https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sat, 30 May 2026 07:24:33 +0000 https://vulnerability.circl.lu/sighting/4620c420-469f-4740-9e30-acb8277b6f9c/export {"uuid": "4620c420-469f-4740-9e30-acb8277b6f9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30120", "type": "seen", "source": "https://t.me/cibsecurity/45093", "content": "\u203c CVE-2022-30120 \u203c\n\nXSS in /dashboard/blocks/stacks/view_details/ - old browsers only. When using an older browser with built-in XSS protection disabled, insufficient sanitation where built urls are outputted can be exploited for Concrete 8.5.7 and below as well as Concrete 9.0 through 9.0.2 to allow XSS. This cannot be exploited in modern-day web browsers due to an automatic input escape mechanism. Concrete CMS Security team ranked this vulnerability 3.1with CVSS v3.1 Vector AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N. Sanitation has been added where built urls are output. Credit to Credit to Bogdan Tiron from FORTBRIDGE (https://www.fortbridge.co.uk/ ) for reporting\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-24T18:31:13.000000Z"} {"uuid": "4620c420-469f-4740-9e30-acb8277b6f9c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30120", "type": "seen", "source": "https://t.me/cibsecurity/45093", "content": "\u203c CVE-2022-30120 \u203c\n\nXSS in /dashboard/blocks/stacks/view_details/ - old browsers only. When using an older browser with built-in XSS protection disabled, insufficient sanitation where built urls are outputted can be exploited for Concrete 8.5.7 and below as well as Concrete 9.0 through 9.0.2 to allow XSS. This cannot be exploited in modern-day web browsers due to an automatic input escape mechanism. Concrete CMS Security team ranked this vulnerability 3.1with CVSS v3.1 Vector AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N. Sanitation has been added where built urls are output. Credit to Credit to Bogdan Tiron from FORTBRIDGE (https://www.fortbridge.co.uk/ ) for reporting\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-24T18:31:13.000000Z"} https://vulnerability.circl.lu/sighting/4620c420-469f-4740-9e30-acb8277b6f9c/export Fri, 24 Jun 2022 18:31:13 +0000 https://vulnerability.circl.lu/sighting/319b000f-cdde-4d49-b31a-b03f360eab89/export {"uuid": "319b000f-cdde-4d49-b31a-b03f360eab89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30126", "type": "seen", "source": "https://t.me/cibsecurity/45253", "content": "\u203c CVE-2022-33879 \u203c\n\nThe initial fixes in CVE-2022-30126 and CVE-2022-30973 for regexes in the StandardsExtractingContentHandler were insufficient, and we found a separate, new regex DoS in a different regex in the StandardsExtractingContentHandler. These are now fixed in 1.28.4 and 2.4.1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-28T02:35:07.000000Z"} {"uuid": "319b000f-cdde-4d49-b31a-b03f360eab89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30126", "type": "seen", "source": "https://t.me/cibsecurity/45253", "content": "\u203c CVE-2022-33879 \u203c\n\nThe initial fixes in CVE-2022-30126 and CVE-2022-30973 for regexes in the StandardsExtractingContentHandler were insufficient, and we found a separate, new regex DoS in a different regex in the StandardsExtractingContentHandler. These are now fixed in 1.28.4 and 2.4.1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-28T02:35:07.000000Z"} https://vulnerability.circl.lu/sighting/319b000f-cdde-4d49-b31a-b03f360eab89/export Tue, 28 Jun 2022 02:35:07 +0000 https://vulnerability.circl.lu/sighting/42c5a2ee-e5c7-4f18-9940-d321bb21195e/export {"uuid": "42c5a2ee-e5c7-4f18-9940-d321bb21195e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30122", "type": "seen", "source": "https://t.me/ctinow/55936", "content": "Internet Bug Bounty: Rack CVE-2022-30122: Denial of Service Vulnerability in Rack Multipart Parsing\n\nhttps://ift.tt/qgFY4Uh", "creation_timestamp": "2022-07-23T06:11:11.000000Z"} {"uuid": "42c5a2ee-e5c7-4f18-9940-d321bb21195e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30122", "type": "seen", "source": "https://t.me/ctinow/55936", "content": "Internet Bug Bounty: Rack CVE-2022-30122: Denial of Service Vulnerability in Rack Multipart Parsing\n\nhttps://ift.tt/qgFY4Uh", "creation_timestamp": "2022-07-23T06:11:11.000000Z"} https://vulnerability.circl.lu/sighting/42c5a2ee-e5c7-4f18-9940-d321bb21195e/export