https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Mon, 04 May 2026 19:54:38 +0000 https://vulnerability.circl.lu/sighting/7c19290e-3263-4d80-8c2f-5822bbe28485/export {"uuid": "7c19290e-3263-4d80-8c2f-5822bbe28485", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40348", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/454", "content": "CvEploiterv2 x xWPv3 [Ultimate/Beast Software.]\n\n[The most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n with the latest version/method.]\n\n1x => CVE-2024-38761 - Wordpress [Zephyr Project Manager] < Unauthenticated Information Exposure.\n\n2x => CVE-2024-38759 - Wordpress [Search & Replace] < Unauthenticated PHP Object Injection.\n\n3x => CVE-2024-6313 - Wordpress [Gutenberg Forms] < Unauthenticated Arbitrary File Upload.\n\n4x => CVE-2024-6164 - Wordpress [Filter & Grids] < Unauthenticated Local File Inclusion.\n\n5x => CVE-2024-40348 - \n[Bazarr] < Unauthenticated Arbitrary File Read.\n\n6x => CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] < Unauthenticated SQL Injection via Hash.\n\n7x => CVE-2024-4577 - PHP [CGI] < Unauthenticated Command Injection.\n\n8x => CVE-2024-4836 - [Edito CMS] < Unauthenticated Sensitive Data Leak.\n\n9x => CVE-2024-32399 - RaidenMAILD [MailServer] < Unauthenticated Path Traversal.\n\nEnjoy;", "creation_timestamp": "2024-09-07T16:14:23.000000Z"} {"uuid": "7c19290e-3263-4d80-8c2f-5822bbe28485", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40348", "type": "published-proof-of-concept", "source": "https://t.me/ton618cyber/454", "content": "CvEploiterv2 x xWPv3 [Ultimate/Beast Software.]\n\n[The most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n with the latest version/method.]\n\n1x => CVE-2024-38761 - Wordpress [Zephyr Project Manager] < Unauthenticated Information Exposure.\n\n2x => CVE-2024-38759 - Wordpress [Search & Replace] < Unauthenticated PHP Object Injection.\n\n3x => CVE-2024-6313 - Wordpress [Gutenberg Forms] < Unauthenticated Arbitrary File Upload.\n\n4x => CVE-2024-6164 - Wordpress [Filter & Grids] < Unauthenticated Local File Inclusion.\n\n5x => CVE-2024-40348 - \n[Bazarr] < Unauthenticated Arbitrary File Read.\n\n6x => CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] < Unauthenticated SQL Injection via Hash.\n\n7x => CVE-2024-4577 - PHP [CGI] < Unauthenticated Command Injection.\n\n8x => CVE-2024-4836 - [Edito CMS] < Unauthenticated Sensitive Data Leak.\n\n9x => CVE-2024-32399 - RaidenMAILD [MailServer] < Unauthenticated Path Traversal.\n\nEnjoy;", "creation_timestamp": "2024-09-07T16:14:23.000000Z"} https://vulnerability.circl.lu/sighting/7c19290e-3263-4d80-8c2f-5822bbe28485/export Sat, 07 Sep 2024 16:14:23 +0000 https://vulnerability.circl.lu/sighting/31decaa5-1a38-4bfa-8987-a5a73b83d2c8/export {"uuid": "31decaa5-1a38-4bfa-8987-a5a73b83d2c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40348", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1602", "content": "CvEploiterv2 x xWPv3 [Ultimate/Beast Software.]\n\n[The most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n with the latest version/method.]\n\n1x => CVE-2024-38761 - Wordpress [Zephyr Project Manager] < Unauthenticated Information Exposure.\n\n2x => CVE-2024-38759 - Wordpress [Search & Replace] < Unauthenticated PHP Object Injection.\n\n3x => CVE-2024-6313 - Wordpress [Gutenberg Forms] < Unauthenticated Arbitrary File Upload.\n\n4x => CVE-2024-6164 - Wordpress [Filter & Grids] < Unauthenticated Local File Inclusion.\n\n5x => CVE-2024-40348 - \n[Bazarr] < Unauthenticated Arbitrary File Read.