{"vulnerability": "CVE-2022-4395", "sightings": [{"uuid": "caef39e7-4ced-4853-9164-728360bb32be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4395", "type": "seen", "source": "https://t.me/testibiskuat/551", "content": "\u26a1\ufe0fDetail Kerentanan\u26a1\ufe0f\n\n\u27a1\ufe0fNama Plugin: Membership For WooCommerce\n\n\u27a1\ufe0fVersi Rentan: Semua versi sebelum 2.1.7\n\n\u27a1\ufe0fCVE ID: CVE-2022-4395\n\n\u27a1\ufe0fSkor CVSS v3.1: 9.8 (Kritis)\n\n\u27a1\ufe0fJenis Kerentanan: Unggah File Arbitrer/Shell Backdoor\n\n\u27a1\ufe0fDampak: Eksekusi kode jarak jauh (RCE)", "creation_timestamp": "2025-07-10T19:34:36.000000Z"}, {"uuid": "2f5ca648-5be6-46ca-b575-b18283a56417", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4395", "type": "published-proof-of-concept", "source": "Telegram/RDVp2vOk6EiTX4SOJlKW-Uun4ltPNUHnHI-9KHiknRLfnJ55dQ", "content": "", "creation_timestamp": "2024-09-21T06:29:38.000000Z"}, {"uuid": "581e0c8e-6164-4cfd-88a0-08e08dd19eda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4395", "type": "published-proof-of-concept", "source": "Telegram/-hVcj7RVS3QqYv1t3HP5vibVGlkq1PqMw8vAQDK6cSqIsGHo1g", "content": "", "creation_timestamp": "2024-09-20T10:03:40.000000Z"}, {"uuid": "5f05f6d9-3e18-4c56-80b9-d4e90757ce24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4395", "type": "published-proof-of-concept", "source": "https://t.me/SyrianElectronicArmyTEAM/3370", "content": "\ud83d\udce3 JYU TOOLS - UPDATE VIP 1.4\nWe are updating our VIP Tools, If you interested to Purchases Contact @eouxx1.\n\n\ud83d\udda5 Update: Exploit Shells, Uploaders, Wso, Filemanager more Reliable and Focused to our Private Path\n\ud83d\udda5 Update: System Scanner for Exploit Shells, Uploaders, Wso, Filemanager\n\ud83d\udda5 Update: Update private path from 721 Lines of Path to 80.000+\n\ud83d\udda5 Update: Zone-x Sec Grabber with Options\n\ud83d\udda5 Note: Improved and Monitoring our Tools.\n\ud83d\udda5 Added: Grab Domain Keyword\n\ud83d\udda5 Added: Grab Domain By Extension\n\ud83d\udda5 Added: Shell Cracker, Will Bruteforcing Shell with Password.\n\ud83d\udda5 Added: Subdomain Grabber \n\ud83d\udda5 Added: Defacer-net Grabber\n\ud83d\udda5 Added: Defacer-mirror Grabber\n\ud83d\udda5 Added: New Menu (Filtering Menu &amp; Cve Menu)\n\ud83d\udda5 Added: Filter Combo Logs (Can Get go.id ac.id sch.id Site!)\n\ud83d\udda5 Added: Cve-2017-9841 Scanner\n\ud83d\udda5 Added: Cve-2022-4395 Scanner + Auto Upload Shell\n\ud83d\udda5 Added: Cve-2023-3129 Scanner\n\n\ud83d\udcb8 Price: 95$/1.5jt idr\n\n\ud83d\udcdc Note: Open Source Tools Script Lifetime &amp; Free Update\n\n\u2709\ufe0f Contact Person\n\u2708\ufe0f Purchasing\n\u2708\ufe0f Channels", "creation_timestamp": "2024-09-19T15:32:10.000000Z"}, {"uuid": "877fa6a2-8a74-4938-b3c6-242e6a120cfe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4395", "type": "seen", "source": "https://t.me/arpsyndicate/615", "content": "#ExploitObserverAlert\n\nCVE-2022-4395\n\nDESCRIPTION: Exploit Observer has 3 entries related to CVE-2022-4395. The Membership For WooCommerce WordPress plugin before 2.1.7 does not validate uploaded files, which could allow unauthenticated users to upload arbitrary files, such as malicious PHP code, and achieve RCE.\n\nFIRST-EPSS: 0.001560000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-11-27T23:59:07.000000Z"}, {"uuid": "55d97616-7a7c-4191-b429-261ac989d0f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4395", "type": "published-proof-of-concept", "source": "Telegram/M-RM6JUeRS-yLbXH47dffFKYpTJTdkiqAiI6xYlcLmjs7Mv7LQ", "content": "", "creation_timestamp": "2024-09-19T15:32:04.000000Z"}, {"uuid": "cb77cd9a-a858-4eae-91c2-f5733e922780", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43959", "type": "published-proof-of-concept", "source": "https://t.me/hackprotectsi/71", "content": "https://github.com/secware-ru/CVE-2022-43959", "creation_timestamp": "2022-11-19T15:54:52.000000Z"}, {"uuid": "3e81e4e6-9737-4c11-9054-a38612f5a8f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43959", "type": "seen", "source": "https://t.me/cibsecurity/56756", "content": "\u203c CVE-2022-43959 \u203c\n\nInsufficiently Protected Credentials in the AD/LDAP server settings in 1C-Bitrix Bitrix24 through 22.200.200 allow remote administrators to discover an AD/LDAP administrative password by reading the source code of /bitrix/admin/ldap_server_edit.