<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<feed xmlns="http://www.w3.org/2005/Atom" xml:lang="en">
  <id>https://vulnerability.circl.lu/sightings/feed</id>
  <title>Most recent sightings.</title>
  <updated>2026-07-06T10:18:00.938510+00:00</updated>
  <author>
    <name>Vulnerability-Lookup</name>
    <email>info@circl.lu</email>
  </author>
  <link href="https://vulnerability.circl.lu" rel="alternate"/>
  <generator uri="https://lkiesow.github.io/python-feedgen" version="1.0.0">python-feedgen</generator>
  <subtitle>Contains only the most 10 recent sightings.</subtitle>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/70b91d4d-f7f7-48cb-a5cc-cfdf9249bb78/export</id>
    <title>70b91d4d-f7f7-48cb-a5cc-cfdf9249bb78</title>
    <updated>2026-07-06T10:18:00.966800+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "70b91d4d-f7f7-48cb-a5cc-cfdf9249bb78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1248", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3mpucatwqst2o", "content": "CVE-2024-1248 - Role Overwriting via Silent JIT Provisioning in Multiple WSO2 Products Enables Privilege Escalation\nCVE ID : CVE-2024-1248\n \n Published : 4 juillet 2026 20:38 | 1\u00a0heure, 37\u00a0minutes ago\n \n Description : The silent Just-In-Time (JIT) provisioning feature in feder...", "creation_timestamp": "2026-07-05T00:15:20.813316Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/70b91d4d-f7f7-48cb-a5cc-cfdf9249bb78/export"/>
    <published>2026-07-05T00:15:20.813316+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/f2e77252-01ae-4845-8cf0-6b1fc4aa5946/export</id>
    <title>f2e77252-01ae-4845-8cf0-6b1fc4aa5946</title>
    <updated>2026-07-06T10:18:00.969994+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "f2e77252-01ae-4845-8cf0-6b1fc4aa5946", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12483", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3ln6ztjr7xy27", "content": "", "creation_timestamp": "2025-04-19T21:02:18.362242Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/f2e77252-01ae-4845-8cf0-6b1fc4aa5946/export"/>
    <published>2025-04-19T21:02:18.362242+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/6da888a7-7055-4890-97d5-6a6e1d48b93d/export</id>
    <title>6da888a7-7055-4890-97d5-6a6e1d48b93d</title>
    <updated>2026-07-06T10:18:00.970163+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "6da888a7-7055-4890-97d5-6a6e1d48b93d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12485", "type": "seen", "source": "https://t.me/cvedetector/12658", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12485 - Code-projects Online Class and Exam Scheduling System SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12485 \nPublished : Dec. 12, 2024, 1:40 a.m. | 10\u00a0minutes ago \nDescription : A vulnerability, which was classified as critical, has been found in code-projects Online Class and Exam Scheduling System 1.0. This issue affects some unknown processing of the file /pages/department.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-12T02:56:35.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/6da888a7-7055-4890-97d5-6a6e1d48b93d/export"/>
    <published>2024-12-12T02:56:35+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/0b08049d-d5b5-4d12-a096-8b66bc13b52b/export</id>
    <title>0b08049d-d5b5-4d12-a096-8b66bc13b52b</title>
    <updated>2026-07-06T10:18:00.970287+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "0b08049d-d5b5-4d12-a096-8b66bc13b52b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12484", "type": "seen", "source": "https://t.me/cvedetector/12657", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12484 - Codezips Technical Discussion Forum SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-12484 \nPublished : Dec. 12, 2024, 1:40 a.m. | 10\u00a0minutes ago \nDescription : A vulnerability classified as critical was found in Codezips Technical Discussion Forum 1.0. This vulnerability affects unknown code of the file /signuppost.php. The manipulation of the argument Username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-12T02:56:34.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/0b08049d-d5b5-4d12-a096-8b66bc13b52b/export"/>
    <published>2024-12-12T02:56:34+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/2b73404a-4cf9-4893-ba49-783d54f14547/export</id>
    <title>2b73404a-4cf9-4893-ba49-783d54f14547</title>
    <updated>2026-07-06T10:18:00.970409+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "2b73404a-4cf9-4893-ba49-783d54f14547", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12482", "type": "seen", "source": "https://t.me/cvedetector/12655", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12482 - \"Wetech-cms Path Traversal Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-12482 \nPublished : Dec. 12, 2024, 1:40 a.m. | 10\u00a0minutes ago \nDescription : A vulnerability was found in cjbi wetech-cms 1.0/1.1/1.2. It has been rated as problematic. Affected by this issue is the function backup of the file wetech-cms-master\\wetech-basic-common\\src\\main\\java\\tech\\wetech\\basic\\util\\BackupFileUtil.java of the component Database Backup Handler. The manipulation of the argument name leads to path traversal: '../filedir'. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-12T02:56:33.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/2b73404a-4cf9-4893-ba49-783d54f14547/export"/>
    <published>2024-12-12T02:56:33+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/250b6bee-8d91-4b7d-8473-f4a2c6678f89/export</id>