Sat, 23 Jul 2022 06:11:11 +0000 https://vulnerability.circl.lu/sighting/5831183b-5e57-4d27-a6cd-a0ecb0fdef8c/export {"uuid": "5831183b-5e57-4d27-a6cd-a0ecb0fdef8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3012", "type": "seen", "source": "https://t.me/cibsecurity/48935", "content": "\u203c CVE-2022-3012 \u203c\n\nA vulnerability was found in oretnom23 Fast Food Ordering System. It has been rated as critical. Affected by this issue is some unknown functionality of the file ffos/admin/reports/index.php. The manipulation of the argument date leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-207422 is the identifier assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-27T12:31:04.000000Z"} {"uuid": "5831183b-5e57-4d27-a6cd-a0ecb0fdef8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3012", "type": "seen", "source": "https://t.me/cibsecurity/48935", "content": "\u203c CVE-2022-3012 \u203c\n\nA vulnerability was found in oretnom23 Fast Food Ordering System. It has been rated as critical. Affected by this issue is some unknown functionality of the file ffos/admin/reports/index.php. The manipulation of the argument date leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-207422 is the identifier assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-27T12:31:04.000000Z"} https://vulnerability.circl.lu/sighting/5831183b-5e57-4d27-a6cd-a0ecb0fdef8c/export Sat, 27 Aug 2022 12:31:04 +0000 https://vulnerability.circl.lu/sighting/711ae579-8c1e-4a35-9fa3-3434c8ee8004/export {"uuid": "711ae579-8c1e-4a35-9fa3-3434c8ee8004", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30121", "type": "seen", "source": "https://t.me/cibsecurity/50348", "content": "\u203c CVE-2022-30121 \u203c\n\nThe \u00e2\u20ac\u0153LANDesk(R) Management Agent\u00e2\u20ac\ufffd service exposes a socket and once connected, it is possible to launch commands only for signed executables. This is a security bug that allows a limited user to get escalated admin privileges on their system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-23T18:19:41.000000Z"} {"uuid": "711ae579-8c1e-4a35-9fa3-3434c8ee8004", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30121", "type": "seen", "source": "https://t.me/cibsecurity/50348", "content": "\u203c CVE-2022-30121 \u203c\n\nThe \u00e2\u20ac\u0153LANDesk(R) Management Agent\u00e2\u20ac\ufffd service exposes a socket and once connected, it is possible to launch commands only for signed executables. This is a security bug that allows a limited user to get escalated admin privileges on their system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-23T18:19:41.000000Z"} https://vulnerability.circl.lu/sighting/711ae579-8c1e-4a35-9fa3-3434c8ee8004/export Fri, 23 Sep 2022 18:19:41 +0000 https://vulnerability.circl.lu/sighting/0eea200c-d5c7-488c-8d57-7ae119969de2/export {"uuid": "0eea200c-d5c7-488c-8d57-7ae119969de2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30122", "type": "seen", "source": "https://t.me/cibsecurity/54041", "content": "\u203c CVE-2022-30122 \u203c\n\nA possible denial of service vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 in the multipart parsing component of Rack.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-06T00:40:34.000000Z"} {"uuid": "0eea200c-d5c7-488c-8d57-7ae119969de2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30122", "type": "seen", "source": "https://t.me/cibsecurity/54041", "content": "\u203c CVE-2022-30122 \u203c\n\nA possible denial of service vulnerability exists in Rack <2.0.9.1, <2.1.4.1 and <2.2.3.1 in the multipart parsing component of Rack.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-06T00:40:34.000000Z"} https://vulnerability.circl.lu/sighting/0eea200c-d5c7-488c-8d57-7ae119969de2/export Tue, 06 Dec 2022 00:40:34 +0000 https://vulnerability.circl.lu/sighting/1b44f1d2-c4ae-4d1b-a428-04f16de892dc/export {"uuid": "1b44f1d2-c4ae-4d1b-a428-04f16de892dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30129", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8696", "content": "#exploit\nWindows 11 Exploits\n(CVE-2023-24892, CVE-2023-33131, CVE-2022-30129, CVE-2023-33137, CVE-2023-33145, CVE-2023-33148, ...)