https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Thu, 07 May 2026 08:40:09 +0000 https://vulnerability.circl.lu/sighting/f31033b6-5063-4f93-82fb-3a027667e41b/export {"uuid": "f31033b6-5063-4f93-82fb-3a027667e41b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35719", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/3796", "content": "Searpy - Search Engine Tookit: https://www.system32.ink/2023/07/searpy-search-engine-tookit.html\n\nTelegram Desktop Session Stealer : https://www.system32.ink/2023/07/telegram-desktop-session-stealer.html\n\nContinental Tires Middle East (continental-me.com) data leak : https://www.system32.ink/2023/07/continental-tires-middle-east.html\n\nCVE-2023-35719 Exploit : https://www.system32.ink/2023/07/cve-2023-35719-exploit.html\n\nTURKEY REFUGEE database Leak : https://www.system32.ink/2023/07/turkey-refugee-database-leak.html\n\nTBCommunity (British fitness website) data leak : https://www.system32.ink/2023/07/tbcommunity-british-fitness-website.html\n\nwebmarketpoint_it data Leak : https://www.system32.ink/2023/07/webmarketpointit-data-leak.html\n\nZxCDDoS layer 4 and 7 ddos with cloudflare bypass : https://www.system32.ink/2023/07/zxcddos-layer-4-and-7-with-cloudflare.html\n\nSMShell - SMS-based shell : https://www.system32.ink/2023/07/smshell-sms-based-shell.html\n\nSheikh Hazza Bin Zayed Al Nahyan office data leak : https://www.system32.ink/2023/07/sheikh-hazza-bin-zayed-al-nahyan-office.html\n\nOffice Of Industrial Economics data leak : https://www.system32.ink/2023/07/office-of-industrial-economics-data-leak.html", "creation_timestamp": "2023-07-03T18:17:36.000000Z"} {"uuid": "f31033b6-5063-4f93-82fb-3a027667e41b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35719", "type": "published-proof-of-concept", "source": "https://t.me/crackcodes/3796", "content": "Searpy - Search Engine Tookit: https://www.system32.ink/2023/07/searpy-search-engine-tookit.html\n\nTelegram Desktop Session Stealer : https://www.system32.ink/2023/07/telegram-desktop-session-stealer.html\n\nContinental Tires Middle East (continental-me.com) data leak : https://www.system32.ink/2023/07/continental-tires-middle-east.html\n\nCVE-2023-35719 Exploit : https://www.system32.ink/2023/07/cve-2023-35719-exploit.html\n\nTURKEY REFUGEE database Leak : https://www.system32.ink/2023/07/turkey-refugee-database-leak.html\n\nTBCommunity (British fitness website) data leak : https://www.system32.ink/2023/07/tbcommunity-british-fitness-website.html\n\nwebmarketpoint_it data Leak : https://www.system32.ink/2023/07/webmarketpointit-data-leak.html\n\nZxCDDoS layer 4 and 7 ddos with cloudflare bypass : https://www.system32.ink/2023/07/zxcddos-layer-4-and-7-with-cloudflare.html\n\nSMShell - SMS-based shell : https://www.system32.ink/2023/07/smshell-sms-based-shell.html\n\nSheikh Hazza Bin Zayed Al Nahyan office data leak : https://www.system32.ink/2023/07/sheikh-hazza-bin-zayed-al-nahyan-office.html\n\nOffice Of Industrial Economics data leak : https://www.system32.ink/2023/07/office-of-industrial-economics-data-leak.html", "creation_timestamp": "2023-07-03T18:17:36.000000Z"} https://vulnerability.circl.lu/sighting/f31033b6-5063-4f93-82fb-3a027667e41b/export Mon, 03 Jul 2023 18:17:36 +0000 https://vulnerability.circl.lu/sighting/dc502b18-6939-4d67-8c49-5346164d9b01/export {"uuid": "dc502b18-6939-4d67-8c49-5346164d9b01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35719", "type": "published-proof-of-concept", "source": "Telegram/vvnkVVd6iAAlIYaGgGaJPmBHzufBXAbvPJbpjwHfpMqYPw", "content": "", "creation_timestamp": "2023-07-03T18:18:52.000000Z"} {"uuid": "dc502b18-6939-4d67-8c49-5346164d9b01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35719", "type": "published-proof-of-concept", "source": "Telegram/vvnkVVd6iAAlIYaGgGaJPmBHzufBXAbvPJbpjwHfpMqYPw", "content": "", "creation_timestamp": "2023-07-03T18:18:52.000000Z"} https://vulnerability.circl.lu/sighting/dc502b18-6939-4d67-8c49-5346164d9b01/export