{"vulnerability": "CVE-2022-4047", "sightings": [{"uuid": "de91d031-690b-4f98-ad15-3c0929b46469", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40471", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "77a71353-5034-4db1-aceb-51a7c65d8056", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40471", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:48.000000Z"}, {"uuid": "a0f5e0f0-e21a-41ab-b195-c2c6d81b6890", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40471", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/clinic_pms_sqli_to_rce.rb", "content": "", "creation_timestamp": "2025-05-21T15:50:12.000000Z"}, {"uuid": "cc9e77f2-b4ea-414d-bd2b-683db557abd2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40471", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:00.000000Z"}, {"uuid": "78854e15-08b5-4ef1-b213-96764b828b32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40470", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13906", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-40470\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Phpgurukul Blood Donor Management System 1.0 allows Cross Site Scripting via Add Blood Group Name Feature.\n\ud83d\udccf Published: 2022-11-21T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-29T20:03:23.332Z\n\ud83d\udd17 References:\n1. https://drive.google.com/file/d/1UDuez2CTscdWXYzyXLi3x8CMs9IWLL11/view?usp=sharing", "creation_timestamp": "2025-04-29T20:12:25.000000Z"}, {"uuid": "948ba2bb-95e4-41c3-a4a7-1eec4e08cd81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40471", "type": "seen", "source": "Telegram/CYiC6KAcAfm621pl2BFit5z4KE78wCCTVrL0xQPEoHOnJlw", "content": "", "creation_timestamp": "2025-12-30T21:00:05.000000Z"}, {"uuid": "85c2c59a-fb03-4779-aebc-ce8ad1a2f9f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40471", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/clinic_pms_fileupload_rce.rb", "content": "", "creation_timestamp": "2024-12-18T12:41:54.000000Z"}, {"uuid": "6ee9e13f-36b0-4f5e-9d78-e2bcb1d4f097", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4047", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/11607", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-4047\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Return Refund and Exchange For WooCommerce WordPress plugin before 4.0.9 does not validate attachment files to be uploaded via an AJAX action available to unauthenticated users, which could allow them to upload arbitrary files such as PHP and lead to RCE\n\ud83d\udccf Published: 2022-12-26T12:28:13.684Z\n\ud83d\udccf Modified: 2025-04-14T13:47:55.922Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/8965a87c-5fe5-4b39-88f3-e00966ca1d94", "creation_timestamp": "2025-04-14T13:54:49.000000Z"}, {"uuid": "c8046871-2986-4b2d-9f7a-eeeebca980e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4047", "type": "published-proof-of-concept", "source": "https://t.me/v3n0mhack/283", "content": "WordPress mass Arbitrary File Upload .\n\nWooRefer: Automatic Mass Tool for check and exploiting vulnerability in CVE-2022-4047 - Return Refund and Exchange For WooCommerce < 4.0.9 - Unauthenticated Arbitrary File Upload (Mass PHP File Upload)\n\nLink repo: https://github.com/im-hanzou/WooRefer\nImportant please read!: https://github.com/im-hanzou/WooRefer#readme\n\nReference: https://wpscan.com/vulnerability/8965a87c-5fe5-4b39-88f3-e00966ca1d94", "creation_timestamp": "2023-09-26T10:44:16.000000Z"}, {"uuid": "43a5eed0-e5fa-435e-a741-aebd1b63cc15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40475", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17129", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-40475\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: TOTOLINK A860R V4.1.2cu.5182_B20201027 was discovered to contain a command injection via the component /cgi-bin/downloadFile.cgi.\n\ud83d\udccf Published: 2022-09-29T11:37:10.000Z\n\ud83d\udccf Modified: 2025-05-21T14:21:27.445Z\n\ud83d\udd17 References:\n1. https://github.com/1759134370/iot/blob/main/TOTOLINK/A860R/6.md", "creation_timestamp": "2025-05-21T14:53:34.000000Z"}, {"uuid": "4d71e61c-00bd-4eae-855c-7a997ffa08fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40471", "type": "seen", "source": "https://t.me/cibsecurity/52308", "content": "\u203c CVE-2022-40471 \u203c\n\nRemote Code Execution in Clinic's Patient Management System v 1.0 allows Attacker to Upload arbitrary php webshell via profile picture upload functionality in users.php\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-31T19:39:59.000000Z"}, {"uuid": "03082008-8e9a-4e72-bc6e-dc3a138bb0d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40471", "type": "published-proof-of-concept", "source": "Telegram/6TtQSjzFGmX33VjVOjXiHX1LUXuMkgzfZZXGTqPOqAU2NDc", "content": "", "creation_timestamp": "2022-10-15T14:11:17.000000Z"}, {"uuid": "6e001716-f235-47a5-a65a-106ac24986a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40471", "type": "published-proof-of-concept", "source": "Telegram/cTWG_oQ1KFCmD3LgSupGDc3y9LdXW78qR9iPVIbHPAM6N0U", "content": "", "creation_timestamp": "2022-10-19T13:06:48.000000Z"}, {"uuid": "7386b852-a919-4ae4-9770-9f91c966e3f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40470", "type": "seen", "source": "https://t.me/cibsecurity/53248", "content": "\u203c CVE-2022-40470 \u203c\n\nPhpgurukul Blood Donor Management System 1.0 allows Cross Site Scripting via Add Blood Group Name Feature.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-21T18:37:21.000000Z"}, {"uuid": "c9401470-535f-4f31-b895-8d4ef4b741f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40475", "type": "seen", "source": "https://t.me/cibsecurity/50724", "content": "\u203c CVE-2022-40475 \u203c\n\nTOTOLINK A860R V4.1.2cu.5182_B20201027 was discovered to contain a command injection via the component /cgi-bin/downloadFile.cgi.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-29T16:35:00.000000Z"}, {"uuid": "9f948e3d-1c28-424a-9633-1b44247559ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40472", "type": "seen", "source": "https://t.me/cibsecurity/50744", "content": "\u203c CVE-2022-40472 \u203c\n\nZKTeco Xiamen Information Technology ZKBio Time 8.0.7 Build: 20220721.14829 was discovered to contain a CSV injection vulnerability. This vulnerability allows attackers to execute arbitrary code via a crafted payload injected into the Content text field of the Add New Message module.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-30T00:35:23.000000Z"}]}