{"vulnerability": "CVE-2022-25574", "sightings": [{"uuid": "583b9df4-f813-4256-bd22-8b7177b347b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25574", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/3625", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aTOP All bugbounty pentesting CVE-2022- POC Exp  RCE example payload  Things\nURL\uff1ahttps://github.com/Live-Hack-CVE/CVE-2022-25574\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-12-24T08:23:35.000000Z"}, {"uuid": "7b22ca45-fd4a-4a3e-9887-867f564410f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25574", "type": "seen", "source": "https://t.me/cibsecurity/39547", "content": "\u203c CVE-2022-25574 \u203c\n\nA stored cross-site scripting (XSS) vulnerability in the upload function of /admin/show.php allows attackers to execute arbitrary web scripts or HTML via a crafted image file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-25T19:30:57.000000Z"}, {"uuid": "f46d4318-ab88-4695-bbe7-affe6455f811", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25574", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/2565", "content": "#CVE-2022\nTOP All bugbounty pentesting CVE-2022- POC Exp\u00a0 RCE example payload\u00a0 Things\n\nhttps://github.com/Live-Hack-CVE/CVE-2022-20607\n\nTOP All bugbounty pentesting CVE-2022- POC Exp\u00a0 RCE example payload\u00a0 Things\n\nhttps://github.com/Live-Hack-CVE/CVE-2022-4646\n\nPoC for the CVE-2022-41082 Vulnerability Effecting Microsoft Exchange Servers\n\nhttps://github.com/balki97/CVE-2022-41082-POC\n\nCVE-2022-2602\n\nhttps://github.com/LukeGix/CVE-2022-2602\n\nCVE-2022-2602\nhttps://github.com/Live-Hack-CVE/CVE-2022-4633\n\nTOP All bugbounty pentesting CVE-2022- POC Exp\u00a0 RCE example payload\u00a0 Things\n\nhttps://github.com/Live-Hack-CVE/CVE-2022-25574\n\nCVE-2022-42046 Proof of Concept of wfshbr64.sys local privilege escalation via DKOM\n\nhttps://github.com/Live-Hack-CVE/CVE-2022-36966\n\n@BlueRedTeam", "creation_timestamp": "2023-01-29T12:39:15.000000Z"}]}