{"vulnerability": "CVE-2022-2806", "sightings": [{"uuid": "c3ab6de7-681a-4b53-a613-c39720485673", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-2806", "type": "seen", "source": "https://t.me/arpsyndicate/4607", "content": "#ExploitObserverAlert\n\nCVE-2022-2806\n\nDESCRIPTION: Exploit Observer has 6 entries in 2 file formats related to CVE-2022-2806. It was found that the ovirt-log-collector/sosreport collects the RHV admin password unfiltered. Fixed in: sos-4.2-20.el8_6, ovirt-log-collector-4.4.7-2.el8ev\n\nFIRST-EPSS: 0.000440000\nNVD-IS: 3.6\nNVD-ES: 1.8\nARPS-EXPLOITABILITY: 0.5941964", "creation_timestamp": "2024-04-12T11:44:49.000000Z"}, {"uuid": "98c4f0da-4021-43a1-8f9c-e7c58e659ea2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28069", "type": "seen", "source": "https://t.me/arpsyndicate/633", "content": "#ExploitObserverAlert\n\nCVE-2022-28069\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-28069. A heap buffer overflow in vax_opfunction in radare2 5.4.2 and 5.4.0.\n\nFIRST-EPSS: 0.000460000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2023-11-28T12:09:57.000000Z"}, {"uuid": "6021395b-b65f-43a7-9baa-b6f4d66fcf7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28068", "type": "seen", "source": "https://t.me/arpsyndicate/631", "content": "#ExploitObserverAlert\n\nCVE-2022-28068\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-28068. A heap buffer overflow in r_sleb128 function in radare2 5.4.2 and 5.4.0.\n\nFIRST-EPSS: 0.000460000\nNVD-IS: 3.6\nNVD-ES: 3.9", "creation_timestamp": "2023-11-28T11:50:24.000000Z"}, {"uuid": "a735e215-8ae5-4657-a16c-fc4060383fba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28062", "type": "published-proof-of-concept", "source": "https://t.me/ShizoPrivacy/249", "content": "|CVE-2022-28062|\nCar Rental System Unrestricted File Upload + RCE\n\n\ud83d\ude98\u0412 \u0441\u0438\u0441\u0442\u0435\u043c\u0435 \u043f\u0440\u043e\u043a\u0430\u0442\u0430 \u0430\u0432\u0442\u043e\u043c\u043e\u0431\u0438\u043b\u0435\u0439 Car Rental System v1.0( WordPress \u043f\u043b\u0430\u0433\u0438\u043d) \u0431\u044b\u043b\u0430 \u043d\u0430\u0439\u0434\u0435\u043d\u0430 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c \u0432 \u0444\u0443\u043d\u043a\u0446\u0438\u0438 \u0434\u043e\u0431\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0430\u0432\u0442\u043e\u043c\u043e\u0431\u0438\u043b\u044f \"AddCar\", \u043a\u043e\u0442\u043e\u0440\u0430\u044f \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u043b\u044e\u0431\u043e\u043c\u0443 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u0444\u0430\u0439\u043b. \u0427\u0442\u043e \u0432\u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u0438 \u0434\u0430\u0451\u0442 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c \u0430\u0442\u0430\u043a\u0443\u044e\u0449\u0435\u043c\u0443 \u0437\u0430\u0433\u0440\u0443\u0436\u0430\u0442\u044c \u0432\u0435\u0431\u0448\u0435\u043b\u043b \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u044f\u0442\u044c \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u0439 \u043a\u043e\u0434. \n\u041f\u0440\u0438\u043a\u043b\u0430\u0434\u044b\u0432\u0430\u044e PoC \u043d\u0438\u0436\u0435.\nPoC(Github)\n\n\ud83d\ude98In the Car Rental System v1.0 (WordPress plugin), a vulnerability was found in the \"addCar\" function of adding a car, which allows anyone to upload an arbitrary file. Which subsequently enables the attacker to download the webshell and execute arbitrary code.\nI attach the PoC below.\nPoC(Github)\n\n#cve #poc", "creation_timestamp": "2022-04-04T19:50:41.000000Z"}, {"uuid": "57efc6b7-4e7d-4be7-acd3-2d6c833d0b67", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28067", "type": "seen", "source": "https://t.me/cibsecurity/41918", "content": "\u203c CVE-2022-28067 \u203c\n\nAn incorrect access control issue in Sandboxie Classic v5.55.13 allows attackers to cause a Denial of Service (DoS) in the Sandbox via a crafted executable.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-04T18:35:14.000000Z"}, {"uuid": "9237d83a-e207-4ac3-9b1c-47d66e466954", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28066", "type": "seen", "source": "https://t.me/cibsecurity/41915", "content": "\u203c CVE-2022-28066 \u203c\n\nLibarchive v3.6.0 was discovered to contain a read memory access vulnerability via the function lzma_decode.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-04T18:35:10.000000Z"}, {"uuid": "c4e180a8-149b-4bb2-a9c0-373aa956e4bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28060", "type": "seen", "source": "https://t.me/cibsecurity/41611", "content": "\u203c CVE-2022-28060 \u203c\n\nSQL Injection vulnerability in Victor CMS v1.0, via the user_name parameter to /includes/login.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-29T00:29:25.000000Z"}, {"uuid": "17996480-d548-41a1-82f7-077768a5f7f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28062", "type": "seen", "source": "https://t.me/cibsecurity/40108", "content": "\u203c CVE-2022-28062 \u203c\n\nCar Rental System v1.0 contains an arbitrary file upload vulnerability via the Add Car component which allows attackers to upload a webshell and execute arbitrary code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-04T18:27:53.000000Z"}, {"uuid": "5d879e15-d1c4-4348-abf6-cc8fb7d303cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-28063", "type": "seen", "source": "https://t.me/cibsecurity/40104", "content": "\u203c CVE-2022-28063 \u203c\n\nSimple Bakery Shop Management System v1.0 contains a file disclosure via /bsms/?page=products.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-04T18:27:47.000000Z"}]}