{"vulnerability": "CVE-2022-4421", "sightings": [{"uuid": "9cbae2ee-7693-4533-8ae3-aed0352248dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44216", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7923", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44216\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Gnuboard 5.5.4 and 5.5.5 is vulnerable to Insecure Permissions. An attacker can change password of all users without knowing victim's original password.\n\ud83d\udccf Published: 2023-02-20T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-18T15:40:27.053Z\n\ud83d\udd17 References:\n1. https://sir.kr/g5_pds/6400\n2. https://github.com/gnuboard/gnuboard5/commit/11718eb4c02ffdca5393bedc0300a75e4e7b19f2\n3. https://gratis-herring-da5.notion.site/Gnuboard-Account-Takeover-version-5-5-4-5-5-5-2f69b0a21be642f58d8b7c72feea343a", "creation_timestamp": "2025-03-18T15:50:00.000000Z"}, {"uuid": "b897cd60-2ed3-4e6b-81e5-c65973f5cb9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-4421", "type": "seen", "source": "https://t.me/cibsecurity/54304", "content": "\u203c CVE-2022-4421 \u203c\n\nA vulnerability was found in rAthena FluxCP. It has been classified as problematic. Affected is an unknown function of the file themes/default/servicedesk/view.php of the component Service Desk Image URL Handler. The manipulation of the argument sslink leads to cross site scripting. It is possible to launch the attack remotely. The name of the patch is 8a39b2b2bf28353b3503ff1421862393db15aa7e. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-215304.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-12T16:25:45.000000Z"}, {"uuid": "13f51815-c5f5-48c0-a97d-2d6b4377a714", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44213", "type": "seen", "source": "https://t.me/cibsecurity/54219", "content": "\u203c CVE-2022-44213 \u203c\n\nZKTeco Xiamen Information Technology ZKBio ECO ADMS <=3.1-164 is vulnerable to Cross Site Scripting (XSS).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-09T18:13:28.000000Z"}, {"uuid": "5d68af51-3639-4a9e-befd-28a9c110392c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44212", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13304", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44212\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In GL.iNet Goodcloud 1.0, insecure design allows remote attacker to access devices' admin panel.\n\ud83d\udccf Published: 2022-12-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-24T17:49:47.007Z\n\ud83d\udd17 References:\n1. https://forum.gl-inet.com/t/security-advisories-vulnerabilities-and-cves-of-gl-inet-software/25518/2", "creation_timestamp": "2025-04-24T18:06:53.000000Z"}, {"uuid": "a80d673b-f569-44f1-bb88-dda3b098dbe5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-44211", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/13303", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-44211\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In GL.iNet Goodcloud 1.1 Incorrect access control allows a remote attacker to access/change devices' settings.\n\ud83d\udccf Published: 2022-12-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-24T17:52:03.865Z\n\ud83d\udd17 References:\n1. https://forum.gl-inet.com/t/security-advisories-vulnerabilities-and-cves-of-gl-inet-software/25518", "creation_timestamp": "2025-04-24T18:06:52.000000Z"}]}