{"vulnerability": "CVE-2022-2504", "sightings": [{"uuid": "a39bcf48-b3f1-4f53-b652-cb3ecf6e421c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25046", "type": "seen", "source": "https://t.me/cibsecurity/45725", "content": "\u203c CVE-2022-25046 \u203c\n\nA path traversal vulnerability in loader.php of CWP v0.9.8.1122 allows attackers to execute arbitrary code via a crafted POST request.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-07T16:15:13.000000Z"}, {"uuid": "3845e8ad-837c-4f06-ba2b-0cd1d38ead50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25048", "type": "seen", "source": "https://t.me/cibsecurity/45731", "content": "\u203c CVE-2022-25048 \u203c\n\nCommand injection vulnerability in CWP v0.9.8.1126 that allows normal users to run commands as the root user.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-07T16:15:20.000000Z"}, {"uuid": "c259a674-4239-4a93-8df5-0deda940547f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25045", "type": "seen", "source": "https://t.me/cibsecurity/38336", "content": "\u203c CVE-2022-25045 \u203c\n\nHome Owners Collection Management System v1.0 was discovered to contain hardcoded credentials which allows attackers to escalate privileges and access the admin panel.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-03T00:25:34.000000Z"}, {"uuid": "2511def5-275a-40e6-97d1-fa96a64a12b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25047", "type": "seen", "source": "https://t.me/cibsecurity/45726", "content": "\u203c CVE-2022-25047 \u203c\n\nThe password reset token in CWP v0.9.8.1126 is generated using known or predictable values.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-07T16:15:15.000000Z"}, {"uuid": "037691f1-fe0d-4e58-ad6d-14b18339990f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25041", "type": "seen", "source": "https://t.me/cibsecurity/39467", "content": "\u203c CVE-2022-25041 \u203c\n\nOpenEMR v6.0.0 was discovered to contain an incorrect access control issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-24T01:29:06.000000Z"}, {"uuid": "27153fb1-d2d1-4c8f-9468-28e24aac748f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-25044", "type": "seen", "source": "https://t.me/cibsecurity/38491", "content": "\u203c CVE-2022-25044 \u203c\n\nEspruino 2v11.251 was discovered to contain a stack buffer overflow via src/jsvar.c in jsvNewFromString.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-05T07:29:00.000000Z"}]}