{"vulnerability": "cve-2021-4369", "sightings": [{"uuid": "d00f4626-20e7-4dc5-b137-a9d41031ce79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43698", "type": "seen", "source": "https://t.me/cibsecurity/33031", "content": "\u203c CVE-2021-43698 \u203c\n\nAn unspecified version of phpWhois is affected by a Cross Site Scripting (XSS) vulnerability. In file example.php, the exit function will terminate the script and print the message to the user. The message will contain $_GET['query'] then there is a XSS vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-29T14:33:05.000000Z"}, {"uuid": "afdc16f8-3bc8-4c78-a79e-17579a395529", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43690", "type": "seen", "source": "https://t.me/cibsecurity/33194", "content": "\u203c CVE-2021-43690 \u203c\n\nYurunProxy v0.01 is affected by a Cross Site Scripting (XSS) vulnerability in src/Client.php. The exit function will terminate the script and print a message which have values from the socket_read.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-01T16:35:25.000000Z"}, {"uuid": "0b255d25-2bd1-4b29-8806-0dabb2c5692d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43692", "type": "seen", "source": "https://t.me/cibsecurity/33045", "content": "\u203c CVE-2021-43692 \u203c\n\nAn unspecified version of youtube-php-mirroring is affected by a Cross Site Scripting (XSS) vulnerability in file ytproxy/index.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-29T18:36:27.000000Z"}, {"uuid": "c892f2d4-2d87-481d-8bf4-59c16b99f737", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43693", "type": "seen", "source": "https://t.me/cibsecurity/33046", "content": "\u203c CVE-2021-43693 \u203c\n\nvesta 0.9.8-24 is affected by a file inclusion vulnerability in file web/add/user/index.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-29T18:36:29.000000Z"}, {"uuid": "8a863e32-05af-4b76-a7c1-35765250a282", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43691", "type": "seen", "source": "https://t.me/cibsecurity/33043", "content": "\u203c CVE-2021-43691 \u203c\n\nAn unspecified version of tripexpress is affected by a path manipulation vulnerability in file system/helpers/dompdf/load_font.php. The variable src is coming from $_SERVER[\"argv\"] then there is a path manipulation vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-29T18:36:24.000000Z"}, {"uuid": "da51bbc9-89b3-4610-ab0b-566fd706be31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43697", "type": "seen", "source": "https://t.me/cibsecurity/33037", "content": "\u203c CVE-2021-43697 \u203c\n\nAn unspecified version of Workerman-ThinkPHP-Redis is affected by a Cross Site Scripting (XSS) vulnerability. In file Controller.class.php, the exit function will terminate the script and print the message to the user. The message will contain $_GET{C('VAR_JSONP_HANDLER')] then there is a XSS vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-29T16:33:20.000000Z"}, {"uuid": "67be998d-329d-426c-a6dd-da59836f3531", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43695", "type": "seen", "source": "https://t.me/cibsecurity/33036", "content": "\u203c CVE-2021-43695 \u203c\n\nAn unspecified version of issabelPBX is affected by a Cross Site Scripting (XSS) vulnerability. In file page.backup_restore.php, the exit function will terminate the script and print the message to the user. The message will contain $_REQUEST without sanitization, then there is a XSS vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-29T16:33:18.000000Z"}, {"uuid": "e1580ccc-fa36-4b27-be35-2a71f89fd408", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43696", "type": "seen", "source": "https://t.me/cibsecurity/33035", "content": "\u203c CVE-2021-43696 \u203c\n\nAn unspecified version of twmap is affected by a Cross Site Scripting (XSS) vulnerability. In file list.php, the exit function will terminate the script and print the message to the user. The message will contain $_REQUEST then there is a XSS vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-29T16:33:16.000000Z"}]}