\nhttps://github.com/nu11secur1ty/Windows11Exploits", "creation_timestamp": "2023-07-19T11:01:01.000000Z"} {"uuid": "1b44f1d2-c4ae-4d1b-a428-04f16de892dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30129", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8696", "content": "#exploit\nWindows 11 Exploits\n(CVE-2023-24892, CVE-2023-33131, CVE-2022-30129, CVE-2023-33137, CVE-2023-33145, CVE-2023-33148, ...)\nhttps://github.com/nu11secur1ty/Windows11Exploits", "creation_timestamp": "2023-07-19T11:01:01.000000Z"} https://vulnerability.circl.lu/sighting/1b44f1d2-c4ae-4d1b-a428-04f16de892dc/export Wed, 19 Jul 2023 11:01:01 +0000 https://vulnerability.circl.lu/sighting/02bc0c27-e594-4d5e-a88a-809d7c27c96b/export {"uuid": "02bc0c27-e594-4d5e-a88a-809d7c27c96b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30129", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3124", "content": "AnoMark\n\nThis algorithm is a Machine Learning one, using Natural Language Processing (NLP) techniques based on Markov Chains and n-grams. It offers a way to train a theoretical model on command lines datasets considered clean. Once done it can detect malicious command lines on other datasets.\n\nhttps://github.com/ANSSI-FR/AnoMark\n\n#cybersecurity #infosec\n\n\u200b\u200bCVE-2023-32117\n\nIntegrate Google Drive <= 1.1.99 - Missing Authorization via REST API Endpoints.\n\nhttps://github.com/RandomRobbieBF/CVE-2023-32117\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bGeoPincer\n\nA script that leverages OpenStreetMap's Overpass API in order to search for locations. These locations will be queried using a collection of establishments that are somewhat adjacent.\n\nhttps://github.com/tloja/GeoPincer\n\n#OSINT #cybersecurity #infosec\n\n\u200b\u200bAwesome Industrial Protocols\n\nCompilation of industrial network protocols resources focusing on offensive security.\n\n\u2022 You are currently viewing the Awesome Industrial Protocols page.\n\u2022 etailed pages for protocols are available in protocols.\n\u2022 All data is stored in MongoDB databases in db.\n\u2022 Turn/IP (in srcs) is a handy tool to manipulate this data, generate the awesome list and protocol pages, and simplify the research and test process on industrial protocols\n\nhttps://github.com/Orange-Cyberdefense/awesome-industrial-protocols\n\n#cybersecurity #infosec\n\n\u200b\u200bCVE-2023-36884-Checker\n\nScript to check for CVE-2023-36884 hardening.\n\nhttps://github.com/tarraschk/CVE-2023-36884-Checker\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bAlcatraz\n\nA x64 binary obfuscator that is able to obfuscate various different pe files including:\n\n\u2022 .exe\n\u2022 .dll\n\u2022 .sys\n\nhttps://github.com/weak1337/Alcatraz\n\n#infosec #pentesting #redteam\n\n\u200b\u200bCobalt Strike BOFs\n\nBeacon object files I made to use with #CobaltStrike.\n\nhttps://github.com/Und3rf10w/CobaltStrikeBOFs\n\n#infosec #pentesting #redteam\n\n\u200b\u200bWindows 11 Exploits\n\nCVE-2023-24892, CVE-2023-33131, CVE-2022-30129, CVE-2023-33137, CVE-2023-33145, CVE-2023-33148, CVE-2022-30190.\n\nhttps://github.com/nu11secur1ty/Windows11Exploits\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bADHunt v2.0\n\nA tool for enumerating Active Directory Enviroments looking for interesting AD objects, vulnerabilities, and misconfigurations. It currently uses a combination ldap queries and available tooling. It was built as a follow up to LinWinPwn.\n\nhttps://github.com/Auto19/ADHunt\n\n#infosec #pentesting #redteam\n\n\u200b\u200bIAMActionHunter\n\nIAMActionHunter is an IAM policy statement parser and query tool aims to simplify the process of collecting and understanding permission policy statements for users and roles in AWS Identity and Access Management (IAM). Although its functionality is straightforward, this tool was developed in response to the need for an efficient solution during day-to-day AWS penetration testing.\n\nhttps://github.com/RhinoSecurityLabs/IAMActionHunter\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bSysPlant\n\nA small implementation in NIM of the currently known syscall hooking methods.\n\nhttps://github.com/x42en/sysplant\n\n#infosec #pentesting #redteam\n\n\u200b\u200bUnshackle\n\nOpen-source tool to bypass windows and linux passwords from bootable usb.\n\nhttps://github.com/Fadi002/unshackle\n\n#infosec #pentesting #redteam\n\n\u200b\u200bCASR\n\nCollect crash reports, triage, and estimate severity.