https://vulnerability.circl.lu/sightings/feed 2026-05-09T00:58:20.283385+00:00 Vulnerability-Lookup info@circl.lu python-feedgen Contains only the most 10 recent sightings. https://vulnerability.circl.lu/sighting/ec3a65fe-a23c-4fdb-8552-7b8739558fa3/export 2026-05-09T00:58:20.674469+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "ec3a65fe-a23c-4fdb-8552-7b8739558fa3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41176", "type": "seen", "source": "https://t.me/cibsecurity/31162", "content": "\u203c CVE-2021-41176 \u203c\n\nPterodactyl is an open-source game server management panel built with PHP 7, React, and Go. In affected versions of Pterodactyl a malicious user can trigger a user logout if a signed in user visits a malicious website that makes a request to the Panel's sign-out endpoint. This requires a targeted attack against a specific Panel instance, and serves only to sign a user out. **No user details are leaked, nor is any user data affected, this is simply an annoyance at worst.** This is fixed in version 1.6.3.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-25T20:14:29.000000Z"} 2021-10-25T20:14:29+00:00 https://vulnerability.circl.lu/sighting/cf189f68-a35e-4712-8fb3-cb34cc16bbb9/export 2026-05-09T00:58:20.674397+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "cf189f68-a35e-4712-8fb3-cb34cc16bbb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41177", "type": "seen", "source": "https://t.me/cibsecurity/31179", "content": "\u203c CVE-2021-41177 \u203c\n\nNextcloud is an open-source, self-hosted productivity platform. Prior to versions 20.0.13, 21.0.5, and 22.2.0, Nextcloud Server did not implement a database backend for rate-limiting purposes. Any component of Nextcloud using rate-limits (as as `AnonRateThrottle` or `UserRateThrottle`) was thus not rate limited on instances not having a memory cache backend configured. In the case of a default installation, this would notably include the rate-limits on the two factor codes. It is recommended that the Nextcloud Server be upgraded to 20.0.13, 21.0.5, or 22.2.0. As a workaround, enable a memory cache backend in `config.php`.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-26T02:14:06.000000Z"} 2021-10-26T02:14:06+00:00 https://vulnerability.circl.lu/sighting/b9dfc718-c269-454f-8f7f-101bf9319768/export 2026-05-09T00:58:20.674323+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "b9dfc718-c269-454f-8f7f-101bf9319768", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41179", "type": "seen", "source": "https://t.me/cibsecurity/31180", "content": "\u203c CVE-2021-41179 \u203c\n\nNextcloud is an open-source, self-hosted productivity platform. Prior to Nextcloud Server versions 20.0.13, 21.0.5, and 22.2.0, the Two-Factor Authentication wasn't enforced for pages marked as public. Any page marked as `@PublicPage` could thus be accessed with a valid user session that isn't authenticated. This particularly affects the Nextcloud Talk application, as this could be leveraged to gain access to any private chat channel without going through the Two-Factor flow. It is recommended that the Nextcloud Server be upgraded to 20.0.13, 21.0.5 or 22.2.0. There are no known workarounds aside from upgrading.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-26T02:14:07.000000Z"} 2021-10-26T02:14:07+00:00 https://vulnerability.circl.lu/sighting/9dcfa0ca-4ec0-4301-8b93-8980d289b445/export 2026-05-09T00:58:20.674246+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "9dcfa0ca-4ec0-4301-8b93-8980d289b445", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41178", "type": "seen", "source": "https://t.me/cibsecurity/31187", "content": "\u203c CVE-2021-41178 \u203c\n\nNextcloud is an open-source, self-hosted productivity platform. Prior to versions 20.0.13, 21.0.5, and 22.2.0, a file traversal vulnerability makes an attacker able to download arbitrary SVG images from the host system, including user provided files. This could also be leveraged into a XSS/phishing attack, an attacker could upload a malicious SVG file that mimics the Nextcloud login form and send a specially crafted link to victims. The XSS risk here is mitigated due to the fact that Nextcloud employs a strict Content-Security-Policy disallowing execution of arbitrary JavaScript. It is recommended that the Nextcloud Server be upgraded to 20.0.13, 21.0.5 or 22.2.0. There are no known workarounds aside from upgrading.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-26T02:14:16.000000Z"} 2021-10-26T02:14:16+00:00 https://vulnerability.circl.lu/sighting/df2de185-98f0-446d-879c-c52587f9a6e7/export 2026-05-09T00:58:20.674167+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "df2de185-98f0-446d-879c-c52587f9a6e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41173", "type": "seen", "source": "https://t.me/cibsecurity/31220", "content": "\u203c CVE-2021-41173 \u203c\n\nGo Ethereum is the official Golang implementation of the Ethereum protocol. Prior to version 1.10.9, a vulnerable node is susceptible to crash when processing a maliciously crafted message from a peer. Version v1.10.9 contains patches to the vulnerability. There are no known workarounds aside from upgrading.