https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sun, 10 May 2026 03:44:03 +0000 https://vulnerability.circl.lu/sighting/6372aa7e-837e-4f22-918d-d22c542737cb/export {"uuid": "6372aa7e-837e-4f22-918d-d22c542737cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48870", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/1927", "content": "#exploit\n1. CVE-2022-48870:\nmaccms admin+ xss attacks\nhttps://github.com/Cedric1314/CVE-2022-48870\n\n2. CVE-2022-39253:\nDocker host file read\nhttps://github.com/ssst0n3/docker-cve-2022-39253-poc", "creation_timestamp": "2022-12-22T06:51:17.000000Z"} {"uuid": "6372aa7e-837e-4f22-918d-d22c542737cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48870", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/1927", "content": "#exploit\n1. CVE-2022-48870:\nmaccms admin+ xss attacks\nhttps://github.com/Cedric1314/CVE-2022-48870\n\n2. CVE-2022-39253:\nDocker host file read\nhttps://github.com/ssst0n3/docker-cve-2022-39253-poc", "creation_timestamp": "2022-12-22T06:51:17.000000Z"} https://vulnerability.circl.lu/sighting/6372aa7e-837e-4f22-918d-d22c542737cb/export Thu, 22 Dec 2022 06:51:17 +0000 https://vulnerability.circl.lu/sighting/abab45ef-9ea8-4041-a7ed-898a8d5059bd/export {"uuid": "abab45ef-9ea8-4041-a7ed-898a8d5059bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48870", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7406", "content": "#exploit\n1. CVE-2022-48870:\nmaccms admin+ xss attacks\nhttps://github.com/Cedric1314/CVE-2022-48870\n\n2. CVE-2022-39253:\nDocker host file read\nhttps://github.com/ssst0n3/docker-cve-2022-39253-poc", "creation_timestamp": "2022-12-22T11:02:01.000000Z"} {"uuid": "abab45ef-9ea8-4041-a7ed-898a8d5059bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48870", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7406", "content": "#exploit\n1. CVE-2022-48870:\nmaccms admin+ xss attacks\nhttps://github.com/Cedric1314/CVE-2022-48870\n\n2. CVE-2022-39253:\nDocker host file read\nhttps://github.com/ssst0n3/docker-cve-2022-39253-poc", "creation_timestamp": "2022-12-22T11:02:01.000000Z"} https://vulnerability.circl.lu/sighting/abab45ef-9ea8-4041-a7ed-898a8d5059bd/export Thu, 22 Dec 2022 11:02:01 +0000 https://vulnerability.circl.lu/sighting/fb0c0e51-3a53-4576-b69a-066a2214ae36/export {"uuid": "fb0c0e51-3a53-4576-b69a-066a2214ae36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48870", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/1934", "content": "\u200b\u200bCVE-2022-48870\n\nmaccms admin+ xss attacks\n\nhttps://github.com/Cedric1314/CVE-2022-48870\n\n#cve", "creation_timestamp": "2022-12-22T15:38:37.000000Z"} {"uuid": "fb0c0e51-3a53-4576-b69a-066a2214ae36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48870", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/1934", "content": "\u200b\u200bCVE-2022-48870\n\nmaccms admin+ xss attacks\n\nhttps://github.com/Cedric1314/CVE-2022-48870\n\n#cve", "creation_timestamp": "2022-12-22T15:38:37.000000Z"} https://vulnerability.circl.lu/sighting/fb0c0e51-3a53-4576-b69a-066a2214ae36/export Thu, 22 Dec 2022 15:38:37 +0000 https://vulnerability.circl.lu/sighting/c50e95d7-a5f8-4e7f-9f9f-03d07817ef30/export {"uuid": "c50e95d7-a5f8-4e7f-9f9f-03d07817ef30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48870", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/1939", "content": "\u200b\u200bCVE-2022-48870\n\nmaccms admin+ xss