\n\nhttps://github.com/ispras/casr\n\n#cybersecurity #infosec\n\n\u200b\u200bCVE-2023-27163\n\nTo assist in enumerating the webserver behind the webserver SSRF.\n\nhttps://github.com/seanrdev/cve-2023-27163\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bCS2BR BOF\n\nYou would like to execute BOFs written for #CobaltStrike in #BruteRatel C4? Look no further, we got you covered! CS2BR implements a compatibility-layer that make CS BOFs use the BRC4 API. This allows you to use the vast landscape that is BOFs in BRC4.\n\nhttps://github.com/NVISOsecurity/cs2br-bof\n\nDetails:\nhttps://blog.nviso.eu/2023/07/17/introducing-cs2br-pt-ii-one-tool-to-port-them-all/\n \n#infosec #pentesting #redteam\n\n\u200b\u200bhypobrychium\n\nAV/EDR completely ignore me. Duplicate the token of a running process and run a command.\n\nhttps://github.com/foxlox/hypobrychium\n\n#cve #infosec\n\n2/3", "creation_timestamp": "2023-07-22T17:37:23.000000Z"} {"uuid": "02bc0c27-e594-4d5e-a88a-809d7c27c96b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30129", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3124", "content": "AnoMark\n\nThis algorithm is a Machine Learning one, using Natural Language Processing (NLP) techniques based on Markov Chains and n-grams. It offers a way to train a theoretical model on command lines datasets considered clean. Once done it can detect malicious command lines on other datasets.\n\nhttps://github.com/ANSSI-FR/AnoMark\n\n#cybersecurity #infosec\n\n\u200b\u200bCVE-2023-32117\n\nIntegrate Google Drive <= 1.1.99 - Missing Authorization via REST API Endpoints.\n\nhttps://github.com/RandomRobbieBF/CVE-2023-32117\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bGeoPincer\n\nA script that leverages OpenStreetMap's Overpass API in order to search for locations. These locations will be queried using a collection of establishments that are somewhat adjacent.\n\nhttps://github.com/tloja/GeoPincer\n\n#OSINT #cybersecurity #infosec\n\n\u200b\u200bAwesome Industrial Protocols\n\nCompilation of industrial network protocols resources focusing on offensive security.\n\n\u2022 You are currently viewing the Awesome Industrial Protocols page.\n\u2022 etailed pages for protocols are available in protocols.\n\u2022 All data is stored in MongoDB databases in db.\n\u2022 Turn/IP (in srcs) is a handy tool to manipulate this data, generate the awesome list and protocol pages, and simplify the research and test process on industrial protocols\n\nhttps://github.com/Orange-Cyberdefense/awesome-industrial-protocols\n\n#cybersecurity #infosec\n\n\u200b\u200bCVE-2023-36884-Checker\n\nScript to check for CVE-2023-36884 hardening.\n\nhttps://github.com/tarraschk/CVE-2023-36884-Checker\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bAlcatraz\n\nA x64 binary obfuscator that is able to obfuscate various different pe files including:\n\n\u2022 .exe\n\u2022 .dll\n\u2022 .sys\n\nhttps://github.com/weak1337/Alcatraz\n\n#infosec #pentesting #redteam\n\n\u200b\u200bCobalt Strike BOFs\n\nBeacon object files I made to use with #CobaltStrike.\n\nhttps://github.com/Und3rf10w/CobaltStrikeBOFs\n\n#infosec #pentesting #redteam\n\n\u200b\u200bWindows 11 Exploits\n\nCVE-2023-24892, CVE-2023-33131, CVE-2022-30129, CVE-2023-33137, CVE-2023-33145, CVE-2023-33148, CVE-2022-30190.\n\nhttps://github.com/nu11secur1ty/Windows11Exploits\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bADHunt v2.0\n\nA tool for enumerating Active Directory Enviroments looking for interesting AD objects, vulnerabilities, and misconfigurations. It currently uses a combination ldap queries and available tooling. It was built as a follow up to LinWinPwn.\n\nhttps://github.com/Auto19/ADHunt\n\n#infosec #pentesting #redteam\n\n\u200b\u200bIAMActionHunter\n\nIAMActionHunter is an IAM policy statement parser and query tool aims to simplify the process of collecting and understanding permission policy statements for users and roles in AWS Identity and Access Management (IAM). Although its functionality is straightforward, this tool was developed in response to the need for an efficient solution during day-to-day AWS penetration testing.\n\nhttps://github.com/RhinoSecurityLabs/IAMActionHunter\n\n#cybersecurity #infosec #pentesting\n\n\u200b\u200bSysPlant\n\nA small implementation in NIM of the currently known syscall hooking methods.