https://vulnerability.circl.lu/sightings/feed 2026-05-11T08:20:38.218946+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/a648d4b8-f83b-419c-bae2-361f431736a6/export 2026-05-11T08:20:38.588367+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "a648d4b8-f83b-419c-bae2-361f431736a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4859", "type": "seen", "source": "https://t.me/cibsecurity/55561", "content": "\u203c CVE-2022-4859 \u203c\n\nA vulnerability, which was classified as problematic, has been found in Joget up to 7.0.33. This issue affects the function submitForm of the file wflow-core/src/main/java/org/joget/plugin/enterprise/UserProfileMenu.java of the component User Profile Menu. The manipulation of the argument firstName/lastName leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 7.0.34 is able to address this issue. The name of the patch is 9a77f508a2bf8cf661d588f37a4cc29ecaea4fc8. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-217055.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-30T14:14:13.000000Z"} 2022-12-30T14:14:13+00:00 https://vulnerability.circl.lu/sighting/75e46b6a-28ef-412e-885b-0008b51faf11/export 2026-05-11T08:20:38.588283+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "75e46b6a-28ef-412e-885b-0008b51faf11", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48596", "type": "seen", "source": "https://t.me/cibsecurity/68114", "content": "\u203c CVE-2022-48596 \u203c\n\nA SQL injection vulnerability exists in the \u00e2\u20ac\u0153ticket queue watchers\u00e2\u20ac\ufffd feature of the ScienceLogic SL1 that takes unsanitized user?controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-09T22:15:14.000000Z"} 2023-08-09T22:15:14+00:00 https://vulnerability.circl.lu/sighting/fb9f5a08-1954-46b3-81c8-e9457d110f31/export 2026-05-11T08:20:38.588191+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "fb9f5a08-1954-46b3-81c8-e9457d110f31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48593", "type": "seen", "source": "https://t.me/cibsecurity/68118", "content": "\u203c CVE-2022-48593 \u203c\n\nA SQL injection vulnerability exists in the \u00e2\u20ac\u0153topology data service\u00e2\u20ac\ufffd feature of the ScienceLogic SL1 that takes unsanitized user?controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-09T22:15:18.000000Z"} 2023-08-09T22:15:18+00:00 https://vulnerability.circl.lu/sighting/ee56e501-f685-41e3-84cb-627597f4acd8/export 2026-05-11T08:20:38.588105+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "ee56e501-f685-41e3-84cb-627597f4acd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48595", "type": "seen", "source": "https://t.me/cibsecurity/68119", "content": "\u203c CVE-2022-48595 \u203c\n\nA SQL injection vulnerability exists in the \u00e2\u20ac\u0153ticket template watchers\u00e2\u20ac\ufffd feature of the ScienceLogic SL1 that takes unsanitized user?controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-09T22:15:22.000000Z"} 2023-08-09T22:15:22+00:00 https://vulnerability.circl.lu/sighting/a13085b3-c643-467b-97c6-30359ba18c24/export 2026-05-11T08:20:38.588013+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "a13085b3-c643-467b-97c6-30359ba18c24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48591", "type": "seen", "source": "https://t.me/cibsecurity/68120", "content": "\u203c CVE-2022-48591 \u203c\n\nA SQL injection vulnerability exists in the vendor_state parameter of the \u00e2\u20ac\u0153vendor print report\u00e2\u20ac\ufffd feature of the ScienceLogic SL1 that takes unsanitized user?controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-09T22:15:23.000000Z"} 2023-08-09T22:15:23+00:00 https://vulnerability.circl.lu/sighting/9e45639d-9e4e-4bbb-9eb0-da6b5f3b10a5/export 2026-05-11T08:20:38.587920+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "9e45639d-9e4e-4bbb-9eb0-da6b5f3b10a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48598", "type": "seen", "source": "https://t.me/cibsecurity/68122", "content": "\u203c CVE-2022-48598 \u203c\n\nA SQL injection vulnerability exists in the \u00e2\u20ac\u0153reporter events type date\u00e2\u20ac\ufffd feature of the ScienceLogic SL1 that takes unsanitized user?controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-09T22:15:24.000000Z"} 2023-08-09T22:15:24+00:00 https://vulnerability.circl.lu/sighting/d1a5c1d7-f52e-4712-b6ec-bc7466dc0ad5/export 2026-05-11T08:20:38.587793+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "d1a5c1d7-f52e-4712-b6ec-bc7466dc0ad5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48599", "type": "seen", "source": "https://t.me/cibsecurity/68125", "content": "\u203c CVE-2022-48599 \u203c\n\nA SQL injection vulnerability exists in the \u00e2\u20ac\u0153reporter events type\u00e2\u20ac\ufffd feature of the ScienceLogic SL1 that takes unsanitized user?controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-09T22:15:30.000000Z"} 2023-08-09T22:15:30+00:00 https://vulnerability.circl.lu/sighting/f115f494-2828-4f98-b0e3-4d72fc6f85f5/export 2026-05-11T08:20:38.585576+00:00 Automation user http://cve.circl.lu/user/automation {"uuid": "f115f494-2828-4f98-b0e3-4d72fc6f85f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48592", "type": "seen", "source": "https://t.me/cibsecurity/68126", "content": "\u203c CVE-2022-48592 \u203c\n\nA SQL injection vulnerability exists in the vendor_country parameter of the \u00e2\u20ac\u0153vendor print report\u00e2\u20ac\ufffd feature of the ScienceLogic SL1 that takes unsanitized user?controlled input and passes it directly to a SQL query. This allows for the injection of arbitrary SQL before being executed against the database.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-09T22:15:31.000000Z"} 2023-08-09T22:15:31+00:00