https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Fri, 01 May 2026 23:13:31 +0000 https://db.gcve.eu/sighting/3c74ee0a-2c86-4715-adb9-dea6e70668d1/export {"uuid": "3c74ee0a-2c86-4715-adb9-dea6e70668d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25611", "type": "seen", "source": "https://t.me/cibsecurity/39567", "content": "\u203c CVE-2022-25611 \u203c\n\nAuthenticated Stored Cross-Site Scripting (XSS) in Simple Event Planner plugin <= 1.5.4 allows attackers with contributor or higher user roles to inject the malicious script by using vulnerable parameter &custom[add_seg][].\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-25T21:31:13.000000Z"} {"uuid": "3c74ee0a-2c86-4715-adb9-dea6e70668d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25611", "type": "seen", "source": "https://t.me/cibsecurity/39567", "content": "\u203c CVE-2022-25611 \u203c\n\nAuthenticated Stored Cross-Site Scripting (XSS) in Simple Event Planner plugin <= 1.5.4 allows attackers with contributor or higher user roles to inject the malicious script by using vulnerable parameter &custom[add_seg][].\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-25T21:31:13.000000Z"} https://db.gcve.eu/sighting/3c74ee0a-2c86-4715-adb9-dea6e70668d1/export Fri, 25 Mar 2022 21:31:13 +0000 https://db.gcve.eu/sighting/b80b8b2b-decd-4fb7-aa02-1621f7479db1/export {"uuid": "b80b8b2b-decd-4fb7-aa02-1621f7479db1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25610", "type": "seen", "source": "https://t.me/cibsecurity/39570", "content": "\u203c CVE-2022-25610 \u203c\n\nUnauthenticated Stored Cross-Site Scripting (XSS) in Simple Ajax Chat <= 20220115 allows an attacker to store the malicious code. However, the attack requires specific conditions, making it hard to exploit.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-25T21:31:17.000000Z"} {"uuid": "b80b8b2b-decd-4fb7-aa02-1621f7479db1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25610", "type": "seen", "source": "https://t.me/cibsecurity/39570", "content": "\u203c CVE-2022-25610 \u203c\n\nUnauthenticated Stored Cross-Site Scripting (XSS) in Simple Ajax Chat <= 20220115 allows an attacker to store the malicious code. However, the attack requires specific conditions, making it hard to exploit.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-25T21:31:17.000000Z"} https://db.gcve.eu/sighting/b80b8b2b-decd-4fb7-aa02-1621f7479db1/export Fri, 25 Mar 2022 21:31:17 +0000 https://db.gcve.eu/sighting/ab0669de-16c9-459e-8b82-7e95ae7ba265/export {"uuid": "ab0669de-16c9-459e-8b82-7e95ae7ba265", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25619", "type": "seen", "source": "https://t.me/cibsecurity/39816", "content": "\u203c CVE-2022-25619 \u203c\n\nImproper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in ping tool of Profelis IT Consultancy SambaBox allows AUTHENTICATED user to cause run arbitrary code. This issue affects: Profelis IT Consultancy SambaBox 4.0 version 4.0 and prior versions on x86.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-30T18:37:31.000000Z"} {"uuid": "ab0669de-16c9-459e-8b82-7e95ae7ba265", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25619", "type": "seen", "source": "https://t.me/cibsecurity/39816", "content": "\u203c CVE-2022-25619 \u203c\n\nImproper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in ping tool of Profelis IT Consultancy SambaBox allows AUTHENTICATED user to cause run arbitrary code. This issue affects: Profelis IT Consultancy SambaBox 4.0 version 4.0 and prior versions on x86.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-30T18:37:31.000000Z"} https://db.gcve.eu/sighting/ab0669de-16c9-459e-8b82-7e95ae7ba265/export Wed, 30 Mar 2022 18:37:31 +0000 https://db.gcve.eu/sighting/766dbf63-fe75-4674-ab6a-162f5e087849/export {"uuid": "766dbf63-fe75-4674-ab6a-162f5e087849", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25615", "type": "seen", "source": "https://t.me/cibsecurity/40526", "content": "\u203c CVE-2022-25615 \u203c\n\nCross-Site Request Forgery (CSRF) in StylemixThemes eRoom \u00e2\u20ac\u201c Zoom Meetings & Webinar (WordPress plugin) <= 1.3.8 allows cache deletion.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-12T00:22:24.000000Z"} {"uuid": "766dbf63-fe75-4674-ab6a-162f5e087849", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25615", "type": "seen", "source": "https://t.me/cibsecurity/40526", "content": "\u203c CVE-2022-25615 \u203c\n\nCross-Site Request Forgery (CSRF) in StylemixThemes eRoom \u00e2\u20ac\u201c Zoom Meetings & Webinar (WordPress plugin) <= 1.3.8 allows cache deletion.