https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sun, 31 May 2026 05:34:01 +0000 https://vulnerability.circl.lu/sighting/79c54c4a-dbe6-4114-864a-fd75efc00bc5/export {"uuid": "79c54c4a-dbe6-4114-864a-fd75efc00bc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-47024", "type": "seen", "source": "https://t.me/ctinow/170508", "content": "https://ift.tt/fmrtVZR\nCVE-2023-47024", "creation_timestamp": "2024-01-20T03:31:46.000000Z"} {"uuid": "79c54c4a-dbe6-4114-864a-fd75efc00bc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-47024", "type": "seen", "source": "https://t.me/ctinow/170508", "content": "https://ift.tt/fmrtVZR\nCVE-2023-47024", "creation_timestamp": "2024-01-20T03:31:46.000000Z"} https://vulnerability.circl.lu/sighting/79c54c4a-dbe6-4114-864a-fd75efc00bc5/export Sat, 20 Jan 2024 03:31:46 +0000 https://vulnerability.circl.lu/sighting/e01f8786-55e8-45da-bf97-4c2268278341/export {"uuid": "e01f8786-55e8-45da-bf97-4c2268278341", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-47022", "type": "seen", "source": "https://t.me/ctinow/179672", "content": "https://ift.tt/PWqDg08\nCVE-2023-47022", "creation_timestamp": "2024-02-06T02:26:45.000000Z"} {"uuid": "e01f8786-55e8-45da-bf97-4c2268278341", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-47022", "type": "seen", "source": "https://t.me/ctinow/179672", "content": "https://ift.tt/PWqDg08\nCVE-2023-47022", "creation_timestamp": "2024-02-06T02:26:45.000000Z"} https://vulnerability.circl.lu/sighting/e01f8786-55e8-45da-bf97-4c2268278341/export Tue, 06 Feb 2024 02:26:45 +0000 https://vulnerability.circl.lu/sighting/f702bccf-11a1-4837-8bf5-982cf3bd0b84/export {"uuid": "f702bccf-11a1-4837-8bf5-982cf3bd0b84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-47020", "type": "seen", "source": "https://t.me/ctinow/181498", "content": "https://ift.tt/UhklEYX\nCVE-2023-47020", "creation_timestamp": "2024-02-08T17:32:00.000000Z"} {"uuid": "f702bccf-11a1-4837-8bf5-982cf3bd0b84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-47020", "type": "seen", "source": "https://t.me/ctinow/181498", "content": "https://ift.tt/UhklEYX\nCVE-2023-47020", "creation_timestamp": "2024-02-08T17:32:00.000000Z"} https://vulnerability.circl.lu/sighting/f702bccf-11a1-4837-8bf5-982cf3bd0b84/export Thu, 08 Feb 2024 17:32:00 +0000 https://vulnerability.circl.lu/sighting/912186c2-9ec1-4311-81e6-ea51ecfaab37/export {"uuid": "912186c2-9ec1-4311-81e6-ea51ecfaab37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-47020", "type": "seen", "source": "https://t.me/arpsyndicate/3357", "content": "#ExploitObserverAlert\n\nCVE-2023-47020\n\nDESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2023-47020. Multiple Cross-Site Request Forgery (CSRF) chaining in NCR Terminal Handler v.1.5.1 allows privileges to be escalated by an attacker through a crafted request involving user account creation and adding the user to an administrator group. This is exploited by an undisclosed function in the WSDL that lacks security controls and can accept custom content types.\n\nFIRST-EPSS: 0.000430000", "creation_timestamp": "2024-02-11T12:13:15.000000Z"} {"uuid": "912186c2-9ec1-4311-81e6-ea51ecfaab37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-47020", "type": "seen", "source": "https://t.me/arpsyndicate/3357", "content": "#ExploitObserverAlert\n\nCVE-2023-47020\n\nDESCRIPTION: Exploit Observer has 2 entries in 2 file formats related to CVE-2023-47020. Multiple Cross-Site Request Forgery (CSRF) chaining in NCR Terminal Handler v.1.5.1 allows privileges to be escalated by an attacker through a crafted request involving user account creation and adding the user to an administrator group. This is exploited by an undisclosed function in the WSDL that lacks security controls and can accept custom content types.