https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Thu, 25 Jun 2026 16:20:23 +0000 https://vulnerability.circl.lu/sighting/5b3a6dff-6790-4742-84e1-efa4806ef84b/export {"uuid": "5b3a6dff-6790-4742-84e1-efa4806ef84b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0462", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpqvh6vjq2j", "content": "", "creation_timestamp": "2025-01-14T17:15:57.593871Z"} {"uuid": "5b3a6dff-6790-4742-84e1-efa4806ef84b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0462", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpqvh6vjq2j", "content": "", "creation_timestamp": "2025-01-14T17:15:57.593871Z"} https://vulnerability.circl.lu/sighting/5b3a6dff-6790-4742-84e1-efa4806ef84b/export Tue, 14 Jan 2025 17:15:57 +0000 https://vulnerability.circl.lu/sighting/70a5f116-2fc8-4eea-9d55-2f23d46aad63/export {"uuid": "70a5f116-2fc8-4eea-9d55-2f23d46aad63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0462", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1531", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-0462\n\ud83d\udd39 Description: A vulnerability was found in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.0.0 and classified as critical. This issue affects some unknown processing of the file /crm/weixinmp/index.php?userid=123&module=Users&usid=1&action=UsersAjax&minipro_const_type=1. The manipulation of the argument searchcontent leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.\n\ud83d\udccf Published: 2025-01-14T16:31:05.486Z\n\ud83d\udccf Modified: 2025-01-14T16:53:00.271Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.291479\n2. https://vuldb.com/?ctiid.291479\n3. https://vuldb.com/?submit.474254\n4. https://github.com/BxYQ/ld/blob/main/ListView_SQL.doc", "creation_timestamp": "2025-01-14T17:21:11.000000Z"} {"uuid": "70a5f116-2fc8-4eea-9d55-2f23d46aad63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0462", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1531", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-0462\n\ud83d\udd39 Description: A vulnerability was found in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.0.0 and classified as critical. This issue affects some unknown processing of the file /crm/weixinmp/index.php?userid=123&module=Users&usid=1&action=UsersAjax&minipro_const_type=1. The manipulation of the argument searchcontent leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.\n\ud83d\udccf Published: 2025-01-14T16:31:05.486Z\n\ud83d\udccf Modified: 2025-01-14T16:53:00.271Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.291479\n2. https://vuldb.com/?ctiid.291479\n3. https://vuldb.com/?submit.474254\n4. https://github.com/BxYQ/ld/blob/main/ListView_SQL.doc", "creation_timestamp": "2025-01-14T17:21:11.000000Z"} https://vulnerability.circl.lu/sighting/70a5f116-2fc8-4eea-9d55-2f23d46aad63/export Tue, 14 Jan 2025 17:21:11 +0000 https://vulnerability.circl.lu/sighting/57f42cf0-2108-445a-9a17-4c96f124d5a5/export {"uuid": "57f42cf0-2108-445a-9a17-4c96f124d5a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0462", "type": "seen", "source": "https://t.me/cvedetector/15297", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-0462 - Shanghai Lingdang Information Technology Lingdang CRM SQL Injection\", \n \"Content\": \"CVE ID : CVE-2025-0462 \nPublished : Jan. 14, 2025, 5:15 p.m. | 36\u00a0minutes ago \nDescription : A vulnerability was found in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.0.0 and classified as critical. This issue affects some unknown processing of the file /crm/weixinmp/index.php?userid=123&module=Users&usid=1&action=UsersAjax&minipro_const_type=1. The manipulation of the argument searchcontent leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"14 Jan 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-14T19:01:07.000000Z"} {"uuid": "57f42cf0-2108-445a-9a17-4c96f124d5a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-0462", "type": "seen", "source": "https://t.me/cvedetector/15297", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2025-0462 - Shanghai Lingdang Information Technology Lingdang CRM SQL Injection\", \n \"Content\": \"CVE ID : CVE-2025-0462 \nPublished : Jan. 14, 2025, 5:15 p.m. | 36\u00a0minutes ago \nDescription : A vulnerability was found in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6.0.0 and classified as critical. This issue affects some unknown processing of the file /crm/weixinmp/index.php?userid=123&module=Users&usid=1&action=UsersAjax&minipro_const_type=1. The manipulation of the argument searchcontent leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"14 Jan 2025\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-14T19:01:07.000000Z"} https://vulnerability.circl.lu/sighting/57f42cf0-2108-445a-9a17-4c96f124d5a5/export Tue, 14 Jan 2025 19:01:07 +0000