{"vulnerability": "cve-2022-4333", "sightings": [{"uuid": "dbdec3d1-1449-4be3-acf3-cbe0de9bf24b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43330", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14603", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-43330\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Canteen Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /editorder.php.\n\ud83d\udccf Published: 2022-11-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-02T21:08:00.556Z\n\ud83d\udd17 References:\n1. https://github.com/YReyi/bug_report/blob/main/vendors/mayuri_k/canteen-management-system/SQLi-2.md", "creation_timestamp": "2025-05-02T21:16:24.000000Z"}, {"uuid": "027e429f-ffd9-4f6b-b388-b36c7a5c4b6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43333", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13301", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-43333\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Telenia Software s.r.l TVox before v22.0.17 was discovered to contain a remote code execution (RCE) vulnerability in the component action_export_control.php.\n\ud83d\udccf Published: 2022-12-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-24T17:55:29.978Z\n\ud83d\udd17 References:\n1. https://www.swascan.com/it/security-advisory-telenia-software-tvox/", "creation_timestamp": "2025-04-24T18:06:50.000000Z"}, {"uuid": "e22ce669-9158-4595-812f-53e2ac4a7128", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43332", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13828", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-43332\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A cross-site scripting (XSS) vulnerability in Wondercms v3.3.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Site title field of the Configuration Panel.\n\ud83d\udccf Published: 2022-11-17T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-29T15:03:33.518Z\n\ud83d\udd17 References:\n1. https://github.com/maikroservice/CVE-2022-43332", "creation_timestamp": "2025-04-29T15:11:32.000000Z"}, {"uuid": "8b41c877-e96b-41d4-9e83-e7564c58f579", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43331", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14604", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-43331\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Canteen Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /php_action/printOrder.php.\n\ud83d\udccf Published: 2022-11-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-02T21:06:17.464Z\n\ud83d\udd17 References:\n1. https://github.com/YReyi/bug_report/blob/main/vendors/mayuri_k/canteen-management-system/SQLi-3.md", "creation_timestamp": "2025-05-02T21:16:26.000000Z"}, {"uuid": "38bad478-c715-49da-adfd-a8faec73605e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43332", "type": "seen", "source": "https://t.me/cibsecurity/53128", "content": "\u203c CVE-2022-43332 \u203c\n\nA cross-site scripting (XSS) vulnerability in Wondercms v3.3.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Site title field of the Configuration Panel.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-18T02:18:14.000000Z"}, {"uuid": "88074bfa-b1d2-4c6e-9991-cd93f649e13d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43331", "type": "seen", "source": "https://t.me/cibsecurity/52408", "content": "\u203c CVE-2022-43331 \u203c\n\nCanteen Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /php_action/printOrder.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-01T21:19:04.000000Z"}, {"uuid": "68906581-cbed-413a-a842-e517b22b25f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43330", "type": "seen", "source": "https://t.me/cibsecurity/52405", "content": "\u203c CVE-2022-43330 \u203c\n\nCanteen Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /editorder.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-01T21:18:59.000000Z"}, {"uuid": "df991123-5cf5-41a9-8484-40f4dceeb5a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43332", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/7146", "content": "#exploit\n1. CVE-2022-43332:\nCross Site Scripting in WonderCMS v3.3.4\nhttps://github.com/maikroservice/CVE-2022-43332\n\n2. CVE-2021-40438:\nApache HTTP Server 2.4.48 - A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user\nhttps://github.com/WilsonFung414/CVE-2021-40438_Docker_2", "creation_timestamp": "2022-11-11T11:00:19.000000Z"}]}