https://db.gcve.eu/sightings/feed 2026-04-30T17:37:15.854374+00:00 Vulnerability-Lookup info@gcve.eu python-feedgen Contains only the most 10 recent sightings. https://db.gcve.eu/sighting/348dabd9-9a96-4f0f-998b-72555f072067/export 2026-04-30T17:37:16.197391+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "348dabd9-9a96-4f0f-998b-72555f072067", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-46503", "type": "seen", "source": "https://t.me/cibsecurity/56424", "content": "\u203c CVE-2022-46503 \u203c\n\nA cross-site scripting (XSS) vulnerability in the component /admin/register.php of Online Student Enrollment System v1.0 allows attackers to execute arbitrary web scripts via a crafted payload injected into the name parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-12T18:30:24.000000Z"} 2023-01-12T18:30:24+00:00 https://db.gcve.eu/sighting/6d2150cf-27a1-4200-8574-2d7a68234848/export 2026-04-30T17:37:16.197336+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "6d2150cf-27a1-4200-8574-2d7a68234848", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-46502", "type": "seen", "source": "https://t.me/cibsecurity/56465", "content": "\u203c CVE-2022-46502 \u203c\n\nOnline Student Enrollment System v1.0 was discovered to contain a SQL injection vulnerability via the username parameter at /student_enrollment/admin/login.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-13T07:30:48.000000Z"} 2023-01-13T07:30:48+00:00 https://db.gcve.eu/sighting/e4a9af94-e7fc-4d55-b52b-9f7e75b77bee/export 2026-04-30T17:37:16.197277+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "e4a9af94-e7fc-4d55-b52b-9f7e75b77bee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-46505", "type": "seen", "source": "https://t.me/cibsecurity/56671", "content": "\u203c CVE-2022-46505 \u203c\n\nAn issue in MatrixSSL 4.5.1-open and earlier leads to failure to securely check the SessionID field, resulting in the misuse of an all-zero MasterSecret that can decrypt secret data.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-18T18:21:05.000000Z"} 2023-01-18T18:21:05+00:00 https://db.gcve.eu/sighting/7152a59e-8c89-4311-9acb-a45d56e5b8d6/export 2026-04-30T17:37:16.197217+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "7152a59e-8c89-4311-9acb-a45d56e5b8d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-4650", "type": "seen", "source": "https://t.me/cibsecurity/56852", "content": "\u203c CVE-2022-4650 \u203c\n\nThe HashBar WordPress plugin before 1.3.6 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-23T18:31:10.000000Z"} 2023-01-23T18:31:10+00:00 https://db.gcve.eu/sighting/9e1b742c-f938-4b63-b8a9-a0a91c3abf8c/export 2026-04-30T17:37:16.197128+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "9e1b742c-f938-4b63-b8a9-a0a91c3abf8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-46501", "type": "seen", "source": "https://t.me/cibsecurity/59350", "content": "\u203c CVE-2022-46501 \u203c\n\nAccruent LLC Maintenance Connection 2021 (all) & 2022.2 was discovered to contain a SQL injection vulnerability via the E-Mail to Work Order function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-03T00:47:40.000000Z"} 2023-03-03T00:47:40+00:00 https://db.gcve.eu/sighting/0d657497-f226-4aa8-983f-bd78ea7fcb27/export 2026-04-30T17:37:16.197028+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "0d657497-f226-4aa8-983f-bd78ea7fcb27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-46501", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6864", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-46501\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Accruent LLC Maintenance Connection 2021 (all) & 2022.2 was discovered to contain a SQL injection vulnerability via the E-Mail to Work Order function.\n\ud83d\udccf Published: 2023-03-02T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-07T17:29:32.771Z\n\ud83d\udd17 References:\n1. http://accruent.com\n2. https://maintenanceconnection.ca/zero-day-flaw-in-accruent-software/", "creation_timestamp": "2025-03-07T17:35:14.000000Z"} 2025-03-07T17:35:14+00:00 https://db.gcve.eu/sighting/d5be8e2e-7842-42b4-9842-a5b3528ad328/export 2026-04-30T17:37:16.196853+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "d5be8e2e-7842-42b4-9842-a5b3528ad328", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-4650", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/10334", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-4650\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The HashBar WordPress plugin before 1.3.6 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack.\n\ud83d\udccf Published: 2023-01-23T14:31:55.502Z\n\ud83d\udccf Modified: 2025-04-03T19:20:54.367Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/b430fdaa-191a-429e-b6d2-479b32bb1075", "creation_timestamp": "2025-04-03T19:35:45.000000Z"} 2025-04-03T19:35:45+00:00 https://db.gcve.eu/sighting/70122c0c-52d3-443d-9a16-49466ca3ed40/export 2026-04-30T17:37:16.194009+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "70122c0c-52d3-443d-9a16-49466ca3ed40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-46503", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10914", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-46503\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A cross-site scripting (XSS) vulnerability in the component /admin/register.php of Online Student Enrollment System v1.0 allows attackers to execute arbitrary web scripts via a crafted payload injected into the name parameter.\n\ud83d\udccf Published: 2023-01-12T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-08T14:30:39.234Z\n\ud83d\udd17 References:\n1. https://github.com/mkwsj007/bug_report/blob/main/vendors/donbermoy/Online%20Student%20Enrollment%20System/XSS-1.md", "creation_timestamp": "2025-04-08T14:47:04.000000Z"} 2025-04-08T14:47:04+00:00