    <title>250b6bee-8d91-4b7d-8473-f4a2c6678f89</title>
    <updated>2026-07-06T10:18:00.970542+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "250b6bee-8d91-4b7d-8473-f4a2c6678f89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12483", "type": "seen", "source": "https://t.me/cvedetector/12656", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12483 - Dromara UJCMS Authorization Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12483 \nPublished : Dec. 12, 2024, 1:40 a.m. | 10\u00a0minutes ago \nDescription : A vulnerability classified as problematic has been found in Dromara UJCMS up to 9.6.3. This affects an unknown part of the file /users/id of the component User ID Handler. The manipulation leads to authorization bypass. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. \nSeverity: 3.7 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-12T02:56:33.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/250b6bee-8d91-4b7d-8473-f4a2c6678f89/export"/>
    <published>2024-12-12T02:56:33+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/a7387abe-f13d-4b3e-a642-86e30a86d234/export</id>
    <title>a7387abe-f13d-4b3e-a642-86e30a86d234</title>
    <updated>2026-07-06T10:18:00.970669+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "a7387abe-f13d-4b3e-a642-86e30a86d234", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12481", "type": "seen", "source": "https://t.me/cvedetector/12654", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12481 - Apache Wetech-CMS SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-12481 \nPublished : Dec. 12, 2024, 1:40 a.m. | 10\u00a0minutes ago \nDescription : A vulnerability was found in cjbi wetech-cms 1.0/1.1/1.2. It has been declared as critical. Affected by this vulnerability is the function findUser of the file wetech-cms-master\\wetech-core\\src\\main\\java\\tech\\wetech\\cms\\dao\\UserDao.java. The manipulation of the argument searchValue/gId/rId leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-12T02:56:32.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/a7387abe-f13d-4b3e-a642-86e30a86d234/export"/>
    <published>2024-12-12T02:56:32+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/c436a613-38e5-4e42-b455-30e9fd954cec/export</id>
    <title>c436a613-38e5-4e42-b455-30e9fd954cec</title>
    <updated>2026-07-06T10:18:00.970792+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "c436a613-38e5-4e42-b455-30e9fd954cec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12480", "type": "seen", "source": "https://t.me/cvedetector/12653", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12480 - Vulnerability Title: CJBI Wetech-CMS SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-12480 \nPublished : Dec. 12, 2024, 1:40 a.m. | 10\u00a0minutes ago \nDescription : A vulnerability was found in cjbi wetech-cms 1.0/1.1/1.2. It has been classified as critical. Affected is the function searchTopic of the file wetech-cms-master\\wetech-core\\src\\main\\java\\tech\\wetech\\cms\\dao\\TopicDao.java. The manipulation of the argument con leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-12T02:56:28.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/c436a613-38e5-4e42-b455-30e9fd954cec/export"/>
    <published>2024-12-12T02:56:28+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/d8e2bc53-1b3f-4aea-89c6-a4f62d7699f0/export</id>
    <title>d8e2bc53-1b3f-4aea-89c6-a4f62d7699f0</title>
    <updated>2026-07-06T10:18:00.970901+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "d8e2bc53-1b3f-4aea-89c6-a4f62d7699f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12489", "type": "seen", "source": "https://t.me/cvedetector/12652", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12489 - \"Code-projects Online Class and Exam Scheduling System SQL Injection Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-12489 \nPublished : Dec. 12, 2024, 1:40 a.m. | 10\u00a0minutes ago \nDescription : A vulnerability was found in code-projects Online Class and Exam Scheduling System 1.0. It has been classified as critical. This affects an unknown part of the file /pages/term.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-12T02:56:28.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/d8e2bc53-1b3f-4aea-89c6-a4f62d7699f0/export"/>
    <published>2024-12-12T02:56:28+00:00</published>
  </entry>
  <entry>
    <id>https://vulnerability.circl.lu/sighting/e168330c-340d-4b16-8f5e-ab157e2e5d3c/export</id>
    <title>e168330c-340d-4b16-8f5e-ab157e2e5d3c</title>
    <updated>2026-07-06T10:18:00.971006+00:00</updated>
    <author>
      <name>Automation user</name>
      <uri>https://cve.circl.lu/user/automation</uri>
    </author>
    <content>{"uuid": "e168330c-340d-4b16-8f5e-ab157e2e5d3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12488", "type": "seen", "source": "https://t.me/cvedetector/12651", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12488 - Code-projects Online Class and Exam Scheduling System SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12488 \nPublished : Dec. 12, 2024, 1:40 a.m. | 10\u00a0minutes ago \nDescription : A vulnerability was found in code-projects Online Class and Exam Scheduling System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /pages/subject_update.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-12T02:56:27.000000Z"}</content>
    <link href="https://vulnerability.circl.lu/sighting/e168330c-340d-4b16-8f5e-ab157e2e5d3c/export"/>
    <published>2024-12-12T02:56:27+00:00</published>
  </entry>
</feed>