\n\nhttps://github.com/x42en/sysplant\n\n#infosec #pentesting #redteam\n\n\u200b\u200bUnshackle\n\nOpen-source tool to bypass windows and linux passwords from bootable usb.\n\nhttps://github.com/Fadi002/unshackle\n\n#infosec #pentesting #redteam\n\n\u200b\u200bCASR\n\nCollect crash reports, triage, and estimate severity.\n\nhttps://github.com/ispras/casr\n\n#cybersecurity #infosec\n\n\u200b\u200bCVE-2023-27163\n\nTo assist in enumerating the webserver behind the webserver SSRF.\n\nhttps://github.com/seanrdev/cve-2023-27163\n\n#cve #cybersecurity #infosec\n\n\u200b\u200bCS2BR BOF\n\nYou would like to execute BOFs written for #CobaltStrike in #BruteRatel C4? Look no further, we got you covered! CS2BR implements a compatibility-layer that make CS BOFs use the BRC4 API. This allows you to use the vast landscape that is BOFs in BRC4.\n\nhttps://github.com/NVISOsecurity/cs2br-bof\n\nDetails:\nhttps://blog.nviso.eu/2023/07/17/introducing-cs2br-pt-ii-one-tool-to-port-them-all/\n \n#infosec #pentesting #redteam\n\n\u200b\u200bhypobrychium\n\nAV/EDR completely ignore me. Duplicate the token of a running process and run a command.\n\nhttps://github.com/foxlox/hypobrychium\n\n#cve #infosec\n\n2/3", "creation_timestamp": "2023-07-22T17:37:23.000000Z"} https://vulnerability.circl.lu/sighting/02bc0c27-e594-4d5e-a88a-809d7c27c96b/export Sat, 22 Jul 2023 17:37:23 +0000 https://vulnerability.circl.lu/sighting/3e6b9141-78d3-453f-826c-4970dad93520/export {"uuid": "3e6b9141-78d3-453f-826c-4970dad93520", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3012", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11806", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-3012\n\ud83d\udd25 CVSS Score: 6.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L)\n\ud83d\udd39 Description: A vulnerability was found in oretnom23 Fast Food Ordering System. It has been rated as critical. Affected by this issue is some unknown functionality of the file ffos/admin/reports/index.php. The manipulation of the argument date leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-207422 is the identifier assigned to this vulnerability.\n\ud83d\udccf Published: 2022-08-27T09:05:17.000Z\n\ud83d\udccf Modified: 2025-04-15T13:48:10.804Z\n\ud83d\udd17 References:\n1. https://github.com/0x14dli/ffos-SQL-injection-vulnerability-exists\n2. https://vuldb.com/?id.207422", "creation_timestamp": "2025-04-15T13:54:26.000000Z"} {"uuid": "3e6b9141-78d3-453f-826c-4970dad93520", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3012", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11806", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-3012\n\ud83d\udd25 CVSS Score: 6.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L)\n\ud83d\udd39 Description: A vulnerability was found in oretnom23 Fast Food Ordering System. It has been rated as critical. Affected by this issue is some unknown functionality of the file ffos/admin/reports/index.php. The manipulation of the argument date leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-207422 is the identifier assigned to this vulnerability.\n\ud83d\udccf Published: 2022-08-27T09:05:17.000Z\n\ud83d\udccf Modified: 2025-04-15T13:48:10.804Z\n\ud83d\udd17 References:\n1. https://github.com/0x14dli/ffos-SQL-injection-vulnerability-exists\n2. https://vuldb.com/?id.207422", "creation_timestamp": "2025-04-15T13:54:26.000000Z"} https://vulnerability.circl.lu/sighting/3e6b9141-78d3-453f-826c-4970dad93520/export Tue, 15 Apr 2025 13:54:26 +0000 https://vulnerability.circl.lu/sighting/8093abbf-ad50-4a34-8d70-d2f5dd4494cb/export {"uuid": "8093abbf-ad50-4a34-8d70-d2f5dd4494cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2022-30122", "type": "seen", "source": "https://bsky.app/profile/securitycipher.bsky.social/post/3mb46v7hjcv2h", "content": "", "creation_timestamp": "2025-12-29T06:18:32.902262Z"} {"uuid": "8093abbf-ad50-4a34-8d70-d2f5dd4494cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2022-30122", "type": "seen", "source": "https://bsky.app/profile/securitycipher.bsky.social/post/3mb46v7hjcv2h", "content": "", "creation_timestamp": "2025-12-29T06:18:32.902262Z"} https://vulnerability.circl.lu/sighting/8093abbf-ad50-4a34-8d70-d2f5dd4494cb/export Mon, 29 Dec 2025 06:18:32 +0000