https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Wed, 27 May 2026 06:22:26 +0000 https://db.gcve.eu/sighting/baf4a87e-18f1-426c-9878-fe654203e42d/export {"uuid": "baf4a87e-18f1-426c-9878-fe654203e42d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-45894", "type": "seen", "source": "https://t.me/cibsecurity/55301", "content": "\u203c CVE-2022-45894 \u203c\n\nGetFile.aspx in Planet eStream before 6.72.10.07 allows ..\\ directory traversal to read arbitrary local files.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-25T07:39:56.000000Z"} {"uuid": "baf4a87e-18f1-426c-9878-fe654203e42d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-45894", "type": "seen", "source": "https://t.me/cibsecurity/55301", "content": "\u203c CVE-2022-45894 \u203c\n\nGetFile.aspx in Planet eStream before 6.72.10.07 allows ..\\ directory traversal to read arbitrary local files.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-25T07:39:56.000000Z"} https://db.gcve.eu/sighting/baf4a87e-18f1-426c-9878-fe654203e42d/export Sun, 25 Dec 2022 07:39:56 +0000 https://db.gcve.eu/sighting/872ac9ac-4893-42cd-b4b2-b3ca0f13ce1b/export {"uuid": "872ac9ac-4893-42cd-b4b2-b3ca0f13ce1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-45895", "type": "seen", "source": "https://t.me/cibsecurity/55304", "content": "\u203c CVE-2022-45895 \u203c\n\nPlanet eStream before 6.72.10.07 discloses sensitive information, related to the ON cookie (findable in HTML source code for Default.aspx in some situations) and the WhoAmI endpoint (e.g., path disclosure).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-25T07:40:02.000000Z"} {"uuid": "872ac9ac-4893-42cd-b4b2-b3ca0f13ce1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-45895", "type": "seen", "source": "https://t.me/cibsecurity/55304", "content": "\u203c CVE-2022-45895 \u203c\n\nPlanet eStream before 6.72.10.07 discloses sensitive information, related to the ON cookie (findable in HTML source code for Default.aspx in some situations) and the WhoAmI endpoint (e.g., path disclosure).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-25T07:40:02.000000Z"} https://db.gcve.eu/sighting/872ac9ac-4893-42cd-b4b2-b3ca0f13ce1b/export Sun, 25 Dec 2022 07:40:02 +0000 https://db.gcve.eu/sighting/1c6caf5f-f5e7-4699-bc0c-9fcf5d28f37a/export {"uuid": "1c6caf5f-f5e7-4699-bc0c-9fcf5d28f37a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-45890", "type": "seen", "source": "https://t.me/cibsecurity/55306", "content": "\u203c CVE-2022-45890 \u203c\n\nIn Planet eStream before 6.72.10.07, a Reflected Cross-Site Scripting (XSS) vulnerability exists via any metadata filter field (e.g., search within Default.aspx with the r or fo parameter).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-25T07:40:04.000000Z"} {"uuid": "1c6caf5f-f5e7-4699-bc0c-9fcf5d28f37a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-45890", "type": "seen", "source": "https://t.me/cibsecurity/55306", "content": "\u203c CVE-2022-45890 \u203c\n\nIn Planet eStream before 6.72.10.07, a Reflected Cross-Site Scripting (XSS) vulnerability exists via any metadata filter field (e.g., search within Default.aspx with the r or fo parameter).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-25T07:40:04.000000Z"} https://db.gcve.eu/sighting/1c6caf5f-f5e7-4699-bc0c-9fcf5d28f37a/export Sun, 25 Dec 2022 07:40:04 +0000 https://db.gcve.eu/sighting/a6c79a1e-4cd8-4cf6-a09d-d18a49687efc/export {"uuid": "a6c79a1e-4cd8-4cf6-a09d-d18a49687efc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-45897", "type": "seen", "source": "https://t.me/cibsecurity/57191", "content": "\u203c CVE-2022-45897 \u203c\n\nOn Xerox WorkCentre 3550 25.003.03.000 devices, an authenticated attacker can view the SMB server settings and can obtain the stored cleartext credentials associated with those settings.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-31T02:43:00.000000Z"} {"uuid": "a6c79a1e-4cd8-4cf6-a09d-d18a49687efc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-45897", "type": "seen", "source": "https://t.me/cibsecurity/57191", "content": "\u203c CVE-2022-45897 \u203c\n\nOn Xerox WorkCentre 3550 25.003.03.000 devices, an authenticated attacker can view the SMB server settings and can obtain the stored cleartext credentials associated with those settings.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-31T02:43:00.000000Z"} https://db.gcve.eu/sighting/a6c79a1e-4cd8-4cf6-a09d-d18a49687efc/export Tue, 31 Jan 2023 02:43:00 +0000 https://db.gcve.eu/sighting/5efefb02-d1ff-48e3-9f73-ef2e49506365/export {"uuid": "5efefb02-d1ff-48e3-9f73-ef2e49506365", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-45890", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11658", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-45890\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In Planet eStream before 6.72.10.07, a Reflected Cross-Site Scripting (XSS) vulnerability exists via any metadata filter field (e.g., search within Default.aspx with the r or fo parameter).