https://db.gcve.eu/sightings/feed 2026-04-30T16:52:39.721261+00:00 Vulnerability-Lookup info@gcve.eu python-feedgen Contains only the most 10 recent sightings. https://db.gcve.eu/sighting/ca1a350b-bc53-4219-ba26-baf2a4a5f991/export 2026-04-30T16:52:40.397590+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "ca1a350b-bc53-4219-ba26-baf2a4a5f991", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44784", "type": "seen", "source": "https://t.me/cibsecurity/53293", "content": "\u203c CVE-2022-44784 \u203c\n\nAn issue was discovered in Appalti & Contratti 9.12.2. The target web applications LFS and DL229 expose a set of services provided by the Axis 1.4 instance, embedded directly into the applications, as hinted by the WEB-INF/web.xml file leaked through Local File Inclusion. Among the exposed services, there is the Axis AdminService, which, through the default configuration, should normally be accessible only by the localhost. Nevertheless, by trying to access the mentioned service, both in LFS and DL229, the service can actually be reached even by remote users, allowing creation of arbitrary services on the server side. When an attacker can reach the AdminService, they can use it to instantiate arbitrary services on the server. The exploit procedure is well known and described in Generic AXIS-SSRF exploitation. Basically, the attack consists of writing a JSP page inside the root directory of the web application, through the org.apache.axis.handlers.LogHandler class.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-22T02:56:22.000000Z"} 2022-11-22T02:56:22+00:00 https://db.gcve.eu/sighting/bc01149c-9808-4df6-89cb-44c74e64197b/export 2026-04-30T16:52:40.397534+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "bc01149c-9808-4df6-89cb-44c74e64197b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44785", "type": "seen", "source": "https://t.me/cibsecurity/53295", "content": "\u203c CVE-2022-44785 \u203c\n\nAn issue was discovered in Appalti & Contratti 9.12.2. The target web applications are subject to multiple SQL Injection vulnerabilities, some of which executable even by unauthenticated users, as demonstrated by the GetListaEnti.do cfamm parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-22T02:56:23.000000Z"} 2022-11-22T02:56:23+00:00 https://db.gcve.eu/sighting/dbe36f03-a17f-4403-b8cd-c2d287cdcc60/export 2026-04-30T16:52:40.397481+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "dbe36f03-a17f-4403-b8cd-c2d287cdcc60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44788", "type": "seen", "source": "https://t.me/cibsecurity/53294", "content": "\u203c CVE-2022-44788 \u203c\n\nAn issue was discovered in Appalti & Contratti 9.12.2. It allows Session Fixation. When a user logs in providing a JSESSIONID cookie that is issued by the server at the first visit, the cookie value is not updated after a successful login.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-22T02:56:23.000000Z"} 2022-11-22T02:56:23+00:00 https://db.gcve.eu/sighting/6d86308e-551e-49bd-9147-1e469840c5e9/export 2026-04-30T16:52:40.397426+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "6d86308e-551e-49bd-9147-1e469840c5e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44789", "type": "seen", "source": "https://t.me/cibsecurity/53460", "content": "\u203c CVE-2022-44789 \u203c\n\nA logical issue in O_getOwnPropertyDescriptor() in Artifex MuJS 1.0.0 through 1.3.1 allows an attacker to achieve Remote Code Execution through memory corruption, via the loading of a crafted JavaScript file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-24T00:14:06.000000Z"} 2022-11-24T00:14:06+00:00 https://db.gcve.eu/sighting/7322b996-5217-4d6c-bbc6-376eb05548b2/export 2026-04-30T16:52:40.397373+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "7322b996-5217-4d6c-bbc6-376eb05548b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-4478", "type": "seen", "source": "https://t.me/cibsecurity/56540", "content": "\u203c CVE-2022-4478 \u203c\n\nThe Font Awesome WordPress plugin before 4.3.2 does not validate and escapes some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks against logged-in admins.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-16T18:24:11.000000Z"} 2023-01-16T18:24:11+00:00 https://db.gcve.eu/sighting/900098f8-3c6f-4129-a8b8-86ff7de443a8/export 2026-04-30T16:52:40.397315+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "900098f8-3c6f-4129-a8b8-86ff7de443a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-4478", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10736", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-4478\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Font Awesome WordPress plugin before 4.3.2 does not validate and escapes some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as a contributor to perform Stored Cross-Site Scripting attacks against logged-in admins.