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-01-20T18:27:34.000000Z"}, {"uuid": "df6bd6ca-b2a4-4c27-a031-1bc0e2e53c6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43955", "type": "seen", "source": "https://t.me/cibsecurity/61893", "content": "\u203c CVE-2022-43955 \u203c\n\nAn improper neutralization of input during web page generation [CWE-79] in the FortiWeb web interface 7.0.0 through 7.0.3, 6.3.0 through 6.3.21, 6.4 all versions, 6.2 all versions, 6.1 all versions and 6.0 all versions may allow an unauthenticated and remote attacker to perform a reflected cross site scripting attack (XSS) via injecting malicious payload in log entries used to build report.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-11T20:23:34.000000Z"}, {"uuid": "8eea3dfb-f04a-46a7-b71a-0fc0b1d1851b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43951", "type": "seen", "source": "https://t.me/cibsecurity/61892", "content": "\u203c CVE-2022-43951 \u203c\n\nAn exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiNAC 9.4.1 and below, 9.2.6 and below, 9.1.8 and below, 8.8.11 and below, 8.7.6 and below may allow an unauthenticated attacker to access sensitive information via crafted HTTP requests.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-11T20:23:33.000000Z"}, {"uuid": "9b738b92-27b8-4094-9a1d-0c0df86c1196", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43952", "type": "seen", "source": "https://t.me/cibsecurity/61887", "content": "\u203c CVE-2022-43952 \u203c\n\nAn improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiADC version 7.1.1 and below, version 7.0.3 and below, version 6.2.5 and below may allow an authenticated attacker to perform a cross-site scripting attack via crafted HTTP requests.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-04-11T20:23:25.000000Z"}, {"uuid": "a61a5554-080d-4af6-ad69-db470d34a3fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43959", "type": "published-proof-of-concept", "source": "https://t.me/intelexch/34114", "content": "https://github.com/secware-ru/CVE-2022-43959", "creation_timestamp": "2022-11-19T15:30:00.000000Z"}, {"uuid": "fa953e98-e033-474a-b2d5-c2a1dda80a16", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4395", "type": "published-proof-of-concept", "source": "https://t.me/JATENGSEMARANG/1563", "content": "\ud83d\udce3 JYU TOOLS - UPDATE VIP 1.4\nWe are updating our VIP Tools, If you interested to Purchases Contact @eouxx1.\n\n\ud83d\udda5 Update: Exploit Shells, Uploaders, Wso, Filemanager more Reliable and Focused to our Private Path\n\ud83d\udda5 Update: System Scanner for Exploit Shells, Uploaders, Wso, Filemanager\n\ud83d\udda5 Update: Update private path from 721 Lines of Path to 80.000+\n\ud83d\udda5 Update: Zone-x Sec Grabber with Options\n\ud83d\udda5 Note: Improved and Monitoring our Tools.\n\ud83d\udda5 Added: Grab Domain Keyword\n\ud83d\udda5 Added: Grab Domain By Extension\n\ud83d\udda5 Added: Shell Cracker, Will Bruteforcing Shell with Password.\n\ud83d\udda5 Added: Subdomain Grabber \n\ud83d\udda5 Added: Defacer-net Grabber\n\ud83d\udda5 Added: Defacer-mirror Grabber\n\ud83d\udda5 Added: New Menu (Filtering Menu &amp; Cve Menu)\n\ud83d\udda5 Added: Filter Combo Logs (Can Get go.id ac.id sch.id Site!)\n\ud83d\udda5 Added: Cve-2017-9841 Scanner\n\ud83d\udda5 Added: Cve-2022-4395 Scanner + Auto Upload Shell\n\ud83d\udda5 Added: Cve-2023-3129 Scanner\n\n\ud83d\udcb8 Price: 95$/1.5jt idr\n\n\ud83d\udcdc Note: Open Source Tools Script Lifetime &amp; Free Update\n\n\u2709\ufe0f Contact Person\n\u2708\ufe0f Purchasing\n\u2708\ufe0f Channels", "creation_timestamp": "2024-09-20T10:03:43.000000Z"}, {"uuid": "1bd4d090-49f3-4698-b62e-d1921cdc3712", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4395", "type": "published-proof-of-concept", "source": "https://t.me/JATENGSEMARANG/1545", "content": "\ud83d\udce3 JYU TOOLS - UPDATE VIP 1.4\nWe are updating our VIP Tools, If you interested to Purchases Contact @eouxx1.