{"vulnerability": "CVE-2022-4311", "sightings": [{"uuid": "f60a2049-e48c-4379-81b4-35296cf5fa6e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43110", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-182-05", "content": "", "creation_timestamp": "2025-07-01T10:00:00.000000Z"}, {"uuid": "6043b073-732a-47f8-9332-346576fd04ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43110", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lwzpwb5nzo2d", "content": "", "creation_timestamp": "2025-08-23T00:33:26.075264Z"}, {"uuid": "8fe0c46a-282e-4ad2-97ca-e0d0ca36e296", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43117", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13913", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-43117\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Sourcecodester Password Storage Application in PHP/OOP and MySQL 1.0 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities via the Name, Username, Description and Site Feature parameters.\n\ud83d\udccf Published: 2022-11-21T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-29T19:55:36.763Z\n\ud83d\udd17 References:\n1. https://drive.google.com/file/d/1ZmAuKMVzUpL8pt5KXQJk8IyPECoVP9xw/view?usp=sharing\n2. https://github.com/RashidKhanPathan/CVE-2022-43117", "creation_timestamp": "2025-04-29T20:12:36.000000Z"}, {"uuid": "2fcc9ec9-8059-4e68-85b3-5aecdf5b9ff9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43110", "type": "published-proof-of-concept", "source": "Telegram/znB4-XOdj2zO7XoRIW291Bfd7B-PZY583Bp9gcjE51XJa2A", "content": "", "creation_timestamp": "2025-07-03T09:00:05.000000Z"}, {"uuid": "de39380e-2a7f-49e4-b363-96af576677dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43110", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lx6f2nsxzh2c", "content": "", "creation_timestamp": "2025-08-24T21:02:22.176669Z"}, {"uuid": "7b2f0333-452e-4c8c-a59d-d9b351c16bfb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43119", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14101", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-43119\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A cross-site scripting (XSS) vulnerability in Clansphere CMS v2011.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Username parameter.\n\ud83d\udccf Published: 2022-11-09T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-30T18:10:22.747Z\n\ud83d\udd17 References:\n1. https://github.com/sinemsahn/POC/blob/main/Create%20Clansphere%202011.4%20%22username%22%20xss.md", "creation_timestamp": "2025-04-30T18:14:05.000000Z"}, {"uuid": "cb14c1d4-c93f-4ce0-a64c-cad03ee04461", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43118", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14331", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-43118\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A cross-site scripting (XSS) vulnerability in flatCore-CMS v2.1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Username text field.\n\ud83d\udccf Published: 2022-11-09T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-01T15:34:06.314Z\n\ud83d\udd17 References:\n1. https://github.com/flatCore/flatCore-CMS/issues/86", "creation_timestamp": "2025-05-01T16:14:44.000000Z"}, {"uuid": "dee761f7-7d20-4e23-9921-dfaabcd46a5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4311", "type": "seen", "source": "https://t.me/cibsecurity/54342", "content": "\u203c CVE-2022-4311 \u203c\n\nAn insertion of sensitive information into log file vulnerability exists in PcVue versions 15 through 15.2.2. This could allow a user with access to the log files to discover connection strings of data sources configured for the DbConnect, which could include credentials. Successful exploitation of this vulnerability could allow other users unauthorized access to the underlying data sources.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-12T20:21:06.000000Z"}, {"uuid": "7d8c26ec-f19c-4d6c-adea-6f34ff06e0e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43117", "type": "seen", "source": "https://t.me/cibsecurity/53264", "content": "\u203c CVE-2022-43117 \u203c\n\nSourcecodester Password Storage Application in PHP/OOP and MySQL 1.0 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities via the Name, Username, Description and Site Feature parameters.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-21T20:37:15.000000Z"}]}