{"vulnerability": "CVE-2022-2421", "sightings": [{"uuid": "3f02376d-d16f-46d5-848b-8511c5ac12eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2421", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/908", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-2421\n\ud83d\udd39 Description: Due to improper type validation in attachment parsing the Socket.io js library, it is possible to overwrite the _placeholder object which allows an attacker to place references to functions at arbitrary places in the resulting query object.\n\ud83d\udccf Published: 2022-10-25T00:00:00\n\ud83d\udccf Modified: 2025-01-09T07:56:49.267Z\n\ud83d\udd17 References:\n1. https://csirt.divd.nl/CVE-2022-2421\n2. https://csirt.divd.nl/DIVD-2022-00045", "creation_timestamp": "2025-01-09T08:14:59.000000Z"}, {"uuid": "8210c307-e92d-42fb-9161-8b1b614d9937", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24218", "type": "seen", "source": "https://t.me/cibsecurity/36665", "content": "\u203c CVE-2022-24218 \u203c\n\nAn issue in /admin/delete_image.php of eliteCMS v1.0 allows attackers to delete arbitrary files.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-01T22:26:55.000000Z"}, {"uuid": "d0019039-247f-493f-b574-54fbc7a02c62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-24219", "type": "seen", "source": "https://t.me/cibsecurity/36662", "content": "\u203c CVE-2022-24219 \u203c\n\neliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_page.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-01T22:26:51.000000Z"}]}