<?xml version='1.0' encoding='UTF-8'?>
<?xml-stylesheet href="/static/style.xsl" type="text/xsl"?>
<rss xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/" version="2.0">
  <channel>
    <title>Most recent sightings.</title>
    <link>https://db.gcve.eu</link>
    <description>Contains only the most 10 recent sightings.</description>
    <docs>http://www.rssboard.org/rss-specification</docs>
    <generator>python-feedgen</generator>
    <language>en</language>
    <lastBuildDate>Fri, 17 Jul 2026 17:11:39 +0000</lastBuildDate>
    <item>
      <title>66434621-210a-4861-b712-cac116aab0d2</title>
      <link>https://db.gcve.eu/sighting/66434621-210a-4861-b712-cac116aab0d2/export</link>
      <description>{"uuid": "66434621-210a-4861-b712-cac116aab0d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55009", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkri2j55l426", "content": "", "creation_timestamp": "2025-03-20T00:49:01.725988Z"}</description>
      <content:encoded>{"uuid": "66434621-210a-4861-b712-cac116aab0d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55009", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkri2j55l426", "content": "", "creation_timestamp": "2025-03-20T00:49:01.725988Z"}</content:encoded>
      <guid isPermaLink="false">https://db.gcve.eu/sighting/66434621-210a-4861-b712-cac116aab0d2/export</guid>
      <pubDate>Thu, 20 Mar 2025 00:49:01 +0000</pubDate>
    </item>
    <item>
      <title>43f49d99-2873-430b-b614-72233f6a4f77</title>
      <link>https://db.gcve.eu/sighting/43f49d99-2873-430b-b614-72233f6a4f77/export</link>
      <description>{"uuid": "43f49d99-2873-430b-b614-72233f6a4f77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55009", "type": "seen", "source": "https://t.me/cvedetector/20685", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-55009 - AutoBib XSS\", \n  \"Content\": \"CVE ID : CVE-2024-55009 \nPublished : March 19, 2025, 9:15 p.m. | 16\u00a0minutes ago \nDescription : A reflected cross-site scripting (XSS) vulnerability in AutoBib - Bibliographic collection management system 3.1.140 and earlier allows attackers to execute arbitrary Javascript in the context of a victim's browser via injecting a crafted payload into the WCE=topFrame&amp;amp;WCU= parameter. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-19T23:00:40.000000Z"}</description>
      <content:encoded>{"uuid": "43f49d99-2873-430b-b614-72233f6a4f77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55009", "type": "seen", "source": "https://t.me/cvedetector/20685", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-55009 - AutoBib XSS\", \n  \"Content\": \"CVE ID : CVE-2024-55009 \nPublished : March 19, 2025, 9:15 p.m. | 16\u00a0minutes ago \nDescription : A reflected cross-site scripting (XSS) vulnerability in AutoBib - Bibliographic collection management system 3.1.140 and earlier allows attackers to execute arbitrary Javascript in the context of a victim's browser via injecting a crafted payload into the WCE=topFrame&amp;amp;WCU= parameter. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-19T23:00:40.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://db.gcve.eu/sighting/43f49d99-2873-430b-b614-72233f6a4f77/export</guid>
      <pubDate>Wed, 19 Mar 2025 23:00:40 +0000</pubDate>
    </item>
    <item>
      <title>86d0ac13-ea5f-4c20-8106-fe669213b64a</title>
      <link>https://db.gcve.eu/sighting/86d0ac13-ea5f-4c20-8106-fe669213b64a/export</link>
      <description>{"uuid": "86d0ac13-ea5f-4c20-8106-fe669213b64a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55009", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8153", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-55009\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A reflected cross-site scripting (XSS) vulnerability in AutoBib - Bibliographic collection management system 3.1.140 and earlier allows attackers to execute arbitrary Javascript in the context of a victim's browser via injecting a crafted payload into the WCE=topFrame&amp;amp;WCU= parameter.\n\ud83d\udccf Published: 2025-03-19T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-19T21:06:50.135Z\n\ud83d\udd17 References:\n1. https://youtu.be/1mSgChs-a8Q\n2. https://youtu.be/SHk3mdsd2mI\n3. https://medium.com/@r3dd1t/poc-cve-0b3ad0535631", "creation_timestamp": "2025-03-19T21:18:24.000000Z"}</description>
