{"vulnerability": "cve-2022-4209", "sightings": [{"uuid": "7252c3ad-9428-487a-89b8-33cf9a744387", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42096", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13912", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-42096\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via Post content.\n\ud83d\udccf Published: 2022-11-21T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-29T19:59:24.474Z\n\ud83d\udd17 References:\n1. https://github.com/backdrop/backdrop/releases/tag/1.23.0\n2. https://backdropcms.org\n3. https://github.com/bypazs/CVE-2022-42096\n4. https://grimthereaperteam.medium.com/cve-2022-42096-backdrop-xss-at-posts-437c305036e2", "creation_timestamp": "2025-04-29T20:12:33.000000Z"}, {"uuid": "9863c94a-2f22-49bd-9e7b-66bc9ed9290c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42097", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13832", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-42097\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via 'Comment.' .\n\ud83d\udccf Published: 2022-11-22T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-29T14:57:48.634Z\n\ud83d\udd17 References:\n1. https://github.com/backdrop/backdrop/releases/tag/1.23.0\n2. https://backdropcms.org\n3. https://grimthereaperteam.medium.com/cve-2022-42097-backdrop-xss-at-comments-2ea536ec55e1\n4. https://github.com/bypazs/CVE-2022-42097", "creation_timestamp": "2025-04-29T15:11:39.000000Z"}, {"uuid": "f912c353-2417-432a-8589-8d39769ee322", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42095", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13715", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-42095\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Page content.\n\ud83d\udccf Published: 2022-11-23T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-28T18:08:47.725Z\n\ud83d\udd17 References:\n1. https://github.com/backdrop/backdrop/releases/tag/1.23.0\n2. https://backdropcms.org\n3. https://grimthereaperteam.medium.com/declined-backdrop-xss-at-pages-26e5d63686bc\n4. https://github.com/bypazs/Declined_backdrop-XSS-at-pAGES\n5. https://github.com/bypazs/CVE-2022-42095", "creation_timestamp": "2025-04-28T18:10:53.000000Z"}, {"uuid": "14e7a9bb-558d-4764-8a85-156eb586ad7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42094", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13830", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-42094\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the 'Card' content.\n\ud83d\udccf Published: 2022-11-22T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-29T15:00:22.912Z\n\ud83d\udd17 References:\n1. https://github.com/backdrop/backdrop/releases/tag/1.23.0\n2. https://backdropcms.org\n3. https://grimthereaperteam.medium.com/cve-2022-42094-backdrop-xss-at-cards-84266b5250f1\n4. https://github.com/bypazs/CVE-2022-42094", "creation_timestamp": "2025-04-29T15:11:34.000000Z"}, {"uuid": "58692228-1cf8-409d-9ce0-a6593a127983", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42092", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/34449", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aCVE-2023-46818 Python3 Exploit for Backdrop CMS <= 1.22.0 Authenticated Remote Command Execution (RCE)\nURL\uff1ahttps://github.com/ajdumanhug/CVE-2022-42092\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-04-27T17:55:40.000000Z"}, {"uuid": "41e44943-1ec3-4cdc-814e-c077db7299b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42092", "type": "published-proof-of-concept", "source": "Telegram/hkqEFwwh606UEFPfmjcYFdm2vUfHHs20xhtGk7qU0l2VFRM", "content": "", "creation_timestamp": "2025-04-27T23:00:06.000000Z"}, {"uuid": "00cd964a-2813-4229-96bf-6927515af3e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42092", "type": "published-proof-of-concept", "source": "https://t.me/NinjaSec/290", "content": "1. https://github.com/Sachinart/CVE-2025-32432\nCheck for CVE-2025-32432 vulnerability\n#github #exploit\n\n\n2. https://github.com/helidem/CVE-2025-24054-PoC\nProof of Concept for NTLM Hash Leak via .library-ms CVE-2025-24054\n#github #poc\n\n\n3. https://github.com/ajdumanhug/CVE-2023-46818\nCVE-2023-46818 Python3 Exploit for ISPConfig <= 3.2.11 PHP Code Injection\n#github #exploit\n\n\n4. https://github.com/0x6rss/CVE-2025-24071_PoC\nNTLM hash leak via .library-ms inside ZIP/RAR (CVE-2025-24071)\n#github #poc\n\n\n5. https://github.com/trickest/cve/blob/main/2022/CVE-2022-42092.md\nCVE-2022-42092 \u2013 Backdrop CMS RCE PoC\n#github #exploit\n\n\n6. https://github.com/nomi-sec/PoC-in-GitHub\nAggregated CVE Exploits and PoCs from GitHub\n#github #tool\n\n\n7. https://github.com/SofianeHamlaoui/CVE-2022-0492-Checker\nLinux Container Escape CVE-2022-0492 vulnerability checker\n#github #exploit\n\n\n8. https://github.com/xigney/CVE-2025-24054_PoC\nAlternate NTLM Hash Leak via .library-ms CVE-2025-24054\n#github #poc\n\n\n9. https://github.com/bipbopbup/CVE-2023-46818-python-exploit\nPython PoC for CVE-2023-46818 in ISPConfig\n#github #exploit\n\n\n10. https://github.com/Marcejr117/CVE-2025-24071_PoC\nNTLM Hash Leak using .library-ms via ZIP trick (CVE-2025-24071)\n#github #poc\n\n\n11. https://github.com/Ostorlab/KEV\nKnown Exploited Vulnerabilities Detector\n#github #scanner\n\n\n12. https://github.com/edoardottt/missing-cve-nuclei-templates\nMissing CVE Detection via Nuclei Templates\n#github #scanner\n\n\n13. https://github.com/hyp3rlinx/Advisories\nZero-Day Security Advisories and Exploits by Hyp3rlinx\n#github #exploit\n\n\n14. https://github.com/Kubashok/apple-cve-repos\nApple CVE Database Links Repository\n#github #cve\n\n\n15. https://github.com/esnet/Seccubus_v2\nSeccubus Test Data for Vulnerability Scanners\n#github #tool\n\n\n16. https://github.com/skordemir/Xml2Ontology\nNessus XML Vulnerability Report Samples\n#github #data\n\n\n17. https://github.com/madirish/hector\nHector: Vulnerability Management Tool with Sample Nessus Reports\n#github #tool\n\n\n18. https://github.com/projectdiscovery/nuclei-templates/issues/8804\nNuclei Template request for ISPConfig CVE-2023-46818\n#github #scanner\n\n\n19. https://github.com/projectdiscovery/nuclei-templates/issues/12020\nNuclei Template PoC Request for CraftCMS CVE-2025-32432\n#github #scanner\n\n\n20. https://github.com/tanjiti/sec_profile\nSecurity Profile Aggregator \u2013 CVE, CISA, NVD, etc.\n#github #intel\n\n\n21. https://github.com/cube0x0/CVE-2021-1675\nPrintNightmare Exploit PoC (CVE-2021-1675 / CVE-2021-34527)\n#github #exploit\n\n22. https://github.com/Maldev-Academy/LsassHijackingViaReg\n\nInjecting DLL into LSASS at boot\n#github #tools\n\n\nOpen-source tools and proof-of-concept (PoC) repositories related to recent CVEs, exploits, and security research. These resources are valuable for educational purposes and can aid students in understanding real-world vulnerabilities and exploitation techniques.", "creation_timestamp": "2025-05-05T10:30:13.000000Z"}, {"uuid": "1f581f6b-2182-4c6a-b387-d21aa2a65d21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42098", "type": "seen", "source": "https://t.me/cibsecurity/53331", "content": "\u203c CVE-2022-42098 \u203c\n\nKLiK SocialMediaWebsite version v1.0.1 is vulnerable to SQL Injection via the profile.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-22T16:13:06.000000Z"}, {"uuid": "2478ff3b-3750-4dad-b757-9bbe72192f2d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42096", "type": "seen", "source": "https://t.me/cibsecurity/53287", "content": "\u203c CVE-2022-42096 \u203c\n\nBackdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via Post content.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-22T00:37:19.000000Z"}, {"uuid": "f60c99d7-6e8b-4f62-967b-0ea3ef65d5fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42099", "type": "seen", "source": "https://t.me/cibsecurity/53620", "content": "\u203c CVE-2022-42099 \u203c\n\nKLiK SocialMediaWebsite Version 1.0.1 has XSS vulnerabilities that allow attackers to store XSS via location Forum Subject input.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-29T07:28:31.000000Z"}, {"uuid": "bc047c58-8ac5-414b-8489-a1713aa6ee08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42095", "type": "seen", "source": "https://t.me/cibsecurity/53404", "content": "\u203c CVE-2022-42095 \u203c\n\nBackdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Page content.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-23T07:13:57.000000Z"}, {"uuid": "9a7d562a-97bf-496b-b087-0c4f54d5b38c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42097", "type": "seen", "source": "https://t.me/cibsecurity/53325", "content": "\u203c CVE-2022-42097 \u203c\n\nBackdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via 'Comment.' .\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-22T16:12:57.000000Z"}, {"uuid": "41a51067-5579-480b-b41f-0e8360b58dbe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42094", "type": "seen", "source": "https://t.me/cibsecurity/53337", "content": "\u203c CVE-2022-42094 \u203c\n\nBackdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the 'Card' content.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-22T16:13:12.000000Z"}, {"uuid": "bb1b0997-935f-45f8-9b93-6a398ee7ad60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-42092", "type": "published-proof-of-concept", "source": "https://t.me/liwaamohammad/1929", "content": "https://github.com/ajdumanhug/CVE-2022-42092\n\nCVE-2023-46818 Python3 Exploit for Backdrop CMS <= 1.22.0 Authenticated Remote Command Execution (RCE)\n#github #exploit", "creation_timestamp": "2025-05-02T14:06:34.000000Z"}]}