{"vulnerability": "CVE-2022-41573", "sightings": [{"uuid": "a3d41724-5dd7-4cf4-aa92-5dac56e06b79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41573", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lf6jqzkhqa2k", "content": "", "creation_timestamp": "2025-01-07T20:52:57.655061Z"}, {"uuid": "61b612d2-69f0-41c5-846a-ba006e8e06d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41573", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113793519806503558", "content": "", "creation_timestamp": "2025-01-08T15:48:36.169354Z"}, {"uuid": "11763ae3-ce04-44ca-a34d-c99fb7da7d83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41573", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113788740810947173", "content": "", "creation_timestamp": "2025-01-07T19:33:15.318015Z"}, {"uuid": "59f0edaf-9929-4f92-9bbf-3f9f85f86f3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41573", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf6hohgqk72e", "content": "", "creation_timestamp": "2025-01-07T20:15:43.777450Z"}, {"uuid": "cfc01d72-4702-4bd4-90e7-5ab8a89b3232", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41573", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/532", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-41573\n\ud83d\udd39 Description: An issue was discovered in Ovidentia 8.3. The file upload feature does not prevent the uploading of executable files. A user can upload a .png file containing PHP code and then rename it to have the .php extension. It will then be accessible at an images/common/ URI for remote code execution.\n\ud83d\udccf Published: 2025-01-07T00:00:00\n\ud83d\udccf Modified: 2025-01-07T19:28:16.474965\n\ud83d\udd17 References:\n1. https://bitbucket.org/cantico/ovidentia/branches/\n2. https://github.com/Orange-Cyberdefense/CVE-repository/\n3. https://github.com/Orange-Cyberdefense/CVE-repository/blob/master/PoCs/poc_CVE-2022-41573.txt", "creation_timestamp": "2025-01-07T19:37:33.000000Z"}, {"uuid": "a020037d-c572-4fe2-84c6-a4799aff19c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41573", "type": "seen", "source": "https://t.me/cvedetector/14605", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2022-41573 - Ovidentia Image Upload RCE Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2022-41573 \nPublished : Jan. 7, 2025, 8:15 p.m. | 42\u00a0minutes ago \nDescription : An issue was discovered in Ovidentia 8.3. The file upload feature does not prevent the uploading of executable files. A user can upload a .png file containing PHP code and then rename it to have the .php extension. It will then be accessible at an images/common/ URI for remote code execution. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-07T22:15:06.000000Z"}]}