{"vulnerability": "CVE-2018-1178", "sightings": [{"uuid": "04984f26-1b6f-445d-aad2-8474d3ce18b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11784", "type": "seen", "source": "https://gist.github.com/christiankopac/0797838ab2b306060a09390db0528458", "content": "", "creation_timestamp": "2026-01-20T10:25:51.000000Z"}, {"uuid": "fa1b7e3e-c0af-4e8e-9ac6-6878e3557c24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11784", "type": "seen", "source": "https://t.me/ctinow/164877", "content": "https://ift.tt/tMphmg6\nCVE-2018-11784 | Oracle Database Server 12.2.0.1/18c/19c Apache Tomcat redirect (BID-105524)", "creation_timestamp": "2024-01-09T09:36:31.000000Z"}, {"uuid": "8966fd25-d660-42f5-9c5f-992b4e4d6b68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11784", "type": "seen", "source": "https://t.me/pwnwiki_zhchannel/768", "content": "CVE-2018-11784 Apache Tomcat 9.0.0.M1 \u958b\u653e\u5f0f\u91cd\u5b9a\u5411\u6f0f\u6d1e\nhttps://www.pwnwiki.org/index.php?title=CVE-2018-11784_Apache_Tomcat_9.0.0.M1_%E9%96%8B%E6%94%BE%E5%BC%8F%E9%87%8D%E5%AE%9A%E5%90%91%E6%BC%8F%E6%B4%9E", "creation_timestamp": "2021-09-21T04:42:16.000000Z"}, {"uuid": "2f89d9e8-c162-452c-9624-e8127724d8be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11783", "type": "seen", "source": "https://t.me/cibsecurity/2931", "content": "ATENTION\u203c New - CVE-2018-11783\n\nsslheaders plugin extracts information from the client certificate and sets headers in the request based on the configuration of the plugin. The plugin doesn't strip the headers from the request in some scenarios. This problem was discovered in versions 6.0.0 to 6.0.3, 7.0.0 to 7.1.5, and 8.0.0 to 8.0.1.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-03-07T20:21:20.000000Z"}, {"uuid": "82d2d37d-f83a-41fe-adaf-6857a6687e1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-11789", "type": "seen", "source": "https://t.me/cibsecurity/3270", "content": "ATENTION\u203c New - CVE-2018-11789\n\nWhen accessing the heron-ui webpage, people can modify the file paths outside of the current container to access any file on the host. Example woule be modifying the parameter path= to go to the directory you would like to view. i.e. ..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-03-21T19:26:49.000000Z"}]}