\n\ud83d\udccf Published: 2022-12-25T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-14T17:44:56.912Z\n\ud83d\udd17 References:\n1. https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-planet-enterprises-ltd-planet-estream/", "creation_timestamp": "2025-04-14T17:54:17.000000Z"} {"uuid": "5efefb02-d1ff-48e3-9f73-ef2e49506365", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-45890", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11658", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-45890\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In Planet eStream before 6.72.10.07, a Reflected Cross-Site Scripting (XSS) vulnerability exists via any metadata filter field (e.g., search within Default.aspx with the r or fo parameter).\n\ud83d\udccf Published: 2022-12-25T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-14T17:44:56.912Z\n\ud83d\udd17 References:\n1. https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-planet-enterprises-ltd-planet-estream/", "creation_timestamp": "2025-04-14T17:54:17.000000Z"} https://db.gcve.eu/sighting/5efefb02-d1ff-48e3-9f73-ef2e49506365/export Mon, 14 Apr 2025 17:54:17 +0000 https://db.gcve.eu/sighting/2a96439d-315a-4211-8e34-615aee7344d6/export {"uuid": "2a96439d-315a-4211-8e34-615aee7344d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-45892", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11659", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-45892\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In Planet eStream before 6.72.10.07, multiple Stored Cross-Site Scripting (XSS) vulnerabilities exist: Disclaimer, Search Function, Comments, Batch editing tool, Content Creation, Related Media, Create new user, and Change Username.\n\ud83d\udccf Published: 2022-12-25T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-14T17:43:33.926Z\n\ud83d\udd17 References:\n1. https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-planet-enterprises-ltd-planet-estream/", "creation_timestamp": "2025-04-14T17:54:18.000000Z"} {"uuid": "2a96439d-315a-4211-8e34-615aee7344d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-45892", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11659", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-45892\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In Planet eStream before 6.72.10.07, multiple Stored Cross-Site Scripting (XSS) vulnerabilities exist: Disclaimer, Search Function, Comments, Batch editing tool, Content Creation, Related Media, Create new user, and Change Username.\n\ud83d\udccf Published: 2022-12-25T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-14T17:43:33.926Z\n\ud83d\udd17 References:\n1. https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-planet-enterprises-ltd-planet-estream/", "creation_timestamp": "2025-04-14T17:54:18.000000Z"} https://db.gcve.eu/sighting/2a96439d-315a-4211-8e34-615aee7344d6/export Mon, 14 Apr 2025 17:54:18 +0000 https://db.gcve.eu/sighting/2d44fdaa-a823-427e-b9bd-ebf848aabe1d/export {"uuid": "2d44fdaa-a823-427e-b9bd-ebf848aabe1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-45893", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11661", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-45893\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Planet eStream before 6.72.10.07 allows a low-privileged user to gain access to administrative and high-privileged user accounts by changing the value of the ON cookie. A brute-force attack can calculate a value that provides permanent access.\n\ud83d\udccf Published: 2022-12-25T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-14T17:40:45.023Z\n\ud83d\udd17 References:\n1. https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-planet-enterprises-ltd-planet-estream/", "creation_timestamp": "2025-04-14T17:54:23.000000Z"} {"uuid": "2d44fdaa-a823-427e-b9bd-ebf848aabe1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-45893", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11661", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-45893\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Planet eStream before 6.72.10.07 allows a low-privileged user to gain access to administrative and high-privileged user accounts by changing the value of the ON cookie. A brute-force attack can calculate a value that provides permanent access.\n\ud83d\udccf Published: 2022-12-25T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-14T17:40:45.023Z\n\ud83d\udd17 References:\n1. https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-planet-enterprises-ltd-planet-estream/", "creation_timestamp": "2025-04-14T17:54:23.000000Z"} https://db.gcve.eu/sighting/2d44fdaa-a823-427e-b9bd-ebf848aabe1d/export Mon, 14 Apr 2025 17:54:23 +0000 https://db.gcve.eu/sighting/b7482b57-2a85-4d40-aca6-779759e44692/export {"uuid": "b7482b57-2a85-4d40-aca6-779759e44692", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-45894", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11663", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-45894\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: GetFile.aspx in Planet eStream before 6.72.10.07 allows ..