Mon, 03 Jul 2023 18:18:52 +0000 https://vulnerability.circl.lu/sighting/780dc255-3911-40bf-b5d5-9dfd85ca3fa1/export {"uuid": "780dc255-3911-40bf-b5d5-9dfd85ca3fa1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35719", "type": "published-proof-of-concept", "source": "https://t.me/kasraone_com/350", "content": "\u0633\u0631\u0648\u0631 HTTP \u067e\u0627\u06cc\u062a\u0648\u0646 \u0628\u0631\u0627\u06cc \u0628\u0647\u0631\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 CVE-2023-35719 / ZDI-23-891 (\u0639\u0628\u0648\u0631 \u0627\u0632 \u062a\u0623\u06cc\u06cc\u062f \u0647\u0648\u06cc\u062a \u062a\u0627 \u0634\u0644 SYSTEM \u062f\u0631 \u0645\u0634\u062a\u0631\u06cc Windows GINA ManageEngine ADSelfService Plus) \u0627\u0633\u062a. \u0627\u06cc\u0646 \u0633\u0631\u0648\u0631 HTTP \u067e\u0627\u06cc\u062a\u0648\u0646 \u0631\u0648\u06cc \u0622\u062f\u0631\u0633 IP 13.33.37.1 \u0648 \u067e\u0648\u0631\u062a TCP 8888 \u06af\u0648\u0634 \u0645\u06cc\u200c\u062f\u0647\u062f \u062a\u0627 \u062f\u0631\u062e\u0648\u0627\u0633\u062a GET HTTP \u0631\u0627 \u062f\u0631\u06cc\u0627\u0641\u062a \u06a9\u0646\u062f \u0648 \u0628\u0627\u0631 HTML \u0645\u0634\u062e\u0635 \u0634\u062f\u0647 \u0631\u0627 \u0628\u0627\u0632\u06af\u0631\u062f\u0627\u0646\u062f. \u0622\u062f\u0631\u0633 IP 13.33.37.1 \u0631\u0627 \u0628\u0627 \u0647\u0631 \u0622\u062f\u0631\u0633 IP \u06a9\u0647 \u0646\u06cc\u0627\u0632 \u0628\u0647 \u062c\u0639\u0644 \u062f\u0627\u0631\u06cc\u062f (\u0622\u062f\u0631\u0633 \u0633\u0631\u0648\u0631 ADSelfService Plus) \u062c\u0627\u06cc\u06af\u0632\u06cc\u0646 \u06a9\u0646\u06cc\u062f \u0648 \u06cc\u06a9 \u0648\u0631\u0648\u062f\u06cc DNS \u0628\u0631\u0627\u06cc \u0646\u0627\u0645 \u062f\u0627\u0645\u0646\u0647 YOUR_DOMAIN_NAME \u0627\u0636\u0627\u0641\u0647 \u06a9\u0646\u06cc\u062f \u062a\u0627 \u0628\u0647 \u0622\u062f\u0631\u0633 13.33.37.1 \u0627\u0634\u0627\u0631\u0647 \u06a9\u0646\u062f.", "creation_timestamp": "2023-07-05T19:32:18.000000Z"} {"uuid": "780dc255-3911-40bf-b5d5-9dfd85ca3fa1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35719", "type": "published-proof-of-concept", "source": "https://t.me/kasraone_com/350", "content": "\u0633\u0631\u0648\u0631 HTTP \u067e\u0627\u06cc\u062a\u0648\u0646 \u0628\u0631\u0627\u06cc \u0628\u0647\u0631\u0647\u200c\u0628\u0631\u062f\u0627\u0631\u06cc \u0627\u0632 CVE-2023-35719 / ZDI-23-891 (\u0639\u0628\u0648\u0631 \u0627\u0632 \u062a\u0623\u06cc\u06cc\u062f \u0647\u0648\u06cc\u062a \u062a\u0627 \u0634\u0644 SYSTEM \u062f\u0631 \u0645\u0634\u062a\u0631\u06cc Windows GINA ManageEngine ADSelfService Plus) \u0627\u0633\u062a. \u0627\u06cc\u0646 \u0633\u0631\u0648\u0631 HTTP \u067e\u0627\u06cc\u062a\u0648\u0646 \u0631\u0648\u06cc \u0622\u062f\u0631\u0633 IP 13.33.37.1 \u0648 \u067e\u0648\u0631\u062a TCP 8888 \u06af\u0648\u0634 \u0645\u06cc\u200c\u062f\u0647\u062f \u062a\u0627 \u062f\u0631\u062e\u0648\u0627\u0633\u062a GET HTTP \u0631\u0627 \u062f\u0631\u06cc\u0627\u0641\u062a \u06a9\u0646\u062f \u0648 \u0628\u0627\u0631 HTML \u0645\u0634\u062e\u0635 \u0634\u062f\u0647 \u0631\u0627 \u0628\u0627\u0632\u06af\u0631\u062f\u0627\u0646\u062f. \u0622\u062f\u0631\u0633 IP 13.33.37.1 \u0631\u0627 \u0628\u0627 \u0647\u0631 \u0622\u062f\u0631\u0633 IP \u06a9\u0647 \u0646\u06cc\u0627\u0632 \u0628\u0647 \u062c\u0639\u0644 \u062f\u0627\u0631\u06cc\u062f (\u0622\u062f\u0631\u0633 \u0633\u0631\u0648\u0631 ADSelfService