attacks\n\nhttps://github.com/Cedric1314/CVE-2022-48870\n\n#cve", "creation_timestamp": "2022-12-22T17:02:37.000000Z"} {"uuid": "c50e95d7-a5f8-4e7f-9f9f-03d07817ef30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48870", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/1939", "content": "\u200b\u200bCVE-2022-48870\n\nmaccms admin+ xss attacks\n\nhttps://github.com/Cedric1314/CVE-2022-48870\n\n#cve", "creation_timestamp": "2022-12-22T17:02:37.000000Z"} https://vulnerability.circl.lu/sighting/c50e95d7-a5f8-4e7f-9f9f-03d07817ef30/export Thu, 22 Dec 2022 17:02:37 +0000 https://vulnerability.circl.lu/sighting/ab5d4234-5909-4457-9f43-e96422c46df0/export {"uuid": "ab5d4234-5909-4457-9f43-e96422c46df0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48870", "type": "published-proof-of-concept", "source": "https://t.me/BABATATASASA/3436", "content": "\u200b\u200bCVE-2022-25765 \n\npdfkit Exploit Reverse Shell\n\npdfkit <0.8.6 command injection shell. The package pdfkit from 0.0.0 are vulnerable to Command Injection where the URL is not properly sanitized. (Tested on ver 0.8.6) - CVE-2022-25765\n\nhttps://github.com/CyberArchitect1/CVE-2022-25765-pdfkit-Exploit-Reverse-Shell\n\n\u200b\u200bCVE-2022-45025\n\nCommand injection via PDF import in Markdown Preview Enhanced (VSCode, Atom)\n\nhttps://github.com/yuriisanin/CVE-2022-45025\n\n\u200b\u200bCVE-2022-36537\n\nZK Framework - Exposure of Sensitive Information to an Unauthorized Actor\n\nhttps://github.com/agnihackers/CVE-2022-36537-EXPLOIT\n\n\u200b\u200bCVE-2022-39066\n\nSQL Injection Vulnerability in ZTE MF286R\n\nhttps://github.com/v0lp3/CVE-2022-39066\n\n\u200b\u200bCVE-2022-46381\n\nYou can scan this vulnerability on your company's subdomains using the nuclei scanner with the template specified in this repo \"CVE-2022-46381.yaml\"\n\nhttps://github.com/omarhashem123/Security-Research/tree/main/CVE-2022-46381\n\n\u200b\u200bCVE-2022-45771 - Pwndoc LFI to RCE\n\nPwndoc local file inclusion to remote code execution of Node.js code on the server.\n\nhttps://github.com/p0dalirius/CVE-2022-45771-Pwndoc-LFI-to-RCE\n\n\u200b\u200bCVE-2022-46169\n\nCacti remote_agent.php Unauthenticated Command Injection.\n\nhttps://github.com/0xf4n9x/CVE-2022-46169\n\n\u200b\u200bCVE-2022-45451\n\nPoC for CVE-2022-45451 Acronis Arbitrary File Read\n\nhttps://github.com/alfarom256/CVE-2022-45451\n\nCVE-2022-28672\n\nThis bug was Use after Free caused by improper handling of javascript object memory references.\n\nhttps://github.com/hacksysteam/CVE-2022-28672\n\nUse after Free - RCE Exploit: https://hacksys.io/blogs/foxit-reader-uaf-rce-jit-spraying-cve-2022-28672\n\n\u200b\u200bCVE-2003-0358\n\nBuffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1.9.3 and earlier, which is based on nethack, allows local users to gain privileges > via a long -s command line option.\n\nhttps://github.com/snowcra5h/CVE-2003-0358\n\n\u200b\u200bCVE-2022-39253\n\nDocker host file read\n\nhttps://github.com/ssst0n3/docker-cve-2022-39253-poc\n\n\u200b\u200bCVE-2022-48870\n\nmaccms admin+ xss attacks\n\nhttps://github.com/Cedric1314/CVE-2022-48870\n\n\u200b\u200bCVE-2022-2602\n\nPoC Kernel Privilege Escalation Linux\n\nhttps://github.com/kiks7/CVE-2022-2602-Kernel-Exploit\n\n\u200b\u200bEvilWfshbr\n\nCVE-2022-42046 Proof of Concept of wfshbr64.sys local privilege escalation\n\nhttps://github.com/kkent030315/CVE-2022-42046\n\n\u200b\u200bCVE-2022-2602\n\nThis repository contains exploits for CVE-2022-2602. There are two versions of it:\n\n\u25ab\ufe0f Exploit using userfaultfd technique.