https://vulnerability.circl.lu/sightings/feed 2026-06-15T02:44:08.734207+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/e7a3f07f-0f0d-41d5-ad72-198d3bcfa252/export 2026-06-15T02:44:09.031569+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "e7a3f07f-0f0d-41d5-ad72-198d3bcfa252", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23779", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6670", "content": "#exploit\n1. CVE-2022-23779:\nInternal Hostname Disclosure Vulnerability\nhttps://github.com/Vulnmachines/Zoho_CVE-2022-23779\n\n2. CVE-2022-37153:\nXSS vulnerability in Artica Proxy 4.30.0\nhttps://github.com/Fjowel/CVE-2022-37153\n\n3. CVE-2022-1802 + CVE-2022-1529 + CVE-2022-2200:\nMozilla Firefox RCE + SBX full chain complete\nhttps://github.com/mistymntncop/CVE-2022-1802", "creation_timestamp": "2022-08-25T15:01:03.000000Z"} 2022-08-25T15:01:03+00:00 https://vulnerability.circl.lu/sighting/db389376-7b60-4f21-89c6-3bc3e36d1db7/export 2026-06-15T02:44:09.031439+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "db389376-7b60-4f21-89c6-3bc3e36d1db7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23779", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/952", "content": "CVE-2022-23779\n\u0412\u043e\u0442 \u0441\u0435\u0439\u0447\u0430\u0441 \u0441\u043c\u0435\u0448\u043d\u043e \u0431\u0443\u0434\u0435\u0442\nZoho Internal Hostname Disclosure Vulnerability\nStep 1: curl -ILk https://IP:port/themes\nStep 2: Read the HTTP redirect response and anaylze the Location HTTP response header.\n*\nBONUS #Shodan : title:\"ManageEngine Desktop Central 10\"\ngithub\n#zoho #funnyExploit", "creation_timestamp": "2022-09-06T17:34:37.000000Z"} 2022-09-06T17:34:37+00:00 https://vulnerability.circl.lu/sighting/fefe22ea-ccb5-4f0e-96b9-3b2cff27221d/export 2026-06-15T02:44:09.031324+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "fefe22ea-ccb5-4f0e-96b9-3b2cff27221d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23779", "type": "published-proof-of-concept", "source": "Telegram/tYT7tTTfhGxqZ9lCl1roOH_fSnqZvveWSp3QRbA5RMgY4O0", "content": "", "creation_timestamp": "2022-09-12T18:40:13.000000Z"} 2022-09-12T18:40:13+00:00 https://vulnerability.circl.lu/sighting/37290469-5bd8-42bd-a8b8-b4a00fb4efad/export 2026-06-15T02:44:09.031199+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "37290469-5bd8-42bd-a8b8-b4a00fb4efad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23770", "type": "seen", "source": "https://t.me/cibsecurity/51609", "content": "\u203c CVE-2022-23770 \u203c\n\nThis vulnerability could allow a remote attacker to execute remote commands with improper validation of parameters of certain API constructors. Remote attackers could use this vulnerability to execute malicious commands such as directory traversal.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-17T20:13:27.000000Z"} 2022-10-17T20:13:27+00:00 https://vulnerability.circl.lu/sighting/238ceba9-4892-4a76-8daa-4384b68e2846/export 2026-06-15T02:44:09.031070+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "238ceba9-4892-4a76-8daa-4384b68e2846", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23771", "type": "seen", "source": "https://t.me/cibsecurity/51614", "content": "\u203c CVE-2022-23771 \u203c\n\nThis vulnerability occurs in user accounts creation and deleteion related pages of IPTIME NAS products. The vulnerability could be exploited by a lack of validation when a POST request is made to this page. An attacker can use this vulnerability to or delete user accounts, or to escalate arbitrary user privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-17T20:13:32.000000Z"} 2022-10-17T20:13:32+00:00 https://vulnerability.circl.lu/sighting/9c85bccd-1373-4c21-9de7-406b2dfde836/export 2026-06-15T02:44:09.030940+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "9c85bccd-1373-4c21-9de7-406b2dfde836", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23773", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7959", "content": "#exploit\n1. CVE-2022-23773:\ncmd/go in Go <1.16.14, 1.17.x - 1.17.7 can misinterpret branch names that falsely appear to be version tags (incorrect access control)\nhttps://github.com/Liuyushung/CVE-2022-23773-Reproduce\n\n2. Privilege Escalation in Windows 7/8/10 through Atom Table Hijacking\nhttps://github.com/SleepTheGod/Windows-Atom-Table-Hijacking", "creation_timestamp": "2023-03-20T11:00:50.000000Z"} 2023-03-20T11:00:50+00:00 https://vulnerability.circl.lu/sighting/8b4dc983-0550-4eef-83ff-11e07bf748f2/export 2026-06-15T02:44:09.030819+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "8b4dc983-0550-4eef-83ff-11e07bf748f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23773", "type": "published-proof-of-concept", "source": "Telegram/-lA5S7bF_9fg00AkY0276s8aRc0a8omHD1XMrZmagJv5s5U", "content": "", "creation_timestamp": "2023-03-20T18:22:35.000000Z"} 2023-03-20T18:22:35+00:00 https://vulnerability.circl.lu/sighting/6d33b2b9-57c5-42bc-bb07-93034fa1e4ad/export 2026-06-15T02:44:09.030690+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "6d33b2b9-57c5-42bc-bb07-93034fa1e4ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23773", "type": "published-proof-of-concept", "source": "Telegram/Hf1ne2KE1RxRMHH1MuIpxYeGJo5De7WS5II8RmNn3nXZte8", "content": "", "creation_timestamp": "2023-03-28T18:19:12.000000Z"} 2023-03-28T18:19:12+00:00 https://vulnerability.circl.lu/sighting/8a7b36b6-95f9-4cc9-a925-f54f5b6b47af/export 2026-06-15T02:44:09.030512+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "8a7b36b6-95f9-4cc9-a925-f54f5b6b47af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23771", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/15755", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-23771\n\ud83d\udd25 CVSS Score: 8 (cvssV3_1, Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: This vulnerability occurs in user accounts creation and deleteion related pages of IPTIME NAS products. The vulnerability could be exploited by a lack of validation when a POST request is made to this page. An attacker can use this vulnerability to or delete user accounts, or to escalate arbitrary user privileges.\n\ud83d\udccf Published: 2022-10-17T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-09T14:49:10.046Z\n\ud83d\udd17 References:\n1. https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=66964", "creation_timestamp": "2025-05-09T15:25:50.000000Z"} 2025-05-09T15:25:50+00:00 https://vulnerability.circl.lu/sighting/d4a77e21-8233-403c-af0c-ca966b689590/export 2026-06-15T02:44:09.028465+00:00 Automation user https://cve.circl.lu/user/automation {"uuid": "d4a77e21-8233-403c-af0c-ca966b689590", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-23779", "type": "published-proof-of-concept", "source": "Telegram/kEi9aG3in_m6wEBgriTJElzfBktIEkXFyp3h_KxyuN5JDe4", "content": "", "creation_timestamp": "2026-01-10T09:00:04.000000Z"} 2026-01-10T09:00:04+00:00