{"vulnerability": "CVE-2022-2796", "sightings": [{"uuid": "a5b90b1e-f9ea-4b99-9ef3-8e08eac36caf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-27969", "type": "seen", "source": "https://t.me/cibsecurity/49470", "content": "\u203c CVE-2022-27969 \u203c\n\nCynet 360 Web Portal before v4.5 was discovered to allow attackers to access a list of decoy users via a crafted GET request sent to /WebApp/DeceptionUser/GetAllDeceptionUsers.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-08T20:15:26.000000Z"}, {"uuid": "b345cbe9-3185-4c42-8ecc-0378a8922ea6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-27968", "type": "seen", "source": "https://t.me/cibsecurity/49469", "content": "\u203c CVE-2022-27968 \u203c\n\nCynet 360 Web Portal before v4.5 was discovered to allow attackers to access a list of monitored files and profiles via a crafted GET request sent to /WebApp/SettingsFileMonitor/GetFileMonitorProfiles.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-08T20:15:25.000000Z"}, {"uuid": "e62b1de6-958a-4f4d-bf36-5afeb5c65d1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-27962", "type": "seen", "source": "https://t.me/cibsecurity/41822", "content": "\u203c CVE-2022-27962 \u203c\n\nBluecms 1.6 has a SQL injection vulnerability at cooike.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-03T20:33:51.000000Z"}, {"uuid": "5a4bd06f-124e-4f34-8362-0ab80c4babc2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-27966", "type": "seen", "source": "https://t.me/cibsecurity/39961", "content": "\u203c CVE-2022-27966 \u203c\n\nXshell v7.0.0099 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-01T02:19:12.000000Z"}, {"uuid": "cebf8e61-2ce5-45bb-b467-c59836df25ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-27964", "type": "seen", "source": "https://t.me/cibsecurity/39959", "content": "\u203c CVE-2022-27964 \u203c\n\nXmanager v7.0.0096 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-01T02:19:09.000000Z"}, {"uuid": "ca894a40-4412-4469-b099-09e9347aa858", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-27965", "type": "seen", "source": "https://t.me/cibsecurity/39957", "content": "\u203c CVE-2022-27965 \u203c\n\nXlpd v7.0.0094 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-01T02:19:07.000000Z"}, {"uuid": "cc32a6b2-490a-4f11-aed1-8fb8ce00aa01", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-27967", "type": "seen", "source": "https://t.me/cibsecurity/49466", "content": "\u203c CVE-2022-27967 \u203c\n\nCynet 360 Web Portal before v4.5 was discovered to allow attackers to access a list of excluded files and profiles via a crafted GET request sent to /WebApp/SettingsExclusion/GetExclusionsProfiles.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-08T20:15:22.000000Z"}, {"uuid": "c2d89564-e186-44b3-8cc9-f4494a2c10b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-27963", "type": "seen", "source": "https://t.me/cibsecurity/39949", "content": "\u203c CVE-2022-27963 \u203c\n\nXftp 7.0.0088p and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-01T02:18:56.000000Z"}]}