{"vulnerability": "cve-2022-4811", "sightings": [{"uuid": "8475fe6c-4434-4fad-90ac-e02f954bbb9e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48111", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/5761", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-48111\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A cross-site scripting (XSS) vulnerability in the check_login function of SIPE s.r.l WI400 between version 8 and 11 included allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the f parameter.\n\ud83d\udccf Published: 2023-03-10T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-27T19:12:12.856Z\n\ud83d\udd17 References:\n1. http://sipe.com\n2. http://wi400.com\n3. https://labs.yarix.com/advisories/CVE-2022-48111/\n4. https://labs.yarix.com/2023/02/siri-wi400-xss-on-login-page-cve-2022-48111/\n5. https://devisions.github.io/blog/cve-2022-48111", "creation_timestamp": "2025-02-27T19:26:02.000000Z"}, {"uuid": "a70d2b19-9a2c-4188-b372-85386e86c536", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-4811", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11297", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-4811\n\ud83d\udd25 CVSS Score: 8.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L)\n\ud83d\udd39 Description: Authorization Bypass Through User-Controlled Key vulnerability in usememos usememos/memos.This issue affects usememos/memos before 0.9.1.\n\n\n\ud83d\udccf Published: 2022-12-28T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-10T16:43:23.786Z\n\ud83d\udd17 References:\n1. https://github.com/usememos/memos/commit/3556ae4e651d9443dc3bb8a170dd3cc726517a53\n2. https://huntr.dev/bounties/e907b754-4f33-46b6-9dd2-0d2223cb060c", "creation_timestamp": "2025-04-10T17:49:19.000000Z"}, {"uuid": "1eef31d9-26f1-455a-a154-5cf8b566de97", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48116", "type": "seen", "source": "https://t.me/cibsecurity/57111", "content": "\u203c CVE-2022-48116 \u203c\n\nAyaCMS v3.1.2 was discovered to contain a remote code execution (RCE) vulnerability via the component /admin/tpl_edit.inc.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-27T22:34:44.000000Z"}, {"uuid": "cb4b77ef-0b5e-4715-aee3-79db4b7540e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48118", "type": "seen", "source": "https://t.me/cibsecurity/57109", "content": "\u203c CVE-2022-48118 \u203c\n\nJorani v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Acronym parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-27T22:34:42.000000Z"}, {"uuid": "a4d7d966-ea12-4e59-bd81-eee6f1c58ae8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48116", "type": "seen", "source": "https://t.me/arpsyndicate/2724", "content": "#ExploitObserverAlert\n\nCVE-2022-48116\n\nDESCRIPTION: Exploit Observer has 2 entries related to CVE-2022-48116. AyaCMS v3.1.2 was discovered to contain a remote code execution (RCE) vulnerability via the component /admin/tpl_edit.inc.php.\n\nFIRST-EPSS: 0.001420000\nNVD-IS: 5.9\nNVD-ES: 1.2", "creation_timestamp": "2024-01-09T07:14:30.000000Z"}, {"uuid": "4a231f49-73ba-45ba-857a-ec263ef81bb0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48114", "type": "seen", "source": "https://t.me/cibsecurity/57426", "content": "\u203c CVE-2022-48114 \u203c\n\nRuoYi up to v4.7.5 was discovered to contain a SQL injection vulnerability via the component /tool/gen/createTable.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-03T00:15:18.000000Z"}, {"uuid": "83852fc2-d992-47f4-83b3-8d438d0cacce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48115", "type": "seen", "source": "https://t.me/cibsecurity/58491", "content": "\u203c CVE-2022-48115 \u203c\n\nThe dropdown menu in jspreadsheet before v4.6.0 was discovered to be vulnerable to cross-site scripting (XSS).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-18T00:13:47.000000Z"}, {"uuid": "831b5fac-058b-4bdf-a1d6-2877a4eded7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48110", "type": "seen", "source": "https://t.me/cibsecurity/58021", "content": "\u203c CVE-2022-48110 \u203c\n\nCKSource CKEditor5 35.4.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the Full Featured CKEditor5 widget.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-13T22:29:56.000000Z"}, {"uuid": "3a056c41-bf4a-4257-8e75-1514b95d663b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48113", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8939", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-48113\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A vulnerability in TOTOLINK N200RE_v5 firmware V9.3.5u.6139 allows unauthenticated attackers to access the telnet service via a crafted POST request. Attackers are also able to leverage this vulnerability to login as root via hardcoded credentials.\n\ud83d\udccf Published: 2023-02-02T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-26T19:15:13.916Z\n\ud83d\udd17 References:\n1. https://wefir.blogspot.com/2022/12/totolink-n200rev5-telnet-backdoor.html", "creation_timestamp": "2025-03-26T19:26:13.000000Z"}, {"uuid": "8555a8c8-e67d-40f2-ac91-576c470e805f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48114", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8942", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-48114\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: RuoYi up to v4.7.5 was discovered to contain a SQL injection vulnerability via the component /tool/gen/createTable.\n\ud83d\udccf Published: 2023-02-02T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-26T19:09:37.859Z\n\ud83d\udd17 References:\n1. https://gitee.com/y_project/RuoYi/issues/I65V2B", "creation_timestamp": "2025-03-26T19:26:16.000000Z"}, {"uuid": "34d33775-c899-4fa3-b948-82f83aa1207f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48111", "type": "seen", "source": "https://t.me/cibsecurity/59790", "content": "\u203c CVE-2022-48111 \u203c\n\nA cross-site scripting (XSS) vulnerability in the check_login function of SIPE s.r.l WI400 between version 8 and 11 included allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the f parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-10T18:21:09.000000Z"}, {"uuid": "461521dd-667f-4243-a2d5-7c7bc9a81b61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-48113", "type": "seen", "source": "https://t.me/cibsecurity/57415", "content": "\u203c CVE-2022-48113 \u203c\n\nA vulnerability in TOTOLINK N200RE_v5 firmware V9.3.5u.6139 allows unauthenticated attackers to access the telnet service via a crafted POST request. Attackers are also able to leverage this vulnerability to login as root via hardcoded credentials.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-03T00:15:06.000000Z"}, {"uuid": "9c55e9c6-f3bf-4ed4-bca6-9303184eb348", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2022-4811", "type": "seen", "source": "https://t.me/cibsecurity/55490", "content": "\u203c CVE-2022-4811 \u203c\n\nImproper Authorization in GitHub repository usememos/memos prior to 0.9.1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-28T16:12:31.000000Z"}]}