{"vulnerability": "cve-2022-4093", "sightings": [{"uuid": "10394558-031e-4bd9-8013-243862dde8c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40939", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12985", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-40939\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In certain Secustation products the administrator account password can be read. This affects V2.5.5.3116-S50-SMA-B20171107A, V2.3.4.1301-M20-TSA-B20150617A, V2.5.5.3116-S50-RXA-B20180502A, V2.5.5.3116-S50-SMA-B20190723A, V2.5.5.3116-S50-SMB-B20161012A, V2.3.4.2103-S50-NTD-B20170508B, V2.5.5.3116-S50-SMB-B20160601A, V2.5.5.2601-S50-TSA-B20151229A, and V2.5.5.3116-S50-SMA-B20170217.\n\ud83d\udccf Published: 2022-12-08T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-22T20:28:12.850Z\n\ud83d\udd17 References:\n1. https://cdsbz.gitbook.io/untitled/secustion-camera-vulnerability-recurrence", "creation_timestamp": "2025-04-22T21:04:25.000000Z"}, {"uuid": "fd5e8480-c0b8-430f-9015-83ecb4d8e62f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40934", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17655", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-40934\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Online Pet Shop We App v1.0 is vulnerable to SQL injection via /pet_shop/classes/Master.php?f=delete_sub_category,id\n\ud83d\udccf Published: 2022-09-22T16:05:38.000Z\n\ud83d\udccf Modified: 2025-05-27T15:41:58.615Z\n\ud83d\udd17 References:\n1. https://github.com/lime-10010/Bug_report/blob/main/vendors/oretnom23/online-pet-shop-we-app/SQLi-3.md", "creation_timestamp": "2025-05-27T15:49:12.000000Z"}, {"uuid": "7d32db7a-e465-46ed-a4a4-ef114b9d5318", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40933", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17680", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-40933\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Online Pet Shop We App v1.0 by oretnom23 is vulnerable to SQL injection via /pet_shop/classes/Master.php?f=delete_order,id.\n\ud83d\udccf Published: 2022-09-22T16:03:23.000Z\n\ud83d\udccf Modified: 2025-05-27T15:47:18.158Z\n\ud83d\udd17 References:\n1. https://github.com/lime-10010/Bug_report/blob/main/vendors/oretnom23/online-pet-shop-we-app/SQLi-1.md", "creation_timestamp": "2025-05-27T16:53:16.000000Z"}, {"uuid": "cfca804b-92df-4588-ad54-af6645bbd329", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40932", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17679", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-40932\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In Zoo Management System v1.0, there is an arbitrary file upload vulnerability in the picture upload point of the \"gallery\" file of the \"Gallery\" module in the background management system.\n\ud83d\udccf Published: 2022-09-22T15:59:43.000Z\n\ud83d\udccf Modified: 2025-05-27T15:49:35.921Z\n\ud83d\udd17 References:\n1. https://github.com/lime-10010/Bug_report/blob/main/vendors/pushpam02/zoo-management-system/RCE-1.md", "creation_timestamp": "2025-05-27T16:53:13.000000Z"}, {"uuid": "b61c37f3-8b64-45b9-a332-69194a4311c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40935", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/17658", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-40935\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Online Pet Shop We App v1.0 is vulnerable to SQL Injection via /pet_shop/classes/Master.php?f=delete_category,id.\n\ud83d\udccf Published: 2022-09-22T16:07:07.000Z\n\ud83d\udccf Modified: 2025-05-27T15:39:57.626Z\n\ud83d\udd17 References:\n1. https://github.com/lime-10010/Bug_report/blob/main/vendors/oretnom23/online-pet-shop-we-app/SQLi-2.md", "creation_timestamp": "2025-05-27T15:49:15.000000Z"}, {"uuid": "02b1ef3e-7e43-4820-8044-fe20a2c25f42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40939", "type": "seen", "source": "https://t.me/cibsecurity/54183", "content": "\u203c CVE-2022-40939 \u203c\n\nIn certain Secustation products the administrator account password can be read. This affects V2.5.5.3116-S50-SMA-B20171107A, V2.3.4.1301-M20-TSA-B20150617A, V2.5.5.3116-S50-RXA-B20180502A, V2.5.5.3116-S50-SMA-B20190723A, V2.5.5.3116-S50-SMB-B20161012A, V2.3.4.2103-S50-NTD-B20170508B, V2.5.5.3116-S50-SMB-B20160601A, V2.5.5.2601-S50-TSA-B20151229A, and V2.5.5.3116-S50-SMA-B20170217.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-08T20:12:43.000000Z"}, {"uuid": "71468b7b-98df-4072-8ee9-3623b4da1be8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4093", "type": "seen", "source": "https://t.me/cibsecurity/53231", "content": "\u203c CVE-2022-4093 \u203c\n\nSQL injection attacks can result in unauthorized access to sensitive data, such as passwords, credit card details, or personal user information. Many high-profile data breaches in recent years have been the result of SQL injection attacks, leading to reputational damage and regulatory fines. In some cases, an attacker can obtain a persistent backdoor into an organization's systems, leading to a long-term compromise that can go unnoticed for an extended period. This affect 16.0.1 and 16.0.2 only. 16.0.0 or lower, and 16.0.3 or higher are not affected\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-21T08:25:32.000000Z"}, {"uuid": "43a7b256-641b-479f-9e08-26dcace938ee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40935", "type": "seen", "source": "https://t.me/cibsecurity/50285", "content": "\u203c CVE-2022-40935 \u203c\n\nOnline Pet Shop We App v1.0 is vulnerable to SQL Injection via /pet_shop/classes/Master.php?f=delete_category,id.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-22T20:12:42.000000Z"}, {"uuid": "d5c09675-491f-47e9-94c2-253626f4b88b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40934", "type": "seen", "source": "https://t.me/cibsecurity/50277", "content": "\u203c CVE-2022-40934 \u203c\n\nOnline Pet Shop We App v1.0 is vulnerable to SQL injection via /pet_shop/classes/Master.php?f=delete_sub_category,id\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-22T20:12:29.000000Z"}, {"uuid": "656e99ac-0b5c-4c96-9064-4cc8ba43ab78", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40932", "type": "seen", "source": "https://t.me/cibsecurity/50292", "content": "\u203c CVE-2022-40932 \u203c\n\nIn Zoo Management System v1.0, there is an arbitrary file upload vulnerability in the picture upload point of the \"gallery\" file of the \"Gallery\" module in the background management system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-22T20:12:51.000000Z"}, {"uuid": "dd32a05c-bde4-40d0-a3fc-f9b85b4d0b3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40933", "type": "seen", "source": "https://t.me/cibsecurity/50291", "content": "\u203c CVE-2022-40933 \u203c\n\nOnline Pet Shop We App v1.0 by oretnom23 is vulnerable to SQL injection via /pet_shop/classes/Master.php?f=delete_order,id.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-09-22T20:12:50.000000Z"}]}