{"vulnerability": "CVE-2022-4814", "sightings": [{"uuid": "29791190-7dfc-4eca-a0aa-3fbd839d1880", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4814", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/11270", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-4814\n\ud83d\udd25 CVSS Score: 8.6 (cvssV3_0, Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:L)\n\ud83d\udd39 Description: Improper Access Control in GitHub repository usememos/memos prior to 0.9.1.\n\ud83d\udccf Published: 2022-12-28T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-10T16:40:29.814Z\n\ud83d\udd17 References:\n1. https://github.com/usememos/memos/commit/3556ae4e651d9443dc3bb8a170dd3cc726517a53\n2. https://huntr.dev/bounties/e65b3458-c2e2-4c0b-9029-e3c9ee015ae4", "creation_timestamp": "2025-04-10T16:49:21.000000Z"}, {"uuid": "7ecfa82b-6952-408a-b04e-171cac9b96d7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48140", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8946", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-48140\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: DedeCMS v5.7.97 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /file_manage_view.php?fmdo=edit&filename.\n\ud83d\udccf Published: 2023-02-02T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-26T19:00:32.739Z\n\ud83d\udd17 References:\n1. https://github.com/ChandlerChin/dedecms/blob/main/xss.docx", "creation_timestamp": "2025-03-26T19:26:23.000000Z"}, {"uuid": "cd2a50a1-ee05-429d-ae5b-708dc4cbc00e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48149", "type": "seen", "source": "https://t.me/cibsecurity/58765", "content": "\u203c CVE-2022-48149 \u203c\n\nOnline Student Admission System in PHP Free Source Code 1.0 was discovered to contain a SQL injection vulnerability via the username parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-23T02:28:58.000000Z"}, {"uuid": "ca10a16c-645b-49be-bb25-227052211f58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48140", "type": "seen", "source": "https://t.me/cibsecurity/57422", "content": "\u203c CVE-2022-48140 \u203c\n\nDedeCMS v5.7.97 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /file_manage_view.php?fmdo=edit&filename.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-03T00:15:14.000000Z"}, {"uuid": "c861e7c1-4477-4a02-9022-9a20e64c5317", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-48149", "type": "seen", "source": "https://t.me/arpsyndicate/49", "content": "#ExploitObserverAlert\n\nCVE-2022-48149\n\nDESCRIPTION: Exploit Observer has 1 entries related to CVE-2022-48149. Online Student Admission System in PHP Free Source Code 1.0 was discovered to contain a SQL injection vulnerability via the username parameter.\n\nFIRST-EPSS: 0.000760000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-11-10T20:36:27.000000Z"}, {"uuid": "4c24f567-e206-4390-ac87-f605c23f24b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4814", "type": "seen", "source": "https://t.me/cibsecurity/55493", "content": "\u203c CVE-2022-4814 \u203c\n\nImproper Access Control in GitHub repository usememos/memos prior to 0.9.1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-28T16:12:37.000000Z"}]}