<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://db.gcve.eu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Thu, 02 Jul 2026 01:36:52 +0000</lastBuildDate>
    <item>
      <title>fab37080-0586-4fd6-a707-5a79d2321c38</title>
      <link>https://db.gcve.eu/sighting/fab37080-0586-4fd6-a707-5a79d2321c38/export</link>
      <description>{"uuid": "fab37080-0586-4fd6-a707-5a79d2321c38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45965", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8519", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-45965\n\ud83d\udd25 CVSS Score: 6.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: Contao before 5.5.6 allows XSS via an SVG document. This affects (in contao/core-bundle in Composer) 4.x before 4.13.54, 5.0.x through 5.3.x before 5.3.30, and 5.4.x and 5.5..x before 5.5.6.\n\ud83d\udccf Published: 2024-10-02T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-24T19:04:03.032Z\n\ud83d\udd17 References:\n1. https://grimthereaperteam.medium.com/contao-5-4-1-malicious-file-upload-xss-in-svg-30edb8820ecb\n2. https://contao.org/en/security-advisories/cross-site-scripting-through-svg-uploads", "creation_timestamp": "2025-03-24T19:23:33.000000Z"}</description>
      <content:encoded>{"uuid": "fab37080-0586-4fd6-a707-5a79d2321c38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45965", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8519", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-45965\n\ud83d\udd25 CVSS Score: 6.4 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: Contao before 5.5.6 allows XSS via an SVG document. This affects (in contao/core-bundle in Composer) 4.x before 4.13.54, 5.0.x through 5.3.x before 5.3.30, and 5.4.x and 5.5..x before 5.5.6.\n\ud83d\udccf Published: 2024-10-02T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-24T19:04:03.032Z\n\ud83d\udd17 References:\n1. https://grimthereaperteam.medium.com/contao-5-4-1-malicious-file-upload-xss-in-svg-30edb8820ecb\n2. https://contao.org/en/security-advisories/cross-site-scripting-through-svg-uploads", "creation_timestamp": "2025-03-24T19:23:33.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://db.gcve.eu/sighting/fab37080-0586-4fd6-a707-5a79d2321c38/export</guid>
      <pubDate>Mon, 24 Mar 2025 19:23:33 +0000</pubDate>
    </item>
    <item>
      <title>32963d39-07de-4af6-9a1a-a727a5b942b1</title>
      <link>https://db.gcve.eu/sighting/32963d39-07de-4af6-9a1a-a727a5b942b1/export</link>
      <description>{"uuid": "32963d39-07de-4af6-9a1a-a727a5b942b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45969", "type": "seen", "source": "https://t.me/cvedetector/11153", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45969 - MZ Automation LibIEC1850 MMS Client NULL Pointer Dereference Denial-of-Service Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45969 \nPublished : Nov. 15, 2024, 7:15 p.m. | 33\u00a0minutes ago \nDescription : NULL pointer dereference in the MMS Client in MZ Automation LibIEC1850 before commit 7afa40390b26ad1f4cf93deaa0052fe7e357ef33 allows a malicious server to Cause a Denial-of-Service via the MMS InitiationResponse message. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-15T20:48:39.000000Z"}</description>
      <content:encoded>{"uuid": "32963d39-07de-4af6-9a1a-a727a5b942b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45969", "type": "seen", "source": "https://t.me/cvedetector/11153", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45969 - MZ Automation LibIEC1850 MMS Client NULL Pointer Dereference Denial-of-Service Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45969 \nPublished : Nov. 15, 2024, 7:15 p.m. | 33\u00a0minutes ago \nDescription : NULL pointer dereference in the MMS Client in MZ Automation LibIEC1850 before commit 7afa40390b26ad1f4cf93deaa0052fe7e357ef33 allows a malicious server to Cause a Denial-of-Service via the MMS InitiationResponse message. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-15T20:48:39.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://db.gcve.eu/sighting/32963d39-07de-4af6-9a1a-a727a5b942b1/export</guid>
      <pubDate>Fri, 15 Nov 2024 20:48:39 +0000</pubDate>
    </item>
    <item>
      <title>8f0cca37-0ef6-4aa4-bc39-ceb5a96e4582</title>
      <link>https://db.gcve.eu/sighting/8f0cca37-0ef6-4aa4-bc39-ceb5a96e4582/export</link>
      <description>{"uuid": "8f0cca37-0ef6-4aa4-bc39-ceb5a96e4582", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45969", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113488430409555971", "content": "", "creation_timestamp": "2024-11-15T18:40:21.172153Z"}</description>
