https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Thu, 25 Jun 2026 07:01:20 +0000 https://vulnerability.circl.lu/sighting/bbdcc57f-e8db-4163-9603-9dd3bb7af093/export {"uuid": "bbdcc57f-e8db-4163-9603-9dd3bb7af093", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4737", "type": "seen", "source": "https://t.me/cibsecurity/55309", "content": "\u203c CVE-2022-4737 \u203c\n\nA vulnerability was found in SourceCodester Blood Bank Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file login.php. The manipulation of the argument username/password leads to sql injection. The attack may be initiated remotely. The identifier VDB-216773 was assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-25T22:40:10.000000Z"} {"uuid": "bbdcc57f-e8db-4163-9603-9dd3bb7af093", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4737", "type": "seen", "source": "https://t.me/cibsecurity/55309", "content": "\u203c CVE-2022-4737 \u203c\n\nA vulnerability was found in SourceCodester Blood Bank Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file login.php. The manipulation of the argument username/password leads to sql injection. The attack may be initiated remotely. The identifier VDB-216773 was assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-25T22:40:10.000000Z"} https://vulnerability.circl.lu/sighting/bbdcc57f-e8db-4163-9603-9dd3bb7af093/export Sun, 25 Dec 2022 22:40:10 +0000 https://vulnerability.circl.lu/sighting/a738b230-24dc-4312-b9c7-136813c5baa2/export {"uuid": "a738b230-24dc-4312-b9c7-136813c5baa2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47372", "type": "seen", "source": "https://t.me/cibsecurity/58201", "content": "\u203c CVE-2022-47372 \u203c\n\nStored cross-site scripting vulnerability in the Create event section in Pandora FMS Console v766 and lower. An attacker typically exploits this vulnerability by injecting XSS payloads on popular pages of a site or passing a link to a victim, tricking them into viewing the page that contains the stored XSS payload.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-15T07:36:12.000000Z"} {"uuid": "a738b230-24dc-4312-b9c7-136813c5baa2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47372", "type": "seen", "source": "https://t.me/cibsecurity/58201", "content": "\u203c CVE-2022-47372 \u203c\n\nStored cross-site scripting vulnerability in the Create event section in Pandora FMS Console v766 and lower. An attacker typically exploits this vulnerability by injecting XSS payloads on popular pages of a site or passing a link to a victim, tricking them into viewing the page that contains the stored XSS payload.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-15T07:36:12.000000Z"} https://vulnerability.circl.lu/sighting/a738b230-24dc-4312-b9c7-136813c5baa2/export Wed, 15 Feb 2023 07:36:12 +0000 https://vulnerability.circl.lu/sighting/82184166-42d5-48f2-8275-95ed1cb5377a/export {"uuid": "82184166-42d5-48f2-8275-95ed1cb5377a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47373", "type": "seen", "source": "https://t.me/cibsecurity/58210", "content": "\u203c CVE-2022-47373 \u203c\n\nReflected Cross Site Scripting in Search Functionality of Module Library in Pandora FMS Console v766 and lower. This vulnerability arises on the forget password functionality in which parameter username does not proper input validation/sanitization thus results in executing malicious JavaScript payload.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-15T07:36:24.000000Z"} {"uuid": "82184166-42d5-48f2-8275-95ed1cb5377a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47373", "type": "seen", "source": "https://t.me/cibsecurity/58210", "content": "\u203c CVE-2022-47373 \u203c\n\nReflected Cross Site Scripting in Search Functionality of Module Library in Pandora FMS Console v766 and lower. This vulnerability arises on the forget password functionality in which parameter username does not proper input validation/sanitization thus results in executing malicious JavaScript payload.