{"vulnerability": "CVE-2022-3241", "sightings": [{"uuid": "cba51af9-4b51-4e1a-9525-43b77cfc8163", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3241", "type": "seen", "source": "https://t.me/cibsecurity/55754", "content": "\u203c CVE-2022-3241 \u203c\n\nThe Build App Online WordPress plugin before 1.0.19 does not properly sanitise and escape some parameters before using them in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-04T11:55:20.000000Z"}, {"uuid": "c01bbb54-5b32-4f47-8322-d817e6764056", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32414", "type": "seen", "source": "https://t.me/cibsecurity/44878", "content": "\u203c CVE-2022-32414 \u203c\n\nNginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_vmcode_interpreter at src/njs_vmcode.c.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-21T16:27:29.000000Z"}, {"uuid": "617d531d-41c0-4bd1-9559-7638936ae670", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32413", "type": "seen", "source": "https://t.me/cibsecurity/45622", "content": "\u203c CVE-2022-32413 \u203c\n\nAn arbitrary file upload vulnerability in Dice v4.2.0 allows attackers to execute arbitrary code via a crafted file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-06T00:13:44.000000Z"}, {"uuid": "c333ca08-a9d6-4573-830b-3fc2bf5d85a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32415", "type": "seen", "source": "https://t.me/cibsecurity/46281", "content": "\u203c CVE-2022-32415 \u203c\n\nProduct Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/?p=products/view_product&amp;id=.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-15T02:33:03.000000Z"}, {"uuid": "435d003d-59bb-4d69-936a-d83c2e6aba0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32416", "type": "seen", "source": "https://t.me/cibsecurity/46286", "content": "\u203c CVE-2022-32416 \u203c\n\nProduct Show Room Site v1.0 is vulnerable to SQL Injection via /psrs/classes/Master.php?f=delete_product.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-15T02:33:08.000000Z"}, {"uuid": "caca4780-60de-4702-9df3-b8e3e3f1e65d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-32417", "type": "seen", "source": "https://t.me/cibsecurity/46284", "content": "\u203c CVE-2022-32417 \u203c\n\nPbootCMS v3.1.2 was discovered to contain a remote code execution (RCE) vulnerability via the function parserIfLabel at function.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-15T02:33:06.000000Z"}]}