{"vulnerability": "CVE-2022-3110", "sightings": [{"uuid": "a836dc27-f64e-4237-a8e8-1ee07ebf8609", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31101", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m6ztowhz4i2w", "content": "", "creation_timestamp": "2025-12-02T21:02:29.223029Z"}, {"uuid": "a81931ab-3ffb-4ab4-9965-65f83c45b13c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31107", "type": "published-proof-of-concept", "source": "https://t.me/cKure/9976", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 CVE-2022-31107: Grafana OAuth Account Takeover Vulnerability.\n\nhttps://securityonline.info/cve-2022-31107-grafana-oauth-account-takeover-vulnerability/", "creation_timestamp": "2022-07-18T08:13:32.000000Z"}, {"uuid": "f6d097cd-5fe4-420e-b7da-901c6551abfe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31101", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2772", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aMajor Security Vulnerability on PrestaShop Websites - CVE-2022-31101\nURL\uff1ahttps://github.com/MathiasReker/blmvuln\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-07-25T07:09:57.000000Z"}, {"uuid": "d445a0e1-f9df-4640-85fb-6c3f598cd0c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31101", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2768", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aMajor Security Vulnerability on PrestaShop Websites - CVE-2022-31101\nURL\uff1ahttps://github.com/MathiasReker/blm-vlun\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-07-24T22:44:43.000000Z"}, {"uuid": "b264e3dc-e974-4355-9acb-3f9f0d9059b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31101", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/2890", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2022\n\u63cf\u8ff0\uff1aExploit for PrestaShop bockwishlist module 2.1.0 SQLi (CVE-2022-31101)\nURL\uff1ahttps://github.com/karthikuj/CVE-2022-31101\n\n\u6807\u7b7e\uff1a#CVE-2022", "creation_timestamp": "2022-08-09T10:34:52.000000Z"}, {"uuid": "2130e5ed-5798-4bfa-b78e-a6d67f004f41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31101", "type": "published-proof-of-concept", "source": "https://t.me/hackingbra/14", "content": "https://github.com/karthikuj/CVE-2022-31101", "creation_timestamp": "2022-08-09T12:59:31.000000Z"}, {"uuid": "48c2fef0-c506-4b18-b14b-42345679f927", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31109", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13102", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-31109\n\ud83d\udd25 CVSS Score: 7.2 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N)\n\ud83d\udd39 Description: laminas-diactoros is a PHP package containing implementations of the PSR-7 HTTP message interfaces and PSR-17 HTTP message factory interfaces. Applications that use Diactoros, and are either not behind a proxy, or can be accessed via untrusted proxies, can potentially have the host, protocol, and/or port of a `Laminas\\Diactoros\\Uri` instance associated with the incoming server request modified to reflect values from `X-Forwarded-*` headers. Such changes can potentially lead to XSS attacks (if a fully-qualified URL is used in links) and/or URL poisoning. Since the `X-Forwarded-*` headers do have valid use cases, particularly in clustered environments using a load balancer, the library offers mitigation measures only in the v2 releases, as doing otherwise would break these use cases immediately. Users of v2 releases from 2.11.1 can provide an additional argument to `Laminas\\Diactoros\\ServerRequestFactory::fromGlobals()` in the form of a `Laminas\\Diactoros\\RequestFilter\\RequestFilterInterface` instance, including the shipped `Laminas\\Diactoros\\RequestFilter\\NoOpRequestFilter` implementation which ignores the `X-Forwarded-*` headers. Starting in version 3.0, the library will reverse behavior to use the `NoOpRequestFilter` by default, and require users to opt-in to `X-Forwarded-*` header usage via a configured `Laminas\\Diactoros\\RequestFilter\\LegacyXForwardedHeaderFilter` instance. Users are advised to upgrade to version 2.11.1 or later to resolve this issue. Users unable to upgrade may configure web servers to reject `X-Forwarded-*` headers at the web server level.