{"vulnerability": "cve-2022-3140", "sightings": [{"uuid": "1a6c2e4d-f9d7-4c24-a01c-91c17160e009", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31402", "type": "seen", "source": "https://t.me/cibsecurity/44209", "content": "\u203c CVE-2022-31402 \u203c\n\nITOP v3.0.1 was discovered to contain a cross-site scripting (XSS) vulnerability via /itop/webservices/export-v2.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-10T20:34:39.000000Z"}, {"uuid": "3ef62a74-5efb-4fde-9313-8b8abcf7df67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31402", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2479", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-31402\nURL\uff1ahttps://github.com/YavuzSahbaz/CVE-2022-31402\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-06-10T03:33:38.000000Z"}, {"uuid": "bdd7fc65-864f-4d10-ac3c-7ba151013873", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31405", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7160", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-31405\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: MV iDigital Clinic Enterprise (iDCE) 1.0 stores passwords in cleartext.\n\ud83d\udccf Published: 2023-02-27T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-11T16:29:43.401Z\n\ud83d\udd17 References:\n1. https://github.com/ifmacedo/mconnect/blob/main/IDCE-ClearTextStorage\n2. https://www.linkedin.com/pulse/armazenamento-inseguro-idce-mv-iran-macedo\n3. https://mv.com.br/pt/blog/microdata-integra-novo-modulo-cockpit-ao-ris-idce", "creation_timestamp": "2025-03-11T16:40:07.000000Z"}, {"uuid": "72b9ef28-b47c-48bc-950f-e8fc2cd69861", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31405", "type": "seen", "source": "https://t.me/cibsecurity/58923", "content": "\u203c CVE-2022-31405 \u203c\n\nMV iDigital Clinic Enterprise (iDCE) 1.0 stores passwords in cleartext.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-27T12:26:35.000000Z"}, {"uuid": "51cbb944-3b6b-47f6-b590-d7f5ecac3892", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31400", "type": "seen", "source": "https://t.me/cibsecurity/44287", "content": "\u203c CVE-2022-31400 \u203c\n\nA cross-site scripting (XSS) vulnerability in /staff/setup/email-addresses of Helpdeskz v2.0.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email name field.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-13T16:22:59.000000Z"}]}