https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sat, 09 May 2026 17:05:23 +0000 https://vulnerability.circl.lu/sighting/0f549bb9-75a9-45b5-8ce3-57c77adae196/export {"uuid": "0f549bb9-75a9-45b5-8ce3-57c77adae196", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31298", "type": "seen", "source": "https://t.me/cibsecurity/44641", "content": "\u203c CVE-2022-31298 \u203c\n\nA cross-site scripting vulnerability in the ads comment section of Haraj v3.7 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-16T20:21:37.000000Z"} {"uuid": "0f549bb9-75a9-45b5-8ce3-57c77adae196", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31298", "type": "seen", "source": "https://t.me/cibsecurity/44641", "content": "\u203c CVE-2022-31298 \u203c\n\nA cross-site scripting vulnerability in the ads comment section of Haraj v3.7 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-16T20:21:37.000000Z"} https://vulnerability.circl.lu/sighting/0f549bb9-75a9-45b5-8ce3-57c77adae196/export Thu, 16 Jun 2022 20:21:37 +0000 https://vulnerability.circl.lu/sighting/6e36d92c-3a30-47e3-b071-14eee1441e3c/export {"uuid": "6e36d92c-3a30-47e3-b071-14eee1441e3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31294", "type": "seen", "source": "https://t.me/cibsecurity/44684", "content": "\u203c CVE-2022-31294 \u203c\n\nAn issue in the save_users() function of Online Discussion Forum Site 1 allows unauthenticated attackers to arbitrarily create or update user accounts.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-16T22:21:04.000000Z"} {"uuid": "6e36d92c-3a30-47e3-b071-14eee1441e3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31294", "type": "seen", "source": "https://t.me/cibsecurity/44684", "content": "\u203c CVE-2022-31294 \u203c\n\nAn issue in the save_users() function of Online Discussion Forum Site 1 allows unauthenticated attackers to arbitrarily create or update user accounts.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-16T22:21:04.000000Z"} https://vulnerability.circl.lu/sighting/6e36d92c-3a30-47e3-b071-14eee1441e3c/export Thu, 16 Jun 2022 22:21:04 +0000 https://vulnerability.circl.lu/sighting/d5b77a9a-c604-4fc0-8c81-5dbf73617e7b/export {"uuid": "d5b77a9a-c604-4fc0-8c81-5dbf73617e7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31295", "type": "seen", "source": "https://t.me/cibsecurity/44694", "content": "\u203c CVE-2022-31295 \u203c\n\nAn issue in the delete_post() function of Online Discussion Forum Site 1 allows unauthenticated attackers to arbitrarily delete posts.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-17T00:23:57.000000Z"} {"uuid": "d5b77a9a-c604-4fc0-8c81-5dbf73617e7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31295", "type": "seen", "source": "https://t.me/cibsecurity/44694", "content": "\u203c CVE-2022-31295 \u203c\n\nAn issue in the delete_post() function of Online Discussion Forum Site 1 allows unauthenticated attackers to arbitrarily delete posts.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-17T00:23:57.000000Z"} https://vulnerability.circl.lu/sighting/d5b77a9a-c604-4fc0-8c81-5dbf73617e7b/export Fri, 17 Jun 2022 00:23:57 +0000 https://vulnerability.circl.lu/sighting/3cbdb7b8-1695-42dc-8e3f-eee5c0953a2c/export {"uuid": "3cbdb7b8-1695-42dc-8e3f-eee5c0953a2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31299", "type": "seen", "source": "https://t.me/cibsecurity/44696", "content": "\u203c CVE-2022-31299 \u203c\n\nHaraj v3.7 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the User Upgrade Form.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-17T02:21:54.000000Z"} {"uuid": "3cbdb7b8-1695-42dc-8e3f-eee5c0953a2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31299", "type": "seen", "source": "https://t.me/cibsecurity/44696", "content": "\u203c CVE-2022-31299 \u203c\n\nHaraj v3.7 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the User Upgrade Form.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-17T02:21:54.000000Z"} https://vulnerability.circl.lu/sighting/3cbdb7b8-1695-42dc-8e3f-eee5c0953a2c/export Fri, 17 Jun 2022 02:21:54 +0000 https://vulnerability.circl.lu/sighting/c53f257f-2abc-474e-961a-0c19807ba7c4/export {"uuid": "c53f257f-2abc-474e-961a-0c19807ba7c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31296", "type": "seen", "source": "https://t.me/cibsecurity/44730", "content": "\u203c CVE-2022-31296 \u203c\n\nOnline Discussion Forum Site 1 was discovered to contain a blind SQL injection vulnerability via the component /odfs/posts/view_post.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-17T16:23:41.000000Z"} {"uuid": "c53f257f-2abc-474e-961a-0c19807ba7c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31296", "type": "seen", "source": "https://t.me/cibsecurity/44730", "content": "\u203c CVE-2022-31296 \u203c\n\nOnline Discussion Forum Site 1 was discovered to contain a blind SQL injection vulnerability via the component /odfs/posts/view_post.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-17T16:23:41.000000Z"} https://vulnerability.circl.lu/sighting/c53f257f-2abc-474e-961a-0c19807ba7c4/export Fri, 17 Jun 2022 16:23:41 +0000 https://vulnerability.circl.lu/sighting/c43fb0e5-8f1e-4e80-abb7-c912f303ffaf/export {"uuid": "c43fb0e5-8f1e-4e80-abb7-c912f303ffaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31290", "type": "seen", "source": "https://t.me/cibsecurity/45804", "content": "\u203c CVE-2022-31290 \u203c\n\nA cross-site scripting (XSS) vulnerability in Known v1.2.2+2020061101 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Your Name text field.