Plus) \u062c\u0627\u06cc\u06af\u0632\u06cc\u0646 \u06a9\u0646\u06cc\u062f \u0648 \u06cc\u06a9 \u0648\u0631\u0648\u062f\u06cc DNS \u0628\u0631\u0627\u06cc \u0646\u0627\u0645 \u062f\u0627\u0645\u0646\u0647 YOUR_DOMAIN_NAME \u0627\u0636\u0627\u0641\u0647 \u06a9\u0646\u06cc\u062f \u062a\u0627 \u0628\u0647 \u0622\u062f\u0631\u0633 13.33.37.1 \u0627\u0634\u0627\u0631\u0647 \u06a9\u0646\u062f.", "creation_timestamp": "2023-07-05T19:32:18.000000Z"} https://vulnerability.circl.lu/sighting/780dc255-3911-40bf-b5d5-9dfd85ca3fa1/export Wed, 05 Jul 2023 19:32:18 +0000 https://vulnerability.circl.lu/sighting/d9cfbd82-cdf9-43cc-a4d2-af5c830d37d4/export {"uuid": "d9cfbd82-cdf9-43cc-a4d2-af5c830d37d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35719", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/821", "content": "CVE-2023-35719 : ManageEngine ADSelfService Plus GINA Client 4.2.9 >=\u00a06.3 Build 6301 - Authentication Bypass\u00a0To SYSTEM\u00a0shell\nPOC : https://github.com/pedrib/PoC/blob/master/advisories/ManageEngine/adselfpwnplus/adselfpwnplus.md", "creation_timestamp": "2023-08-14T16:30:50.000000Z"} {"uuid": "d9cfbd82-cdf9-43cc-a4d2-af5c830d37d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35719", "type": "published-proof-of-concept", "source": "https://t.me/MrVGunz/821", "content": "CVE-2023-35719 : ManageEngine ADSelfService Plus GINA Client 4.2.9 >=\u00a06.3 Build 6301 - Authentication Bypass\u00a0To SYSTEM\u00a0shell\nPOC : https://github.com/pedrib/PoC/blob/master/advisories/ManageEngine/adselfpwnplus/adselfpwnplus.md", "creation_timestamp": "2023-08-14T16:30:50.000000Z"} https://vulnerability.circl.lu/sighting/d9cfbd82-cdf9-43cc-a4d2-af5c830d37d4/export Mon, 14 Aug 2023 16:30:50 +0000 https://vulnerability.circl.lu/sighting/9683b257-696e-478c-8f40-c271559ccd3f/export {"uuid": "9683b257-696e-478c-8f40-c271559ccd3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35719", "type": "seen", "source": "https://t.me/cibsecurity/69977", "content": "\u203c CVE-2023-35719 \u203c\n\nManageEngine ADSelfService Plus GINA Client Insufficient Verification of Data Authenticity Authentication Bypass Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of ManageEngine ADSelfService Plus. Authentication is not required to exploit this vulnerability.The specific flaw exists within the Password Reset Portal used by the GINA client. The issue results from the lack of proper authentication of data received via HTTP. An attacker can leverage this vulnerability to bypass authentication and execute code in the context of SYSTEM. Was ZDI-CAN-17009.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-06T12:18:02.000000Z"} {"uuid": "9683b257-696e-478c-8f40-c271559ccd3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-35719", "type": "seen", "source": "https://t.me/cibsecurity/69977", "content": "\u203c CVE-2023-35719 \u203c\n\nManageEngine ADSelfService Plus GINA Client Insufficient Verification of Data Authenticity Authentication Bypass Vulnerability. This vulnerability allows physically present attackers to execute arbitrary code on affected installations of ManageEngine ADSelfService Plus. Authentication is not required to exploit this vulnerability.The specific flaw exists within the Password Reset Portal used by the GINA client. The issue results from the lack of proper authentication of data received via HTTP. An attacker can leverage this vulnerability to bypass authentication and execute code in the context of SYSTEM. Was ZDI-CAN-17009.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-09-06T12:18:02.000000Z"} https://vulnerability.circl.lu/sighting/9683b257-696e-478c-8f40-c271559ccd3f/export Wed, 06 Sep 2023 12:18:02 +0000