\n\n6x => CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] < Unauthenticated SQL Injection via Hash.\n\n7x => CVE-2024-4577 - PHP [CGI] < Unauthenticated Command Injection.\n\n8x => CVE-2024-4836 - [Edito CMS] < Unauthenticated Sensitive Data Leak.\n\n9x => CVE-2024-32399 - RaidenMAILD [MailServer] < Unauthenticated Path Traversal.\n\nEnjoy;", "creation_timestamp": "2024-09-13T16:57:01.000000Z"} {"uuid": "31decaa5-1a38-4bfa-8987-a5a73b83d2c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40348", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1602", "content": "CvEploiterv2 x xWPv3 [Ultimate/Beast Software.]\n\n[The most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n with the latest version/method.]\n\n1x => CVE-2024-38761 - Wordpress [Zephyr Project Manager] < Unauthenticated Information Exposure.\n\n2x => CVE-2024-38759 - Wordpress [Search & Replace] < Unauthenticated PHP Object Injection.\n\n3x => CVE-2024-6313 - Wordpress [Gutenberg Forms] < Unauthenticated Arbitrary File Upload.\n\n4x => CVE-2024-6164 - Wordpress [Filter & Grids] < Unauthenticated Local File Inclusion.\n\n5x => CVE-2024-40348 - \n[Bazarr] < Unauthenticated Arbitrary File Read.\n\n6x => CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] < Unauthenticated SQL Injection via Hash.\n\n7x => CVE-2024-4577 - PHP [CGI] < Unauthenticated Command Injection.\n\n8x => CVE-2024-4836 - [Edito CMS] < Unauthenticated Sensitive Data Leak.\n\n9x => CVE-2024-32399 - RaidenMAILD [MailServer] < Unauthenticated Path Traversal.\n\nEnjoy;", "creation_timestamp": "2024-09-13T16:57:01.000000Z"} https://vulnerability.circl.lu/sighting/31decaa5-1a38-4bfa-8987-a5a73b83d2c8/export Fri, 13 Sep 2024 16:57:01 +0000 https://vulnerability.circl.lu/sighting/e9c71d44-e30c-4e1b-96bd-a11b25869855/export {"uuid": "e9c71d44-e30c-4e1b-96bd-a11b25869855", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40348", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1615", "content": "CvEploiterv2 x xWPv3 [Ultimate/Beast Software.]\n\n[The most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n with the latest version/method.]\n\n1x => CVE-2024-38761 - Wordpress [Zephyr Project Manager] < Unauthenticated Information Exposure.\n\n2x => CVE-2024-38759 - Wordpress [Search & Replace] < Unauthenticated PHP Object Injection.\n\n3x => CVE-2024-6313 - Wordpress [Gutenberg Forms] < Unauthenticated Arbitrary File Upload.\n\n4x => CVE-2024-6164 - Wordpress [Filter & Grids] < Unauthenticated Local File Inclusion.\n\n5x => CVE-2024-40348 - \n[Bazarr] < Unauthenticated Arbitrary File Read.\n\n6x => CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] < Unauthenticated SQL Injection via Hash.\n\n7x => CVE-2024-4577 - PHP [CGI] < Unauthenticated Command Injection.\n\n8x => CVE-2024-4836 - [Edito CMS] < Unauthenticated Sensitive Data Leak.\n\n9x => CVE-2024-32399 - RaidenMAILD [MailServer] < Unauthenticated Path Traversal.\n\nEnjoy;", "creation_timestamp": "2024-10-18T12:25:41.000000Z"} {"uuid": "e9c71d44-e30c-4e1b-96bd-a11b25869855", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40348", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1615", "content": "CvEploiterv2 x xWPv3 [Ultimate/Beast Software.]\n\n[The most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n with the latest version/method.]\n\n1x => CVE-2024-38761 - Wordpress [Zephyr Project Manager] < Unauthenticated Information Exposure.\n\n2x => CVE-2024-38759 - Wordpress [Search & Replace] < Unauthenticated PHP Object Injection.\n\n3x => CVE-2024-6313 - Wordpress [Gutenberg Forms] < Unauthenticated Arbitrary File Upload.