\n\ud83d\udccf Published: 2022-08-01T16:15:14.000Z\n\ud83d\udccf Modified: 2025-04-23T17:57:06.264Z\n\ud83d\udd17 References:\n1. https://portswigger.net/web-security/host-header\n2. https://github.com/laminas/laminas-diactoros/security/advisories/GHSA-8274-h5jp-97vr\n3. https://github.com/laminas/laminas-diactoros/commit/25b11d422c2e5dad868f68619888763b30f91e2d", "creation_timestamp": "2025-04-23T18:05:41.000000Z"}, {"uuid": "024f9c86-ff78-4877-b710-73d8529faeb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31101", "type": "published-proof-of-concept", "source": "https://t.me/legendscrewch/1603", "content": "Prestashop Blockwishlist module version 2.1.0 is vulnerable to remote SQL injection attacks. PoC is available now: https://github.com/karthikuj/CVE-2022-31101, you can try it because I see there are many websites designed under this Presashop platform.\n#new\n#tools\n#TYG_VN\n#TYG_TEAM", "creation_timestamp": "2022-08-14T12:07:55.000000Z"}, {"uuid": "ea879f56-5815-4446-808d-72fdf42bded0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31101", "type": "seen", "source": "Telegram/FFymLLIK1VykiTo0qiu5oiOuLgw0sFOxywUPTyY6TqRLAw", "content": "", "creation_timestamp": "2022-07-26T16:33:25.000000Z"}, {"uuid": "1cf1550a-72e5-44cd-aa9e-f81ddc62187e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31101", "type": "published-proof-of-concept", "source": "https://t.me/anonhamz/1562", "content": "Prestashop Blockwishlist module version 2.1.0 is vulnerable to remote SQL injection attacks. PoC is available now: https://github.com/karthikuj/CVE-2022-31101, you can try it because I see there are many websites designed under this Presashop platform.\n#new\n#tools\n#TYG_VN\n#TYG_TEAM", "creation_timestamp": "2022-08-14T12:07:57.000000Z"}, {"uuid": "43b4eaae-6313-4d27-947c-170326f0bad9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31101", "type": "published-proof-of-concept", "source": "https://t.me/lcmysecteamch/2961", "content": "Prestashop Blockwishlist module version 2.1.0 is vulnerable to remote SQL injection attacks. PoC is available now: https://github.com/karthikuj/CVE-2022-31101, you can try it because I see there are many websites designed under this Presashop platform.\n#new\n#tools\n#TYG_VN\n#TYG_TEAM", "creation_timestamp": "2022-08-14T12:08:06.000000Z"}, {"uuid": "7f06888f-9447-46a8-8aac-dd8e3febf0c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31101", "type": "published-proof-of-concept", "source": "https://t.me/lcmysecteamch/9250", "content": "Prestashop Blockwishlist module version 2.1.0 is vulnerable to remote SQL injection attacks. PoC is available now: https://github.com/karthikuj/CVE-2022-31101, you can try it because I see there are many websites designed under this Presashop platform.\n#new\n#tools\n#TYG_VN\n#TYG_TEAM", "creation_timestamp": "2022-08-14T12:08:05.000000Z"}, {"uuid": "ac88d925-42f6-44e4-b260-1ead6ec50dba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31101", "type": "published-proof-of-concept", "source": "Telegram/XyL_cf19E9pL7989kbUZnkXawqI4Zf817n8ZrJO4otm5wg", "content": "", "creation_timestamp": "2022-08-09T13:10:10.000000Z"}, {"uuid": "cda1fbd6-03f6-466a-8239-f82f8cdff937", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31101", "type": "seen", "source": "https://t.me/crackcodes/901", "content": "Updates On Hackbyte Forum:-\n\n1. HydraDeepWeb Leak\n2. Datagram.io Leak\n3. SIING.IO_Source_Backend Leak\n4. PPLDump - RIPPL is a tool that abuses a usermode only exploit to manipulate PPL processes on Windows\n5. Nessus Plugin (2022 July 22) With TrendMacro CMD\n6. Multiple vulnerabilities in Nuki smart locks\n7. Pulsar \u2014 an open-source runtime security framework powered by Rust & eBPF for IoT\n8. Attack Chain D\u00e9j\u00e0-vu: The infection vector used by SVCReady, Gozi and IcedID\n9. Finding Flaws in FileWave MDM\n10. When Hypervisor Met Snapshot Fuzzing\n11. wodat: Windows Oracle Database Attack Toolkit\n12. Bypass AMSI in local process hooking NtCreateSection\n13. iauyazd.ac.ir leak - The Islamic Azad University in Iran was leaked. \ud83c\uddee\ud83c\uddf7\n14. atlayo.com Leak\n15. toastmasters.org.tw Leak\n16. cryptic.kit.com.vn Leak\n17. Eskimi Dehash Passwords leak\n18. Bolt-CMS-Version-3.7.1-RCE-Exploit\n19. Cloud Exploitation Framework\n20. PSAsyncShell: PowerShell Asynchronous TCP Reverse Shell\n21. EvilURL v3.0 - Generate unicode domains for IDN Homograph Attack and detect them\n22. \ua4d8amerka GUI - Ultimate Internet of Things/Industrial Control Systems reconnaissance tool.\n23. Azure_Workshop - #Azure #RedTeam Attack and Detect Workshop\n24. sniffer - A modern alternative network traffic sniffer\n25. DFShell: The Best Forwarded Shell\n26.s1c0n: simple recon tool to help you for searching vulnerability on web server\n27. PwnFox: PwnFox is a Firefox/Burp extension that provide usefull tools for your security audit.