{"vulnerability": "CVE-2022-2627", "sightings": [{"uuid": "2f107e6e-9b18-43a1-a4c3-9d86ff1fb309", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26271", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2022/CVE-2022-26271.yaml", "content": "", "creation_timestamp": "2025-02-11T16:52:14.000000Z"}, {"uuid": "6c5500cc-9fe2-47b3-8ed2-4521a7932e48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2627", "type": "seen", "source": "https://t.me/cibsecurity/52294", "content": "\u203c CVE-2022-2627 \u203c\n\nThe Newspaper WordPress theme before 12 does not sanitise a parameter before outputting it back in an HTML attribute via an AJAX action, leading to a Reflected Cross-Site Scripting.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-31T19:38:04.000000Z"}, {"uuid": "2e9d104c-9c28-4dbe-88e3-a42f45f2af93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26271", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lhz32d4sjf2x", "content": "", "creation_timestamp": "2025-02-12T21:02:00.942791Z"}, {"uuid": "6c347f8e-6cbf-4fcf-ac47-dc7fa9715af5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2627", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/15587", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-2627\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Newspaper WordPress theme before 12 does not sanitise a parameter before outputting it back in an HTML attribute via an AJAX action, leading to a Reflected Cross-Site Scripting.\n\ud83d\udccf Published: 2022-10-31T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-08T19:09:27.046Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/038327d0-568f-4011-9b7e-3da39e8b6aea", "creation_timestamp": "2025-05-08T19:24:05.000000Z"}, {"uuid": "54a43b19-3f85-4f02-83aa-a3c447840085", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26278", "type": "seen", "source": "https://t.me/cibsecurity/39677", "content": "\u203c CVE-2022-26278 \u203c\n\nTenda AC9 v15.03.2.21_cn was discovered to contain a stack overflow via the time parameter in the PowerSaveSet function.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-29T00:40:27.000000Z"}, {"uuid": "5d32ea88-306b-4817-9e13-8f12359b8009", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26273", "type": "seen", "source": "https://t.me/cibsecurity/39618", "content": "\u203c CVE-2022-26273 \u203c\n\nEyouCMS v1.5.4 was discovered to lack parameter filtering in \\user\\controller\\shop.php, leading to payment logic vulnerabilities.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-28T07:39:43.000000Z"}, {"uuid": "219ef3c8-9b23-4943-bd20-d81778696bb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26272", "type": "seen", "source": "https://t.me/cibsecurity/39521", "content": "\u203c CVE-2022-26272 \u203c\n\nA remote code execution (RCE) vulnerability in Ionize v1.0.8.1 allows attackers to execute arbitrary code via a crafted string written to the file application/config/config.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-25T01:30:00.000000Z"}, {"uuid": "39826b08-aca2-4c88-82d3-26fb8504bd6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26279", "type": "seen", "source": "https://t.me/cibsecurity/39518", "content": "\u203c CVE-2022-26279 \u203c\n\nEyouCMS v1.5.5 was discovered to have no access control in the component /data/sqldata.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-25T01:29:57.000000Z"}, {"uuid": "f7f7ddb5-28d2-4f6f-84c6-06ddd80528c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-26276", "type": "seen", "source": "https://t.me/cibsecurity/38836", "content": "\u203c CVE-2022-26276 \u203c\n\nAn issue in index.php of OneNav v0.9.14 allows attackers to perform directory traversal.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-12T07:15:25.000000Z"}]}