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-26T18:14:58.000000Z"} 2021-10-26T18:14:58+00:00 https://vulnerability.circl.lu/sighting/b583ee45-9a0b-4a51-92fb-094c2ed9057f/export 2026-05-09T00:58:20.674083+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "b583ee45-9a0b-4a51-92fb-094c2ed9057f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41175", "type": "seen", "source": "https://t.me/cibsecurity/31225", "content": "\u203c CVE-2021-41175 \u203c\n\nPi-hole's Web interface (based on AdminLTE) provides a central location to manage one's Pi-hole and review the statistics generated by FTLDNS. Prior to version 5.8, cross-site scripting is possible when adding a client via the groups-clients management page. This issue was patched in version 5.8.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-26T18:15:07.000000Z"} 2021-10-26T18:15:07+00:00 https://vulnerability.circl.lu/sighting/92ebeb6d-4418-435c-bdd5-f5db15532335/export 2026-05-09T00:58:20.673998+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "92ebeb6d-4418-435c-bdd5-f5db15532335", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41172", "type": "seen", "source": "https://t.me/cibsecurity/31229", "content": "\u203c CVE-2021-41172 \u203c\n\nAS_Redis is an AntSword plugin for Redis. The Redis Manage plugin for AntSword prior to version 0.5 is vulnerable to Self-XSS due to due to insufficient input validation and sanitization via redis server configuration. Self-XSS in the plugin configuration leads to code execution. This issue is patched in version 0.5.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-26T18:15:16.000000Z"} 2021-10-26T18:15:16+00:00 https://vulnerability.circl.lu/sighting/a53ca1a6-3b66-4362-8d7e-14dac8cb7c38/export 2026-05-09T00:58:20.673899+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "a53ca1a6-3b66-4362-8d7e-14dac8cb7c38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41174", "type": "published-proof-of-concept", "source": "https://t.me/cibsecurity/31767", "content": "\u203c CVE-2021-41174 \u203c\n\nGrafana is an open-source platform for monitoring and observability. In affected versions if an attacker is able to convince a victim to visit a URL referencing a vulnerable page, arbitrary JavaScript content may be executed within the context of the victim's browser. The user visiting the malicious link must be unauthenticated and the link must be for a page that contains the login button in the menu bar. The url has to be crafted to exploit AngularJS rendering and contain the interpolation binding for AngularJS expressions. AngularJS uses double curly braces for interpolation binding: {{ }} ex: {{constructor.constructor(\u00c3\u00a2\u00e2\u201a\u00ac\u00cb\u0153alert(1)\u00c3\u00a2\u00e2\u201a\u00ac\u00e2\u201e\u00a2)()}}. When the user follows the link and the page renders, the login button will contain the original link with a query parameter to force a redirect to the login page. The URL is not validated and the AngularJS rendering engine will execute the JavaScript expression contained in the URL. Users are advised to upgrade as soon as possible. If for some reason you cannot upgrade, you can use a reverse proxy or similar to block access to block the literal string {{ in the path.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-03T21:23:30.000000Z"} 2021-11-03T21:23:30+00:00 https://vulnerability.circl.lu/sighting/4683da83-fb4a-4256-a549-da07e6803d33/export 2026-05-09T00:58:20.673780+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "4683da83-fb4a-4256-a549-da07e6803d33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41170", "type": "published-proof-of-concept", "source": "https://t.me/cibsecurity/32016", "content": "\u203c CVE-2021-41170 \u203c\n\n### Impact Versions prior 1.1.1 have allowed for passing in closures directly into the template engine. As a result values that are callable are executed by the template engine. The issue arises if a value has the same name as a method or function in scope and can therefore be executed either by mistake or maliciously. In theory all users of the package are affected as long as they either deal with direct user input or database values. A multi-step attack on is therefore plausible. ### Patches Version 1.1.1 has addressed this vulnerability. ```php $params = [ 'reverse' => fn($input) => strrev($input), // <-- no longer possible with version ~1.1.1 'value' => 'My website' ] TemplateFunctions::registerClosure('reverse', fn($input) => strrev($input)); // <-- still possible (and nicely isolated) Template::embrace('{{reverse(value)}}', $params); ``` ### Workarounds Unfortunately only working with hardcoded values is safe in prior versions. As this likely defeats the purpose of a template engine, please upgrade. ### References As a possible exploit is relatively easy to achieve, I will not share steps to reproduce the issue for now. ### For more information If you have any questions or comments about this advisory: * Open an issue in [our repo](https://github.com/sroehrl/neoan3-template)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-08T22:31:12.000000Z"} 2021-11-08T22:31:12+00:00 https://vulnerability.circl.lu/sighting/196402bb-9585-49be-a5d3-4a4b412e904a/export 2026-05-09T00:58:20.672346+00:00 Automation user http://vulnerability.circl.lu/user/automation {"uuid": "196402bb-9585-49be-a5d3-4a4b412e904a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41174", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-41174.yaml", "content": "", "creation_timestamp": "2023-04-27T09:58:59.000000Z"} 2023-04-27T09:58:59+00:00