{"vulnerability": "cve-2022-2926", "sightings": [{"uuid": "f115038b-e437-40ac-99fa-89aeb6958426", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-29265", "type": "seen", "source": "https://t.me/arpsyndicate/3152", "content": "#ExploitObserverAlert\n\nCVE-2022-29265\n\nDESCRIPTION: Exploit Observer has 3 entries in 2 file formats related to CVE-2022-29265. Multiple components in Apache NiFi 0.0.1 to 1.16.0 do not restrict XML External Entity references in the default configuration. The Standard Content Viewer service attempts to resolve XML External Entity references when viewing formatted XML files. The following Processors attempt to resolve XML External Entity references when configured with default property values: - EvaluateXPath - EvaluateXQuery - ValidateXml Apache NiFi flow configurations that include these Processors are vulnerable to malicious XML documents that contain Document Type Declarations with XML External Entity references. The resolution disables Document Type Declarations in the default configuration for these Processors, and disallows XML External Entity resolution in standard services.\n\nFIRST-EPSS: 0.001270000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2024-01-28T01:46:28.000000Z"}, {"uuid": "5c9558b2-d630-44e7-86fe-c717eb9433e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2926", "type": "seen", "source": "https://t.me/cibsecurity/50478", "content": "\u203c CVE-2022-2926 \u203c\n\nThe Download Manager WordPress plugin before 3.2.55 does not validate one of its settings, which could allow high privilege users such as admin to list and read arbitrary files and folders outside of the blog directory\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-26T16:22:01.000000Z"}, {"uuid": "4f33d83b-a7e2-4243-a494-7dfe3160df0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-29265", "type": "seen", "source": "https://t.me/cibsecurity/41691", "content": "\u203c CVE-2022-29265 \u203c\n\nMultiple components in Apache NiFi 0.0.1 to 1.16.0 do not restrict XML External Entity references in the default configuration. The Standard Content Viewer service attempts to resolve XML External Entity references when viewing formatted XML files. The following Processors attempt to resolve XML External Entity references when configured with default property values: - EvaluateXPath - EvaluateXQuery - ValidateXml Apache NiFi flow configurations that include these Processors are vulnerable to malicious XML documents that contain Document Type Declarations with XML External Entity references. The resolution disables Document Type Declarations in the default configuration for these Processors, and disallows XML External Entity resolution in standard services.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-30T12:25:49.000000Z"}, {"uuid": "18be0565-311a-4056-b2a5-b76b9356f35e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-29268", "type": "seen", "source": "https://t.me/cibsecurity/40880", "content": "\u203c CVE-2022-29268 \u203c\n\nBitrix through 7.5.0 allows remote attackers to execute arbitrary code by using the restore.php Upload From Local Disk feature.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-15T20:20:15.000000Z"}, {"uuid": "b857d5b0-15f8-47db-8efc-49c60af0ca05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-29264", "type": "seen", "source": "https://t.me/cibsecurity/41367", "content": "\u203c CVE-2022-29264 \u203c\n\nAn issue was discovered in coreboot 4.13 through 4.16. On APs, arbitrary code execution in SMM may occur.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-25T12:30:55.000000Z"}, {"uuid": "97c1789f-8cbd-434e-8132-28190f2f6048", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-2926", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17141", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-2926\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Download Manager WordPress plugin before 3.2.55 does not validate one of its settings, which could allow high privilege users such as admin to list and read arbitrary files and folders outside of the blog directory\n\ud83d\udccf Published: 2022-09-26T12:35:35.000Z\n\ud83d\udccf Modified: 2025-05-21T16:23:31.411Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/2a440e1a-a7e4-4106-839a-d93895e16785", "creation_timestamp": "2025-05-21T16:41:34.000000Z"}]}