      <content:encoded>{"uuid": "8f0cca37-0ef6-4aa4-bc39-ceb5a96e4582", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45969", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113488430409555971", "content": "", "creation_timestamp": "2024-11-15T18:40:21.172153Z"}</content:encoded>
      <guid isPermaLink="false">https://db.gcve.eu/sighting/8f0cca37-0ef6-4aa4-bc39-ceb5a96e4582/export</guid>
      <pubDate>Fri, 15 Nov 2024 18:40:21 +0000</pubDate>
    </item>
    <item>
      <title>227a8b29-916b-4aba-be9f-c70b96aa0d2d</title>
      <link>https://db.gcve.eu/sighting/227a8b29-916b-4aba-be9f-c70b96aa0d2d/export</link>
      <description>{"uuid": "227a8b29-916b-4aba-be9f-c70b96aa0d2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45965", "type": "seen", "source": "https://t.me/cvedetector/6878", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45965 - Contao SVG Remote Code Execution (RCE) via XSS\", \n  \"Content\": \"CVE ID : CVE-2024-45965 \nPublished : Oct. 2, 2024, 8:15 p.m. | 43\u00a0minutes ago \nDescription : Contao 5.4.1 allows an authenticated admin account to upload a SVG file containing malicious javascript code into the target system. If the file is accessed through the website, it could lead to a Cross-Site Scripting (XSS) attack or execute arbitrary code via a crafted javascript to the target. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-02T23:03:29.000000Z"}</description>
      <content:encoded>{"uuid": "227a8b29-916b-4aba-be9f-c70b96aa0d2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45965", "type": "seen", "source": "https://t.me/cvedetector/6878", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45965 - Contao SVG Remote Code Execution (RCE) via XSS\", \n  \"Content\": \"CVE ID : CVE-2024-45965 \nPublished : Oct. 2, 2024, 8:15 p.m. | 43\u00a0minutes ago \nDescription : Contao 5.4.1 allows an authenticated admin account to upload a SVG file containing malicious javascript code into the target system. If the file is accessed through the website, it could lead to a Cross-Site Scripting (XSS) attack or execute arbitrary code via a crafted javascript to the target. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-02T23:03:29.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://db.gcve.eu/sighting/227a8b29-916b-4aba-be9f-c70b96aa0d2d/export</guid>
      <pubDate>Wed, 02 Oct 2024 23:03:29 +0000</pubDate>
    </item>
    <item>
      <title>058f3044-2313-41c2-b460-b6d625aa1e68</title>
      <link>https://db.gcve.eu/sighting/058f3044-2313-41c2-b460-b6d625aa1e68/export</link>
      <description>{"uuid": "058f3044-2313-41c2-b460-b6d625aa1e68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45964", "type": "seen", "source": "https://t.me/cvedetector/6877", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45964 - Zenario XSS in Image Library Tag Field\", \n  \"Content\": \"CVE ID : CVE-2024-45964 \nPublished : Oct. 2, 2024, 8:15 p.m. | 43\u00a0minutes ago \nDescription : Zenario 9.7.61188 is vulnerable to Cross Site Scripting (XSS) in the Image library via the \"Organizer tags\" field. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-02T23:03:28.000000Z"}</description>
      <content:encoded>{"uuid": "058f3044-2313-41c2-b460-b6d625aa1e68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45964", "type": "seen", "source": "https://t.me/cvedetector/6877", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45964 - Zenario XSS in Image Library Tag Field\", \n  \"Content\": \"CVE ID : CVE-2024-45964 \nPublished : Oct. 2, 2024, 8:15 p.m. | 43\u00a0minutes ago \nDescription : Zenario 9.7.61188 is vulnerable to Cross Site Scripting (XSS) in the Image library via the \"Organizer tags\" field. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-02T23:03:28.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://db.gcve.eu/sighting/058f3044-2313-41c2-b460-b6d625aa1e68/export</guid>
      <pubDate>Wed, 02 Oct 2024 23:03:28 +0000</pubDate>
    </item>
    <item>
      <title>8ebfe62a-6a8b-4c91-adc6-a039ad65a6ab</title>
      <link>https://db.gcve.eu/sighting/8ebfe62a-6a8b-4c91-adc6-a039ad65a6ab/export</link>
      <description>{"uuid": "8ebfe62a-6a8b-4c91-adc6-a039ad65a6ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45960", "type": "seen", "source": "https://t.me/cvedetector/6876", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45960 - Zenario Cross Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2024-45960 \nPublished : Oct. 2, 2024, 8:15 p.m. | 43\u00a0minutes ago \nDescription : Zenario 9.7.61188 allows authenticated admin users to upload PDF files containing malicious code into the target system. If the PDF file is accessed through the website, it can trigger a Cross Site Scripting (XSS) attack. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-02T23:03:27.000000Z"}</description>
