{"vulnerability": "cve-2022-3416", "sightings": [{"uuid": "4081aff7-2023-472c-b721-c0959c55718f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34169", "type": "seen", "source": "https://googleprojectzero.blogspot.com/2022/11/gregor-samsa-exploiting-java-xml.html", "content": "", "creation_timestamp": "2022-11-02T11:41:00.000000Z"}, {"uuid": "c11a7ff4-0785-457d-8724-89aa97238f1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34169", "type": "seen", "source": "https://bsky.app/profile/gcpweekly.bsky.social/post/3lzzeuxkcgj2c", "content": "", "creation_timestamp": "2025-09-30T01:31:31.246850Z"}, {"uuid": "b8dd501e-74fa-4f36-81fd-e0be9f24a126", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "86ecb4e1-bb32-44d5-9f39-8a4673af8385", "vulnerability": "CVE-2022-34169", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0292/", "content": "", "creation_timestamp": "2026-03-13T00:00:00.000000Z"}, {"uuid": "28010367-e596-48a9-b410-e1f1db1f0910", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34169", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2946", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1ahttps://nvd.nist.gov/vuln/detail/CVE-2022-34169\nURL\uff1ahttps://github.com/bor8/CVE-2022-34169\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-08-15T09:47:35.000000Z"}, {"uuid": "dccdd695-baab-4b45-a787-276a5b660f0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3416", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11158", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-3416\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The WPtouch WordPress plugin before 4.3.45 does not properly validate images to be uploaded, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to (for example in multisite setup)\n\ud83d\udccf Published: 2023-01-09T22:13:28.101Z\n\ud83d\udccf Modified: 2025-04-09T19:14:07.353Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/f927dbe0-3939-4882-a469-1309ac737ee6", "creation_timestamp": "2025-04-09T19:48:37.000000Z"}, {"uuid": "be237caf-6e97-4c14-a5e8-d1b12eba8e81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34169", "type": "published-proof-of-concept", "source": "Telegram/GVzbIvRKQ_pBb8RAmwM77aPrTfNfkOsNgLPsCj3jinnJ4WY", "content": "", "creation_timestamp": "2025-01-17T22:00:05.000000Z"}, {"uuid": "04741625-5f6d-46f1-b4a8-9784ed6a7751", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34165", "type": "seen", "source": "https://t.me/ashaburroyah313/187", "content": "{(D)enial(OFF)ensive(S)ervice[ToolKit]}-{by_(io=psy+/03c8.net)}\n\n===========================================================================\n\n[AI] Abducting target to extract interesting information... Be patient!\n\n======================\n\n -Target URL: https://hy.health.gov.il\n\n -IP    : 62.90.118.183\n -IPv6  : OFF\n -Port  : 443\n\n -Domain: hy.health.gov.il\n\n---------\n\nTrying single visit broadband test (using GET)...\n\n -Bytes in : 58.7 KB\n -Load time: 6.04 seconds\n\n---------\n\nDetermining webserver fingerprint (note that this value can be a fake)...\n\n -Banner: Microsoft-IIS/8.5\n -V\u00eda   : NOT found!\n\n---------\n\nSearching for extra Anti-DDoS protections...\n\n -WAF/IDS: FIREWALL NOT PRESENT (or not discovered yet)! ;-)\n\n---------\n\nSearching at CVE (https://cve.mitre.org) for vulnerabilities...\n\n -Last Reports:\n\n        + CVE-2022-35282 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-35282\n\n        + CVE-2022-34336 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34336\n\n        + CVE-2022-34165 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34165\n\n        + CVE-2022-22670 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22670\n\n        + CVE-2022-22666 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22666\n\n        + CVE-2022-22654 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22654\n\n        + CVE-2022-22640 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22640\n\n        + CVE-2022-22638 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22638\n\n        + CVE-2022-22637 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22637\n\n        + CVE-2022-22633 -> https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22633\n\n---------\n\n[Info] [AI] Abduction finished! -> [OK!]", "creation_timestamp": "2022-10-01T14:47:50.000000Z"}, {"uuid": "c5579359-31fe-473f-aa17-440e7c539ecd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34169", "type": "seen", "source": "https://t.me/ctinow/181433", "content": "https://ift.tt/i7CvsYA\nCVE-2022-34169 | Oracle Financial Services Enterprise Case Management 8.0.8.2/8.1.1.1/8.1.2.5/8.1.2.6 Web UI numeric