https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Tue, 26 May 2026 10:48:05 +0000 https://db.gcve.eu/sighting/ceea4c8d-4413-4305-8dcf-caf6553fcf3f/export {"uuid": "ceea4c8d-4413-4305-8dcf-caf6553fcf3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28114", "type": "seen", "source": "https://t.me/cibsecurity/41581", "content": "\u203c CVE-2022-28114 \u203c\n\nDSCMS v3.0 was discovered to contain an arbitrary file deletion vulnerability via /controller/Adv.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-28T18:24:26.000000Z"} {"uuid": "ceea4c8d-4413-4305-8dcf-caf6553fcf3f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28114", "type": "seen", "source": "https://t.me/cibsecurity/41581", "content": "\u203c CVE-2022-28114 \u203c\n\nDSCMS v3.0 was discovered to contain an arbitrary file deletion vulnerability via /controller/Adv.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-28T18:24:26.000000Z"} https://db.gcve.eu/sighting/ceea4c8d-4413-4305-8dcf-caf6553fcf3f/export Thu, 28 Apr 2022 18:24:26 +0000 https://db.gcve.eu/sighting/9df8fa9e-dda9-4475-81da-eb3dc4644a51/export {"uuid": "9df8fa9e-dda9-4475-81da-eb3dc4644a51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28117", "type": "seen", "source": "https://t.me/cibsecurity/41584", "content": "\u203c CVE-2022-28117 \u203c\n\nA Server-Side Request Forgery (SSRF) in feed_parser class of Navigate CMS v2.9.4 allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the feed parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-28T18:24:29.000000Z"} {"uuid": "9df8fa9e-dda9-4475-81da-eb3dc4644a51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28117", "type": "seen", "source": "https://t.me/cibsecurity/41584", "content": "\u203c CVE-2022-28117 \u203c\n\nA Server-Side Request Forgery (SSRF) in feed_parser class of Navigate CMS v2.9.4 allows remote attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the feed parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-28T18:24:29.000000Z"} https://db.gcve.eu/sighting/9df8fa9e-dda9-4475-81da-eb3dc4644a51/export Thu, 28 Apr 2022 18:24:29 +0000 https://db.gcve.eu/sighting/2b6d0b4e-d810-40cc-8d50-5fb4d8053e79/export {"uuid": "2b6d0b4e-d810-40cc-8d50-5fb4d8053e79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28111", "type": "seen", "source": "https://t.me/cibsecurity/41900", "content": "\u203c CVE-2022-28111 \u203c\n\nMyBatis PageHelper v1.x.x-v5.x.x was discovered to contain a time-blind SQL injection vulnerability via the orderBy parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-04T16:34:55.000000Z"} {"uuid": "2b6d0b4e-d810-40cc-8d50-5fb4d8053e79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28111", "type": "seen", "source": "https://t.me/cibsecurity/41900", "content": "\u203c CVE-2022-28111 \u203c\n\nMyBatis PageHelper v1.x.x-v5.x.x was discovered to contain a time-blind SQL injection vulnerability via the orderBy parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-04T16:34:55.000000Z"} https://db.gcve.eu/sighting/2b6d0b4e-d810-40cc-8d50-5fb4d8053e79/export Wed, 04 May 2022 16:34:55 +0000 https://db.gcve.eu/sighting/b8ec9d9c-1155-4015-876b-eab4f223dd77/export {"uuid": "b8ec9d9c-1155-4015-876b-eab4f223dd77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28110", "type": "seen", "source": "https://t.me/cibsecurity/42234", "content": "\u203c CVE-2022-28110 \u203c\n\nHotel Management System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at the login page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-10T16:55:09.000000Z"} {"uuid": "b8ec9d9c-1155-4015-876b-eab4f223dd77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28110", "type": "seen", "source": "https://t.me/cibsecurity/42234", "content": "\u203c CVE-2022-28110 \u203c\n\nHotel Management System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at the login page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-10T16:55:09.000000Z"} https://db.gcve.eu/sighting/b8ec9d9c-1155-4015-876b-eab4f223dd77/export Tue, 10 May 2022 16:55:09 +0000 https://db.gcve.eu/sighting/b07c099d-4636-460a-8d2d-8ec94d61c45c/export {"uuid": "b07c099d-4636-460a-8d2d-8ec94d61c45c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28117", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/2197", "content": "#exploit\n + CVE-2022-28219:\nUnauthenticated XXE to RCE and Domain Compromise in ManageEngine ADAudit Plus\nhttps://www.horizon3.ai/red-team-blog-cve-2022-28219\n\n + CVE-2022-28117:\nNavigate CMS <= 2.9.4 - Server-Side Request Forgery (Authenticated)\nhttps://github.com/cheshireca7/CVE-2022-28117\n\n+ PDF Exploit\nhttps://github.com/CodiumAlgorithm/Silent-PDF-Exploit-Builder-2022---PDF-Exploits\n\n@BlueRedTeam", "creation_timestamp": "2022-07-02T13:03:19.000000Z"} {"uuid": "b07c099d-4636-460a-8d2d-8ec94d61c45c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28117", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/2197", "content": "#exploit\n + CVE-2022-28219:\nUnauthenticated XXE to RCE and Domain Compromise in ManageEngine ADAudit Plus\nhttps://www.horizon3.ai/red-team-blog-cve-2022-28219\n\n + CVE-2022-28117:\nNavigate CMS <= 2.9.4 - Server-Side Request Forgery (Authenticated)\nhttps://github.com/cheshireca7/CVE-2022-28117\n\n+ PDF Exploit\nhttps://github.com/CodiumAlgorithm/Silent-PDF-Exploit-Builder-2022---PDF-Exploits\n\n@BlueRedTeam", "creation_timestamp": "2022-07-02T13:03:19.000000Z"} https://db.gcve.eu/sighting/b07c099d-4636-460a-8d2d-8ec94d61c45c/export Sat, 02 Jul 2022 13:03:19 +0000 https://db.gcve.eu/sighting/aeaacea5-c870-4f70-a591-ffc8a7d0fd18/export {"uuid": "aeaacea5-c870-4f70-a591-ffc8a7d0fd18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28117", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6317", "content": "#exploit\n1. CVE-2022-28219:\nUnauthenticated XXE to RCE and Domain Compromise in Zoho ManageEngine ADAudit Plus\nhttps://www.horizon3.ai/red-team-blog-cve-2022-28219\n\n2. CVE-2022-28117:\nNavigate CMS <= 2.9.4 - Server-Side Request Forgery (Authenticated)\nhttps://github.com/cheshireca7/CVE-2022-28117\n\n3. PDF Exploit\nhttps://github.com/CodiumAlgorithm/Silent-PDF-Exploit-Builder-2022---PDF-Exploits", "creation_timestamp": "2022-07-04T18:06:11.000000Z"} {"uuid": "aeaacea5-c870-4f70-a591-ffc8a7d0fd18", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28117", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6317", "content": "#exploit\n1. CVE-2022-28219:\nUnauthenticated XXE to RCE and Domain Compromise in Zoho ManageEngine ADAudit Plus\nhttps://www.horizon3.ai/red-team-blog-cve-2022-28219\n\n2. CVE-2022-28117:\nNavigate CMS <= 2.9.4 - Server-Side Request Forgery (Authenticated)\nhttps://github.com/cheshireca7/CVE-2022-28117\n\n3. PDF Exploit\nhttps://github.com/CodiumAlgorithm/Silent-PDF-Exploit-Builder-2022---PDF-Exploits", "creation_timestamp": "2022-07-04T18:06:11.000000Z"} https://db.gcve.eu/sighting/aeaacea5-c870-4f70-a591-ffc8a7d0fd18/export Mon, 04 Jul 2022 18:06:11 +0000 https://db.gcve.eu/sighting/578e5684-d2f7-410b-91cf-6459faea1840/export {"uuid": "578e5684-d2f7-410b-91cf-6459faea1840", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2811", "type": "seen", "source": "https://t.me/cibsecurity/48144", "content": "\u203c CVE-2022-2811 \u203c\n\nA vulnerability classified as problematic has been found in SourceCodester Guest Management System. This affects an unknown part of the file myform.php. The manipulation of the argument name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-206397 was assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-15T14:38:03.000000Z"} {"uuid": "578e5684-d2f7-410b-91cf-6459faea1840", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2811", "type": "seen", "source": "https://t.me/cibsecurity/48144", "content": "\u203c CVE-2022-2811 \u203c\n\nA vulnerability classified as problematic has been found in SourceCodester Guest Management System. This affects an unknown part of the file myform.php. The manipulation of the argument name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-206397 was assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-15T14:38:03.000000Z"} https://db.gcve.eu/sighting/578e5684-d2f7-410b-91cf-6459faea1840/export Mon, 15 Aug 2022 14:38:03 +0000 https://db.gcve.eu/sighting/c4332329-1976-497e-9399-19b7040439e9/export {"uuid": "c4332329-1976-497e-9399-19b7040439e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28113", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8135", "content": "#exploit\n1. CVE-2022-28113:\nWiFi Travel Router