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-12T00:22:24.000000Z"} https://db.gcve.eu/sighting/766dbf63-fe75-4674-ab6a-162f5e087849/export Tue, 12 Apr 2022 00:22:24 +0000 https://db.gcve.eu/sighting/5d5a64ac-a748-4195-80e1-4146b52f0e5a/export {"uuid": "5d5a64ac-a748-4195-80e1-4146b52f0e5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25617", "type": "seen", "source": "https://t.me/cibsecurity/42949", "content": "\u203c CVE-2022-25617 \u203c\n\nReflected Cross-Site Scripting (XSS) vulnerability in Code Snippets plugin <= 2.14.3 at WordPress via &orderby vulnerable parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-18T22:28:42.000000Z"} {"uuid": "5d5a64ac-a748-4195-80e1-4146b52f0e5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25617", "type": "seen", "source": "https://t.me/cibsecurity/42949", "content": "\u203c CVE-2022-25617 \u203c\n\nReflected Cross-Site Scripting (XSS) vulnerability in Code Snippets plugin <= 2.14.3 at WordPress via &orderby vulnerable parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-18T22:28:42.000000Z"} https://db.gcve.eu/sighting/5d5a64ac-a748-4195-80e1-4146b52f0e5a/export Wed, 18 May 2022 22:28:42 +0000 https://db.gcve.eu/sighting/2b4f7625-a1a5-4460-9806-d3c8b1eec959/export {"uuid": "2b4f7625-a1a5-4460-9806-d3c8b1eec959", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2561", "type": "seen", "source": "https://t.me/cibsecurity/61043", "content": "\u203c CVE-2022-2561 \u203c\n\nThis vulnerability allows remote attackers to execute arbitrary code on affected installations of OPC Labs QuickOPC 2022.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of XML files in Connectivity Explorer. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16596.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-29T22:15:46.000000Z"} {"uuid": "2b4f7625-a1a5-4460-9806-d3c8b1eec959", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2561", "type": "seen", "source": "https://t.me/cibsecurity/61043", "content": "\u203c CVE-2022-2561 \u203c\n\nThis vulnerability allows remote attackers to execute arbitrary code on affected installations of OPC Labs QuickOPC 2022.1. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of XML files in Connectivity Explorer. The issue results from the lack of proper validation of user-supplied data, which can result in deserialization of untrusted data. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-16596.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-29T22:15:46.000000Z"} https://db.gcve.eu/sighting/2b4f7625-a1a5-4460-9806-d3c8b1eec959/export Wed, 29 Mar 2023 22:15:46 +0000 https://db.gcve.eu/sighting/a3c560f8-d7fc-4fba-b399-5382b469462b/export {"uuid": "a3c560f8-d7fc-4fba-b399-5382b469462b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25614", "type": "seen", "source": "https://t.me/arpsyndicate/585", "content": "#ExploitObserverAlert\n\nCVE-2022-25614\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2022-25614. Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom \u2013 Zoom Meetings", "creation_timestamp": "2023-11-26T04:30:04.000000Z"} {"uuid": "a3c560f8-d7fc-4fba-b399-5382b469462b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25614", "type": "seen", "source": "https://t.me/arpsyndicate/585", "content": "#ExploitObserverAlert\n\nCVE-2022-25614\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2022-25614. Cross-Site Request Forgery (CSRF) in StylemixThemes eRoom \u2013 Zoom Meetings", "creation_timestamp": "2023-11-26T04:30:04.000000Z"} https://db.gcve.eu/sighting/a3c560f8-d7fc-4fba-b399-5382b469462b/export Sun, 26 Nov 2023 04:30:04 +0000 https://db.gcve.eu/sighting/48eab572-06e0-4e9f-915f-ab50332847a4/export {"uuid": "48eab572-06e0-4e9f-915f-ab50332847a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2561", "type": "seen", "source": "Telegram/r1X9b2Wu6pRYrLepnE3gKtgHzYlQqK947cmpkzIC8pG49aRA", "content": "", "creation_timestamp": "2025-02-18T21:11:32.000000Z"} {"uuid": "48eab572-06e0-4e9f-915f-ab50332847a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2561", "type": "seen", "source": "Telegram/r1X9b2Wu6pRYrLepnE3gKtgHzYlQqK947cmpkzIC8pG49aRA", "content": "", "creation_timestamp": "2025-02-18T21:11:32.000000Z"} https://db.gcve.eu/sighting/48eab572-06e0-4e9f-915f-ab50332847a4/export Tue, 18 Feb 2025 21:11:32 +0000