{"vulnerability": "cve-2022-2691", "sightings": [{"uuid": "70a94c89-5e43-4359-85a6-930830ea8ab5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26911", "type": "published-proof-of-concept", "source": "https://t.me/cKure/9988", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 PT Swarm team has reproduced an Arbitrary File Read for an internal site of Skype for Business / MS Lync.\n\nCVE: CVE-2022-26911\nSubdomains: dialin, meet, lyncdiscover, sip, ...\n\nOriginal advisory: https://t.co/WaYc1zs9Hh\n\nThe PoC \u2935\ufe0f\n\nhttps://twitter.com/ptswarm/status/1549744638193541122", "creation_timestamp": "2022-07-21T05:06:17.000000Z"}, {"uuid": "ae51b18f-6c02-4766-871d-5ee9de5f2552", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26911", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/138", "content": "\ud83e\udd73 We have reproduced an Arbitrary File Read for an internal site of Skype for Business / MS Lync!\n\nCVE: CVE-2022-26911\nSubdomains: dialin, meet, lyncdiscover, sip, ...\n\nOriginal advisory: https://lab.viettelcybersecurity.com/advisories/VCSA-97\n\nThe PoC \u2b06\ufe0f", "creation_timestamp": "2022-07-20T15:37:26.000000Z"}, {"uuid": "89fdad5c-1503-43c3-aab9-5745b1ad9cac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2691", "type": "seen", "source": "https://t.me/cibsecurity/47704", "content": "\u203c CVE-2022-2691 \u203c\n\nA vulnerability, which was classified as problematic, has been found in SourceCodester Wedding Hall Booking System. Affected by this issue is some unknown functionality of the file /whbs/?page=manage_account of the component Profile Page. The manipulation leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-205814 is the identifier assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-06T22:21:57.000000Z"}, {"uuid": "2b00257c-afcc-4e52-8091-ae73d1685dcf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26918", "type": "seen", "source": "https://t.me/cibsecurity/40937", "content": "\u203c CVE-2022-26918 \u203c\n\nWindows Fax Compose Form Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-26916, CVE-2022-26917.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-15T22:30:51.000000Z"}, {"uuid": "c74162ca-bac5-44a3-98cb-055fedf09d47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26919", "type": "seen", "source": "https://t.me/cibsecurity/40899", "content": "\u203c CVE-2022-26919 \u203c\n\nWindows LDAP Remote Code Execution Vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-15T22:20:27.000000Z"}, {"uuid": "e8730619-7838-4ec8-81a7-8e9d3ef1a938", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26917", "type": "seen", "source": "https://t.me/cibsecurity/40937", "content": "\u203c CVE-2022-26918 \u203c\n\nWindows Fax Compose Form Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-26916, CVE-2022-26917.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-15T22:30:51.000000Z"}, {"uuid": "ed619fd8-069d-42a5-82f3-e88456ef1222", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26916", "type": "seen", "source": "https://t.me/cibsecurity/40937", "content": "\u203c CVE-2022-26918 \u203c\n\nWindows Fax Compose Form Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-26916, CVE-2022-26917.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-15T22:30:51.000000Z"}, {"uuid": "6e0bc669-a9f7-49cc-9c25-b0f2f2825b57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26914", "type": "seen", "source": "https://t.me/cibsecurity/40894", "content": "\u203c CVE-2022-26914 \u203c\n\nWin32k Elevation of Privilege Vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-15T22:20:21.000000Z"}, {"uuid": "bd095b30-039e-4395-89e6-4faf96e6ff2f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26912", "type": "seen", "source": "https://t.me/cibsecurity/40215", "content": "\u203c CVE-2022-26895 \u203c\n\nMicrosoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24475, CVE-2022-26891, CVE-2022-26894, CVE-2022-26900, CVE-2022-26908, CVE-2022-26909, CVE-2022-26912.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-06T00:29:20.000000Z"}, {"uuid": "5269094a-cb48-4a43-8b7e-d1df528bf897", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26912", "type": "seen", "source": "https://t.me/cibsecurity/40202", "content": "\u203c CVE-2022-24475 \u203c\n\nMicrosoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-26891, CVE-2022-26894, CVE-2022-26895, CVE-2022-26900, CVE-2022-26908, CVE-2022-26909, CVE-2022-26912.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-06T00:29:04.000000Z"}, {"uuid": "b8d14385-99f4-4b61-bf24-c42623877f95", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26914", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11481", "content": "#exploit\n\"Win32k Vulnerability Dead?\nTaking win32k Exploitation To The Next Level\", 2024.\n\n// CVE-2021-41357, CVE-2023-28274, CVE-2022-21882, CVE-2022-26914, CVE-2022-41113", "creation_timestamp": "2024-11-25T22:22:32.000000Z"}, {"uuid": "f6c5d36e-4afe-4a82-b9d5-9451b1cfe290", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26914", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/5242", "content": "#exploit\n\"Win32k Vulnerability Dead?\nTaking win32k Exploitation To The Next Level\", 2024.\n\n// CVE-2021-41357, CVE-2023-28274, CVE-2022-21882, CVE-2022-26914, CVE-2022-41113", "creation_timestamp": "2024-11-25T13:03:20.000000Z"}, {"uuid": "70d12df7-b44b-4714-b5ba-ff80871b3f03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26914", "type": "seen", "source": "https://t.me/iiLinux/194", "content": "Win32k Vulnerability Dead?\nTaking win32k Exploitation To The Next Level\n\n// CVE-2021-41357, CVE-2023-28274, CVE-2022-21882, CVE-2022-26914, CVE-2022-41113", "creation_timestamp": "2024-12-14T11:42:40.000000Z"}]}