{"vulnerability": "cve-2019-1022", "sightings": [{"uuid": "4472d78e-a302-4df9-9f0f-e16a128d0170", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10226", "type": "published-proof-of-concept", "source": "https://t.me/pwnwiki_zhchannel/315", "content": "CVE-2019-10226 Fat Free CRM 0.19.0 HTML\u6ce8\u5165\u6f0f\u6d1e\nhttps://www.pwnwiki.org/index.php?title=CVE-2019-10226_Fat_Free_CRM_0.19.0_HTML%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E", "creation_timestamp": "2021-05-02T06:46:22.000000Z"}, {"uuid": "dcadba1c-45f9-4643-8586-41931b8a40a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10220", "type": "seen", "source": "https://t.me/ctinow/195706", "content": "https://ift.tt/7ion3rD\nCVE-2019-10220 | Linux Kernel 4.9.0 CIFS Path path traversal (USN-4226-1)", "creation_timestamp": "2024-02-28T18:16:43.000000Z"}, {"uuid": "3f0e6261-b255-4b4e-b396-8c6700b061e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10224", "type": "seen", "source": "https://t.me/ctinow/194120", "content": "https://ift.tt/3ScCJYB\nCVE-2019-10224 | 389-ds-base up to 1.4.1.2 Verbose Mode insufficiently protected credentials (DLA 3399-1)", "creation_timestamp": "2024-02-27T08:46:45.000000Z"}, {"uuid": "5aca7765-2669-45ed-af30-d59bca98a39f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10222", "type": "seen", "source": "https://t.me/ctinow/182705", "content": "https://ift.tt/DaH1VZA\nCVE-2019-10222 | Ceph RGW Client Beast Front End HTTP Header resource consumption (DLA 3629-1)", "creation_timestamp": "2024-02-11T07:56:43.000000Z"}, {"uuid": "b6244838-a802-41af-b5b2-12e008521487", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10225", "type": "seen", "source": "https://t.me/cibsecurity/25207", "content": "\u203c CVE-2019-10225 \u203c\n\nA flaw was found in atomic-openshift of openshift-4.2 where the basic-user RABC role in OpenShift Container Platform doesn't sufficiently protect the GlusterFS StorageClass against leaking of the restuserkey. An attacker with basic-user permissions is able to obtain the value of restuserkey, and use it to authenticate to the GlusterFS REST service, gaining access to read, and modify files.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-03-19T23:33:45.000000Z"}, {"uuid": "9abbf289-5370-4a7f-8464-2399220b096d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10223", "type": "seen", "source": "https://t.me/ctinow/178721", "content": "https://ift.tt/Wq2g6ao\nCVE-2019-10223 | kube-state-metrics 1.7.0/1.7.1 Annotation information disclosure", "creation_timestamp": "2024-02-04T08:37:00.000000Z"}, {"uuid": "ca8becb7-f280-48a7-ae8f-f7c62a41e983", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10226", "type": "seen", "source": "https://t.me/VulnerabilityNews/5758", "content": "#0daytoday #Fat Free CRM 0.19.0 - HTML Injection Vulnerability CVE-2019-10226 [webapps #exploits #Vulnerability #0day #Exploit]\nRead More", "creation_timestamp": "2019-03-28T19:06:24.000000Z"}, {"uuid": "4223004d-943d-4775-ac7e-61e4646785b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-10221", "type": "seen", "source": "https://t.me/cibsecurity/10654", "content": "ATENTION\u203c New - CVE-2019-10221\n\nA Reflected Cross Site Scripting vulnerability was found in all pki-core 10.x.x versions, where the pki-ca module from the pki-core server. This flaw is caused by missing sanitization of the GET URL parameters. An attacker could abuse this flaw to trick an authenticated user into clicking a specially crafted link which can execute arbitrary code when viewed in a browser.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-03-20T17:32:17.000000Z"}]}