\n\nFIRST-EPSS: 0.000430000", "creation_timestamp": "2024-02-11T12:13:15.000000Z"} https://vulnerability.circl.lu/sighting/912186c2-9ec1-4311-81e6-ea51ecfaab37/export Sun, 11 Feb 2024 12:13:15 +0000 https://vulnerability.circl.lu/sighting/42e73d41-05eb-4d3e-9054-8919a1c5224a/export {"uuid": "42e73d41-05eb-4d3e-9054-8919a1c5224a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-47024", "type": "seen", "source": "https://t.me/ctinow/185850", "content": "https://ift.tt/l3hUWJm\nCVE-2023-47024 | NCR Terminal Handler 1.5.1 UserSelfService cross-site request forgery", "creation_timestamp": "2024-02-15T20:26:53.000000Z"} {"uuid": "42e73d41-05eb-4d3e-9054-8919a1c5224a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-47024", "type": "seen", "source": "https://t.me/ctinow/185850", "content": "https://ift.tt/l3hUWJm\nCVE-2023-47024 | NCR Terminal Handler 1.5.1 UserSelfService cross-site request forgery", "creation_timestamp": "2024-02-15T20:26:53.000000Z"} https://vulnerability.circl.lu/sighting/42e73d41-05eb-4d3e-9054-8919a1c5224a/export Thu, 15 Feb 2024 20:26:53 +0000 https://vulnerability.circl.lu/sighting/b72ddeb3-13a4-4a76-a149-794c1e0102dc/export {"uuid": "b72ddeb3-13a4-4a76-a149-794c1e0102dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-47022", "type": "seen", "source": "https://t.me/ctinow/196694", "content": "https://ift.tt/IlODy4w\nCVE-2023-47022 | NCR Terminal Handler 1.5.1 Script payload authorization", "creation_timestamp": "2024-02-29T14:52:05.000000Z"} {"uuid": "b72ddeb3-13a4-4a76-a149-794c1e0102dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-47022", "type": "seen", "source": "https://t.me/ctinow/196694", "content": "https://ift.tt/IlODy4w\nCVE-2023-47022 | NCR Terminal Handler 1.5.1 Script payload authorization", "creation_timestamp": "2024-02-29T14:52:05.000000Z"} https://vulnerability.circl.lu/sighting/b72ddeb3-13a4-4a76-a149-794c1e0102dc/export Thu, 29 Feb 2024 14:52:05 +0000 https://vulnerability.circl.lu/sighting/1b3e9612-3596-42a1-8d2a-b1579166e863/export {"uuid": "1b3e9612-3596-42a1-8d2a-b1579166e863", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-47020", "type": "seen", "source": "https://t.me/ctinow/198335", "content": "https://ift.tt/48tMm2j\nCVE-2023-47020 | NCR Terminal Handler up to 1.5.1 WSDL cross-site request forgery", "creation_timestamp": "2024-03-02T12:41:42.000000Z"} {"uuid": "1b3e9612-3596-42a1-8d2a-b1579166e863", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-47020", "type": "seen", "source": "https://t.me/ctinow/198335", "content": "https://ift.tt/48tMm2j\nCVE-2023-47020 | NCR Terminal Handler up to 1.5.1 WSDL cross-site request forgery", "creation_timestamp": "2024-03-02T12:41:42.000000Z"} https://vulnerability.circl.lu/sighting/1b3e9612-3596-42a1-8d2a-b1579166e863/export Sat, 02 Mar 2024 12:41:42 +0000 https://vulnerability.circl.lu/sighting/584d2f71-8cc2-41e7-84d8-b194dbefc170/export {"uuid": "584d2f71-8cc2-41e7-84d8-b194dbefc170", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-47022", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18613", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-47022\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Insecure Direct Object Reference in NCR Terminal Handler v.1.5.1 allows an unprivileged user to edit the audit logs for any user and can lead to CSV injection.\n\ud83d\udccf Published: 2024-02-06T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-17T16:15:54.602Z\n\ud83d\udd17 References:\n1. https://github.com/Patrick0x41/Security-Advisories/tree/main/CVE-2023-47022", "creation_timestamp": "2025-06-17T16:41:04.000000Z"} {"uuid": "584d2f71-8cc2-41e7-84d8-b194dbefc170", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-47022", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18613", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-47022\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Insecure Direct Object Reference in NCR Terminal Handler v.1.5.1 allows an unprivileged user to edit the audit logs for any user and can lead to CSV injection.