{"vulnerability": "CVE-2022-2662", "sightings": [{"uuid": "980df19d-53ad-4d19-ad83-a87ee09ead6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26629", "type": "seen", "source": "https://t.me/cibsecurity/39500", "content": "\u203c CVE-2022-26629 \u203c\n\nAn Access Control vulnerability exists in SoroushPlus+ Messenger 1.0.30 in the Lock Screen Security Feature function due to insufficient permissions and privileges, which allows a malicious attacker bypass the lock screen function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-24T19:29:43.000000Z"}, {"uuid": "e1e490fa-004c-4dd8-8a87-41fa0ff3e407", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26624", "type": "seen", "source": "https://t.me/cibsecurity/40359", "content": "\u203c CVE-2022-26624 \u203c\n\nBootstrap v3.1.11 and v3.3.7 was discovered to contain a cross-site scripting (XSS) vulnerability via the Title parameter in /vendor/views/add_product.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-08T12:38:15.000000Z"}, {"uuid": "6df2e205-b7fd-430b-b144-7372d007f0e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26628", "type": "seen", "source": "https://t.me/cibsecurity/40209", "content": "\u203c CVE-2022-26628 \u203c\n\nMatrimony v1.0 was discovered to contain a SQL injection vulnerability via the Password parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-06T00:29:14.000000Z"}, {"uuid": "8544316d-15dc-4724-a295-4352c734c498", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26627", "type": "seen", "source": "https://t.me/cibsecurity/40301", "content": "\u203c CVE-2022-26627 \u203c\n\nOnline Project Time Management System v1.0 was discovered to contain an arbitrary file write vulnerability which allows attackers to execute arbitrary code via a crafted HTML file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-07T18:36:17.000000Z"}, {"uuid": "597ed7b8-3bc4-432f-8202-3035a9211b6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26620", "type": "seen", "source": "https://t.me/cibsecurity/39587", "content": "\u203c CVE-2022-26620 \u203c\n\nAkeo Consulting Rufus Executable 3.17.1846 and Rufus Portable Executable 3.17p were discovered to allow attackers to execute arbitrary code or escalate privileges via placing a crafted x86 DLL in the same directory as other executables.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-27T07:32:49.000000Z"}]}