{"vulnerability": "cve-2022-4079", "sightings": [{"uuid": "42c238c2-748d-44af-9103-1f94411558d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40799", "type": "seen", "source": "https://bsky.app/profile/bilaltariq01.bsky.social/post/3lvogm7dl222z", "content": "", "creation_timestamp": "2025-08-05T19:22:16.386508Z"}, {"uuid": "a7522907-53f7-459f-a3bb-cec03ef69064", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40799", "type": "seen", "source": "https://bsky.app/profile/pigondrugs.bsky.social/post/3lvoiubpns42l", "content": "", "creation_timestamp": "2025-08-05T20:02:35.244879Z"}, {"uuid": "1d39a56b-4090-4d72-a671-a3488212475e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40799", "type": "seen", "source": "https://feedsin.space/feed/CISAKevBot/items/4529444", "content": "", "creation_timestamp": "2025-08-05T20:50:06.300020Z"}, {"uuid": "2f792ff7-fd0e-4dfe-8dfd-cb0f2e5ad137", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40799", "type": "seen", "source": "https://bsky.app/profile/ytroncal.bsky.social/post/3lvpvn73rw22t", "content": "", "creation_timestamp": "2025-08-06T09:23:59.328177Z"}, {"uuid": "507e5a48-48d8-4316-bcce-30e3fcd54d04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40799", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-09-28T08:23:31.000000Z"}, {"uuid": "facacd2c-a792-4b40-92fa-581cd6420da1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40799", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lvr4oak6sq2z", "content": "", "creation_timestamp": "2025-08-06T21:02:29.122231Z"}, {"uuid": "5f87c704-87eb-43f8-a169-881651a1787a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40799", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lvu3k3ye5s2h", "content": "", "creation_timestamp": "2025-08-08T01:20:13.995083Z"}, {"uuid": "e173153a-4945-4680-b101-c2853af3c70a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40799", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lvu4qtbv6c2h", "content": "", "creation_timestamp": "2025-08-08T01:41:53.113661Z"}, {"uuid": "38ac3141-d9dd-47c5-9300-a7cd01b2d0c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40799", "type": "seen", "source": "MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123", "content": "", "creation_timestamp": "2025-09-29T03:12:13.000000Z"}, {"uuid": "7f699330-2ef2-4783-903f-8bd89d2f3499", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "af0120d0-3dac-4a6a-974b-a9f33d2a9846", "vulnerability": "CVE-2022-40799", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/33d46549-9ac8-49cd-b791-884ab3ac9e20", "content": "", "creation_timestamp": "2026-02-02T12:25:55.554702Z"}, {"uuid": "8bf3a91f-6607-4b6b-ae43-5ecf80ed00cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40797", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/14326", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2022-40797\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Roxy Fileman 1.4.6 allows Remote Code Execution via a .phar upload, because the default FORBIDDEN_UPLOADS value in conf.json only blocks .php, .php4, and .php5 files. (Visiting any .phar file invokes the PHP interpreter in some realistic web-server configurations.)\n\ud83d\udccf Published: 2022-11-09T00:00:00.000Z\n\ud83d\udccf Modified: 2025-05-01T15:51:32.573Z\n\ud83d\udd17 References:\n1. https://salsa.debian.org/php-team/php/-/blob/dc253886b5b2e9bc8d9e36db787abb083a667fd8/debian/php-cgi.conf#L5-6\n2. https://gist.github.com/Hadi999/1f66fe7c5a217ca261ebfec36c630d18\n3. https://web.archive.org/web/20210126213412/https://roxyfileman.com/download.php?f=1.4.6-php\n4. http://packetstormsecurity.com/files/169964/Roxy-Fileman-1.4.6-Remote-Shell-Upload.html", "creation_timestamp": "2025-05-01T16:14:39.000000Z"}, {"uuid": "1677b466-5eeb-4812-8e27-049ca3257f2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40799", "type": "seen", "source": "https://t.me/cibsecurity/53624", "content": "\u203c CVE-2022-40799 \u203c\n\nData Integrity Failure in 'Backup Config' in D-Link DNR-322L &lt;= 2.60B15 allows an authenticated attacker to execute OS level commands on the device.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-29T07:28:37.000000Z"}, {"uuid": "0e7d6702-8c12-45db-b010-889f5e1e22fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-4079", "type": "seen", "source": "https://t.me/cibsecurity/53223", "content": "\u203c CVE-2022-4079 \u203c\n\nA vulnerability was found in Show Visitor IP Plugin. It has been rated as problematic. Affected by this issue is some unknown functionality of the component HTTP Header Handler. The manipulation of the argument X-Forwarded-For leads to improper output neutralization for logs. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-214046 is the identifier assigned to this vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-11-20T16:36:27.000000Z"}, {"uuid": "a0469d44-5ed3-4062-a725-b6b30786585d", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40799", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/bce73a88-990a-4c90-885b-348ee10b5da0", "content": "", "creation_timestamp": "2026-06-19T12:45:27.556760Z"}, {"uuid": "9ec561bf-3390-45be-9527-fec40823bb72", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2022-40799", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/cc1bc2bd-5fb0-4553-8c29-59646c7001ad", "content": "", "creation_timestamp": "2026-06-23T14:03:52.777818Z"}]}