\n\ud83d\udccf Published: 2024-02-06T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-17T16:15:54.602Z\n\ud83d\udd17 References:\n1. https://github.com/Patrick0x41/Security-Advisories/tree/main/CVE-2023-47022", "creation_timestamp": "2025-06-17T16:41:04.000000Z"} https://vulnerability.circl.lu/sighting/584d2f71-8cc2-41e7-84d8-b194dbefc170/export Tue, 17 Jun 2025 16:41:04 +0000 https://vulnerability.circl.lu/sighting/c59abfde-c225-4342-9b53-64046ce35989/export {"uuid": "c59abfde-c225-4342-9b53-64046ce35989", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4702", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/19443", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-4702\n\ud83d\udd25 CVSS Score: 9.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Authentication Bypass Using an Alternate Path or Channel vulnerability in Yepas Digital Yepas allows Authentication Bypass.This issue affects Digital Yepas: before 1.0.1.\n\n\n\ud83d\udccf Published: 2023-09-14T19:01:26.533Z\n\ud83d\udccf Modified: 2025-06-25T13:28:24.508Z\n\ud83d\udd17 References:\n1. https://www.usom.gov.tr/bildirim/tr-23-0526", "creation_timestamp": "2025-06-25T13:50:54.000000Z"} {"uuid": "c59abfde-c225-4342-9b53-64046ce35989", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-4702", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/19443", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-4702\n\ud83d\udd25 CVSS Score: 9.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Authentication Bypass Using an Alternate Path or Channel vulnerability in Yepas Digital Yepas allows Authentication Bypass.This issue affects Digital Yepas: before 1.0.1.\n\n\n\ud83d\udccf Published: 2023-09-14T19:01:26.533Z\n\ud83d\udccf Modified: 2025-06-25T13:28:24.508Z\n\ud83d\udd17 References:\n1. https://www.usom.gov.tr/bildirim/tr-23-0526", "creation_timestamp": "2025-06-25T13:50:54.000000Z"} https://vulnerability.circl.lu/sighting/c59abfde-c225-4342-9b53-64046ce35989/export Wed, 25 Jun 2025 13:50:54 +0000 https://vulnerability.circl.lu/sighting/57dc427b-28e1-4e0d-ad45-4193989b2d58/export {"uuid": "57dc427b-28e1-4e0d-ad45-4193989b2d58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-47029", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19620", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-47029\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue in NCR Terminal Handler v.1.5.1 allows a remote attacker to execute arbitrary code and obtain sensitive information via a crafted POST request to the UserService component\n\ud83d\udccf Published: 2025-06-23T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-26T15:08:53.266Z\n\ud83d\udd17 References:\n1. https://drive.google.com/file/d/1oX5uKnWGiYMaBxnBuqPiOA53XLxv1Ef4/view?usp=sharing\n2. https://github.com/pwahba/cve-research/blob/main/CVE-2023-47029/CVE-2023-47029.md", "creation_timestamp": "2025-06-26T15:52:47.000000Z"} {"uuid": "57dc427b-28e1-4e0d-ad45-4193989b2d58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-47029", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19620", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-47029\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue in NCR Terminal Handler v.1.5.1 allows a remote attacker to execute arbitrary code and obtain sensitive information via a crafted POST request to the UserService component\n\ud83d\udccf Published: 2025-06-23T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-26T15:08:53.266Z\n\ud83d\udd17 References:\n1. https://drive.google.com/file/d/1oX5uKnWGiYMaBxnBuqPiOA53XLxv1Ef4/view?usp=sharing\n2. https://github.com/pwahba/cve-research/blob/main/CVE-2023-47029/CVE-2023-47029.md", "creation_timestamp": "2025-06-26T15:52:47.000000Z"} https://vulnerability.circl.lu/sighting/57dc427b-28e1-4e0d-ad45-4193989b2d58/export Thu, 26 Jun 2025 15:52:47 +0000