{"vulnerability": "CVE-2022-4792", "sightings": [{"uuid": "011a4093-f3b0-4a09-be12-def9ab6a003a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47925", "type": "seen", "source": "https://t.me/cibsecurity/60784", "content": "\u203c CVE-2022-47925 \u203c\n\nThe validate JSON endpoint of the Secvisogram csaf-validator-service in versions < 0.1.0 processes tests with unexpected names. This insufficient input validation of requests by an unauthenticated remote user might lead to a DoS of the process answering the current request while having no effect on other requests.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-27T18:20:06.000000Z"}, {"uuid": "9ecc444b-f62f-45ed-8c25-32df4d003698", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47929", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-09", "content": "", "creation_timestamp": "2025-02-13T11:00:00.000000Z"}, {"uuid": "548549e3-1654-49b1-b7a3-1f92f0addf27", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47926", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11823", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-47926\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: AyaCMS 3.1.2 is vulnerable to file deletion via /aya/module/admin/fst_del.inc.php\n\ud83d\udccf Published: 2022-12-22T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-15T14:46:45.713Z\n\ud83d\udd17 References:\n1. https://github.com/loadream/AyaCMS/issues/7", "creation_timestamp": "2025-04-15T14:55:03.000000Z"}, {"uuid": "bad40b96-e70b-4e87-b948-8dd28defd59a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4792", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfi245sbkj2g", "content": "", "creation_timestamp": "2025-01-11T15:39:31.211129Z"}, {"uuid": "f45bd6d4-0832-414c-935a-0aa3d432deeb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47924", "type": "seen", "source": "https://t.me/cibsecurity/60779", "content": "\u203c CVE-2022-47924 \u203c\n\nAn high privileged attacker may pass crafted arguments to the validate function of csaf-validator-lib of a locally installed Secvisogram in versions < 0.1.0 wich can result in arbitrary code execution and DoS once the users triggers the validation.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-27T18:19:58.000000Z"}, {"uuid": "a336144f-ecc1-495c-910f-155fdd27dd93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47928", "type": "seen", "source": "https://t.me/cibsecurity/55223", "content": "\u203c CVE-2022-47928 \u203c\n\nIn MISP before 2.4.167, there is XSS in the template file uploads in app/View/Templates/upload_file.ctp.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-23T02:14:07.000000Z"}, {"uuid": "a1808cbe-42f0-4702-bd23-0c7b4665db28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-47926", "type": "seen", "source": "https://t.me/cibsecurity/55127", "content": "\u203c CVE-2022-47926 \u203c\n\nAyaCMS 3.1.2 is vulnerable to file deletion via /aya/module/admin/fst_del.inc.php\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-22T20:13:49.000000Z"}]}