl.lu/sighting/4654342a-7774-484b-9f70-2d830e6eedb2/export {"uuid": "4654342a-7774-484b-9f70-2d830e6eedb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27133", "type": "seen", "source": "https://t.me/arpsyndicate/2428", "content": "#ExploitObserverAlert\n\nCVE-2023-27133\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-27133. TSplus Remote Work 16.0.0.0 has weak permissions for .exe, .js, and .html files under the %PROGRAMFILES(X86)%\\TSplus-RemoteWork\\Clients\\www folder. This may enable privilege escalation if a different local user modifies a file. NOTE: CVE-2023-31067 and CVE-2023-31068 are only about the TSplus Remote Access product, not the TSplus Remote Work product.\n\nFIRST-EPSS: 0.001300000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2024-01-04T04:19:43.000000Z"} {"uuid": "4654342a-7774-484b-9f70-2d830e6eedb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27133", "type": "seen", "source": "https://t.me/arpsyndicate/2428", "content": "#ExploitObserverAlert\n\nCVE-2023-27133\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2023-27133. TSplus Remote Work 16.0.0.0 has weak permissions for .exe, .js, and .html files under the %PROGRAMFILES(X86)%\\TSplus-RemoteWork\\Clients\\www folder. This may enable privilege escalation if a different local user modifies a file. NOTE: CVE-2023-31067 and CVE-2023-31068 are only about the TSplus Remote Access product, not the TSplus Remote Work product.\n\nFIRST-EPSS: 0.001300000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2024-01-04T04:19:43.000000Z"} https://vulnerability.circl.lu/sighting/4654342a-7774-484b-9f70-2d830e6eedb2/export Thu, 04 Jan 2024 04:19:43 +0000 b3684a85-1b37-4534-8cce-4c21005003d6 https://vulnerability.circl.lu/sighting/b3684a85-1b37-4534-8cce-4c21005003d6/export {"uuid": "b3684a85-1b37-4534-8cce-4c21005003d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27130", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6269", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-27130\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Cross Site Scripting vulnerability found in Typecho v.1.2.0 allows a remote attacker to execute arbitrary code via an arbitrarily supplied URL parameter.\n\ud83d\udccf Published: 2023-03-16T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-03T19:08:28.843Z\n\ud83d\udd17 References:\n1. https://github.com/typecho/typecho/issues/1535\n2. https://github.com/typecho/typecho/commit/f9ede542c9052ba22a6096d8412e2f02d9de872b", "creation_timestamp": "2025-03-03T19:31:06.000000Z"} {"uuid": "b3684a85-1b37-4534-8cce-4c21005003d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-27130", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6269", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-27130\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Cross Site Scripting vulnerability found in Typecho v.1.2.0 allows a remote attacker to execute arbitrary code via an arbitrarily supplied URL parameter.\n\ud83d\udccf Published: 2023-03-16T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-03T19:08:28.843Z\n\ud83d\udd17 References:\n1. https://github.com/typecho/typecho/issues/1535\n2. https://github.com/typecho/typecho/commit/f9ede542c9052ba22a6096d8412e2f02d9de872b", "creation_timestamp": "2025-03-03T19:31:06.000000Z"} https://vulnerability.circl.lu/sighting/b3684a85-1b37-4534-8cce-4c21005003d6/export Mon, 03 Mar 2025 19:31:06 +0000