Most recent sightings.

https://vulnerability.circl.lu/sightings/feed Most recent sightings. 2026-05-10T03:05:51.927208+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/3a68c1c4-6ab6-4859-8747-17ceb38448eb/export 3a68c1c4-6ab6-4859-8747-17ceb38448eb 2026-05-10T03:05:52.179130+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "3a68c1c4-6ab6-4859-8747-17ceb38448eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10290", "type": "seen", "source": "https://t.me/cvedetector/8701", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-10290 - ZZCMS Remote Information Disclosure Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-10290 \nPublished : Oct. 23, 2024, 3:15 p.m. | 42\u00a0minutes ago \nDescription : A vulnerability, which was classified as problematic, was found in ZZCMS 2023. This affects an unknown part of the file 3/qq-connect2.0/API/com/inc.php. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"23 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T18:13:36.000000Z"} 2024-10-23T18:13:36+00:00 https://vulnerability.circl.lu/sighting/15b99f3f-888d-4e3e-a8f6-076649aa5210/export 15b99f3f-888d-4e3e-a8f6-076649aa5210 2026-05-10T03:05:52.179041+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "15b99f3f-888d-4e3e-a8f6-076649aa5210", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10293", "type": "seen", "source": "https://t.me/cvedetector/8719", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-10293 - ZZCMS Unrestricted File Upload Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-10293 \nPublished : Oct. 23, 2024, 4:15 p.m. | 43\u00a0minutes ago \nDescription : A vulnerability was found in ZZCMS 2023. It has been classified as critical. Affected is the function Ebak_SetGotoPak of the file 3/Ebbak5.1/upload/class/functions.php. The manipulation of the argument file leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"23 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T19:04:04.000000Z"} 2024-10-23T19:04:04+00:00 https://vulnerability.circl.lu/sighting/6773f67a-75ca-444e-886d-e4468d0726c6/export 6773f67a-75ca-444e-886d-e4468d0726c6 2026-05-10T03:05:52.178951+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "6773f67a-75ca-444e-886d-e4468d0726c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10291", "type": "seen", "source": "https://t.me/cvedetector/8721", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-10291 - ZZCMS SQL Injection\", \n \"Content\": \"CVE ID : CVE-2024-10291 \nPublished : Oct. 23, 2024, 4:15 p.m. | 43\u00a0minutes ago \nDescription : A vulnerability has been found in ZZCMS 2023 and classified as critical. This vulnerability affects the function Ebak_DoExecSQL/Ebak_DotranExecutSQL of the file 3/Ebak5.1/upload/phome.php. The manipulation of the argument phome leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"23 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T19:04:05.000000Z"} 2024-10-23T19:04:05+00:00 https://vulnerability.circl.lu/sighting/485bb072-26f8-4463-9654-6d8d3ef20622/export 485bb072-26f8-4463-9654-6d8d3ef20622 2026-05-10T03:05:52.178863+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "485bb072-26f8-4463-9654-6d8d3ef20622", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10292", "type": "seen", "source": "https://t.me/cvedetector/8722", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-10292 - ZZCMS Unrestricted File Upload Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-10292 \nPublished : Oct. 23, 2024, 4:15 p.m. | 43\u00a0minutes ago \nDescription : A vulnerability was found in ZZCMS 2023 and classified as critical. This issue affects some unknown processing of the file 3/Ebak5.1/upload/ChangeTable.php. The manipulation of the argument savefilename leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"23 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T19:04:09.000000Z"} 2024-10-23T19:04:09+00:00 https://vulnerability.circl.lu/sighting/15bfb7fd-dea7-4556-bd73-fc376881e690/export 15bfb7fd-dea7-4556-bd73-fc376881e690 2026-05-10T03:05:52.178774+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "15bfb7fd-dea7-4556-bd73-fc376881e690", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10299", "type": "seen", "source": "https://t.me/cvedetector/8765", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-10299 - PHPGurukul Medical Card Generation System SQL Injection Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-10299 \nPublished : Oct. 23, 2024, 7:15 p.m. | 16\u00a0minutes ago \nDescription : A vulnerability classified as critical was found in PHPGurukul Medical Card Generation System 1.0. This vulnerability affects unknown code of the file /admin/view-card-detail.php of the component Managecard View Detail Page. The manipulation of the argument viewid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 4.