\n\n4x => CVE-2024-6164 - Wordpress [Filter & Grids] < Unauthenticated Local File Inclusion.\n\n5x => CVE-2024-40348 - \n[Bazarr] < Unauthenticated Arbitrary File Read.\n\n6x => CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] < Unauthenticated SQL Injection via Hash.\n\n7x => CVE-2024-4577 - PHP [CGI] < Unauthenticated Command Injection.\n\n8x => CVE-2024-4836 - [Edito CMS] < Unauthenticated Sensitive Data Leak.\n\n9x => CVE-2024-32399 - RaidenMAILD [MailServer] < Unauthenticated Path Traversal.\n\nEnjoy;", "creation_timestamp": "2024-10-18T12:25:41.000000Z"} https://vulnerability.circl.lu/sighting/e9c71d44-e30c-4e1b-96bd-a11b25869855/export Fri, 18 Oct 2024 12:25:41 +0000 https://vulnerability.circl.lu/sighting/d7874e42-0453-4cc3-9e11-3de08a42f070/export {"uuid": "d7874e42-0453-4cc3-9e11-3de08a42f070", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40348", "type": "published-proof-of-concept", "source": "Telegram/74IzvRfHv6As3hyVMCWy5rx44qm1MKm9hZLdVsqv0WV9bgP1", "content": "", "creation_timestamp": "2024-10-18T12:26:48.000000Z"} {"uuid": "d7874e42-0453-4cc3-9e11-3de08a42f070", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40348", "type": "published-proof-of-concept", "source": "Telegram/74IzvRfHv6As3hyVMCWy5rx44qm1MKm9hZLdVsqv0WV9bgP1", "content": "", "creation_timestamp": "2024-10-18T12:26:48.000000Z"} https://vulnerability.circl.lu/sighting/d7874e42-0453-4cc3-9e11-3de08a42f070/export Fri, 18 Oct 2024 12:26:48 +0000 https://vulnerability.circl.lu/sighting/78d2af46-d27d-4e51-aeb3-abf38213fbb9/export {"uuid": "78d2af46-d27d-4e51-aeb3-abf38213fbb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40348", "type": "exploited", "source": "https://t.me/Unik4tsG4ng/9792", "content": "This is a bulk scanning and exploitation tool for CVE-2024-40348, Bazaar v1.4.3 and prior. Will attempt to read /etc/passwd from target.\n\nhttps://github.com/bigb0x/CVE-2024-40348", "creation_timestamp": "2024-10-25T04:22:47.000000Z"} {"uuid": "78d2af46-d27d-4e51-aeb3-abf38213fbb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40348", "type": "exploited", "source": "https://t.me/Unik4tsG4ng/9792", "content": "This is a bulk scanning and exploitation tool for CVE-2024-40348, Bazaar v1.4.3 and prior. Will attempt to read /etc/passwd from target.\n\nhttps://github.com/bigb0x/CVE-2024-40348", "creation_timestamp": "2024-10-25T04:22:47.000000Z"} https://vulnerability.circl.lu/sighting/78d2af46-d27d-4e51-aeb3-abf38213fbb9/export Fri, 25 Oct 2024 04:22:47 +0000 https://vulnerability.circl.lu/sighting/a17622c4-d893-4126-8aa5-ddcb5385c028/export {"uuid": "a17622c4-d893-4126-8aa5-ddcb5385c028", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40348", "type": "seen", "source": "https://t.me/HackerInvestigationZone/9", "content": "\ud83d\udea8_CvEploiterv2 x xWPv3 Ultimate/Beast Software\n\n\ud83c\udfafThe most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n\u00a0\u00a0\u00a0\u00a0 with the latest version/method.]\n\n\u2699\ufe0fCVE-2024-38761 - Wordpress [Zephyr Project Manager] < Unauthenticated Information Exposure.\n\n \u2699\ufe0fCVE-2024-38759 - Wordpress [Search & Replace] < Unauthenticated PHP Object Injection.\n\n\u2699\ufe0fCVE-2024-6313 - Wordpress [Gutenberg Forms] < Unauthenticated Arbitrary File Upload.\n\n\u2699\ufe0fCVE-2024-6164 - Wordpress [Filter & Grids] < Unauthenticated Local File Inclusion.\n\n\u2699\ufe0fCVE-2024-40348 - \n[Bazarr] < Unauthenticated Arbitrary File Read.\n\n\u2699\ufe0f#CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] < Unauthenticated SQL Injection via Hash.