      <content:encoded>{"uuid": "86d0ac13-ea5f-4c20-8106-fe669213b64a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55009", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8153", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-55009\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A reflected cross-site scripting (XSS) vulnerability in AutoBib - Bibliographic collection management system 3.1.140 and earlier allows attackers to execute arbitrary Javascript in the context of a victim's browser via injecting a crafted payload into the WCE=topFrame&amp;amp;WCU= parameter.\n\ud83d\udccf Published: 2025-03-19T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-19T21:06:50.135Z\n\ud83d\udd17 References:\n1. https://youtu.be/1mSgChs-a8Q\n2. https://youtu.be/SHk3mdsd2mI\n3. https://medium.com/@r3dd1t/poc-cve-0b3ad0535631", "creation_timestamp": "2025-03-19T21:18:24.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://db.gcve.eu/sighting/86d0ac13-ea5f-4c20-8106-fe669213b64a/export</guid>
      <pubDate>Wed, 19 Mar 2025 21:18:24 +0000</pubDate>
    </item>
    <item>
      <title>dcf56cbc-2040-4895-a2c1-9e3662f2b916</title>
      <link>https://db.gcve.eu/sighting/dcf56cbc-2040-4895-a2c1-9e3662f2b916/export</link>
      <description>{"uuid": "dcf56cbc-2040-4895-a2c1-9e3662f2b916", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55000", "type": "seen", "source": "https://t.me/cvedetector/15269", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-55000 - Sourcecodester House Rental Management Cross Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2024-55000 \nPublished : Jan. 14, 2025, 3:15 p.m. | 45\u00a0minutes ago \nDescription : Sourcecodester House Rental Management system v1.0 is vulnerable to Cross Site Scripting (XSS) in rental/manage_categories.php. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-14T17:20:16.000000Z"}</description>
      <content:encoded>{"uuid": "dcf56cbc-2040-4895-a2c1-9e3662f2b916", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55000", "type": "seen", "source": "https://t.me/cvedetector/15269", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-55000 - Sourcecodester House Rental Management Cross Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2024-55000 \nPublished : Jan. 14, 2025, 3:15 p.m. | 45\u00a0minutes ago \nDescription : Sourcecodester House Rental Management system v1.0 is vulnerable to Cross Site Scripting (XSS) in rental/manage_categories.php. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-14T17:20:16.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://db.gcve.eu/sighting/dcf56cbc-2040-4895-a2c1-9e3662f2b916/export</guid>
      <pubDate>Tue, 14 Jan 2025 17:20:16 +0000</pubDate>
    </item>
    <item>
      <title>067b68e6-14c0-45fc-b643-1a2f055d5e8d</title>
      <link>https://db.gcve.eu/sighting/067b68e6-14c0-45fc-b643-1a2f055d5e8d/export</link>
      <description>{"uuid": "067b68e6-14c0-45fc-b643-1a2f055d5e8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55000", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpkexkajk2s", "content": "", "creation_timestamp": "2025-01-14T15:19:21.876189Z"}</description>
      <content:encoded>{"uuid": "067b68e6-14c0-45fc-b643-1a2f055d5e8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55000", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfpkexkajk2s", "content": "", "creation_timestamp": "2025-01-14T15:19:21.876189Z"}</content:encoded>
      <guid isPermaLink="false">https://db.gcve.eu/sighting/067b68e6-14c0-45fc-b643-1a2f055d5e8d/export</guid>
      <pubDate>Tue, 14 Jan 2025 15:19:21 +0000</pubDate>
    </item>
    <item>
      <title>b2c3dcad-92aa-4e8e-a72b-ec0ab3d36845</title>
      <link>https://db.gcve.eu/sighting/b2c3dcad-92aa-4e8e-a72b-ec0ab3d36845/export</link>
      <description>{"uuid": "b2c3dcad-92aa-4e8e-a72b-ec0ab3d36845", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55008", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf62cp2eto22", "content": "", "creation_timestamp": "2025-01-07T16:16:30.350409Z"}</description>
      <content:encoded>{"uuid": "b2c3dcad-92aa-4e8e-a72b-ec0ab3d36845", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55008", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf62cp2eto22", "content": "", "creation_timestamp": "2025-01-07T16:16:30.350409Z"}</content:encoded>
      <guid isPermaLink="false">https://db.gcve.eu/sighting/b2c3dcad-92aa-4e8e-a72b-ec0ab3d36845/export</guid>
      <pubDate>Tue, 07 Jan 2025 16:16:30 +0000</pubDate>
