{"vulnerability": "CVE-2022-3715", "sightings": [{"uuid": "965ea855-c259-439d-a06b-e4a53661962b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-37153", "type": "seen", "source": "https://t.me/cibsecurity/48640", "content": "\u203c CVE-2022-37153 \u203c\n\nAn issue was discovered in Artica Proxy 4.30.000000. There is a XSS vulnerability via the password parameter in /fw.login.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-24T16:27:36.000000Z"}, {"uuid": "7fd9cb9c-c417-4f8c-9cb0-cb5274c089b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-37159", "type": "seen", "source": "https://t.me/cibsecurity/48785", "content": "\u203c CVE-2022-37159 \u203c\n\nClaroline 13.5.7 and prior is vulnerable to Remote code execution via arbitrary file upload.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-25T20:23:54.000000Z"}, {"uuid": "acd75847-ea84-465f-9ecc-fc975fbe7120", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-37158", "type": "seen", "source": "https://t.me/cibsecurity/48788", "content": "\u203c CVE-2022-37158 \u203c\n\nRuoYi v3.8.3 has a Weak password vulnerability in the management system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-25T20:23:57.000000Z"}, {"uuid": "1b08f31a-eafa-4f99-b95f-603575edaa68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-37151", "type": "seen", "source": "https://t.me/cibsecurity/48851", "content": "\u203c CVE-2022-37151 \u203c\n\nThere is an unauthorized access vulnerability in Online Diagnostic Lab Management System 1.0.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-26T16:30:00.000000Z"}, {"uuid": "ead1eba3-81be-4dcc-ae36-c69d205d3411", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-37152", "type": "seen", "source": "https://t.me/cibsecurity/48849", "content": "\u203c CVE-2022-37152 \u203c\n\nAn issue was discovered in Online Diagnostic Lab Management System 1.0, There is a SQL injection vulnerability via \"dob\" parameter in \"/classes/Users.php?f=save_client\"\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-26T16:29:57.000000Z"}, {"uuid": "fa51ff51-b511-400b-9d6f-f3005224af03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-37153", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lz2qaz47yx25", "content": "", "creation_timestamp": "2025-09-17T21:02:39.100186Z"}, {"uuid": "95dc8870-b5b5-43d4-9366-6880d79bb0fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-3715", "type": "seen", "source": "https://t.me/arpsyndicate/252", "content": "#ExploitObserverAlert\n\nCVE-2022-3715\n\nDESCRIPTION: Exploit Observer has 10 entries related to CVE-2022-3715. A flaw was found in the bash package, where a heap-buffer overflow can occur in valid parameter_transform. This issue may lead to memory problems.\n\nFIRST-EPSS: 0.000430000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2023-11-17T09:53:40.000000Z"}, {"uuid": "78032dbc-1c54-4458-bfcc-6633b02da29e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-37155", "type": "seen", "source": "https://t.me/cibsecurity/54490", "content": "\u203c CVE-2022-37155 \u203c\n\nRCE in SPIP 3.1.13 through 4.1.2 allows remote authenticated users to execute arbitrary code via a GET parameter\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-14T02:21:59.000000Z"}, {"uuid": "ede2354b-e872-4502-af6a-fc15083e08bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-37150", "type": "seen", "source": "https://t.me/cibsecurity/48859", "content": "\u203c CVE-2022-37150 \u203c\n\nAn issue was discovered in Online Diagnostic Lab Management System 1.0. There is a stored XSS vulnerability via firstname, address, middlename, lastname , gender, email, contact parameters.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-26T16:30:17.000000Z"}, {"uuid": "97c78d34-4cd8-4199-b1fc-3cbdac187776", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-37153", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6670", "content": "#exploit\n1. CVE-2022-23779:\nInternal Hostname Disclosure Vulnerability\nhttps://github.com/Vulnmachines/Zoho_CVE-2022-23779\n\n2. CVE-2022-37153:\nXSS vulnerability in Artica Proxy 4.30.0\nhttps://github.com/Fjowel/CVE-2022-37153\n\n3. CVE-2022-1802 + CVE-2022-1529 + CVE-2022-2200:\nMozilla Firefox RCE + SBX full chain complete\nhttps://github.com/mistymntncop/CVE-2022-1802", "creation_timestamp": "2022-08-25T15:01:03.000000Z"}]}