{"vulnerability": "cve-2022-3089", "sightings": [{"uuid": "7e81b3d6-4b72-4a4c-ae7c-76aeafcb4b72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3089", "type": "seen", "source": "https://t.me/cibsecurity/58012", "content": "\u203c CVE-2022-3089 \u203c\n\nEchelon SmartServer 2.2 with i.LON Vision 2.2 stores cleartext credentials in a file, which could allow an attacker to obtain cleartext usernames and passwords of the SmartServer. If the attacker obtains the file, then the credentials could be used to control the web user interface and file transfer protocol (FTP) server.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-13T20:29:56.000000Z"}, {"uuid": "84d65d30-a24f-4308-8ace-e13533f3df06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30899", "type": "seen", "source": "https://t.me/cibsecurity/44053", "content": "\u203c CVE-2022-30899 \u203c\n\nA Cross Site Scripting vulnerabilty exists in PartKeepr 1.4.0 via the 'name' field in /api/part_categories.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-08T20:32:36.000000Z"}, {"uuid": "31a51f8f-8968-485a-9c3b-a10eae0013cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-30898", "type": "seen", "source": "https://t.me/cibsecurity/44138", "content": "\u203c CVE-2022-30898 \u203c\n\nA Cross-site request forgery (CSRF) vulnerability in Cscms music portal system v4.2 allows remote attackers to change the administrator's username and password.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-09T22:33:31.000000Z"}]}