{"vulnerability": "CVE-2022-4649", "sightings": [{"uuid": "3e21f0a2-ff7a-44aa-a293-a323ef0771b6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-4649", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9357", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-4649\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The WP Extended Search WordPress plugin before 2.1.2 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack.\n\ud83d\udccf Published: 2023-01-30T20:31:35.961Z\n\ud83d\udccf Modified: 2025-03-28T14:04:17.568Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/0d9ba176-97be-4b6b-9cf1-6c3047321a1e", "creation_timestamp": "2025-03-28T14:27:42.000000Z"}, {"uuid": "c4ec6378-14fa-4bd4-a6be-8c5abb271221", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-46496", "type": "seen", "source": "https://t.me/cibsecurity/57636", "content": "\u203c CVE-2022-46496 \u203c\n\nBTicino Door Entry HOMETOUCH for iOS 1.4.2 was discovered to be missing an SSL certificate.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-07T02:28:30.000000Z"}, {"uuid": "767fa2f6-0ac3-4d0f-bc4b-57df6c52c438", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-46490", "type": "seen", "source": "https://t.me/cibsecurity/55969", "content": "\u203c CVE-2022-46490 \u203c\n\nGPAC version 2.1-DEV-rev505-gb9577e6ad-master was discovered to contain a memory leak via the afrt_box_read function at box_code_adobe.c.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-05T18:22:14.000000Z"}, {"uuid": "132ae010-ff2d-4dcf-b71c-d9454c8ed01b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-46490", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11234", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-46490\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: GPAC version 2.1-DEV-rev505-gb9577e6ad-master was discovered to contain a memory leak via the afrt_box_read function at box_code_adobe.c.\n\ud83d\udccf Published: 2023-01-05T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-10T14:43:51.494Z\n\ud83d\udd17 References:\n1. https://github.com/gpac/gpac/issues/2327", "creation_timestamp": "2025-04-10T14:50:15.000000Z"}, {"uuid": "39a4c0d9-5062-4463-9167-45e7d572d1f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-46492", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11767", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-46492\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: nbnbk commit 879858451d53261d10f77d4709aee2d01c72c301 was discovered to contain an arbitrary file read vulnerability via the component /api/Index/getFileBinary.\n\ud83d\udccf Published: 2022-12-23T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-15T03:49:27.536Z\n\ud83d\udd17 References:\n1. https://github.com/Fanli2012/nbnbk/issues/3", "creation_timestamp": "2025-04-15T04:54:13.000000Z"}, {"uuid": "1163164e-e112-4da8-a62d-69bee7a2fc8f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-46499", "type": "seen", "source": "https://t.me/ctinow/202266", "content": "https://ift.tt/oOvX4yi\nCVE-2022-46499", "creation_timestamp": "2024-03-07T10:27:11.000000Z"}, {"uuid": "58d3df6c-4a4c-4dac-86b1-c5c72663e296", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-46498", "type": "seen", "source": "https://t.me/ctinow/202265", "content": "https://ift.tt/gvmIKtE\nCVE-2022-46498", "creation_timestamp": "2024-03-07T10:27:10.000000Z"}, {"uuid": "17cbf97c-7b16-401d-bdce-ee41548a3762", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-46497", "type": "seen", "source": "https://t.me/ctinow/202264", "content": "https://ift.tt/vypi6ZM\nCVE-2022-46497", "creation_timestamp": "2024-03-07T10:27:09.000000Z"}, {"uuid": "8f1e2114-cac1-4d34-8268-9debb76ee71b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-46499", "type": "seen", "source": "https://t.me/ctinow/202252", "content": "https://ift.tt/oOvX4yi\nCVE-2022-46499", "creation_timestamp": "2024-03-07T10:26:55.000000Z"}, {"uuid": "59f4726e-39e1-4248-abbf-a106f44022ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-46498", "type": "seen", "source": "https://t.me/ctinow/202251", "content": "https://ift.tt/gvmIKtE\nCVE-2022-46498", "creation_timestamp": "2024-03-07T10:26:54.000000Z"}, {"uuid": "fcdd9c6c-fba3-4e7a-afd4-eb86c921a761", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-46497", "type": "seen", "source": "https://t.me/ctinow/202250", "content": "https://ift.tt/vypi6ZM\nCVE-2022-46497", "creation_timestamp": "2024-03-07T10:26:53.000000Z"}, {"uuid": "b713a0a5-838a-43f8-8333-e7fe3a0f4b7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-46492", "type": "seen", "source": "https://t.me/cibsecurity/55228", "content": "\u203c CVE-2022-46492 \u203c\n\nnbnbk commit 879858451d53261d10f77d4709aee2d01c72c301 was discovered to contain an arbitrary file read vulnerability via the component /api/Index/getFileBinary.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-23T07:14:11.000000Z"}, {"uuid": "099a60c0-467a-4040-a876-39de62030814", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-46491", "type": "seen", "source": "https://t.me/cibsecurity/55222", "content": "\u203c CVE-2022-46491 \u203c\n\nA Cross-Site Request Forgery (CSRF) vulnerability in the Add Administrator function of the default version of nbnbk allows attackers to arbitrarily add Administrator accounts.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-23T02:14:06.000000Z"}, {"uuid": "6946de02-598e-4c41-8a12-237cf070ccac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-46493", "type": "seen", "source": "https://t.me/cibsecurity/55220", "content": "\u203c CVE-2022-46493 \u203c\n\nDefault version of nbnbk was discovered to contain an arbitrary file upload vulnerability via the component /api/User/download_img.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-23T02:14:02.000000Z"}]}