\n28. xray_1.9.1_licensed\n29. blmvuln: Major Security Vulnerability on PrestaShop Websites \u2013 CVE-2022-31101\n30. CVE-2022-34961: OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Users Timeline module\n\n\ud83d\udc49\ud83c\udffb\ud83d\udc49\ud83c\udffbAll Updates On :- https://bit.ly/3yRyah3 \ud83d\udc48\ud83c\udffb\ud83d\udc48\ud83c\udffb", "creation_timestamp": "2022-07-30T13:35:22.000000Z"}, {"uuid": "a8e25a9d-b28c-4c1d-9496-c8f9d0f39fed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31105", "type": "seen", "source": "https://t.me/cibsecurity/46133", "content": "\u203c CVE-2022-31105 \u203c\n\nArgo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with version 0.4.0 and prior to 2.2.11, 2.3.6, and 2.4.5 is vulnerable to an improper certificate validation bug which could cause Argo CD to trust a malicious (or otherwise untrustworthy) OpenID Connect (OIDC) provider. A patch for this vulnerability has been released in Argo CD versions 2.4.5, 2.3.6, and 2.2.11. There are no complete workarounds, but a partial workaround is available. Those who use an external OIDC provider (not the bundled Dex instance), can mitigate the issue by setting the `oidc.config.rootCA` field in the `argocd-cm` ConfigMap. This mitigation only forces certificate validation when the API server handles login flows. It does not force certificate verification when verifying tokens on API calls.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-13T02:31:40.000000Z"}, {"uuid": "3693daf1-836f-4ee4-b7ca-4339d61b9d73", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31109", "type": "seen", "source": "https://t.me/cibsecurity/47358", "content": "\u203c CVE-2022-31109 \u203c\n\nlaminas-diactoros is a PHP package containing implementations of the PSR-7 HTTP message interfaces and PSR-17 HTTP message factory interfaces. Applications that use Diactoros, and are either not behind a proxy, or can be accessed via untrusted proxies, can potentially have the host, protocol, and/or port of a `Laminas\\Diactoros\\Uri` instance associated with the incoming server request modified to reflect values from `X-Forwarded-*` headers. Such changes can potentially lead to XSS attacks (if a fully-qualified URL is used in links) and/or URL poisoning. Since the `X-Forwarded-*` headers do have valid use cases, particularly in clustered environments using a load balancer, the library offers mitigation measures only in the v2 releases, as doing otherwise would break these use cases immediately. Users of v2 releases from 2.11.1 can provide an additional argument to `Laminas\\Diactoros\\ServerRequestFactory::fromGlobals()` in the form of a `Laminas\\Diactoros\\RequestFilter\\RequestFilterInterface` instance, including the shipped `Laminas\\Diactoros\\RequestFilter\\NoOpRequestFilter` implementation which ignores the `X-Forwarded-*` headers. Starting in version 3.0, the library will reverse behavior to use the `NoOpRequestFilter` by default, and require users to opt-in to `X-Forwarded-*` header usage via a configured `Laminas\\Diactoros\\RequestFilter\\LegacyXForwardedHeaderFilter` instance. Users are advised to upgrade to version 2.11.1 or later to resolve this issue. Users unable to upgrade may configure web servers to reject `X-Forwarded-*` headers at the web server level.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-01T20:16:57.000000Z"}, {"uuid": "1a6a8235-d688-4d8a-a5eb-dd24c666e5c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31107", "type": "seen", "source": "https://t.me/cibsecurity/46308", "content": "\u203c CVE-2022-31107 \u203c\n\nGrafana is an open-source platform for monitoring and observability. In versions 5.3 until 9.0.3, 8.5.9, 8.4.10, and 8.3.10, it is possible for a malicious user who has authorization to log into a Grafana instance via a configured OAuth IdP which provides a login name to take over the account of another user in that Grafana instance. This can occur when the malicious user is authorized to log in to Grafana via OAuth, the malicious user's external user id is not already associated with an account in Grafana, the malicious user's email address is not already associated with an account in Grafana, and the malicious user knows the Grafana username of the target user. If these conditions are met, the malicious user can set their username in the OAuth provider to that of the target user, then go through the OAuth flow to log in to Grafana. Due to the way that external and internal user accounts are linked together during login, if the conditions above are all met then the malicious user will be able to log in to the target user's Grafana account. Versions 9.0.3, 8.5.9, 8.4.10, and 8.3.10 contain a patch for this issue. As a workaround, concerned users can disable OAuth login to their Grafana instance, or ensure that all users authorized to log in via OAuth have a corresponding user account in Grafana linked to their email address.