{"vulnerability": "CVE-2022-3414", "sightings": [{"uuid": "655ae02c-33db-49e4-b180-c0f99fc325fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34147", "type": "seen", "source": "https://t.me/cibsecurity/63752", "content": "\u203c CVE-2022-34147 \u203c\n\nImproper input validation in BIOS firmware for some Intel(R) NUC 9 Extreme Laptop Kits, Intel(R) NUC Performance Kits, Intel(R) NUC Performance Mini PC, Intel(R) NUC 8 Compute Element, Intel(R) NUC Pro Kit, Intel(R) NUC Pro Board, and Intel(R) NUC Compute Element may allow a privileged user to potentially enable escalation of privilege via local access.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-10T18:19:35.000000Z"}, {"uuid": "a8eb7345-0109-41fa-b979-19caf3838e24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3414", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11820", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-3414\n\ud83d\udd25 CVSS Score: 5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:L)\n\ud83d\udd39 Description: A vulnerability was found in SourceCodester Web-Based Student Clearance System. It has been classified as critical. Affected is an unknown function of the file /Admin/login.php of the component POST Parameter Handler. The manipulation of the argument txtusername leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-210246 is the identifier assigned to this vulnerability.\n\ud83d\udccf Published: 2022-10-07T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-15T13:46:23.454Z\n\ud83d\udd17 References:\n1. https://www.jianshu.com/p/8f7b7b532c02\n2. https://vuldb.com/?id.210246", "creation_timestamp": "2025-04-15T13:54:46.000000Z"}, {"uuid": "764e8bc5-cd1a-4616-8b14-69d37eb47aa4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34148", "type": "seen", "source": "https://t.me/cibsecurity/60062", "content": "\u203c CVE-2022-34148 \u203c\n\nImproper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in JetBackup JetBackup \u00e2\u20ac\u201c WP Backup, Migrate & Restore plugin <= 1.6.9.0 versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-04T11:26:15.000000Z"}, {"uuid": "f3a5dfd9-c0b2-4525-8978-98fda545486c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34145", "type": "seen", "source": "https://t.me/cibsecurity/57948", "content": "\u203c CVE-2022-34145 \u203c\n\nTransient DOS due to buffer over-read in WLAN Host while parsing frame information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-12T07:34:46.000000Z"}, {"uuid": "b806c5f3-70b9-4ea9-97be-6515f14af8f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34149", "type": "seen", "source": "https://t.me/cibsecurity/48498", "content": "\u203c CVE-2022-34149 \u203c\n\nAuthentication Bypass vulnerability in miniOrange WP OAuth Server plugin <= 3.0.4 at WordPress.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-22T18:26:37.000000Z"}]}