{"vulnerability": "CVE-2022-2291", "sightings": [{"uuid": "3d4054e9-843c-45c4-a949-c2d19ccb8bec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22916", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2254", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aCVE-2022-22916,O2OA RCE \u8fdc\u7a0b\u547d\u4ee4\u6267\u884c\nURL\uff1ahttps://github.com/aodsec/CVE-2022-22916\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-05-21T16:38:38.000000Z"}, {"uuid": "745d3877-6854-46b1-a6ef-b06ad8575067", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22916", "type": "seen", "source": "https://t.me/arpsyndicate/2088", "content": "#ExploitObserverAlert\n\nCVE-2022-22916\n\nDESCRIPTION: Exploit Observer has 7 entries related to CVE-2022-22916. O2OA v6.4.7 was discovered to contain a remote code execution (RCE) vulnerability via /x_program_center/jaxrs/invoke.\n\nFIRST-EPSS: 0.004750000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-23T05:40:12.000000Z"}, {"uuid": "6ab1ac3d-aa52-4ea4-b529-12c0c89bb3d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2291", "type": "seen", "source": "https://t.me/cibsecurity/45997", "content": "\u203c CVE-2022-2291 \u203c\n\nA vulnerability was found in SourceCodester Hotel Management System 2.0. It has been rated as problematic. This issue affects some unknown processing of the file /ci_hms/search of the component Search. The manipulation of the argument search with the input \">alert(\"XSS\") leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-12T18:25:48.000000Z"}, {"uuid": "4d7b8ffb-cb72-4de3-9899-5c170053776d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22914", "type": "seen", "source": "https://t.me/cibsecurity/37678", "content": "\u203c CVE-2022-22914 \u203c\n\nAn incorrect access control issue in the component FileManager of Ovidentia CMS 6.0 allows authenticated attackers to to view and download content in the upload directory via path traversal.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-18T00:37:29.000000Z"}, {"uuid": "85dba7e5-9e18-47cb-8461-d91e1e8737cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22916", "type": "seen", "source": "https://t.me/cibsecurity/37682", "content": "\u203c CVE-2022-22916 \u203c\n\nO2OA v6.4.7 was discovered to contain a remote code execution (RCE) vulnerability via /x_program_center/jaxrs/invoke.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-18T00:37:35.000000Z"}]}