conversion", "creation_timestamp": "2024-02-08T15:41:59.000000Z"}, {"uuid": "6f7af537-7156-4345-96b1-bba2c45571e1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3416", "type": "seen", "source": "https://t.me/cibsecurity/56200", "content": "\u203c CVE-2022-3416 \u203c\n\nThe WPtouch WordPress plugin before 4.3.45 does not properly validate images to be uploaded, allowing high privilege users such as admin to upload arbitrary files on the server even when they should not be allowed to (for example in multisite setup)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-10T02:28:14.000000Z"}, {"uuid": "6647fdf0-8c83-4be6-a8bb-c05ef2d24ed2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34165", "type": "seen", "source": "https://t.me/cibsecurity/49552", "content": "\u203c CVE-2022-34165 \u203c\n\nIBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 and IBM WebSphere Application Server Liberty 17.0.0.3 through 22.0.0.9 are vulnerable to HTTP header injection, caused by improper validation. This could allow an attacker to conduct various attacks against the vulnerable system, including cache poisoning and cross-site scripting. IBM X-Force ID: 229429.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-09T20:30:26.000000Z"}, {"uuid": "d2902ab6-c681-47d2-ba96-aed23e4d0005", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34167", "type": "seen", "source": "https://t.me/cibsecurity/45824", "content": "\u203c CVE-2022-34167 \u203c\n\nIBM CICS TX Standard and Advanced 11.1 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 229432.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-08T20:31:24.000000Z"}, {"uuid": "d051e6f2-2acc-4c3c-8432-b175709828c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34160", "type": "seen", "source": "https://t.me/cibsecurity/45821", "content": "\u203c CVE-2022-34160 \u203c\n\nIBM CICS TX Standard and Advanced 11.1 is vulnerable to HTML injection. A remote attacker could inject malicious HTML code, which when viewed, would be executed in the victim's Web browser within the security context of the hosting site. IBM X-Force ID: 229330.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-08T20:28:22.000000Z"}, {"uuid": "637edddd-46b5-4e15-824e-e8ba4a24877d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34166", "type": "seen", "source": "https://t.me/cibsecurity/45820", "content": "\u203c CVE-2022-34166 \u203c\n\nIBM CICS TX Standard and Advanced 11.1 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 229430.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-08T20:16:31.000000Z"}, {"uuid": "0e60cf18-9d44-4d2b-9e12-61a984a01013", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34162", "type": "seen", "source": "https://t.me/cibsecurity/47357", "content": "\u203c CVE-2022-34162 \u203c\n\nIBM CICS TX 11.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 229332.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-01T20:16:56.000000Z"}, {"uuid": "5da9e4ee-f3a3-4620-87e7-b576cfeba7c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34161", "type": "seen", "source": "https://t.me/cibsecurity/47355", "content": "\u203c CVE-2022-34161 \u203c\n\nIBM CICS TX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 229331.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-01T20:16:54.000000Z"}, {"uuid": "5927678d-a35d-463e-ab45-59412ab45eac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34163", "type": "seen", "source": "https://t.me/cibsecurity/47361", "content": "\u203c CVE-2022-34163 \u203c\n\nIBM CICS TX 11.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 229333.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-01T20:17:03.000000Z"}, {"uuid": "07ebb755-04a8-4013-9661-638c65811d8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34164", "type": "seen", "source": "https://t.me/cibsecurity/47360", "content": "\u203c CVE-2022-34164 \u203c\n\nIBM CICS TX 11.1 could allow a local user to impersonate another legitimate user due to improper input validation. IBM X-Force ID: 229338.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-01T20:17:02.000000Z"}, {"uuid": "055974ac-9173-491c-be8c-c7da41874a59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34169", "type": "seen", "source": "https://t.me/cibsecurity/46575", "content": "\u203c CVE-2022-34169 \u203c\n\nThe Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets. This can be used to corrupt Java class files generated by the internal XSLTC compiler and execute arbitrary Java bytecode. The Apache Xalan Java project is dormant and in the process of being retired. No future releases of Apache Xalan Java to address this issue are expected. Note: Java runtimes (such as OpenJDK) include repackaged copies of Xalan.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-19T22:40:50.000000Z"}]}