https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sun, 10 May 2026 13:34:32 +0000 https://vulnerability.circl.lu/sighting/a1ea5fdf-54ee-4926-96f7-ae81f9fcb9a3/export {"uuid": "a1ea5fdf-54ee-4926-96f7-ae81f9fcb9a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4933", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16842", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4933\n\ud83d\udd25 CVSS Score: 5.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability, which was classified as critical, was found in ponaravindb Hospital-Management-System 1.0. This affects an unknown part of the file /doctor-panel.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-05-19T13:00:07.934Z\n\ud83d\udccf Modified: 2025-05-19T13:00:07.934Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.309495\n2. https://vuldb.com/?ctiid.309495\n3. https://vuldb.com/?submit.579678\n4. https://github.com/zylv0002/SQLi-ponaravindb-HMS", "creation_timestamp": "2025-05-19T13:39:26.000000Z"} {"uuid": "a1ea5fdf-54ee-4926-96f7-ae81f9fcb9a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-4933", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/16842", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-4933\n\ud83d\udd25 CVSS Score: 5.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability, which was classified as critical, was found in ponaravindb Hospital-Management-System 1.0. This affects an unknown part of the file /doctor-panel.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-05-19T13:00:07.934Z\n\ud83d\udccf Modified: 2025-05-19T13:00:07.934Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.309495\n2. https://vuldb.com/?ctiid.309495\n3. https://vuldb.com/?submit.579678\n4. https://github.com/zylv0002/SQLi-ponaravindb-HMS", "creation_timestamp": "2025-05-19T13:39:26.000000Z"} https://vulnerability.circl.lu/sighting/a1ea5fdf-54ee-4926-96f7-ae81f9fcb9a3/export Mon, 19 May 2025 13:39:26 +0000 https://vulnerability.circl.lu/sighting/fc764ee0-cc40-437f-a0c6-bc57f4543f76/export {"uuid": "fc764ee0-cc40-437f-a0c6-bc57f4543f76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49331", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3lrsstpo6as23", "content": "", "creation_timestamp": "2025-06-17T15:31:06.159234Z"} {"uuid": "fc764ee0-cc40-437f-a0c6-bc57f4543f76", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49331", "type": "seen", "source": "https://bsky.app/profile/potato.software/post/3lrsstpo6as23", "content": "", "creation_timestamp": "2025-06-17T15:31:06.159234Z"} https://vulnerability.circl.lu/sighting/fc764ee0-cc40-437f-a0c6-bc57f4543f76/export Tue, 17 Jun 2025 15:31:06 +0000 https://vulnerability.circl.lu/sighting/6f71ffd5-a8c6-46ba-af73-0f37d4369d67/export {"uuid": "6f71ffd5-a8c6-46ba-af73-0f37d4369d67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49331", "type": "seen", "source": "Telegram/-G7yge5OO_PwalQgUT4aKwTAwYlFDeFB7_c6hZGGGT8IukU", "content": "", "creation_timestamp": "2025-06-17T16:18:10.000000Z"} {"uuid": "6f71ffd5-a8c6-46ba-af73-0f37d4369d67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49331", "type": "seen", "source": "Telegram/-G7yge5OO_PwalQgUT4aKwTAwYlFDeFB7_c6hZGGGT8IukU", "content": "", "creation_timestamp": "2025-06-17T16:18:10.000000Z"} https://vulnerability.circl.lu/sighting/6f71ffd5-a8c6-46ba-af73-0f37d4369d67/export Tue, 17 Jun 2025 16:18:10 +0000 https://vulnerability.circl.lu/sighting/099d43b7-4f01-42ac-821a-785eb1c61cdb/export {"uuid": "099d43b7-4f01-42ac-821a-785eb1c61cdb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49330", "type": "seen", "source": "Telegram/-G7yge5OO_PwalQgUT4aKwTAwYlFDeFB7_c6hZGGGT8IukU", "content": "", "creation_timestamp": "2025-06-17T16:18:10.000000Z"} {"uuid": "099d43b7-4f01-42ac-821a-785eb1c61cdb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49330", "type": "seen", "source": "Telegram/-G7yge5OO_PwalQgUT4aKwTAwYlFDeFB7_c6hZGGGT8IukU", "content": "", "creation_timestamp": "2025-06-17T16:18:10.000000Z"} https://vulnerability.circl.lu/sighting/099d43b7-4f01-42ac-821a-785eb1c61cdb/export Tue, 17 Jun 2025 16:18:10 +0000 https://vulnerability.circl.lu/sighting/ae835de8-fd30-4558-bdcb-d80c6b636e21/export {"uuid": "ae835de8-fd30-4558-bdcb-d80c6b636e21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49330", "type": "seen", "source": "Telegram/PD7za3Z_IQKuOVsDqz1Mapzzmy3mNuoA2PwtCv7Di4_BOiE", "content": "", "creation_timestamp": "2025-06-17T16:18:16.000000Z"} {"uuid": "ae835de8-fd30-4558-bdcb-d80c6b636e21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49330", "type": "seen", "source": "Telegram/PD7za3Z_IQKuOVsDqz1Mapzzmy3mNuoA2PwtCv7Di4_BOiE", "content": "", "creation_timestamp": "2025-06-17T16:18:16.000000Z"} https://vulnerability.circl.lu/sighting/ae835de8-fd30-4558-bdcb-d80c6b636e21/export Tue, 17 Jun 2025 16:18:16 +0000 https://vulnerability.circl.lu/sighting/cc28c64c-4e73-460f-8afd-b7e626fd053a/export {"uuid": "cc28c64c-4e73-460f-8afd-b7e626fd053a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49331", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18952", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-49331\n\ud83d\udd25 CVSS Score: 7.2 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Deserialization of Untrusted Data vulnerability in impleCode eCommerce Product Catalog allows Object Injection. This issue affects eCommerce Product Catalog: from n/a through 3.4.3.\n\ud83d\udccf Published: 2025-06-17T15:01:22.874Z\n\ud83d\udccf Modified: 2025-06-20T13:13:22.955Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/ecommerce-product-catalog/vulnerability/wordpress-ecommerce-product-catalog-3-4-3-php-object-injection-vulnerability?_s_id=cve", "creation_timestamp": "2025-06-20T13:43:12.000000Z"} {"uuid": "cc28c64c-4e73-460f-8afd-b7e626fd053a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49331", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18952", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-49331\n\ud83d\udd25 CVSS Score: 7.2 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Deserialization of Untrusted Data vulnerability in impleCode eCommerce Product Catalog allows Object Injection. This issue affects eCommerce Product Catalog: from n/a through 3.4.3.\n\ud83d\udccf Published: 2025-06-17T15:01:22.874Z\n\ud83d\udccf Modified: 2025-06-20T13:13:22.955Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/ecommerce-product-catalog/vulnerability/wordpress-ecommerce-product-catalog-3-4-3-php-object-injection-vulnerability?_s_id=cve", "creation_timestamp": "2025-06-20T13:43:12.000000Z"} https://vulnerability.circl.lu/sighting/cc28c64c-4e73-460f-8afd-b7e626fd053a/export Fri, 20 Jun 2025 13:43:12 +0000 https://vulnerability.circl.lu/sighting/21728e87-9818-4619-832c-5730b8ff5d86/export {"uuid": "21728e87-9818-4619-832c-5730b8ff5d86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49330", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18953", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-49330\n\ud83d\udd25 CVSS Score: 9.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Deserialization of Untrusted Data vulnerability in CRM Perks Integration for Contact Form 7 and Zoho CRM, Bigin allows Object Injection. This issue affects Integration for Contact Form 7 and Zoho CRM, Bigin: from n/a through 1.3.0.\n\ud83d\udccf Published: 2025-06-17T15:01:23.343Z\n\ud83d\udccf Modified: 2025-06-20T13:13:17.417Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/cf7-zoho/vulnerability/wordpress-integration-for-contact-form-7-and-zoho-crm-bigin-1-3-0-php-object-injection-vulnerability?_s_id=cve", "creation_timestamp": "2025-06-20T13:43:13.000000Z"} {"uuid": "21728e87-9818-4619-832c-5730b8ff5d86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-49330", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18953", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-49330\n\ud83d\udd25 CVSS Score: 9.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Deserialization of Untrusted Data vulnerability in CRM Perks Integration for Contact Form 7 and Zoho CRM, Bigin allows Object Injection. This issue affects Integration for Contact Form 7 and Zoho CRM, Bigin: from n/a through 1.3.0.\n\ud83d\udccf Published: 2025-06-17T15:01:23.343Z\n\ud83d\udccf Modified: 2025-06-20T13:13:17.417Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/cf7-zoho/vulnerability/wordpress-integration-for-contact-form-7-and-zoho-crm-bigin-1-3-0-php-object-injection-vulnerability?_s_id=cve", "creation_timestamp": "2025-06-20T13:43:13.000000Z"} https://vulnerability.circl.lu/sighting/21728e87-9818-4619-832c-5730b8ff5d86/export Fri, 20 Jun 2025 13:43:13 +0000