\n\n\u2699\ufe0fCVE-2024-4577 - PHP [CGI] < Unauthenticated Command Injection.\n\n\u2699\ufe0fCVE-2024-4836 - [Edito CMS] < Unauthenticated Sensitive Data Leak.\n\n\u2699\ufe0fCVE-2024-32399 - RaidenMAILD [MailServer] < Unauthenticated Path Traversal.\n\n#Investigation_of_hacking \n#Cyber_Security_News\n#codeb0ss", "creation_timestamp": "2024-11-12T20:45:56.000000Z"} {"uuid": "a17622c4-d893-4126-8aa5-ddcb5385c028", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40348", "type": "seen", "source": "https://t.me/HackerInvestigationZone/9", "content": "\ud83d\udea8_CvEploiterv2 x xWPv3 Ultimate/Beast Software\n\n\ud83c\udfafThe most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n\u00a0\u00a0\u00a0\u00a0 with the latest version/method.]\n\n\u2699\ufe0fCVE-2024-38761 - Wordpress [Zephyr Project Manager] < Unauthenticated Information Exposure.\n\n \u2699\ufe0fCVE-2024-38759 - Wordpress [Search & Replace] < Unauthenticated PHP Object Injection.\n\n\u2699\ufe0fCVE-2024-6313 - Wordpress [Gutenberg Forms] < Unauthenticated Arbitrary File Upload.\n\n\u2699\ufe0fCVE-2024-6164 - Wordpress [Filter & Grids] < Unauthenticated Local File Inclusion.\n\n\u2699\ufe0fCVE-2024-40348 - \n[Bazarr] < Unauthenticated Arbitrary File Read.\n\n\u2699\ufe0f#CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] < Unauthenticated SQL Injection via Hash.\n\n\u2699\ufe0fCVE-2024-4577 - PHP [CGI] < Unauthenticated Command Injection.\n\n\u2699\ufe0fCVE-2024-4836 - [Edito CMS] < Unauthenticated Sensitive Data Leak.\n\n\u2699\ufe0fCVE-2024-32399 - RaidenMAILD [MailServer] < Unauthenticated Path Traversal.\n\n#Investigation_of_hacking \n#Cyber_Security_News\n#codeb0ss", "creation_timestamp": "2024-11-12T20:45:56.000000Z"} https://vulnerability.circl.lu/sighting/a17622c4-d893-4126-8aa5-ddcb5385c028/export Tue, 12 Nov 2024 20:45:56 +0000 https://vulnerability.circl.lu/sighting/6bf456b8-0101-4c36-9541-7c4289f8f516/export {"uuid": "6bf456b8-0101-4c36-9541-7c4289f8f516", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40348", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1634", "content": "CvEploiterv2 x xWPv3 [Ultimate/Beast Software.]\n\n[The most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n with the latest version/method.]\n\n1x => CVE-2024-38761 - Wordpress [Zephyr Project Manager] < Unauthenticated Information Exposure.\n\n2x => CVE-2024-38759 - Wordpress [Search & Replace] < Unauthenticated PHP Object Injection.\n\n3x => CVE-2024-6313 - Wordpress [Gutenberg Forms] < Unauthenticated Arbitrary File Upload.\n\n4x => CVE-2024-6164 - Wordpress [Filter & Grids] < Unauthenticated Local File Inclusion.\n\n5x => CVE-2024-40348 - \n[Bazarr] < Unauthenticated Arbitrary File Read.\n\n6x => CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] < Unauthenticated SQL Injection via Hash.\n\n7x => CVE-2024-4577 - PHP [CGI] < Unauthenticated Command Injection.\n\n8x => CVE-2024-4836 - [Edito CMS] < Unauthenticated Sensitive Data Leak.\n\n9x => CVE-2024-32399 - RaidenMAILD [MailServer] < Unauthenticated Path Traversal.\n\nEnjoy;", "creation_timestamp": "2024-11-30T13:27:14.000000Z"} {"uuid": "6bf456b8-0101-4c36-9541-7c4289f8f516", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40348", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1634", "content": "CvEploiterv2 x xWPv3 [Ultimate/Beast Software.]\n\n[The most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n with the latest version/method.]\n\n1x => CVE-2024-38761 - Wordpress [Zephyr Project Manager] < Unauthenticated Information Exposure.