{"vulnerability": "cve-2022-4003", "sightings": [{"uuid": "d9d1a269-cf4c-4c95-82de-416f9316eca3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40032", "type": "exploited", "source": "https://www.exploit-db.com/exploits/51273", "content": "", "creation_timestamp": "2023-04-06T00:00:00.000000Z"}, {"uuid": "7717fd25-fafe-48e8-885b-119bd472fdc2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40035", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9927", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-40035\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: File Upload Vulnerability found in Rawchen Blog-ssm v1.0 allowing attackers to execute arbitrary commands and gain escalated privileges via the /uploadFileList component.\n\ud83d\udccf Published: 2023-01-25T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-01T15:25:46.545Z\n\ud83d\udd17 References:\n1. https://github.com/rawchen/blog-ssm/issues/3", "creation_timestamp": "2025-04-01T15:32:47.000000Z"}, {"uuid": "b8b5004a-d81d-4380-b7a3-95a9478a1cc7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4003", "type": "seen", "source": "https://t.me/cvedetector/2182", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2022-4003 - Apache Commons Denial of Service Vulneability\", \n  \"Content\": \"CVE ID : CVE-2022-4003 \nPublished : July 31, 2024, 9:15 p.m. | 45\u00a0minutes ago \nDescription : A denial-of-service vulnerability could allow an authenticated user to trigger an internal service restart via a specially crafted API request. \nSeverity: 2.7 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-01T00:22:06.000000Z"}, {"uuid": "b435877c-7405-4cae-83fd-a9e5cda43c03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40032", "type": "seen", "source": "https://t.me/cibsecurity/58431", "content": "\u203c CVE-2022-40032 \u203c\n\nSQL Injection vulnerability in Simple Task Managing System version 1.0 in login.php in 'username' and 'password' parameters, allows attackers to execute arbitrary code and gain sensitive information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-17T16:13:08.000000Z"}, {"uuid": "e5e9851e-eb61-4f14-8619-4e7629a4c102", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40034", "type": "seen", "source": "https://t.me/cibsecurity/56871", "content": "\u203c CVE-2022-40034 \u203c\n\nCross-Site Scripting (XSS) vulnerability found in Rawchen blog-ssm v1.0 allows attackers to execute arbitrary code via the 'notifyInfo' parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-24T00:25:10.000000Z"}, {"uuid": "0a52d29f-2e79-4298-9ad0-cb94c05a017b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40036", "type": "seen", "source": "https://t.me/cibsecurity/56959", "content": "\u203c CVE-2022-40036 \u203c\n\nAn issue was discovered in Rawchen blog-ssm v1.0 allows an attacker to obtain sensitive user information by bypassing permission checks via the /adminGetUserList component.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-27T00:38:55.000000Z"}, {"uuid": "f84f7d5c-707c-4720-95c3-ccdc3eb3d195", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40035", "type": "seen", "source": "https://t.me/cibsecurity/56955", "content": "\u203c CVE-2022-40035 \u203c\n\nFile Upload Vulnerability found in Rawchen Blog-ssm v1.0 allowing attackers to execute arbitrary commands and gain escalated privileges via the /uploadFileList component.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-27T00:34:08.000000Z"}, {"uuid": "3690618e-a6bf-4c54-9199-0785ba55639f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40037", "type": "seen", "source": "https://t.me/cibsecurity/56946", "content": "\u203c CVE-2022-40037 \u203c\n\nAn issue discovered in Rawchen blog-ssm v1.0 allows remote attacker to escalate privileges and execute arbitrary commands via the component /upFile.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-27T00:33:59.000000Z"}, {"uuid": "025aa2d5-c5cc-4f6f-999b-f69b17a024f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40030", "type": "seen", "source": "https://t.me/cibsecurity/50235", "content": "\u203c CVE-2022-40030 \u203c\n\nSourceCodester Simple Task Managing System v1.0 was discovered to contain a SQL injection vulnerability via the bookId parameter at changeStatus.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-21T22:41:35.000000Z"}]}