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-15T16:35:28.000000Z"}, {"uuid": "d5973e36-60c0-47be-a1c6-8b27630c764e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31104", "type": "seen", "source": "https://t.me/cibsecurity/45269", "content": "\u203c CVE-2022-31104 \u203c\n\nWasmtime is a standalone runtime for WebAssembly. In affected versions wasmtime's implementation of the SIMD proposal for WebAssembly on x86_64 contained two distinct bugs in the instruction lowerings implemented in Cranelift. The aarch64 implementation of the simd proposal is not affected. The bugs were presented in the `i8x16.swizzle` and `select` WebAssembly instructions. The `select` instruction is only affected when the inputs are of `v128` type. The correspondingly affected Cranelift instructions were `swizzle` and `select`. The `swizzle` instruction lowering in Cranelift erroneously overwrote the mask input register which could corrupt a constant value, for example. This means that future uses of the same constant may see a different value than the constant itself. The `select` instruction lowering in Cranelift wasn't correctly implemented for vector types that are 128-bits wide. When the condition was 0 the wrong instruction was used to move the correct input to the output of the instruction meaning that only the low 32 bits were moved and the upper 96 bits of the result were left as whatever the register previously contained (instead of the input being moved from). The `select` instruction worked correctly if the condition was nonzero, however. This bug in Wasmtime's implementation of these instructions on x86_64 represents an incorrect implementation of the specified semantics of these instructions according to the WebAssembly specification. The impact of this is benign for hosts running WebAssembly but represents possible vulnerabilities within the execution of a guest program. For example a WebAssembly program could take unintended branches or materialize incorrect values internally which runs the risk of exposing the program itself to other related vulnerabilities which can occur from miscompilations. We have released Wasmtime 0.38.1 and cranelift-codegen (and other associated cranelift crates) 0.85.1 which contain the corrected implementations of these two instructions in Cranelift. If upgrading is not an option for you at this time, you can avoid the vulnerability by disabling the Wasm simd proposal. Additionally the bug is only present on x86_64 hosts. Other aarch64 hosts are not affected. Note that s390x hosts don't yet implement the simd proposal and are not affected.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-28T07:35:30.000000Z"}, {"uuid": "dca54498-7701-44ec-8711-ef89b00c422e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31108", "type": "seen", "source": "https://t.me/cibsecurity/45328", "content": "\u203c CVE-2022-31108 \u203c\n\nMermaid is a JavaScript based diagramming and charting tool that uses Markdown-inspired text definitions and a renderer to create and modify complex diagrams. An attacker is able to inject arbitrary `CSS` into the generated graph allowing them to change the styling of elements outside of the generated graph, and potentially exfiltrate sensitive information by using specially crafted `CSS` selectors. The following example shows how an attacker can exfiltrate the contents of an input field by bruteforcing the `value` attribute one character at a time. Whenever there is an actual match, an `http` request will be made by the browser in order to \"load\" a background image that will let an attacker know what's the value of the character. This issue may lead to `Information Disclosure` via CSS selectors and functions able to generate HTTP requests. This also allows an attacker to change the document in ways which may lead a user to perform unintended actions, such as clicking on a link, etc. This issue has been resolved in version 9.1.3. Users are advised to upgrade. Users unable to upgrade should ensure that user input is adequately escaped before embedding it in CSS blocks.