exploit\nhttps://code-byter.com/2022/04/06/fantec-wifi.html\n\n2. CVE-2023-0896:\nLenovo Smart Clock Essential\u2019s SSH Hard-Coded Password Vulnerability\nhttps://securityonline.info/cve-2023-0896-lenovo-smart-clock-essentials-ssh-hard-coded-password-vulnerability\n\n3. Uncovering Security Vulnerabilities in Ray-Ban Camera Sunglasses\nhttps://code-byter.com/2023/04/16/rayban-hacking.html", "creation_timestamp": "2023-04-17T20:05:05.000000Z"} {"uuid": "c4332329-1976-497e-9399-19b7040439e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28113", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/8135", "content": "#exploit\n1. CVE-2022-28113:\nWiFi Travel Router exploit\nhttps://code-byter.com/2022/04/06/fantec-wifi.html\n\n2. CVE-2023-0896:\nLenovo Smart Clock Essential\u2019s SSH Hard-Coded Password Vulnerability\nhttps://securityonline.info/cve-2023-0896-lenovo-smart-clock-essentials-ssh-hard-coded-password-vulnerability\n\n3. Uncovering Security Vulnerabilities in Ray-Ban Camera Sunglasses\nhttps://code-byter.com/2023/04/16/rayban-hacking.html", "creation_timestamp": "2023-04-17T20:05:05.000000Z"} https://db.gcve.eu/sighting/c4332329-1976-497e-9399-19b7040439e9/export Mon, 17 Apr 2023 20:05:05 +0000 https://db.gcve.eu/sighting/34ff1019-c3f0-4bde-b9f6-8c3576f57570/export {"uuid": "34ff1019-c3f0-4bde-b9f6-8c3576f57570", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28113", "type": "published-proof-of-concept", "source": "https://t.me/RespaldoHackingTeam/1333", "content": "#exploit\n1. CVE-2022-28113:\nWiFi Travel Router exploit\nhttps://code-byter.com/2022/04/06/fantec-wifi.html\n\n2. CVE-2023-0896:\nLenovo Smart Clock Essential\u2019s SSH Hard-Coded Password Vulnerability\nhttps://securityonline.info/cve-2023-0896-lenovo-smart-clock-essentials-ssh-hard-coded-password-vulnerability\n\n3. Uncovering Security Vulnerabilities in Ray-Ban Camera Sunglasses\nhttps://code-byter.com/2023/04/16/rayban-hacking.html", "creation_timestamp": "2023-04-18T07:16:17.000000Z"} {"uuid": "34ff1019-c3f0-4bde-b9f6-8c3576f57570", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28113", "type": "published-proof-of-concept", "source": "https://t.me/RespaldoHackingTeam/1333", "content": "#exploit\n1. CVE-2022-28113:\nWiFi Travel Router exploit\nhttps://code-byter.com/2022/04/06/fantec-wifi.html\n\n2. CVE-2023-0896:\nLenovo Smart Clock Essential\u2019s SSH Hard-Coded Password Vulnerability\nhttps://securityonline.info/cve-2023-0896-lenovo-smart-clock-essentials-ssh-hard-coded-password-vulnerability\n\n3. Uncovering Security Vulnerabilities in Ray-Ban Camera Sunglasses\nhttps://code-byter.com/2023/04/16/rayban-hacking.html", "creation_timestamp": "2023-04-18T07:16:17.000000Z"} https://db.gcve.eu/sighting/34ff1019-c3f0-4bde-b9f6-8c3576f57570/export Tue, 18 Apr 2023 07:16:17 +0000 https://db.gcve.eu/sighting/2d8719cf-d082-490b-a756-fc60451224c2/export {"uuid": "2d8719cf-d082-490b-a756-fc60451224c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28117", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9666", "content": "#exploit\n1. CVE-2023-46359/CVE-2023-46360:\nOS Command Injection in cPH2 Charging Station <2.0\nhttps://www.offensity.com/en/blog/os-command-injection-in-cph2-charging-station-200-cve-2023-46359-and-cve-2023-46360\n\n2. WebKit Exploit for PS4 6.x-9.6 / PS5 1.x-5.x\nhttps://github.com/kmeps4/PSFree\n\n3. CVE-2022-28117:\nSSRF in feed_parser class of Navigate CMS v2.9.4\nhttps://github.com/kimstars/POC-CVE-2022-28117", "creation_timestamp": "2024-01-03T20:41:00.000000Z"} {"uuid": "2d8719cf-d082-490b-a756-fc60451224c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28117", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9666", "content": "#exploit\n1. CVE-2023-46359/CVE-2023-46360:\nOS Command Injection in cPH2 Charging Station <2.0\nhttps://www.offensity.com/en/blog/os-command-injection-in-cph2-charging-station-200-cve-2023-46359-and-cve-2023-46360\n\n2. WebKit Exploit for PS4 6.x-9.6 / PS5 1.x-5.x\nhttps://github.com/kmeps4/PSFree\n\n3. CVE-2022-28117:\nSSRF in feed_parser class of Navigate CMS v2.9.4\nhttps://github.com/kimstars/POC-CVE-2022-28117", "creation_timestamp": "2024-01-03T20:41:00.000000Z"} https://db.gcve.eu/sighting/2d8719cf-d082-490b-a756-fc60451224c2/export Wed, 03 Jan 2024 20:41:00 +0000