    </item>
    <item>
      <title>9f838ce1-82cb-4c6f-9e3b-553ddbfeeba1</title>
      <link>https://db.gcve.eu/sighting/9f838ce1-82cb-4c6f-9e3b-553ddbfeeba1/export</link>
      <description>{"uuid": "9f838ce1-82cb-4c6f-9e3b-553ddbfeeba1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55008", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/439", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-55008\n\ud83d\udd39 Description: JATOS 3.9.4 contains a denial-of-service (DoS) vulnerability in the authentication system, where an attacker can prevent legitimate users from accessing their accounts by repeatedly sending multiple failed login attempts. Specifically, by submitting 3 incorrect login attempts every minute, the attacker can trigger the account lockout mechanism on the account level, effectively locking the user out indefinitely. Since the lockout is applied to the user account and not based on the IP address, any attacker can trigger the lockout on any user account, regardless of their privileges.\n\ud83d\udccf Published: 2025-01-07T00:00:00\n\ud83d\udccf Modified: 2025-01-07T15:11:30.416773\n\ud83d\udd17 References:\n1. http://jatos.com\n2. https://hacking-notes.medium.com/cve-2024-51379-jatos-v3-9-4-account-lockout-denial-of-service-cc970f4ca58f", "creation_timestamp": "2025-01-07T15:38:40.000000Z"}</description>
      <content:encoded>{"uuid": "9f838ce1-82cb-4c6f-9e3b-553ddbfeeba1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-55008", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/439", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-55008\n\ud83d\udd39 Description: JATOS 3.9.4 contains a denial-of-service (DoS) vulnerability in the authentication system, where an attacker can prevent legitimate users from accessing their accounts by repeatedly sending multiple failed login attempts. Specifically, by submitting 3 incorrect login attempts every minute, the attacker can trigger the account lockout mechanism on the account level, effectively locking the user out indefinitely. Since the lockout is applied to the user account and not based on the IP address, any attacker can trigger the lockout on any user account, regardless of their privileges.\n\ud83d\udccf Published: 2025-01-07T00:00:00\n\ud83d\udccf Modified: 2025-01-07T15:11:30.416773\n\ud83d\udd17 References:\n1. http://jatos.com\n2. https://hacking-notes.medium.com/cve-2024-51379-jatos-v3-9-4-account-lockout-denial-of-service-cc970f4ca58f", "creation_timestamp": "2025-01-07T15:38:40.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://db.gcve.eu/sighting/9f838ce1-82cb-4c6f-9e3b-553ddbfeeba1/export</guid>
      <pubDate>Tue, 07 Jan 2025 15:38:40 +0000</pubDate>
    </item>
    <item>
      <title>8558d31c-ece2-45af-8a4c-58fff6435a6b</title>
      <link>https://db.gcve.eu/sighting/8558d31c-ece2-45af-8a4c-58fff6435a6b/export</link>
      <description>{"uuid": "8558d31c-ece2-45af-8a4c-58fff6435a6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5500", "type": "seen", "source": "https://t.me/cvedetector/1027", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-5500 - Google Chrome Sign-In Implementation Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-5500 \nPublished : July 16, 2024, 11:15 p.m. | 44\u00a0minutes ago \nDescription : Inappropriate implementation in Sign-In in Google Chrome prior to 1.3.36.351 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium) \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-17T02:19:52.000000Z"}</description>
      <content:encoded>{"uuid": "8558d31c-ece2-45af-8a4c-58fff6435a6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5500", "type": "seen", "source": "https://t.me/cvedetector/1027", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-5500 - Google Chrome Sign-In Implementation Bypass Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-5500 \nPublished : July 16, 2024, 11:15 p.m. | 44\u00a0minutes ago \nDescription : Inappropriate implementation in Sign-In in Google Chrome prior to 1.3.36.351 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page. (Chromium security severity: Medium) \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-17T02:19:52.000000Z"}</content:encoded>
      <guid isPermaLink="false">https://db.gcve.eu/sighting/8558d31c-ece2-45af-8a4c-58fff6435a6b/export</guid>
      <pubDate>Wed, 17 Jul 2024 02:19:52 +0000</pubDate>
    </item>
  </channel>
</rss>
