{"vulnerability": "CVE-2022-3138", "sightings": [{"uuid": "8033ce33-bc0c-485e-894a-db78634b209a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-3138", "type": "seen", "source": "https://t.me/cibsecurity/49450", "content": "\u203c CVE-2022-3138 \u203c\n\nCross-site Scripting (XSS) - Generic in GitHub repository jgraph/drawio prior to 20.3.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-08T14:15:04.000000Z"}, {"uuid": "0c668ea8-a105-4493-9a26-ce120a7d6164", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31383", "type": "seen", "source": "https://t.me/cibsecurity/44647", "content": "\u203c CVE-2022-31383 \u203c\n\nDirectory Management System v1.0 was discovered to contain a SQL injection vulnerability via the editid parameter in view-directory.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-16T20:21:43.000000Z"}, {"uuid": "352bfcd6-8ffa-4756-b808-020970be1b2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31386", "type": "seen", "source": "https://t.me/cibsecurity/44107", "content": "\u203c CVE-2022-31386 \u203c\n\nA Server-Side Request Forgery (SSRF) in the getFileBinary function of nbnbk cms 3 allows attackers to force the application to make arbitrary requests via injection of arbitrary URLs into the URL parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-09T18:33:36.000000Z"}, {"uuid": "01343ce8-7cba-43da-8122-6d02213634c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31382", "type": "seen", "source": "https://t.me/cibsecurity/44660", "content": "\u203c CVE-2022-31382 \u203c\n\nDirectory Management System v1.0 was discovered to contain a SQL injection vulnerability via the searchdata parameter in search-dirctory.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-16T20:27:55.000000Z"}, {"uuid": "0ad20727-d32c-40b5-a07c-8c928ad2e732", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-31384", "type": "seen", "source": "https://t.me/cibsecurity/44642", "content": "\u203c CVE-2022-31384 \u203c\n\nDirectory Management System v1.0 was discovered to contain a SQL injection vulnerability via the fullname parameter in add-directory.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-16T20:21:38.000000Z"}]}