{"vulnerability": "CVE-2022-2388", "sightings": [{"uuid": "801aa32f-16c7-4ae2-b94a-76724b6de892", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23881", "type": "seen", "source": "https://t.me/cibsecurity/39438", "content": "\u203c CVE-2022-23881 \u203c\n\nZZZCMS zzzphp v2.1.0 was discovered to contain a remote command execution (RCE) vulnerability via danger_key() at zzz_template.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-23T23:28:54.000000Z"}, {"uuid": "c92ec222-4adb-4afe-a9cf-8fce7c83e91a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23880", "type": "seen", "source": "https://t.me/cibsecurity/39446", "content": "\u203c CVE-2022-23880 \u203c\n\nAn arbitrary file upload vulnerability in the File Management function module of taoCMS v3.0.2 allows attackers to execute arbitrary code via a crafted PHP file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-23T23:29:03.000000Z"}, {"uuid": "2836e6b9-d7d3-4785-95cc-5ccd3c1bff71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23882", "type": "seen", "source": "https://t.me/cibsecurity/39642", "content": "\u203c CVE-2022-23882 \u203c\n\nTuziCMS 2.0.6 is affected by SQL injection in \\App\\Manage\\Controller\\BannerController.class.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-28T16:39:15.000000Z"}, {"uuid": "8a19332b-2e5c-49dc-a07c-0ef98d410e1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23884", "type": "seen", "source": "https://t.me/cibsecurity/39641", "content": "\u203c CVE-2022-23884 \u203c\n\nMojang Bedrock Dedicated Server 1.18.2 is affected by an integer overflow leading to a bound check bypass caused by PurchaseReceiptPacket::_read (packet deserializer).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-28T16:39:14.000000Z"}, {"uuid": "52ee06ff-2c72-4b5a-9ba5-de9386957b44", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23887", "type": "seen", "source": "https://t.me/cibsecurity/36519", "content": "\u203c CVE-2022-23887 \u203c\n\nYzmCMS v6.3 was discovered to contain a Cross-Site Request Forgery (CSRF) which allows attackers to arbitrarily delete user accounts via /admin/admin_manage/delete.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-29T00:21:57.000000Z"}, {"uuid": "103dd863-f998-455b-8474-181ea5ebad33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-23884", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/1746", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aDetails,PoC and patches for CVE-2022-23884\nURL\uff1ahttps://github.com/LuckyDogDog/CVE-2022-23884\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-03-30T06:26:55.000000Z"}]}