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"23 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T21:35:28.000000Z"} 2024-10-23T21:35:28+00:00 https://vulnerability.circl.lu/sighting/97c72b5a-477b-49cf-aa26-9de99cd0e1fb/export 97c72b5a-477b-49cf-aa26-9de99cd0e1fb 2026-05-10T03:05:52.178678+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "97c72b5a-477b-49cf-aa26-9de99cd0e1fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10298", "type": "seen", "source": "https://t.me/cvedetector/8766", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-10298 - PHPGurukul Medical Card Generation System SQL Injection Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-10298 \nPublished : Oct. 23, 2024, 7:15 p.m. | 16\u00a0minutes ago \nDescription : A vulnerability classified as critical has been found in PHPGurukul Medical Card Generation System 1.0. This affects an unknown part of the file /admin/edit-card-detail.php of the component Managecard Edit Card Detail Page. The manipulation of the argument editid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 4.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"23 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T21:35:29.000000Z"} 2024-10-23T21:35:29+00:00 https://vulnerability.circl.lu/sighting/108e5cc6-6589-4b2c-ad0d-d1986b55b9d6/export 108e5cc6-6589-4b2c-ad0d-d1986b55b9d6 2026-05-10T03:05:52.178579+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "108e5cc6-6589-4b2c-ad0d-d1986b55b9d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10295", "type": "seen", "source": "https://t.me/cvedetector/8830", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-10295 - Gateway APICast Basic Authentication Base64 Decoding Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-10295 \nPublished : Oct. 24, 2024, 6:15 p.m. | 41\u00a0minutes ago \nDescription : A flaw was found in Gateway. Sending a non-base64 'basic' auth with special characters can cause APICast to incorrectly authenticate a request. A malformed basic authentication header containing special characters bypasses authentication and allows unauthorized access to the backend. This issue can occur due to a failure in the base64 decoding process, which causes APICast to skip the rest of the authentication checks and proceed with routing the request upstream. \nSeverity: 5.9 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"24 Oct 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-24T21:00:25.000000Z"} 2024-10-24T21:00:25+00:00 https://vulnerability.circl.lu/sighting/438f897f-2279-4ee8-94e5-5be2650e8917/export 438f897f-2279-4ee8-94e5-5be2650e8917 2026-05-10T03:05:52.178473+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "438f897f-2279-4ee8-94e5-5be2650e8917", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10294", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113450679763333510", "content": "", "creation_timestamp": "2024-11-09T02:39:51.934320Z"} 2024-11-09T02:39:51.934320+00:00 https://vulnerability.circl.lu/sighting/4b2bb10a-943a-4d01-a237-5b3b81c68353/export 4b2bb10a-943a-4d01-a237-5b3b81c68353 2026-05-10T03:05:52.178338+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "4b2bb10a-943a-4d01-a237-5b3b81c68353", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10294", "type": "seen", "source": "https://t.me/cvedetector/10262", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-10294 - WordPress CE21 Suite Unauthorized Settings Modification RCE\", \n \"Content\": \"CVE ID : CVE-2024-10294 \nPublished : Nov. 9, 2024, 3:15 a.m. | 37\u00a0minutes ago \nDescription : The CE21 Suite plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'ce21_single_sign_on_save_api_settings' function in versions up to, and including, 2.2.0. This makes it possible for unauthenticated attackers to change plugin settings. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"09 Nov 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-09T04:55:26.000000Z"} 2024-11-09T04:55:26+00:00 https://vulnerability.circl.lu/sighting/727e8473-311f-4192-a326-035a7a74a4a0/export 727e8473-311f-4192-a326-035a7a74a4a0 2026-05-10T03:05:52.176760+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "727e8473-311f-4192-a326-035a7a74a4a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10294", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/3393", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-10294\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2024-11-09T03:15:04.647\n\ud83d\udccf Modified: N/A\n\ud83d\udd17 References:\n1. https://plugins.trac.wordpress.org/browser/ce21-suite/trunk/includes/ce21-functions.php?rev=3097700#L340\n2. https://www.wordfence.com/threat-intel/vulnerabilities/id/cd6ce97c-fd80-4c43-a4d2-02aa91d11fac?source=cve", "creation_timestamp": "2025-01-29T19:18:35.000000Z"} 2025-01-29T19:18:35+00:00