{"vulnerability": "cve-2022-2805", "sightings": [{"uuid": "1cfb2529-2f45-4f17-a74e-4a7e954a2c1d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28051", "type": "seen", "source": "https://t.me/cibsecurity/43905", "content": "\u203c CVE-2022-28051 \u203c\n\nThe \"Add category\" functionality inside the \"Global Keywords\" menu in \"SeedDMS\" version 6.0.18 and 5.1.25, is prone to stored XSS which allows an attacker to inject malicious javascript code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-07T02:30:29.000000Z"}, {"uuid": "b83a020c-1bfc-48c3-9bf4-63d4b39e94f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28056", "type": "seen", "source": "https://t.me/cibsecurity/41725", "content": "\u203c CVE-2022-28056 \u203c\n\nShopXO v2.2.5 and below was discovered to contain a system re-install vulnerability via the Add function in app/install/controller/Index.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-02T18:32:49.000000Z"}, {"uuid": "c5896c24-5b8b-4bb4-9cb6-cecbe07f869b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28054", "type": "seen", "source": "https://t.me/cibsecurity/41724", "content": "\u203c CVE-2022-28054 \u203c\n\nImproper sanitization of trigger action scripts in VanDyke Software VShell for Windows v4.6.2 allows attackers to execute arbitrary code via a crafted value.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-02T18:32:48.000000Z"}, {"uuid": "9f9bd891-c79f-4c2e-8fc6-09b49cf81823", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28058", "type": "seen", "source": "https://t.me/cibsecurity/41466", "content": "\u203c CVE-2022-28058 \u203c\n\nVerydows v2.0 was discovered to contain an arbitrary file deletion vulnerability via \\backend\\file_controller.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-27T00:37:35.000000Z"}, {"uuid": "afb8bc43-291e-4c44-816e-236d4933be39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28059", "type": "seen", "source": "https://t.me/cibsecurity/41461", "content": "\u203c CVE-2022-28059 \u203c\n\nVerydows v2.0 was discovered to contain an arbitrary file deletion vulnerability via \\backend\\database_controller.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-27T00:37:27.000000Z"}, {"uuid": "32b58bd9-f658-4c02-9125-d5777874b932", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28053", "type": "seen", "source": "https://t.me/cibsecurity/41380", "content": "\u203c CVE-2022-28053 \u203c\n\nTypemill v1.5.3 was discovered to contain an arbitrary file upload vulnerability via the upload function. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-25T16:36:13.000000Z"}, {"uuid": "6b67a10b-d53a-45a3-8784-809de96475ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28052", "type": "seen", "source": "https://t.me/cibsecurity/40723", "content": "\u203c CVE-2022-28052 \u203c\n\nDirectory Traversal vulnerability in file cn/roothub/store/FileSystemStorageService in function store in Roothub 2.6.0 allows remote attackers with low privlege to arbitrarily upload files via /common/upload API, which could lead to remote arbitrary code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-13T18:17:56.000000Z"}, {"uuid": "3f3a19d5-19ac-498b-96d3-214cf432ddbe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-28054", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m3qa4bbwat2j", "content": "", "creation_timestamp": "2025-10-21T21:02:33.670821Z"}]}