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-15T07:36:24.000000Z"} https://vulnerability.circl.lu/sighting/82184166-42d5-48f2-8275-95ed1cb5377a/export Wed, 15 Feb 2023 07:36:24 +0000 https://vulnerability.circl.lu/sighting/5ca56cbc-6654-4a26-b3ff-4d0a1e9b2207/export {"uuid": "5ca56cbc-6654-4a26-b3ff-4d0a1e9b2207", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47378", "type": "seen", "source": "https://t.me/cibsecurity/64086", "content": "\u203c CVE-2022-47378 \u203c\n\nMultiple CODESYS products in multiple versions are prone to a improper input validation vulnerability. An authenticated remote attacker may craft specific requests that use the vulnerability leading to a denial-of-service condition.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-15T14:29:27.000000Z"} {"uuid": "5ca56cbc-6654-4a26-b3ff-4d0a1e9b2207", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47378", "type": "seen", "source": "https://t.me/cibsecurity/64086", "content": "\u203c CVE-2022-47378 \u203c\n\nMultiple CODESYS products in multiple versions are prone to a improper input validation vulnerability. An authenticated remote attacker may craft specific requests that use the vulnerability leading to a denial-of-service condition.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-15T14:29:27.000000Z"} https://vulnerability.circl.lu/sighting/5ca56cbc-6654-4a26-b3ff-4d0a1e9b2207/export Mon, 15 May 2023 14:29:27 +0000 https://vulnerability.circl.lu/sighting/c2029847-1a07-4922-8998-3266feea8613/export {"uuid": "c2029847-1a07-4922-8998-3266feea8613", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47379", "type": "seen", "source": "https://t.me/cibsecurity/64101", "content": "\u203c CVE-2022-47379 \u203c\n\nAn authenticated, remote attacker may use a out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into memory which can lead\u00c2\u00a0to a denial-of-service condition, memory overwriting, or remote code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-15T14:29:49.000000Z"} {"uuid": "c2029847-1a07-4922-8998-3266feea8613", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47379", "type": "seen", "source": "https://t.me/cibsecurity/64101", "content": "\u203c CVE-2022-47379 \u203c\n\nAn authenticated, remote attacker may use a out-of-bounds write vulnerability in multiple CODESYS products in multiple versions to write data into memory which can lead\u00c2\u00a0to a denial-of-service condition, memory overwriting, or remote code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-15T14:29:49.000000Z"} https://vulnerability.circl.lu/sighting/c2029847-1a07-4922-8998-3266feea8613/export Mon, 15 May 2023 14:29:49 +0000 https://vulnerability.circl.lu/sighting/0772a490-8c35-4ed2-adf4-b81c579d83ee/export {"uuid": "0772a490-8c35-4ed2-adf4-b81c579d83ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47379", "type": "seen", "source": "Telegram/mZjVEjJ9UySCRyqlZinbXkTti1EvxKvFP59xnKSPk7h14g", "content": "", "creation_timestamp": "2023-08-11T08:14:17.000000Z"} {"uuid": "0772a490-8c35-4ed2-adf4-b81c579d83ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47379", "type": "seen", "source": "Telegram/mZjVEjJ9UySCRyqlZinbXkTti1EvxKvFP59xnKSPk7h14g", "content": "", "creation_timestamp": "2023-08-11T08:14:17.000000Z"} https://vulnerability.circl.lu/sighting/0772a490-8c35-4ed2-adf4-b81c579d83ee/export Fri, 11 Aug 2023 08:14:17 +0000 https://vulnerability.circl.lu/sighting/4ad6cf01-147a-479c-90b2-5592197733e5/export {"uuid": "4ad6cf01-147a-479c-90b2-5592197733e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47378", "type": "seen", "source": "https://t.me/KomunitiSiber/635", "content": "16 New CODESYS SDK Flaws Expose OT Environments to Remote Attacks\nhttps://thehackernews.com/2023/08/15-new-codesys-sdk-flaws-expose-ot.html\n\nA set of 16 high-severity security flaws have been disclosed in the\u00a0CODESYS V3\u00a0software development kit (SDK) that could result in remote code execution and denial-of-service under specific conditions, posing risks to operational technology (OT) environments.