\n\n2x => CVE-2024-38759 - Wordpress [Search & Replace] < Unauthenticated PHP Object Injection.\n\n3x => CVE-2024-6313 - Wordpress [Gutenberg Forms] < Unauthenticated Arbitrary File Upload.\n\n4x => CVE-2024-6164 - Wordpress [Filter & Grids] < Unauthenticated Local File Inclusion.\n\n5x => CVE-2024-40348 - \n[Bazarr] < Unauthenticated Arbitrary File Read.\n\n6x => CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] < Unauthenticated SQL Injection via Hash.\n\n7x => CVE-2024-4577 - PHP [CGI] < Unauthenticated Command Injection.\n\n8x => CVE-2024-4836 - [Edito CMS] < Unauthenticated Sensitive Data Leak.\n\n9x => CVE-2024-32399 - RaidenMAILD [MailServer] < Unauthenticated Path Traversal.\n\nEnjoy;", "creation_timestamp": "2024-11-30T13:27:14.000000Z"} https://vulnerability.circl.lu/sighting/6bf456b8-0101-4c36-9541-7c4289f8f516/export Sat, 30 Nov 2024 13:27:14 +0000 https://vulnerability.circl.lu/sighting/ee2b1c92-465f-4e51-8031-1acc917d0807/export {"uuid": "ee2b1c92-465f-4e51-8031-1acc917d0807", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40348", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1653", "content": "CvEploiterv2 x xWPv3 [Ultimate/Beast Software.]\n\n[The most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n with the latest version/method.]\n\n1x => CVE-2024-38761 - Wordpress [Zephyr Project Manager] < Unauthenticated Information Exposure.\n\n2x => CVE-2024-38759 - Wordpress [Search & Replace] < Unauthenticated PHP Object Injection.\n\n3x => CVE-2024-6313 - Wordpress [Gutenberg Forms] < Unauthenticated Arbitrary File Upload.\n\n4x => CVE-2024-6164 - Wordpress [Filter & Grids] < Unauthenticated Local File Inclusion.\n\n5x => CVE-2024-40348 - \n[Bazarr] < Unauthenticated Arbitrary File Read.\n\n6x => CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] < Unauthenticated SQL Injection via Hash.\n\n7x => CVE-2024-4577 - PHP [CGI] < Unauthenticated Command Injection.\n\n8x => CVE-2024-4836 - [Edito CMS] < Unauthenticated Sensitive Data Leak.\n\n9x => CVE-2024-32399 - RaidenMAILD [MailServer] < Unauthenticated Path Traversal.\n\nEnjoy;", "creation_timestamp": "2024-12-18T18:01:34.000000Z"} {"uuid": "ee2b1c92-465f-4e51-8031-1acc917d0807", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40348", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1653", "content": "CvEploiterv2 x xWPv3 [Ultimate/Beast Software.]\n\n[The most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n with the latest version/method.]\n\n1x => CVE-2024-38761 - Wordpress [Zephyr Project Manager] < Unauthenticated Information Exposure.\n\n2x => CVE-2024-38759 - Wordpress [Search & Replace] < Unauthenticated PHP Object Injection.\n\n3x => CVE-2024-6313 - Wordpress [Gutenberg Forms] < Unauthenticated Arbitrary File Upload.\n\n4x => CVE-2024-6164 - Wordpress [Filter & Grids] < Unauthenticated Local File Inclusion.\n\n5x => CVE-2024-40348 - \n[Bazarr] < Unauthenticated Arbitrary File Read.\n\n6x => CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] < Unauthenticated SQL Injection via Hash.\n\n7x => CVE-2024-4577 - PHP [CGI] < Unauthenticated Command Injection.\n\n8x => CVE-2024-4836 - [Edito CMS] < Unauthenticated Sensitive Data Leak.\n\n9x => CVE-2024-32399 - RaidenMAILD [MailServer] < Unauthenticated Path Traversal.