{"vulnerability": "CVE-2022-4403", "sightings": [{"uuid": "10f7c679-3c7d-4f09-adcc-eb4086b4489b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44031", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/12981", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44031\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Redmine before 4.2.9 and 5.0.x before 5.0.4 allows persistent XSS in its Textile formatter due to improper sanitization of the blockquote syntax in Textile-formatted fields.\n\ud83d\udccf Published: 2022-12-12T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-22T20:35:00.372Z\n\ud83d\udd17 References:\n1. https://www.redmine.org/projects/redmine/wiki/Security_Advisories", "creation_timestamp": "2025-04-22T21:04:22.000000Z"}, {"uuid": "b72550f2-cab7-43bf-9b60-9b125a369b53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44039", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13229", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44039\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Franklin Fueling System FFS Colibri 1.9.22.8925 is affected by: File system overwrite. The impact is: File system rewrite (remote). \u00b6\u00b6 An attacker can overwrite system files like [system.conf] and [passwd], this occurs because the insecure usage of \"fopen\" system function with the mode \"wb\" which allows overwriting file if exists. Overwriting files such as passwd, allows an attacker to escalate his privileges by planting backdoor user with root privilege or change root password.\n\ud83d\udccf Published: 2022-12-05T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-24T13:55:15.058Z\n\ud83d\udd17 References:\n1. https://pastebin.com/raw/64stbsWu", "creation_timestamp": "2025-04-24T14:05:48.000000Z"}, {"uuid": "f87eb5e9-4555-4530-a9b7-1757be5a3dd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44031", "type": "seen", "source": "https://t.me/cibsecurity/54266", "content": "\u203c CVE-2022-44031 \u203c\n\nRedmine before 4.2.9 and 5.0.x before 5.0.4 allows persistent XSS in its Textile formatter due to improper sanitization of the blockquote syntax in Textile-formatted fields.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-12T07:20:37.000000Z"}, {"uuid": "8917d31f-1e54-4ffa-b28f-1702bfb2027c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-4403", "type": "seen", "source": "https://t.me/cibsecurity/54264", "content": "\u203c CVE-2022-4403 \u203c\n\nA vulnerability classified as critical was found in SourceCodester Canteen Management System. This vulnerability affects unknown code of the file ajax_represent.php. The manipulation of the argument customer_id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-215272.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-11T18:20:13.000000Z"}, {"uuid": "31fc1f63-044a-4cac-887a-3b1b00cffd6b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44037", "type": "seen", "source": "https://t.me/cibsecurity/53626", "content": "\u203c CVE-2022-44037 \u203c\n\nAn access control issue in APsystems ENERGY COMMUNICATION UNIT (ECU-C) Power Control Software V4.1NA, V3.11.4, W2.1NA, V4.1SAA, C1.2.2 allows attackers to access sensitive data and execute specific commands and functions with full admin rights without authenticating allows him to perform multiple attacks, such as attacking wireless network in the product's range.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-29T07:28:39.000000Z"}, {"uuid": "3d5c89c1-9767-4574-ac5b-c2156e3a4b8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44038", "type": "seen", "source": "https://t.me/cibsecurity/53622", "content": "\u203c CVE-2022-44038 \u203c\n\nRussound XSourcePlayer 777D v06.08.03 was discovered to contain a remote code execution vulnerability via the scriptRunner.cgi component.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-29T07:28:32.000000Z"}, {"uuid": "72059a45-770a-4ef6-99cf-24131cc4436e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44034", "type": "seen", "source": "https://t.me/cibsecurity/52274", "content": "\u203c CVE-2022-44034 \u203c\n\nAn issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/scr24x_cs.c has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling open(), aka a race condition between scr24x_open() and scr24x_remove().\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-30T06:30:47.000000Z"}, {"uuid": "4730ce9b-9eb3-4df3-a412-d6618b5be5da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44032", "type": "seen", "source": "https://t.me/cibsecurity/52272", "content": "\u203c CVE-2022-44032 \u203c\n\nAn issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/cm4000_cs.c has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling open(), aka a race condition between cmm_open() and cm4000_detach().\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-01T05:05:20.000000Z"}, {"uuid": "c3d8bcec-1a45-479f-bc4d-21820264a21b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44033", "type": "seen", "source": "https://t.me/cibsecurity/52271", "content": "\u203c CVE-2022-44033 \u203c\n\nAn issue was discovered in the Linux kernel through 6.0.6. drivers/char/pcmcia/cm4040_cs.c has a race condition and resultant use-after-free if a physically proximate attacker removes a PCMCIA device while calling open(), aka a race condition between cm4040_open() and reader_detach().\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-30T06:30:45.000000Z"}, {"uuid": "f87cdd3d-4294-4848-8c8c-dd92b7dbfb7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44036", "type": "seen", "source": "https://t.me/cibsecurity/55842", "content": "\u203c CVE-2022-44036 \u203c\n\nRESERVED There is an arbitrary file upload vulnerability in b2evolution v7.2.5. Attackers can use this vulnerability to execute remote commands.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-04T00:17:53.000000Z"}, {"uuid": "a7d4f32a-a9b4-4e91-92a5-b0dea9805e7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44039", "type": "seen", "source": "https://t.me/cibsecurity/54035", "content": "\u203c CVE-2022-44039 \u203c\n\nFranklin Fueling System FFS Colibri 1.9.22.8925 is affected by: File system overwrite. The impact is: File system rewrite (remote). \u00c2\u00b6\u00c2\u00b6 An attacker can overwrite system files like [system.conf] and [passwd], this occurs because the insecure usage of \"fopen\" system function with the mode \"wb\" which allows overwriting file if exists. Overwriting files such as passwd, allows an attacker to escalate his privileges by planting backdoor user with root privilege or change root password.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-06T00:40:28.000000Z"}, {"uuid": "45b06ed4-467d-4a09-8739-3624d730b3e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2022-44032", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "0a6a6b82-b7eb-41f8-a892-738820cd84bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2022-44034", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "620461bd-e981-474e-978a-965d176e0756", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2022-44033", "type": "seen", "source": "https://www.cert.ssi.gouv.fr/avis/CERTFR-2026-AVI-0316/", "content": "", "creation_timestamp": "2026-03-19T00:00:00.000000Z"}, {"uuid": "2ca59afb-785a-484e-b00e-01709f5e6cbf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44030", "type": "seen", "source": "https://t.me/cibsecurity/54110", "content": "\u203c CVE-2022-44030 \u203c\n\nRedmine 5.x before 5.0.4 allows downloading of file attachments of any Issue or any Wiki page due to insufficient permission checks. Depending on the configuration, this may require login as a registered user.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-07T02:41:04.000000Z"}]}