{"vulnerability": "cve-2022-4202", "sightings": [{"uuid": "6a7d7d2c-e12f-4c70-9b02-a61ebeb8b3aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-42029", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/16428", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-42029\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Chamilo 1.11.16 is affected by an authenticated local file inclusion vulnerability which allows authenticated users with access to 'big file uploads' to copy/move files from anywhere in the file system into the web directory.\n\ud83d\udccf Published: 2022-10-17T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-14T20:36:42.442Z\n\ud83d\udd17 References:\n1. https://support.chamilo.org/projects/1/wiki/Security_issues#Issue-95-2022-09-14-High-impact-Moderate-risk-Authenticated-Local-file-inclusion", "creation_timestamp": "2025-05-14T21:32:35.000000Z"}, {"uuid": "babc1a15-271e-49fb-857a-a4e142c602e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-4202", "type": "seen", "source": "https://t.me/cibsecurity/53638", "content": "\u203c CVE-2022-4202 \u203c\n\nA vulnerability, which was classified as problematic, was found in GPAC 2.1-DEV-rev490-g68064e101-master. Affected is the function lsr_translate_coords of the file laser/lsr_dec.c. The manipulation leads to integer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-214518 is the identifier assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-29T12:30:07.000000Z"}, {"uuid": "0dc2cb33-d913-413a-9876-65d753ca0de0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-42021", "type": "seen", "source": "https://t.me/cibsecurity/51888", "content": "\u203c CVE-2022-42021 \u203c\n\nBest Student Result Management System v1.0 is vulnerable to SQL Injection via /upresult/upresult/notice-details.php?nid=.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-20T18:21:18.000000Z"}, {"uuid": "5f44e238-dd0d-44c7-891d-58b65a3fdaec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-42029", "type": "seen", "source": "https://t.me/cibsecurity/51625", "content": "\u203c CVE-2022-42029 \u203c\n\nChamilo 1.11.16 is affected by an authenticated local file inclusion vulnerability which allows authenticated users with access to 'big file uploads' to copy/move files from anywhere in the file system into the web directory.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-17T22:13:25.000000Z"}]}