{"vulnerability": "CVE-2022-3461", "sightings": [{"uuid": "b3a8ffe1-033b-47c7-aa4b-6ad1c8accaf0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34611", "type": "seen", "source": "https://t.me/cibsecurity/47061", "content": "\u203c CVE-2022-34611 \u203c\n\nA cross-site scripting (XSS) vulnerability in /index.php/?p=report of Online Fire Reporting System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the \"Contac #\" text field.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-27T07:35:55.000000Z"}, {"uuid": "0a0409bc-8b83-4f4c-9dfd-4cb5ee2c61d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-3461", "type": "seen", "source": "https://t.me/cibsecurity/52981", "content": "\u203c CVE-2022-3461 \u203c\n\nIn PHOENIX CONTACT Automationworx Software Suite up to version 1.89 manipulated PC Worx or Config+ files could lead to a heap buffer overflow and a read access violation. Availability, integrity, or confidentiality of an application programming workstation might be compromised by attacks using these vulnerabilities.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-16T07:51:53.000000Z"}, {"uuid": "9271f932-9f55-4951-b12d-ac8634b8c85c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34612", "type": "seen", "source": "https://t.me/cibsecurity/47056", "content": "\u203c CVE-2022-34612 \u203c\n\nRizin v0.4.0 and below was discovered to contain an integer overflow via the function get_long_object(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted binary.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-27T07:35:49.000000Z"}, {"uuid": "c354006a-daf9-4fc7-8a05-62e733ef5c19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34613", "type": "seen", "source": "https://t.me/cibsecurity/47411", "content": "\u203c CVE-2022-34613 \u203c\n\nMealie 1.0.0beta3 contains an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via a crafted file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-02T18:17:53.000000Z"}, {"uuid": "20a760c6-dc9b-45ea-bdea-12b5426345e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34615", "type": "seen", "source": "https://t.me/cibsecurity/48443", "content": "\u203c CVE-2022-34615 \u203c\n\nMealie 1.0.0beta3 employs weak password requirements which allows attackers to potentially gain unauthorized access to the application via brute-force attacks.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-19T18:17:31.000000Z"}, {"uuid": "a7a33916-1bfa-4417-a23a-f708ec16ff3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34619", "type": "seen", "source": "https://t.me/cibsecurity/47448", "content": "\u203c CVE-2022-34619 \u203c\n\nA stored cross-site scripting (XSS) vulnerability in Mealie v0.5.5 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Shopping Lists item names text field.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-03T02:18:06.000000Z"}, {"uuid": "500ed8c3-a308-4daf-96ff-0b11fd074d4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-34618", "type": "seen", "source": "https://t.me/cibsecurity/47412", "content": "\u203c CVE-2022-34618 \u203c\n\nA stored cross-site scripting (XSS) vulnerability in Mealie 1.0.0beta3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the recipe description text field.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-02T18:17:54.000000Z"}]}