\nThe flaws, tracked from CVE-2022-47378 through CVE-2022-47393 and dubbed\u00a0CoDe16, carry a CVSS score of 8.8 with the exception of", "creation_timestamp": "2023-08-11T09:09:47.000000Z"} {"uuid": "4ad6cf01-147a-479c-90b2-5592197733e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47378", "type": "seen", "source": "https://t.me/KomunitiSiber/635", "content": "16 New CODESYS SDK Flaws Expose OT Environments to Remote Attacks\nhttps://thehackernews.com/2023/08/15-new-codesys-sdk-flaws-expose-ot.html\n\nA set of 16 high-severity security flaws have been disclosed in the\u00a0CODESYS V3\u00a0software development kit (SDK) that could result in remote code execution and denial-of-service under specific conditions, posing risks to operational technology (OT) environments.\nThe flaws, tracked from CVE-2022-47378 through CVE-2022-47393 and dubbed\u00a0CoDe16, carry a CVSS score of 8.8 with the exception of", "creation_timestamp": "2023-08-11T09:09:47.000000Z"} https://vulnerability.circl.lu/sighting/4ad6cf01-147a-479c-90b2-5592197733e5/export Fri, 11 Aug 2023 09:09:47 +0000 https://vulnerability.circl.lu/sighting/7e2ebc04-4313-4544-862e-c291c09f448b/export {"uuid": "7e2ebc04-4313-4544-862e-c291c09f448b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47373", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10575", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-47373\n\ud83d\udd25 CVSS Score: 6.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L)\n\ud83d\udd39 Description: Reflected Cross Site Scripting in Search Functionality of Module Library in Pandora FMS Console v766 and lower. This vulnerability arises on the forget password functionality in which parameter username does not proper input validation/sanitization thus results in executing malicious JavaScript payload.\n\ud83d\udccf Published: 2023-02-15T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-04T20:38:38.112Z\n\ud83d\udd17 References:\n1. https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/\n2. https://github.com/Argonx21/CVE-2022-47373", "creation_timestamp": "2025-04-04T21:36:32.000000Z"} {"uuid": "7e2ebc04-4313-4544-862e-c291c09f448b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47373", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10575", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-47373\n\ud83d\udd25 CVSS Score: 6.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:L)\n\ud83d\udd39 Description: Reflected Cross Site Scripting in Search Functionality of Module Library in Pandora FMS Console v766 and lower. This vulnerability arises on the forget password functionality in which parameter username does not proper input validation/sanitization thus results in executing malicious JavaScript payload.\n\ud83d\udccf Published: 2023-02-15T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-04T20:38:38.112Z\n\ud83d\udd17 References:\n1. https://pandorafms.com/en/security/common-vulnerabilities-and-exposures/\n2. https://github.com/Argonx21/CVE-2022-47373", "creation_timestamp": "2025-04-04T21:36:32.000000Z"} https://vulnerability.circl.lu/sighting/7e2ebc04-4313-4544-862e-c291c09f448b/export Fri, 04 Apr 2025 21:36:32 +0000 https://vulnerability.circl.lu/sighting/4cf7fc10-7a9d-4ff4-b906-c415d6ee43a7/export {"uuid": "4cf7fc10-7a9d-4ff4-b906-c415d6ee43a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-47379", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-076-01", "content": "", "creation_timestamp": "2026-03-17T12:00:00.000000Z"} {"uuid": "4cf7fc10-7a9d-4ff4-b906-c415d6ee43a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-47379", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-076-01", "content": "", "creation_timestamp": "2026-03-17T12:00:00.000000Z"} https://vulnerability.circl.lu/sighting/4cf7fc10-7a9d-4ff4-b906-c415d6ee43a7/export Tue, 17 Mar 2026 12:00:00 +0000 https://vulnerability.circl.lu/sighting/2ee3a776-b260-4a97-8c8f-94eadd5a1b12/export {"uuid": "2ee3a776-b260-4a97-8c8f-94eadd5a1b12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-47378", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-076-01", "content": "", "creation_timestamp": "2026-03-17T12:00:00.000000Z"} {"uuid": "2ee3a776-b260-4a97-8c8f-94eadd5a1b12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-47378", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-076-01", "content": "", "creation_timestamp": "2026-03-17T12:00:00.000000Z"} https://vulnerability.circl.lu/sighting/2ee3a776-b260-4a97-8c8f-94eadd5a1b12/export Tue, 17 Mar 2026 12:00:00 +0000