{"vulnerability": "cve-2022-45889", "sightings": [{"uuid": "e66310ae-7e10-4e5b-b422-fc7130994729", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-45889", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11656", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-45889\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Planet eStream before 6.72.10.07 allows a remote attacker (who is a publisher or admin) to obtain access to all records stored in the database, and achieve the ability to execute arbitrary SQL commands, via Search (the StatisticsResults.aspx flt parameter).\n\ud83d\udccf Published: 2022-12-25T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-14T17:49:14.058Z\n\ud83d\udd17 References:\n1. https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-planet-enterprises-ltd-planet-estream/", "creation_timestamp": "2025-04-14T17:54:16.000000Z"}, {"uuid": "ac60d1ab-5a62-4db3-87d1-b06b8276b491", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-45889", "type": "seen", "source": "https://t.me/cibsecurity/55302", "content": "\u203c CVE-2022-45889 \u203c\n\nPlanet eStream before 6.72.10.07 allows a remote attacker (who is a publisher or admin) to obtain access to all records stored in the database, and achieve the ability to execute arbitrary SQL commands, via Search (the StatisticsResults.aspx flt parameter).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-25T07:39:57.000000Z"}]}