{"vulnerability": "cve-2022-4151", "sightings": [{"uuid": "5a6c243a-db34-48f7-8bb1-38b40f435b7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41513", "type": "seen", "source": "https://t.me/cibsecurity/51001", "content": "\u203c CVE-2022-41513 \u203c\n\nOnline Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /diagnostic/edittest.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-07T22:17:30.000000Z"}, {"uuid": "c15bd8f7-f328-4837-8105-870116f55f91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41514", "type": "seen", "source": "https://t.me/cibsecurity/51016", "content": "\u203c CVE-2022-41514 \u203c\n\nOpen Source SACCO Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /sacco_shield/ajax.php?action=delete_loan.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-07T22:17:53.000000Z"}, {"uuid": "9a48de4a-818f-4a72-9ec8-76d6e02dc733", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41515", "type": "seen", "source": "https://t.me/cibsecurity/51012", "content": "\u203c CVE-2022-41515 \u203c\n\nOpen Source SACCO Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /sacco_shield/ajax.php?action=delete_payment.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-07T22:17:47.000000Z"}, {"uuid": "29abfd65-c3c1-4427-9d96-199e6130a9da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4151", "type": "seen", "source": "https://t.me/cibsecurity/55361", "content": "\u203c CVE-2022-4151 \u203c\n\nThe Contest Gallery WordPress plugin before 19.1.5.1, Contest Gallery Pro WordPress plugin before 19.1.5.1 do not escape the option_id GET parameter before concatenating it to an SQL query in export-images-data.php. This may allow malicious users with at least author privilege to leak sensitive information from the site's database.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-26T16:41:00.000000Z"}, {"uuid": "0dc3035d-6049-4ca2-afe0-c7bdf1cb6d1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41518", "type": "seen", "source": "https://t.me/cibsecurity/50932", "content": "\u203c CVE-2022-41518 \u203c\n\nTOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain a command injection vulnerability via the UploadFirmwareFile function at /cgi-bin/cstecgi.cgi.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-06T22:23:12.000000Z"}, {"uuid": "d5859107-e69c-48ba-8e34-c5e4fca660cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-41517", "type": "seen", "source": "https://t.me/cibsecurity/50928", "content": "\u203c CVE-2022-41517 \u203c\n\nTOTOLINK NR1800X V9.1.0u.6279_B20210910 was discovered to contain a stack overflow in the lang parameter in the setLanguageCfg function\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-10-06T22:23:06.000000Z"}]}