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-08T16:16:21.000000Z"} {"uuid": "c43fb0e5-8f1e-4e80-abb7-c912f303ffaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31290", "type": "seen", "source": "https://t.me/cibsecurity/45804", "content": "\u203c CVE-2022-31290 \u203c\n\nA cross-site scripting (XSS) vulnerability in Known v1.2.2+2020061101 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Your Name text field.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-08T16:16:21.000000Z"} https://vulnerability.circl.lu/sighting/c43fb0e5-8f1e-4e80-abb7-c912f303ffaf/export Fri, 08 Jul 2022 16:16:21 +0000 https://vulnerability.circl.lu/sighting/199c72cb-6fa1-4514-9c08-4e388b2f7e28/export {"uuid": "199c72cb-6fa1-4514-9c08-4e388b2f7e28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3129", "type": "seen", "source": "https://t.me/cibsecurity/49404", "content": "\u203c CVE-2022-3129 \u203c\n\nA vulnerability was found in codeprojects Online Driving School. It has been rated as critical. Affected by this issue is some unknown functionality of the file /registration.php. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-207872.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-08T00:14:24.000000Z"} {"uuid": "199c72cb-6fa1-4514-9c08-4e388b2f7e28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3129", "type": "seen", "source": "https://t.me/cibsecurity/49404", "content": "\u203c CVE-2022-3129 \u203c\n\nA vulnerability was found in codeprojects Online Driving School. It has been rated as critical. Affected by this issue is some unknown functionality of the file /registration.php. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-207872.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-08T00:14:24.000000Z"} https://vulnerability.circl.lu/sighting/199c72cb-6fa1-4514-9c08-4e388b2f7e28/export Thu, 08 Sep 2022 00:14:24 +0000 https://vulnerability.circl.lu/sighting/31709c50-c473-406e-84da-f1b7901577fc/export {"uuid": "31709c50-c473-406e-84da-f1b7901577fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31291", "type": "seen", "source": "https://t.me/cibsecurity/44657", "content": "\u203c CVE-2022-31291 \u203c\n\nAn issue in dlt_config_file_parser.c of dlt-daemon v2.18.8 allows attackers to cause a double free via crafted TCP packets.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-27T16:57:24.000000Z"} {"uuid": "31709c50-c473-406e-84da-f1b7901577fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31291", "type": "seen", "source": "https://t.me/cibsecurity/44657", "content": "\u203c CVE-2022-31291 \u203c\n\nAn issue in dlt_config_file_parser.c of dlt-daemon v2.18.8 allows attackers to cause a double free via crafted TCP packets.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-27T16:57:24.000000Z"} https://vulnerability.circl.lu/sighting/31709c50-c473-406e-84da-f1b7901577fc/export Thu, 27 Oct 2022 16:57:24 +0000 https://vulnerability.circl.lu/sighting/e494bd2a-2443-4e2a-8812-2bd0fad98776/export {"uuid": "e494bd2a-2443-4e2a-8812-2bd0fad98776", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3129", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11812", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-3129\n\ud83d\udd25 CVSS Score: 6.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L)\n\ud83d\udd39 Description: A vulnerability was found in codeprojects Online Driving School. It has been rated as critical. Affected by this issue is some unknown functionality of the file /registration.php. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-207872.\n\ud83d\udccf Published: 2022-09-07T19:50:12.000Z\n\ud83d\udccf Modified: 2025-04-15T13:47:22.638Z\n\ud83d\udd17 References:\n1. https://github.com/KingBridgeSS/Online_Driving_School_Project_In_PHP_With_Source_Code_Vulnerabilities/blob/main/arbitrary_file_upload.md\n2. https://vuldb.com/?id.207872", "creation_timestamp": "2025-04-15T13:54:35.000000Z"} {"uuid": "e494bd2a-2443-4e2a-8812-2bd0fad98776", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3129", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11812", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-3129\n\ud83d\udd25 CVSS Score: 6.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L)\n\ud83d\udd39 Description: A vulnerability was found in codeprojects Online Driving School. It has been rated as critical. Affected by this issue is some unknown functionality of the file /registration.php. The manipulation leads to unrestricted upload. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-207872.\n\ud83d\udccf Published: 2022-09-07T19:50:12.000Z\n\ud83d\udccf Modified: 2025-04-15T13:47:22.638Z\n\ud83d\udd17 References:\n1. https://github.com/KingBridgeSS/Online_Driving_School_Project_In_PHP_With_Source_Code_Vulnerabilities/blob/main/arbitrary_file_upload.md\n2. https://vuldb.com/?id.207872", "creation_timestamp": "2025-04-15T13:54:35.000000Z"} https://vulnerability.circl.lu/sighting/e494bd2a-2443-4e2a-8812-2bd0fad98776/export Tue, 15 Apr 2025 13:54:35 +0000