\n\nEnjoy;", "creation_timestamp": "2024-12-18T18:01:34.000000Z"} https://vulnerability.circl.lu/sighting/ee2b1c92-465f-4e51-8031-1acc917d0807/export Wed, 18 Dec 2024 18:01:34 +0000 https://vulnerability.circl.lu/sighting/c55cb8d7-05e8-40b3-9484-3d6f60ea3799/export {"uuid": "c55cb8d7-05e8-40b3-9484-3d6f60ea3799", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40348", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9525", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aBazaar v1.4.3 \u4efb\u610f\u6587\u4ef6\u8bfb\u53d6\u6f0f\u6d1e(CVE-2024-40348)\nURL\uff1ahttps://github.com/NingXin2002/Bazaar_poc\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-20T09:52:46.000000Z"} {"uuid": "c55cb8d7-05e8-40b3-9484-3d6f60ea3799", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40348", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9525", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aBazaar v1.4.3 \u4efb\u610f\u6587\u4ef6\u8bfb\u53d6\u6f0f\u6d1e(CVE-2024-40348)\nURL\uff1ahttps://github.com/NingXin2002/Bazaar_poc\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-20T09:52:46.000000Z"} https://vulnerability.circl.lu/sighting/c55cb8d7-05e8-40b3-9484-3d6f60ea3799/export Fri, 20 Dec 2024 09:52:46 +0000 https://vulnerability.circl.lu/sighting/8fe8a14d-ef40-4b3a-a1c7-990972e4354b/export {"uuid": "8fe8a14d-ef40-4b3a-a1c7-990972e4354b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40348", "type": "published-proof-of-concept", "source": "https://t.me/cyber_hsecurity/3301", "content": "CvEploiterv2 x xWPv3 [Ultimate/Beast Software.]\n\n[The most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n with the latest version/method.]\n\n1x => CVE-2024-38761 - Wordpress [Zephyr Project Manager] < Unauthenticated Information Exposure.\n\n2x => CVE-2024-38759 - Wordpress [Search & Replace] < Unauthenticated PHP Object Injection.\n\n3x => CVE-2024-6313 - Wordpress [Gutenberg Forms] < Unauthenticated Arbitrary File Upload.\n\n4x => CVE-2024-6164 - Wordpress [Filter & Grids] < Unauthenticated Local File Inclusion.\n\n5x => CVE-2024-40348 - \n[Bazarr] < Unauthenticated Arbitrary File Read.\n\n6x => CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] < Unauthenticated SQL Injection via Hash.\n\n7x => CVE-2024-4577 - PHP [CGI] < Unauthenticated Command Injection.\n\n8x => CVE-2024-4836 - [Edito CMS] < Unauthenticated Sensitive Data Leak.\n\n9x => CVE-2024-32399 - RaidenMAILD [MailServer] < Unauthenticated Path Traversal.\n\nEnjoy;", "creation_timestamp": "2025-03-16T00:41:48.000000Z"} {"uuid": "8fe8a14d-ef40-4b3a-a1c7-990972e4354b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-40348", "type": "published-proof-of-concept", "source": "https://t.me/cyber_hsecurity/3301", "content": "CvEploiterv2 x xWPv3 [Ultimate/Beast Software.]\n\n[The most advanced software for CV 2024 expl0its and WordPress vulnerabilities\n with the latest version/method.]\n\n1x => CVE-2024-38761 - Wordpress [Zephyr Project Manager] < Unauthenticated Information Exposure.\n\n2x => CVE-2024-38759 - Wordpress [Search & Replace] < Unauthenticated PHP Object Injection.\n\n3x => CVE-2024-6313 - Wordpress [Gutenberg Forms] < Unauthenticated Arbitrary File Upload.\n\n4x => CVE-2024-6164 - Wordpress [Filter & Grids] < Unauthenticated Local File Inclusion.\n\n5x => CVE-2024-40348 - \n[Bazarr] < Unauthenticated Arbitrary File Read.\n\n6x => CVE-2024-4295 - Wordpress [Email Subscribers by Icegram Expres] < Unauthenticated SQL Injection via Hash.\n\n7x => CVE-2024-4577 - PHP [CGI] < Unauthenticated Command Injection.\n\n8x => CVE-2024-4836 - [Edito CMS] < Unauthenticated Sensitive Data Leak.\n\n9x => CVE-2024-32399 - RaidenMAILD [MailServer] < Unauthenticated Path Traversal.\n\nEnjoy;", "creation_timestamp": "2025-03-16T00:41:48.000000Z"} https://vulnerability.circl.lu/sighting/8fe8a14d-ef40-4b3a-a1c7-990972e4354b/export Sun, 16 Mar 2025 00:41:48 +0000