{"vulnerability": "cve-2022-2468", "sightings": [{"uuid": "3b7a9db3-bb2c-4f49-8e98-a0e9487d4a85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24682", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2023-06-14T21:10:04.000000Z"}, {"uuid": "3c77a6ba-1d97-4f30-a40f-e9b909dd7eb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24682", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/2971267", "content": "", "creation_timestamp": "2024-12-24T20:26:45.726287Z"}, {"uuid": "12377a69-9ff7-4a68-8c19-dd9999400d77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24682", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-02-23T02:10:35.000000Z"}, {"uuid": "6144f8e2-a87e-4d95-863d-ddd50bea1820", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24682", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m344f7rrkk2a", "content": "", "creation_timestamp": "2025-10-13T21:02:41.336399Z"}, {"uuid": "5812a2da-acd5-46e0-a827-933c5e102f38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24682", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2022/CVE-2022-24682.yaml", "content": "", "creation_timestamp": "2025-10-09T18:15:44.000000Z"}, {"uuid": "179980f5-4c33-49ad-9d94-077d62dbda54", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24682", "type": "exploited", "source": "https://t.me/DarkWebInformer_CVEAlerts/3432", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-24682\n\ud83d\udd25 CVSS Score: 6.2 (CVSS_V3)\n\ud83d\udd39 Description: An issue was discovered in the Calendar feature in Zimbra Collaboration Suite 8.8.x before 8.8.15 patch 30 (update 1), as exploited in the wild starting in December 2021. An attacker could place HTML containing executable JavaScript inside element attributes. This markup becomes unescaped, causing arbitrary markup to be injected into the document.\n\ud83d\udccf Published: 2022-02-10T00:00:32Z\n\ud83d\udccf Modified: 2025-01-30T00:31:03Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2022-24682\n2. https://blog.zimbra.com/2022/02/hotfix-available-5-feb-for-zero-day-exploit-vulnerability-in-zimbra-8-8-15\n3. https://wiki.zimbra.com/wiki/Security_Center\n4. https://wiki.zimbra.com/wiki/Zimbra_Releases/8.8.15/P30\n5. https://wiki.zimbra.com/wiki/Zimbra_Security_Advisories\n6. https://www.volexity.com/blog/2022/02/03/operation-emailthief-active-exploitation-of-zero-day-xss-vulnerability-in-zimbra", "creation_timestamp": "2025-01-30T01:12:15.000000Z"}, {"uuid": "f08dabdd-16c2-4281-8140-e5d1b272930f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2022-24682", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/b455d80b-c6e7-4ae7-afb4-f233bfeffe0f", "content": "", "creation_timestamp": "2026-02-02T12:28:22.072502Z"}, {"uuid": "7c320f9c-ea0b-49ca-abaa-58fa231c1540", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2468", "type": "seen", "source": "https://t.me/cibsecurity/46533", "content": "\u203c CVE-2022-2468 \u203c\n\nA vulnerability was found in SourceCodester Garage Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /editbrand.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-19T14:40:32.000000Z"}, {"uuid": "741b3420-a426-45a7-afd7-2e784c77ff7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24682", "type": "exploited", "source": "Telegram/TjxFwHmixzj4RS2b5tsZvLt1Z9ESQD7FQxj8-_8JyXRlxKWL", "content": "", "creation_timestamp": "2025-01-30T02:17:49.000000Z"}, {"uuid": "c82fca0a-44c4-4b15-a855-271817f60ee4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24689", "type": "seen", "source": "https://t.me/cibsecurity/46434", "content": "\u203c CVE-2022-24689 \u203c\n\nAn issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. It mishandles access control. This allows a remote attacker to access account information pages (including personal data) without being authenticated. The collected information includes the badge numbers that operate as user login names. They have a PIN code. The PIN code is 4 digits and thus can be guessed in 10000 brute force attempts.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-18T16:36:17.000000Z"}, {"uuid": "885d1668-663b-45c6-ab57-edc044390616", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24685", "type": "seen", "source": "https://t.me/cibsecurity/38171", "content": "\u203c CVE-2022-24685 \u203c\n\nHashiCorp Nomad and Nomad Enterprise 1.x before 1.0.17, 1.1.x before 1.1.12, and 1.2.x before 1.2.6 has Uncontrolled Resource Consumption.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-28T16:23:13.000000Z"}, {"uuid": "14a3ed23-1601-499e-8670-15adaaa72342", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24688", "type": "seen", "source": "https://t.me/cibsecurity/46443", "content": "\u203c CVE-2022-24688 \u203c\n\nAn issue was discovered in DSK DSKNet 2.16.136.0 and 2.17.136.5. The Touch settings allow unrestricted file upload (and consequently Remote Code Execution) via PDF upload with PHP content and a .php extension. The attacker must hijack or obtain privileged user access to the Parameters page in order to exploit this issue. (That can be easily achieved by exploiting the Broken Access Control with further Brute-force attack or SQL Injection.) The uploaded file is stored within the database and copied to the sync web folder if the attacker visits a certain .php?action= page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-18T16:36:27.000000Z"}, {"uuid": "79eaeca5-9678-4539-a66c-d50a16e2c791", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24681", "type": "seen", "source": "https://t.me/cibsecurity/40332", "content": "\u203c CVE-2022-24681 \u203c\n\nZoho ManageEngine ADSelfService Plus before 6121 allows XSS via the welcome name attribute to the Reset Password, Unlock Account, or User Must Change Password screen.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-08T02:47:40.000000Z"}, {"uuid": "b110f784-6356-42ec-b44a-29747053ab0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24683", "type": "seen", "source": "https://t.me/cibsecurity/37668", "content": "\u203c CVE-2022-24683 \u203c\n\nHashiCorp Nomad and Nomad Enterprise 0.9.2 through 1.0.17, 1.1.11, and 1.2.5 allow operators with read-fs and alloc-exec (or job-submit) capabilities to read arbitrary files on the host filesystem as root.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-17T20:37:24.000000Z"}, {"uuid": "a689d2f5-1995-4263-86dc-79cdfa8b6377", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24684", "type": "seen", "source": "https://t.me/cibsecurity/37495", "content": "\u203c CVE-2022-24684 \u203c\n\nHashiCorp Nomad and Nomad Enterprise before 1.0.17, 1.1.x before 1.1.12, and 1.2.x before 1.2.6 has Uncontrolled Resource Consumption.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-15T18:34:29.000000Z"}, {"uuid": "8338a996-de3a-4dbf-b4a7-2c444bd4d5b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24686", "type": "seen", "source": "https://t.me/cibsecurity/37425", "content": "\u203c CVE-2022-24686 \u203c\n\nHashiCorp Nomad and Nomad Enterprise 0.3.0 through 1.0.17, 1.1.11, and 1.2.5 artifact download functionality has a race condition such that the Nomad client agent could download the wrong artifact into the wrong destination. Fixed in 1.0.18, 1.1.12, and 1.2.6\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-14T16:33:30.000000Z"}, {"uuid": "cecc9100-486f-4fb0-a748-d97d425998b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24682", "type": "exploited", "source": "https://t.me/cibsecurity/37046", "content": "\u203c CVE-2022-24682 \u203c\n\nAn issue was discovered in the Calendar feature in Zimbra Collaboration Suite 8.8.x before 8.8.15 patch 30 (update 1), as exploited in the wild starting in December 2021. An attacker could place HTML containing executable JavaScript inside element attributes. This markup becomes unescaped, causing arbitrary markup to be injected into the document.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-09T07:12:32.000000Z"}]}