\n\u25ab\ufe0f Exploit using inode locking technique.\n\nhttps://github.com/LukeGix/CVE-2022-2602\n\n#cve #poc \n@pfkgit", "creation_timestamp": "2023-01-28T19:14:38.000000Z"} {"uuid": "ab5d4234-5909-4457-9f43-e96422c46df0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48870", "type": "published-proof-of-concept", "source": "https://t.me/BABATATASASA/3436", "content": "\u200b\u200bCVE-2022-25765 \n\npdfkit Exploit Reverse Shell\n\npdfkit <0.8.6 command injection shell. The package pdfkit from 0.0.0 are vulnerable to Command Injection where the URL is not properly sanitized. (Tested on ver 0.8.6) - CVE-2022-25765\n\nhttps://github.com/CyberArchitect1/CVE-2022-25765-pdfkit-Exploit-Reverse-Shell\n\n\u200b\u200bCVE-2022-45025\n\nCommand injection via PDF import in Markdown Preview Enhanced (VSCode, Atom)\n\nhttps://github.com/yuriisanin/CVE-2022-45025\n\n\u200b\u200bCVE-2022-36537\n\nZK Framework - Exposure of Sensitive Information to an Unauthorized Actor\n\nhttps://github.com/agnihackers/CVE-2022-36537-EXPLOIT\n\n\u200b\u200bCVE-2022-39066\n\nSQL Injection Vulnerability in ZTE MF286R\n\nhttps://github.com/v0lp3/CVE-2022-39066\n\n\u200b\u200bCVE-2022-46381\n\nYou can scan this vulnerability on your company's subdomains using the nuclei scanner with the template specified in this repo \"CVE-2022-46381.yaml\"\n\nhttps://github.com/omarhashem123/Security-Research/tree/main/CVE-2022-46381\n\n\u200b\u200bCVE-2022-45771 - Pwndoc LFI to RCE\n\nPwndoc local file inclusion to remote code execution of Node.js code on the server.\n\nhttps://github.com/p0dalirius/CVE-2022-45771-Pwndoc-LFI-to-RCE\n\n\u200b\u200bCVE-2022-46169\n\nCacti remote_agent.php Unauthenticated Command Injection.\n\nhttps://github.com/0xf4n9x/CVE-2022-46169\n\n\u200b\u200bCVE-2022-45451\n\nPoC for CVE-2022-45451 Acronis Arbitrary File Read\n\nhttps://github.com/alfarom256/CVE-2022-45451\n\nCVE-2022-28672\n\nThis bug was Use after Free caused by improper handling of javascript object memory references.\n\nhttps://github.com/hacksysteam/CVE-2022-28672\n\nUse after Free - RCE Exploit: https://hacksys.io/blogs/foxit-reader-uaf-rce-jit-spraying-cve-2022-28672\n\n\u200b\u200bCVE-2003-0358\n\nBuffer overflow in (1) nethack 3.4.0 and earlier, and (2) falconseye 1.9.3 and earlier, which is based on nethack, allows local users to gain privileges > via a long -s command line option.\n\nhttps://github.com/snowcra5h/CVE-2003-0358\n\n\u200b\u200bCVE-2022-39253\n\nDocker host file read\n\nhttps://github.com/ssst0n3/docker-cve-2022-39253-poc\n\n\u200b\u200bCVE-2022-48870\n\nmaccms admin+ xss attacks\n\nhttps://github.com/Cedric1314/CVE-2022-48870\n\n\u200b\u200bCVE-2022-2602\n\nPoC Kernel Privilege Escalation Linux\n\nhttps://github.com/kiks7/CVE-2022-2602-Kernel-Exploit\n\n\u200b\u200bEvilWfshbr\n\nCVE-2022-42046 Proof of Concept of wfshbr64.sys local privilege escalation\n\nhttps://github.com/kkent030315/CVE-2022-42046\n\n\u200b\u200bCVE-2022-2602\n\nThis repository contains exploits for CVE-2022-2602. There are two versions of it:\n\n\u25ab\ufe0f Exploit using userfaultfd technique.\n\u25ab\ufe0f Exploit using inode locking technique.\n\nhttps://github.com/LukeGix/CVE-2022-2602\n\n#cve #poc \n@pfkgit", "creation_timestamp": "2023-01-28T19:14:38.000000Z"} https://vulnerability.circl.lu/sighting/ab5d4234-5909-4457-9f43-e96422c46df0/export Sat, 28 Jan 2023 19:14:38 +0000