{"vulnerability": "CVE-2022-3674", "sightings": [{"uuid": "6b65754c-5109-4000-8aa1-bc8663a4099b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36748", "type": "seen", "source": "https://t.me/cibsecurity/49088", "content": "\u203c CVE-2022-36748 \u203c\n\nPicUploader v2.6.3 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /master/index.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-31T02:36:04.000000Z"}, {"uuid": "4d113cda-3e02-4b78-b520-0fd6fcdc9308", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36745", "type": "seen", "source": "https://t.me/cibsecurity/49086", "content": "\u203c CVE-2022-36745 \u203c\n\nLibreNMS v22.6.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component print-customoid.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-31T02:36:02.000000Z"}, {"uuid": "bda189e0-dd8f-47d4-a99f-a4de0a05bf6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36746", "type": "seen", "source": "https://t.me/cibsecurity/49091", "content": "\u203c CVE-2022-36746 \u203c\n\nLibreNMS v22.6.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component oxidized-cfg-check.inc.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-31T02:36:08.000000Z"}, {"uuid": "f9de28ec-174d-4f54-8969-b671bde6035a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36749", "type": "seen", "source": "https://t.me/cibsecurity/49090", "content": "\u203c CVE-2022-36749 \u203c\n\nRPi-Jukebox-RFID v2.3.0 was discovered to contain a command injection vulnerability via the component /htdocs/utils/Files.php. This vulnerability is exploited via a crafted payload injected into the file name of an uploaded file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-31T02:36:06.000000Z"}, {"uuid": "bcea982c-8e78-4725-ab8b-f2937e44901d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-36747", "type": "seen", "source": "https://t.me/cibsecurity/49089", "content": "\u203c CVE-2022-36747 \u203c\n\nRazor v0.8.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the function uploadchannel().\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-31T02:36:05.000000Z"}]}