{"vulnerability": "CVE-2022-4224", "sightings": [{"uuid": "b568c33a-8dc0-4ace-941b-e532c629b4cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-42245", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13939", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-42245\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Dreamer CMS 4.0.01 is vulnerable to SQL Injection.\n\ud83d\udccf Published: 2022-11-17T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-29T20:24:37.764Z\n\ud83d\udd17 References:\n1. https://gitee.com/isoftforce/dreamer_cms/issues/I5U408\n2. https://packetstormsecurity.com/files/171585/Dreamer-CMS-4.0.0-SQL-Injection.html", "creation_timestamp": "2025-04-29T21:13:48.000000Z"}, {"uuid": "35f5ddd3-eb83-4e6f-b39a-89185d69d01f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-42246", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13940", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-42246\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Doufox 0.0.4 contains a CSRF vulnerability that can add system administrator account.\n\ud83d\udccf Published: 2022-11-17T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-29T20:23:11.468Z\n\ud83d\udd17 References:\n1. https://github.com/farliy-hacker/Doufoxcms/issues/1", "creation_timestamp": "2025-04-29T21:13:49.000000Z"}, {"uuid": "77026a8b-9ba7-4e16-92f8-5ed32ceb7191", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-42242", "type": "seen", "source": "https://t.me/cibsecurity/50917", "content": "\u203c CVE-2022-42242 (simple_cold_storage_management_system) \u203c\n\nSimple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/classes/Master.php?f=delete_booking.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-06T22:22:54.000000Z"}, {"uuid": "93c962a4-6789-421d-a1fe-f99b681876b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-42249", "type": "seen", "source": "https://t.me/cibsecurity/50915", "content": "\u203c CVE-2022-42249 (simple_cold_storage_management_system) \u203c\n\nSimple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/admin/storages/view_storage.php?id=.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-06T22:22:51.000000Z"}, {"uuid": "1eba3b61-d8ec-4a97-aa81-5e10de04b7ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-42247", "type": "seen", "source": "https://t.me/cibsecurity/50829", "content": "\u203c CVE-2022-42247 \u203c\n\npfSense v2.5.2 was discovered to contain a cross-site scripting (XSS) vulnerability in the browser.php component. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into a file name.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-03T20:44:16.000000Z"}, {"uuid": "865ff077-e510-4245-85de-321077699651", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2022-4224", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-076-01", "content": "", "creation_timestamp": "2026-03-17T12:00:00.000000Z"}, {"uuid": "cdafc65c-537a-4dd6-98ea-2f77bfa5ada4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-42248", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6717", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-42248\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: QlikView 12.60.2 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the QvsViewClient functionality.\n\ud83d\udccf Published: 2023-03-06T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-06T17:05:21.187Z\n\ud83d\udd17 References:\n1. http://qlikview.com\n2. https://github.com/Ozozuz/Qlik-View-Stored-XSS", "creation_timestamp": "2025-03-06T17:34:37.000000Z"}, {"uuid": "68ea98a5-bc1f-49ad-ae61-c942ccfbf02f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-4224", "type": "seen", "source": "https://t.me/cibsecurity/60562", "content": "\u203c CVE-2022-4224 \u203c\n\nIn multiple products of CODESYS v3 in multiple versions a remote low privileged user could utilize this vulnerability to read and modify system files and OS resources or DoS the device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-23T15:51:41.000000Z"}, {"uuid": "6199522d-d29d-4d30-9a04-bdec81da61fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-42248", "type": "seen", "source": "https://t.me/cibsecurity/59509", "content": "\u203c CVE-2022-42248 \u203c\n\nQlikView 12.60.2 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the QvsViewClient functionality.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-07T00:13:09.000000Z"}, {"uuid": "a42a778e-3508-4a0f-bf9d-7b5f3efc26ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-42243", "type": "seen", "source": "https://t.me/cibsecurity/50919", "content": "\u203c CVE-2022-42243 (simple_cold_storage_management_system) \u203c\n\nSimple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/admin/storages/manage_storage.php?id=.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-06T22:22:56.000000Z"}, {"uuid": "464f25ff-a621-4477-bd01-5d5a1ef96be5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-42241", "type": "seen", "source": "https://t.me/cibsecurity/50918", "content": "\u203c CVE-2022-42241 (simple_cold_storage_management_system) \u203c\n\nSimple Cold Storage Management System v1.0 is vulnerable to SQL injection via /csms/classes/Master.php?f=delete_message.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-06T22:22:55.000000Z"}, {"uuid": "5f5250fd-ce37-4bd1-a451-e3a44ceb2627", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-42246", "type": "seen", "source": "https://t.me/cibsecurity/53032", "content": "\u203c CVE-2022-42246 \u203c\n\nDoufox 0.0.4 contains a CSRF vulnerability that can add system administrator account.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-17T15:52:45.000000Z"}, {"uuid": "6c88170e-a655-428a-8ab4-1fa72529960d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-42245", "type": "seen", "source": "https://t.me/cibsecurity/53027", "content": "\u203c CVE-2022-42245 \u203c\n\nDreamer CMS 4.0.01 is vulnerable to SQL Injection.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-17T15:52:40.000000Z"}, {"uuid": "c0001601-0ead-4cd7-aa0c-039768869b88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-42248", "type": "seen", "source": "Telegram/yaJ6c-EIZBcU5A8heZbJsShghpWELPvikGZEzvRxvWFm09Lw", "content": "", "creation_timestamp": "2025-03-08T04:34:10.000000Z"}]}