{"vulnerability": "cve-2021-3823", "sightings": [{"uuid": "892bb849-ed23-4644-9e75-80a4ce14b9b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38239", "type": "seen", "source": "https://t.me/cibsecurity/58301", "content": "\u203c CVE-2021-38239 \u203c\n\nSQL Injection vulnerability in dataease before 1.2.0, allows attackers to gain sensitive information via the orders parameter to /api/sys_msg/list/1/10.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-16T00:37:10.000000Z"}, {"uuid": "2a929b08-8c70-45e3-bf3d-ece12dd8a523", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3823", "type": "seen", "source": "https://t.me/cibsecurity/31389", "content": "\u203c CVE-2021-3823 \u203c\n\nImproper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the UpdateServer component of Bitdefender GravityZone allows an attacker to execute arbitrary code on vulnerable instances. This issue affects: Bitdefender GravityZone versions prior to 3.3.8.249.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-28T18:17:36.000000Z"}]}