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-28T22:42:33.000000Z"}, {"uuid": "1acb8e70-3629-4939-8151-89338a5f3401", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31106", "type": "seen", "source": "https://t.me/cibsecurity/45326", "content": "\u203c CVE-2022-31106 \u203c\n\nUnderscore.deep is a collection of Underscore mixins that operate on nested objects. Versions of `underscore.deep` prior to version 0.5.3 are vulnerable to a prototype pollution vulnerability. An attacker can craft a malicious payload and pass it to `deepFromFlat`, which would pollute any future Objects created. Any users that have `deepFromFlat` or `deepPick` (due to its dependency on `deepFromFlat`) in their code should upgrade to version 0.5.3 as soon as possible. Users unable to upgrade may mitigate this issue by modifying `deepFromFlat` to prevent specific keywords which will prevent this from happening.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-28T22:42:32.000000Z"}, {"uuid": "10993a0a-47dd-4a75-b4ef-e90faa8470db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31101", "type": "seen", "source": "https://t.me/cibsecurity/45263", "content": "\u203c CVE-2022-31101 \u203c\n\nprestashop/blockwishlist is a prestashop extension which adds a block containing the customer's wishlists. In affected versions an authenticated customer can perform SQL injection. This issue is fixed in version 2.1.1. Users are advised to upgrade. There are no known workarounds for this issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-28T02:35:20.000000Z"}, {"uuid": "e4a65fdc-289f-44a3-a6ec-91f656fd57a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31100", "type": "seen", "source": "https://t.me/cibsecurity/45258", "content": "\u203c CVE-2022-31100 \u203c\n\nrulex is a new, portable, regular expression language. When parsing untrusted rulex expressions, rulex may crash, possibly enabling a Denial of Service attack. This happens when the expression contains a multi-byte UTF-8 code point in a string literal or after a backslash, because rulex tries to slice into the code point and panics as a result. This is a security concern for you, if your service parses untrusted rulex expressions (expressions provided by an untrusted user), and your service becomes unavailable when the thread running rulex panics. The crashes are fixed in version **0.4.3**. Affected users are advised to update to this version. The only known workaround for this issue is to assume that regular expression parsing will panic and to add logic to catch panics.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-28T02:35:12.000000Z"}, {"uuid": "d3a77559-da29-42e9-a15c-92a13f854bbf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31103", "type": "seen", "source": "https://t.me/cibsecurity/45257", "content": "\u203c CVE-2022-31103 \u203c\n\nlettersanitizer is a DOM-based HTML email sanitizer for in-browser email rendering. All versions of lettersanitizer below 1.0.2 are affected by a denial of service issue when processing a CSS at-rule `@keyframes`. This package is depended on by [react-letter](https://github.com/mat-sz/react-letter), therefore everyone using react-letter is also at risk. The problem has been patched in version 1.0.2.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-28T02:35:11.000000Z"}, {"uuid": "5cffb42e-ae3c-40fc-8ead-dacb3a350bbe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31101", "type": "published-proof-of-concept", "source": "https://t.me/legendscrewmy/1597", "content": "Prestashop Blockwishlist module version 2.1.0 is vulnerable to remote SQL injection attacks. PoC is available now: https://github.com/karthikuj/CVE-2022-31101, you can try it because I see there are many websites designed under this Presashop platform.\n#new\n#tools\n#TYG_VN\n#TYG_TEAM", "creation_timestamp": "2022-08-14T12:08:11.000000Z"}, {"uuid": "d1abf04b-7b10-479e-ba9e-0e7dd7f1e071", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-31101", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/6560", "content": "#exploit\n1. CVE-2022-31061:\nGLPI >= 9.3.0 / < 10.0.2 - Unauthenticated SQL injection on login page\nhttps://github.com/Vu0r1-sec/CVE-2022-31061\n\n2. CVE-2022-31101:\nExploit for PrestaShop bockwishlist module 2.1.0 SQLi\nhttps://github.com/karthikuj/CVE-2022-31101", "creation_timestamp": "2022-08-10T10:50:35.000000Z"}]}