{"vulnerability": "cve-2018-1680", "sightings": [{"uuid": "e14aedc4-0c16-4ed2-9753-7f79f984152e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-16809", "type": "seen", "source": "https://t.me/cibsecurity/2972", "content": "ATENTION\u203c New - CVE-2018-16809\n\nAn issue was discovered in Dolibarr through 7.0.0. expensereport/card.php in the expense reports module allows SQL injection via the integer parameters qty and value_unit.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-03-08T02:22:01.000000Z"}, {"uuid": "0b706ff2-454d-454d-ba56-cb0c1b3a9059", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-16804", "type": "seen", "source": "https://t.me/cibsecurity/2974", "content": "ATENTION\u203c New - CVE-2018-16804\n\nAn issue was discovered in UCMS 1.4.6. There is XSS in the title bar, as demonstrated by a do=list request.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-03-08T02:22:05.000000Z"}, {"uuid": "90dcaddd-60ba-4f1a-b14b-39fa9b8ac004", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-16808", "type": "seen", "source": "https://t.me/cibsecurity/2973", "content": "ATENTION\u203c New - CVE-2018-16808\n\nAn issue was discovered in Dolibarr through 7.0.0. There is Stored XSS in expensereport/card.php in the expense reports plugin via the comments parameter, or a public or private note.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-03-08T02:22:02.000000Z"}]}