{"vulnerability": "CVE-2022-2292", "sightings": [{"uuid": "f30000c5-b4cf-4062-b4ab-fd4d2934abe8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22922", "type": "seen", "source": "https://t.me/cibsecurity/37686", "content": "\u203c CVE-2022-22922 \u203c\n\nTP-Link TL-WA850RE Wi-Fi Range Extender before v6_200923 was discovered to use highly predictable and easily detectable session keys, allowing attackers to gain administrative privileges.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-18T07:37:51.000000Z"}, {"uuid": "32eec8d8-a271-4da4-aeb3-14faa47e9b19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22928", "type": "seen", "source": "https://t.me/cibsecurity/35988", "content": "\u203c CVE-2022-22928 \u203c\n\nMCMS v5.2.4 was discovered to have a hardcoded shiro-key, allowing attackers to exploit the key and execute arbitrary code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-21T02:12:29.000000Z"}, {"uuid": "7aef7c07-0baa-4196-89be-642973a9fc89", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-22929", "type": "seen", "source": "https://t.me/cibsecurity/35986", "content": "\u203c CVE-2022-22929 \u203c\n\nMCMS v5.2.4 was discovered to have an arbitrary file upload vulnerability in the New Template module, which allows attackers to execute arbitrary code via a crafted ZIP file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-21T02:12:25.000000Z"}, {"uuid": "33ba33e7-084e-4b3c-86c5-6f3f1ed2b920", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2292", "type": "seen", "source": "https://t.me/cibsecurity/45989", "content": "\u203c CVE-2022-2292 \u203c\n\nA vulnerability classified as problematic has been found in SourceCodester Hotel Management System 2.0. Affected is an unknown function of the file /ci_hms/massage_room/edit/1 of the component Room Edit Page. The manipulation of the argument massageroomDetails with the input \">alert(\"XSS\") leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-12T18:25:40.000000Z"}]}