{"vulnerability": "CVE-2022-2549", "sightings": [{"uuid": "2b60daf7-948e-455c-8eef-c1355cc41bc2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25492", "type": "seen", "source": "https://t.me/cibsecurity/38966", "content": "\u203c CVE-2022-25492 \u203c\n\nHMS v1.0 was discovered to contain a SQL injection vulnerability via the medicineid parameter in ajaxmedicine.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-15T21:19:39.000000Z"}, {"uuid": "ba2a5d9a-3005-4570-b129-584248df209e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25491", "type": "seen", "source": "https://t.me/cibsecurity/38967", "content": "\u203c CVE-2022-25491 \u203c\n\nHMS v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in appointment.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-15T21:19:40.000000Z"}, {"uuid": "62fa46f5-dd12-4836-832d-7dd7390b921f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25494", "type": "seen", "source": "https://t.me/cibsecurity/38963", "content": "\u203c CVE-2022-25494 \u203c\n\nOnline Banking System v1.0 was discovered to contain a SQL injection vulnerability via staff_login.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-15T21:19:36.000000Z"}, {"uuid": "ed80166e-c863-4803-9d85-00b7aa6fb881", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25493", "type": "seen", "source": "https://t.me/cibsecurity/38972", "content": "\u203c CVE-2022-25493 \u203c\n\nHMS v1.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via treatmentrecord.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-15T21:19:46.000000Z"}, {"uuid": "502b2f74-6b86-4b02-96a7-029a7d096199", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25495", "type": "seen", "source": "https://t.me/cibsecurity/38971", "content": "\u203c CVE-2022-25495 \u203c\n\nThe component /jquery_file_upload/server/php/index.php of CuppaCMS v1.0 allows attackers to upload arbitrary files and execute arbitrary code via a crafted PHP file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-15T21:19:45.000000Z"}, {"uuid": "3947aec6-04cb-480e-b8ac-61c4cd465d51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25490", "type": "seen", "source": "https://t.me/cibsecurity/38970", "content": "\u203c CVE-2022-25490 \u203c\n\nHMS v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in department.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-15T21:19:44.000000Z"}, {"uuid": "d7c59f38-e363-4de9-af89-5d43a9f55e5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25498", "type": "seen", "source": "https://t.me/cibsecurity/38969", "content": "\u203c CVE-2022-25498 \u203c\n\nCuppaCMS v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the saveConfigData function in /classes/ajax/Functions.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-15T21:19:43.000000Z"}, {"uuid": "01290abd-7a2a-4245-8c5c-1b936f22cf94", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-25497", "type": "seen", "source": "https://t.me/cibsecurity/38961", "content": "\u203c CVE-2022-25497 \u203c\n\nCuppaCMS v1.0 was discovered to contain an arbitrary file read via the copy function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-15T21:19:33.000000Z"}]}