{"vulnerability": "CVE-2022-4332", "sightings": [{"uuid": "99a9021b-be85-4838-8dd9-33e9cb7f0291", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43329", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14602", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-43329\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Canteen Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /print.php.\n\ud83d\udccf Published: 2022-11-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-02T21:09:17.100Z\n\ud83d\udd17 References:\n1. https://github.com/YReyi/bug_report/blob/main/vendors/mayuri_k/canteen-management-system/SQLi-1.md", "creation_timestamp": "2025-05-02T21:16:23.000000Z"}, {"uuid": "4b3ebfad-0886-4f5f-9fa0-fafc784f90ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43326", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13475", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-43326\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An Insecure Direct Object Reference (IDOR) vulnerability in the password reset function of Telos Alliance Omnia MPX Node 1.0.0-1.4.[*] allows attackers to arbitrarily change user and Administrator account passwords.\n\ud83d\udccf Published: 2022-11-29T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-25T16:38:15.054Z\n\ud83d\udd17 References:\n1. https://cyber-guy.gitbook.io/cyber-guys-blog/pocs/cve-2022-43326", "creation_timestamp": "2025-04-25T17:07:58.000000Z"}, {"uuid": "954cfc69-6051-4ab9-ae81-94ef518f2eed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43328", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14601", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-43328\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Canteen Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /editorder.php.\n\ud83d\udccf Published: 2022-11-01T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-02T21:10:37.982Z\n\ud83d\udd17 References:\n1. https://github.com/YReyi/bug_report/blob/main/vendors/mayuri_k/canteen-management-system/SQLi-2.md", "creation_timestamp": "2025-05-02T21:16:22.000000Z"}, {"uuid": "6d73611f-3ed6-48f1-b6d5-1d6dfbe18c7f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43326", "type": "seen", "source": "https://t.me/cibsecurity/53636", "content": "\u203c CVE-2022-43326 \u203c\n\nAn Insecure Direct Object Reference (IDOR) vulnerability in the password reset function of Telos Alliance Omnia MPX Node 1.0.0-1.4.[*] allows attackers to arbitrarily change user and Administrator account passwords.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-29T07:28:54.000000Z"}, {"uuid": "60dcf108-93a2-47ce-ab61-5bcc97500f45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4332", "type": "seen", "source": "https://t.me/cibsecurity/64841", "content": "\u203c CVE-2022-4332 \u203c\n\nIn Sprecher Automation SPRECON-E-C/P/T3 CPU in variant PU244x a\u00c2\u00a0vulnerable firmware verification has been identified. Through physical access and hardware manipulation, an attacker might be able to bypass hardware-based code verification and thus inject and execute arbitrary code and gain full access of the device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-06-01T12:25:07.000000Z"}, {"uuid": "5b9beca2-ce56-4b70-aef0-825b0f4b7a31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43329", "type": "seen", "source": "https://t.me/cibsecurity/52406", "content": "\u203c CVE-2022-43329 \u203c\n\nCanteen Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /print.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-01T21:18:59.000000Z"}, {"uuid": "5a8c2b16-25da-4806-b66e-e4f7ad8fc3c0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43325", "type": "seen", "source": "https://t.me/cibsecurity/53791", "content": "\u203c CVE-2022-43325 \u203c\n\nAn unauthenticated command injection vulnerability in the product license validation function of Telos Alliance Omnia MPX Node 1.3.* - 1.4.* allows attackers to execute arbitrary commands via a crafted payload injected into the license input.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-02T07:50:34.000000Z"}, {"uuid": "3af992c9-29c9-4e5b-916f-806e8c159b6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43321", "type": "seen", "source": "https://t.me/cibsecurity/52710", "content": "\u203c CVE-2022-43321 \u203c\n\nShopwind v3.4.3 was discovered to contain a reflected cross-site scripting (XSS) vulnerability in the component /common/library/Page.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-09T16:36:03.000000Z"}, {"uuid": "4fa7844b-731f-4c8f-a01c-0890f14c43b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43328", "type": "seen", "source": "https://t.me/cibsecurity/52412", "content": "\u203c CVE-2022-43328 \u203c\n\nCanteen Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /editorder.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-01T21:19:11.000000Z"}, {"uuid": "e7415e15-2fbe-497f-bdaa-644ba21f302c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-43320", "type": "seen", "source": "https://t.me/cibsecurity/52711", "content": "\u203c CVE-2022-43320 \u203c\n\nFeehiCMS v2.1.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the id parameter at /web/admin/index.php?r=log%2Fview-layer.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-09T16:36:04.000000Z"}]}