{"vulnerability": "cve-2021-4372", "sightings": [{"uuid": "0fdd69f6-2182-4a57-a50a-da4e1ab32a3e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43725", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-43725.yaml", "content": "", "creation_timestamp": "2023-06-05T12:33:16.000000Z"}, {"uuid": "2a6ff232-67b1-47f3-a672-987a57c06afb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43728", "type": "seen", "source": "https://t.me/cibsecurity/43065", "content": "\u203c CVE-2021-43728 \u203c\n\nPix-Link MiNi Router 28K.MiniRouter.20190211 was discovered to contain a stored cross-site scripting (XSS) vulnerability due to an unsanitized SSID parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-20T18:31:38.000000Z"}, {"uuid": "dc0d42b0-2aea-41cc-b646-320c5fa0ac36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43729", "type": "seen", "source": "https://t.me/cibsecurity/43063", "content": "\u203c CVE-2021-43729 \u203c\n\nPix-Link MiNi Router 28K.MiniRouter.20190211 was discovered to contain a stored cross-site scripting (XSS) vulnerability due to an unsanitized Security Key parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-20T18:31:35.000000Z"}, {"uuid": "8e0cb452-8c29-49db-8f32-79032df50fea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43722", "type": "seen", "source": "https://t.me/cibsecurity/39943", "content": "\u203c CVE-2021-43722 \u203c\n\nD-Link DIR-645 1.03 A1 is vulnerable to Buffer Overflow. The hnap_main function in the cgibin handler uses sprintf to format the soapaction header onto the stack and has no limit on the size.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-04-01T00:18:52.000000Z"}, {"uuid": "309307fa-735f-46c1-9fe1-348ac340be4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43721", "type": "published-proof-of-concept", "source": "https://t.me/cibsecurity/39648", "content": "\u203c CVE-2021-43721 \u203c\n\nLeanote 2.7.0 is vulnerable to Cross Site Scripting (XSS) in the markdown type note. This leads to remote code execution with payload : \n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-28T18:40:12.000000Z"}, {"uuid": "cc33dddf-f3b8-44d1-96fa-6e0b748f0a4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43725", "type": "seen", "source": "https://t.me/cibsecurity/39644", "content": "\u203c CVE-2021-43725 \u203c\n\nThere is a Cross Site Scripting (XSS) vulnerability in SpotPage_login.php of Spotweb 1.5.1 and below, which allows remote attackers to inject arbitrary web script or HTML via the data[performredirect] parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-28T16:39:17.000000Z"}]}