\n\n\ud83d\udda5 Update: Exploit Shells, Uploaders, Wso, Filemanager more Reliable and Focused to our Private Path\n\ud83d\udda5 Update: System Scanner for Exploit Shells, Uploaders, Wso, Filemanager\n\ud83d\udda5 Update: Update private path from 721 Lines of Path to 80.000+\n\ud83d\udda5 Update: Zone-x Sec Grabber with Options\n\ud83d\udda5 Note: Improved and Monitoring our Tools.\n\ud83d\udda5 Added: Grab Domain Keyword\n\ud83d\udda5 Added: Grab Domain By Extension\n\ud83d\udda5 Added: Shell Cracker, Will Bruteforcing Shell with Password.\n\ud83d\udda5 Added: Subdomain Grabber \n\ud83d\udda5 Added: Defacer-net Grabber\n\ud83d\udda5 Added: Defacer-mirror Grabber\n\ud83d\udda5 Added: New Menu (Filtering Menu &amp; Cve Menu)\n\ud83d\udda5 Added: Filter Combo Logs (Can Get go.id ac.id sch.id Site!)\n\ud83d\udda5 Added: Cve-2017-9841 Scanner\n\ud83d\udda5 Added: Cve-2022-4395 Scanner + Auto Upload Shell\n\ud83d\udda5 Added: Cve-2023-3129 Scanner\n\n\ud83d\udcb8 Price: 95$/1.5jt idr\n\n\ud83d\udcdc Note: Open Source Tools Script Lifetime &amp; Free Update\n\n\u2709\ufe0f Contact Person\n\u2708\ufe0f Purchasing\n\u2708\ufe0f Channels", "creation_timestamp": "2024-09-19T15:32:09.000000Z"}, {"uuid": "98a4fef1-a0df-4057-9574-eb4a66e23eed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43950", "type": "seen", "source": "https://t.me/cibsecurity/63267", "content": "\u203c CVE-2022-43950 \u203c\n\nA URL redirection to untrusted site ('Open Redirect') vulnerability [CWE-601] in FortiNAC-F version 7.2.0, FortiNAC version 9.4.1 and below, 9.2 all versions, 9.1 all versions,  8.8 all versions, 8.7 all versions may allow an unauthenticated attacker to redirect users to any arbitrary website via a crafted URL.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-05-04T02:36:32.000000Z"}, {"uuid": "e59f17f4-27bf-4836-b23f-ff35b93324f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43958", "type": "seen", "source": "https://t.me/cibsecurity/52623", "content": "\u203c CVE-2022-43958 \u203c\n\nA vulnerability has been identified in QMS Automotive (All versions). User credentials are stored in plaintext in the database. This could allow an attacker to gain access to credentials and impersonate other users.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-08T14:35:12.000000Z"}, {"uuid": "996e4975-38d6-4767-aba1-666152ed86f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4395", "type": "exploited", "source": "https://t.me/FanatixRipperNews/726", "content": "\ud83d\udce3 JYU TOOLS - UPDATE VIP 1.4\nWe are updating our VIP Tools, If you interested to Purchases Contact @eouxx1.\n\n\ud83d\udda5 Update: Exploit Shells, Uploaders, Wso, Filemanager more Reliable and Focused to our Private Path\n\ud83d\udda5 Update: System Scanner for Exploit Shells, Uploaders, Wso, Filemanager\n\ud83d\udda5 Update: Update private path from 721 Lines of Path to 80.000+\n\ud83d\udda5 Update: Zone-x Sec Grabber with Options\n\ud83d\udda5 Note: Improved and Monitoring our Tools.\n\ud83d\udda5 Added: Grab Domain Keyword\n\ud83d\udda5 Added: Grab Domain By Extension\n\ud83d\udda5 Added: Shell Cracker, Will Bruteforcing Shell with Password.\n\ud83d\udda5 Added: Subdomain Grabber \n\ud83d\udda5 Added: Defacer-net Grabber\n\ud83d\udda5 Added: Defacer-mirror Grabber\n\ud83d\udda5 Added: New Menu (Filtering Menu &amp; Cve Menu)\n\ud83d\udda5 Added: Filter Combo Logs (Can Get go.id ac.id sch.id Site!)\n\ud83d\udda5 Added: Cve-2017-9841 Scanner\n\ud83d\udda5 Added: Cve-2022-4395 Scanner + Auto Upload Shell\n\ud83d\udda5 Added: Cve-2023-3129 Scanner\n\n\ud83d\udcb8 Price: 95$/1.5jt idr\n\n\ud83d\udcdc Note: Open Source Tools Script Lifetime &amp; Free Update\n\n\u2709\ufe0f Contact Person\n\u2708\ufe0f Purchasing\n\u2708\ufe0f Channels", "creation_timestamp": "2024-09-21T06:29:38.000000Z"}]}