\\ directory traversal to read arbitrary local files.\n\ud83d\udccf Published: 2022-12-25T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-14T17:33:49.779Z\n\ud83d\udd17 References:\n1. https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-planet-enterprises-ltd-planet-estream/", "creation_timestamp": "2025-04-14T17:54:25.000000Z"} {"uuid": "b7482b57-2a85-4d40-aca6-779759e44692", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-45894", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11663", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-45894\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: GetFile.aspx in Planet eStream before 6.72.10.07 allows ..\\ directory traversal to read arbitrary local files.\n\ud83d\udccf Published: 2022-12-25T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-14T17:33:49.779Z\n\ud83d\udd17 References:\n1. https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-planet-enterprises-ltd-planet-estream/", "creation_timestamp": "2025-04-14T17:54:25.000000Z"} https://db.gcve.eu/sighting/b7482b57-2a85-4d40-aca6-779759e44692/export Mon, 14 Apr 2025 17:54:25 +0000 https://db.gcve.eu/sighting/13e1d9e2-55e5-41af-bc95-ed42474d8a05/export {"uuid": "13e1d9e2-55e5-41af-bc95-ed42474d8a05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-45895", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11673", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-45895\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Planet eStream before 6.72.10.07 discloses sensitive information, related to the ON cookie (findable in HTML source code for Default.aspx in some situations) and the WhoAmI endpoint (e.g., path disclosure).\n\ud83d\udccf Published: 2022-12-25T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-14T17:28:39.443Z\n\ud83d\udd17 References:\n1. https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-planet-enterprises-ltd-planet-estream/", "creation_timestamp": "2025-04-14T17:54:41.000000Z"} {"uuid": "13e1d9e2-55e5-41af-bc95-ed42474d8a05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-45895", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11673", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-45895\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Planet eStream before 6.72.10.07 discloses sensitive information, related to the ON cookie (findable in HTML source code for Default.aspx in some situations) and the WhoAmI endpoint (e.g., path disclosure).\n\ud83d\udccf Published: 2022-12-25T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-14T17:28:39.443Z\n\ud83d\udd17 References:\n1. https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-planet-enterprises-ltd-planet-estream/", "creation_timestamp": "2025-04-14T17:54:41.000000Z"} https://db.gcve.eu/sighting/13e1d9e2-55e5-41af-bc95-ed42474d8a05/export Mon, 14 Apr 2025 17:54:41 +0000 https://db.gcve.eu/sighting/5b0085a5-fe63-4e78-b787-fe488810b187/export {"uuid": "5b0085a5-fe63-4e78-b787-fe488810b187", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-45896", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11688", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-45896\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Planet eStream before 6.72.10.07 allows unauthenticated upload of arbitrary files: Choose a Video / Related Media or Upload Document. Upload2.ashx can be used, or Ajax.asmx/ProcessUpload2. This leads to remote code execution.\n\ud83d\udccf Published: 2022-12-25T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-14T18:32:31.219Z\n\ud83d\udd17 References:\n1. https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-planet-enterprises-ltd-planet-estream/-", "creation_timestamp": "2025-04-14T18:54:22.000000Z"} {"uuid": "5b0085a5-fe63-4e78-b787-fe488810b187", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-45896", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11688", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-45896\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Planet eStream before 6.72.10.07 allows unauthenticated upload of arbitrary files: Choose a Video / Related Media or Upload Document. Upload2.ashx can be used, or Ajax.asmx/ProcessUpload2. This leads to remote code execution.\n\ud83d\udccf Published: 2022-12-25T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-14T18:32:31.219Z\n\ud83d\udd17 References:\n1. https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-planet-enterprises-ltd-planet-estream/-", "creation_timestamp": "2025-04-14T18:54:22.000000Z"} https://db.gcve.eu/sighting/5b0085a5-fe63-4e78-b787-fe488810b187/export Mon, 14 Apr 2025 18:54:22 +0000