{"vulnerability": "CVE-2022-3625", "sightings": [{"uuid": "a0b815ff-8fc3-457f-a07b-0379fe38b372", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36255", "type": "seen", "source": "https://t.me/cibsecurity/49578", "content": "\u203c CVE-2022-36255 \u203c\n\nA SQL injection vulnerability in SupplierDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as \"searchTxt\".\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-12T07:23:26.000000Z"}, {"uuid": "01f1b7c3-3b71-471c-85cc-ec833295a97d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36250", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/1390", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-36250\n\ud83d\udd39 Description: Shop Beat Solutions (Pty) LTD Shop Beat Media Player 2.5.95 up to 3.2.57 is vulnerable to Cross Site Request Forgery (CSRF).\n\ud83d\udccf Published: 2023-05-30T00:00:00\n\ud83d\udccf Modified: 2025-01-13T20:50:36.099Z\n\ud83d\udd17 References:\n1. https://www.shopbeat.co.za", "creation_timestamp": "2025-01-13T21:11:48.000000Z"}, {"uuid": "6e368d69-d87d-47b6-9b2c-f6420b8b745f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36254", "type": "seen", "source": "https://t.me/cibsecurity/49573", "content": "\u203c CVE-2022-36254 \u203c\n\nMultiple persistent cross-site scripting (XSS) vulnerabilities in index.php in tramyardg Hotel Management System 1.0 allow remote attackers to inject arbitrary web script or HTML via multiple parameters such as \"fullname\".\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-12T07:23:17.000000Z"}, {"uuid": "dbea57b2-58cb-467a-b66e-0f6463e3a30d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36251", "type": "seen", "source": "https://t.me/cibsecurity/48470", "content": "\u203c CVE-2022-36251 \u203c\n\nClinic's Patient Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via patients.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-08-22T07:20:11.000000Z"}, {"uuid": "dd911e90-2a7b-49c8-bff4-97d8fbd98bd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36258", "type": "seen", "source": "https://t.me/cibsecurity/49577", "content": "\u203c CVE-2022-36258 \u203c\n\nA SQL injection vulnerability in CustomerDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as \"searchTxt\".\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-12T07:23:24.000000Z"}, {"uuid": "bb1759c4-1b8d-4ed4-846d-8dd68ee51011", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36259", "type": "seen", "source": "https://t.me/cibsecurity/49576", "content": "\u203c CVE-2022-36259 \u203c\n\nA SQL injection vulnerability in ConnectionFactory.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as \"username\", \"password\", etc.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-12T07:23:20.000000Z"}, {"uuid": "4bc59539-5c74-4819-954e-d23846e54e1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36257", "type": "seen", "source": "https://t.me/cibsecurity/49575", "content": "\u203c CVE-2022-36257 \u203c\n\nA SQL injection vulnerability in UserDAO.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as \"users\", \"pass\", etc.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-12T07:23:19.000000Z"}, {"uuid": "9eb76135-51de-4149-82bf-e9dd1c68531d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-36256", "type": "seen", "source": "https://t.me/cibsecurity/49583", "content": "\u203c CVE-2022-36256 \u203c\n\nA SQL injection vulnerability in Stocks.java in sazanrjb InventoryManagementSystem 1.0 allows attackers to execute arbitrary SQL commands via the parameters such as \"productcode\".\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-12T07:23:31.000000Z"}]}