{"vulnerability": "CVE-2022-2746", "sightings": [{"uuid": "d7f49e62-1696-47f8-9f91-96cf0b1a56fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2746", "type": "seen", "source": "https://t.me/cibsecurity/47932", "content": "\u203c CVE-2022-2746 \u203c\n\nA vulnerability has been found in SourceCodester Simple Online Book Store System and classified as critical. This vulnerability affects unknown code of the file Admin_ add.php. The manipulation leads to unrestricted upload. The attack can be initiated remotely. VDB-206014 is the identifier assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-11T12:31:53.000000Z"}, {"uuid": "9873587a-b059-42fb-810c-312e88206f55", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27466", "type": "seen", "source": "https://t.me/cibsecurity/41726", "content": "\u203c CVE-2022-27466 \u203c\n\nMCMS v5.2.27 was discovered to contain a SQL injection vulnerability in the orderBy parameter at /dict/list.do.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-02T18:32:51.000000Z"}, {"uuid": "09666851-5728-4de7-a420-49edb5a4c056", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27468", "type": "seen", "source": "https://t.me/cibsecurity/41436", "content": "\u203c CVE-2022-27468 \u203c\n\nMonstaftp v2.10.3 was discovered to contain an arbitrary file upload which allows attackers to execute arbitrary code via a crafted file uploaded to the web server.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-26T18:37:16.000000Z"}, {"uuid": "0186f625-2a74-4502-bef0-029b0c2334dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27469", "type": "seen", "source": "https://t.me/cibsecurity/41432", "content": "\u203c CVE-2022-27469 \u203c\n\nMonstaftp v2.10.3 was discovered to allow attackers to execute Server-Side Request Forgery (SSRF).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-26T18:37:10.000000Z"}, {"uuid": "41eb5bcf-cbc5-46eb-8c4d-b480c55c4c1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27462", "type": "seen", "source": "https://t.me/cibsecurity/40181", "content": "\u203c CVE-2022-27462 \u203c\n\nCross Site Scripting (XSS) vulnerability in objects/function.php in function getDeviceID in WWBN AVideo through 11.6, via the yptDevice parameter to view/include/head.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-05T20:29:06.000000Z"}, {"uuid": "d8906e53-3268-417e-93a2-3335793b4343", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-27463", "type": "seen", "source": "https://t.me/cibsecurity/40179", "content": "\u203c CVE-2022-27463 \u203c\n\nOpen redirect vulnerability in objects/login.json.php in WWBN AVideo through 11.6, allows attackers to arbitrarily redirect users from a crafted url to the login page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-05T20:29:04.000000Z"}]}