\n\ud83d\udccf Published: 2023-01-16T15:37:57.578Z\n\ud83d\udccf Modified: 2025-04-07T16:27:11.529Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/4de75de5-e557-46df-9675-e3f0220f4003", "creation_timestamp": "2025-04-07T16:45:25.000000Z"} 2025-04-07T16:45:25+00:00 https://db.gcve.eu/sighting/3997d9a6-6253-44db-a6ef-ca8c61833c75/export 2026-04-30T16:52:40.397256+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "3997d9a6-6253-44db-a6ef-ca8c61833c75", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44789", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13524", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44789\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A logical issue in O_getOwnPropertyDescriptor() in Artifex MuJS 1.0.0 through 1.3.x before 1.3.2 allows an attacker to achieve Remote Code Execution through memory corruption, via the loading of a crafted JavaScript file.\n\ud83d\udccf Published: 2022-11-23T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-25T19:51:11.137Z\n\ud83d\udd17 References:\n1. https://github.com/ccxvii/mujs/commit/edb50ad66f7601ca9a3544a0e9045e8a8c60561f\n2. https://github.com/alalng/CVE-2022-44789/blob/main/PublicReferenceURL.txt\n3. https://github.com/ccxvii/mujs/releases/tag/1.3.2\n4. https://www.debian.org/security/2022/dsa-5291\n5. https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MC6PLHTXHZ7GW7QQGTLBHLXL47UHTHXO/", "creation_timestamp": "2025-04-25T20:08:06.000000Z"} 2025-04-25T20:08:06+00:00 https://db.gcve.eu/sighting/d1910136-43b5-413d-8065-11e97633e03a/export 2026-04-30T16:52:40.397189+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "d1910136-43b5-413d-8065-11e97633e03a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44784", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13857", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44784\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered in Appalti & Contratti 9.12.2. The target web applications LFS and DL229 expose a set of services provided by the Axis 1.4 instance, embedded directly into the applications, as hinted by the WEB-INF/web.xml file leaked through Local File Inclusion. Among the exposed services, there is the Axis AdminService, which, through the default configuration, should normally be accessible only by the localhost. Nevertheless, by trying to access the mentioned service, both in LFS and DL229, the service can actually be reached even by remote users, allowing creation of arbitrary services on the server side. When an attacker can reach the AdminService, they can use it to instantiate arbitrary services on the server. The exploit procedure is well known and described in Generic AXIS-SSRF exploitation. Basically, the attack consists of writing a JSP page inside the root directory of the web application, through the org.apache.axis.handlers.LogHandler class.\n\ud83d\udccf Published: 2022-11-21T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-29T15:54:25.872Z\n\ud83d\udd17 References:\n1. https://members.backbox.org/maggioli-appalti-contratti-multiple-vulnerabilities/", "creation_timestamp": "2025-04-29T16:12:54.000000Z"} 2025-04-29T16:12:54+00:00 https://db.gcve.eu/sighting/3f93adca-be7e-43d3-ac4e-f08cd4dc5176/export 2026-04-30T16:52:40.397097+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "3f93adca-be7e-43d3-ac4e-f08cd4dc5176", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44785", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13859", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44785\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered in Appalti & Contratti 9.12.2. The target web applications are subject to multiple SQL Injection vulnerabilities, some of which executable even by unauthenticated users, as demonstrated by the GetListaEnti.do cfamm parameter.\n\ud83d\udccf Published: 2022-11-21T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-29T15:51:22.369Z\n\ud83d\udd17 References:\n1. https://members.backbox.org/maggioli-appalti-contratti-multiple-vulnerabilities/", "creation_timestamp": "2025-04-29T16:12:56.000000Z"} 2025-04-29T16:12:56+00:00 https://db.gcve.eu/sighting/616f5a8a-c767-450d-a0ba-29214e89fdfe/export 2026-04-30T16:52:40.393093+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "616f5a8a-c767-450d-a0ba-29214e89fdfe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44786", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13862", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44786\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered in Appalti & Contratti 9.12.2. The target web applications allow Local File Inclusion in any page relying on the href parameter to specify the JSP page to be rendered. This affects ApriPagina.do POST and GET requests to each application.\n\ud83d\udccf Published: 2022-11-21T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-29T15:47:48.317Z\n\ud83d\udd17 References:\n1. https://members.backbox.org/maggioli-appalti-contratti-multiple-vulnerabilities/", "creation_timestamp": "2025-04-29T16:13:00.000000Z"} 2025-04-29T16:13:00+00:00