      <content:encoded>{"uuid": "8ebfe62a-6a8b-4c91-adc6-a039ad65a6ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45960", "type": "seen", "source": "https://t.me/cvedetector/6876", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45960 - Zenario Cross Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2024-45960 \nPublished : Oct. 2, 2024, 8:15 p.m. | 43\u00a0minutes ago \nDescription : Zenario 9.7.61188 allows authenticated admin users to upload PDF files containing malicious code into the target system. If the PDF file is accessed through the website, it can trigger a Cross Site Scripting (XSS) attack. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-02T23:03:27.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://db.gcve.eu/sighting/8ebfe62a-6a8b-4c91-adc6-a039ad65a6ab/export</guid>
      <pubDate>Wed, 02 Oct 2024 23:03:27 +0000</pubDate>
    </item>
    <item>
      <title>f578d6b4-3868-44f6-869b-d785b52e1bd7</title>
      <link>https://db.gcve.eu/sighting/f578d6b4-3868-44f6-869b-d785b52e1bd7/export</link>
      <description>{"uuid": "f578d6b4-3868-44f6-869b-d785b52e1bd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45962", "type": "seen", "source": "https://t.me/cvedetector/6874", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45962 - Adobe October PDF JavaScript Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45962 \nPublished : Oct. 2, 2024, 8:15 p.m. | 43\u00a0minutes ago \nDescription : October 3.6.30 allows an authenticated admin account to upload a PDF file containing malicious JavaScript into the target system. If the file is accessed through the website, it could lead to a Cross-Site Scripting (XSS) attack or execute arbitrary code via a crafted JavaScript to the target. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-02T23:03:25.000000Z"}</description>
      <content:encoded>{"uuid": "f578d6b4-3868-44f6-869b-d785b52e1bd7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45962", "type": "seen", "source": "https://t.me/cvedetector/6874", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45962 - Adobe October PDF JavaScript Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45962 \nPublished : Oct. 2, 2024, 8:15 p.m. | 43\u00a0minutes ago \nDescription : October 3.6.30 allows an authenticated admin account to upload a PDF file containing malicious JavaScript into the target system. If the file is accessed through the website, it could lead to a Cross-Site Scripting (XSS) attack or execute arbitrary code via a crafted JavaScript to the target. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-02T23:03:25.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://db.gcve.eu/sighting/f578d6b4-3868-44f6-869b-d785b52e1bd7/export</guid>
      <pubDate>Wed, 02 Oct 2024 23:03:25 +0000</pubDate>
    </item>
    <item>
      <title>f9095fe9-2e04-499b-b66d-0f36c95fea24</title>
      <link>https://db.gcve.eu/sighting/f9095fe9-2e04-499b-b66d-0f36c95fea24/export</link>
      <description>{"uuid": "f9095fe9-2e04-499b-b66d-0f36c95fea24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45967", "type": "seen", "source": "https://t.me/cvedetector/6757", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45967 - \"Pagekit Cross Site Scripting (XSS)\"\", \n  \"Content\": \"CVE ID : CVE-2024-45967 \nPublished : Oct. 1, 2024, 3:15 p.m. | 21\u00a0minutes ago \nDescription : Pagekit 1.0.18 is vulnerable to Cross Site Scripting (XSS) in index.php/admin/site/widget. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-01T17:45:47.000000Z"}</description>
      <content:encoded>{"uuid": "f9095fe9-2e04-499b-b66d-0f36c95fea24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45967", "type": "seen", "source": "https://t.me/cvedetector/6757", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45967 - \"Pagekit Cross Site Scripting (XSS)\"\", \n  \"Content\": \"CVE ID : CVE-2024-45967 \nPublished : Oct. 1, 2024, 3:15 p.m. | 21\u00a0minutes ago \nDescription : Pagekit 1.0.18 is vulnerable to Cross Site Scripting (XSS) in index.php/admin/site/widget. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-01T17:45:47.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://db.gcve.eu/sighting/f9095fe9-2e04-499b-b66d-0f36c95fea24/export</guid>
      <pubDate>Tue, 01 Oct 2024 17:45:47 +0000</pubDate>
    </item>
  </channel>
</rss>
