https://vulnerability.circl.lu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Sun, 14 Jun 2026 16:33:10 +0000 https://vulnerability.circl.lu/sighting/8831eecf-7eea-438a-a8c9-24f0c2836d45/export {"uuid": "8831eecf-7eea-438a-a8c9-24f0c2836d45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43972", "type": "seen", "source": "https://t.me/cibsecurity/35270", "content": "\u203c CVE-2021-43972 \u203c\n\nAn unrestricted file copy vulnerability in /UserSelfServiceSettings.jsp in SysAid ITIL 20.4.74 b10 allows a remote authenticated attacker to copy arbitrary files on the server filesystem to the web root (with an arbitrary filename) via the tempFile and fileName parameters in the HTTP POST body.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-11T22:16:21.000000Z"} {"uuid": "8831eecf-7eea-438a-a8c9-24f0c2836d45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43972", "type": "seen", "source": "https://t.me/cibsecurity/35270", "content": "\u203c CVE-2021-43972 \u203c\n\nAn unrestricted file copy vulnerability in /UserSelfServiceSettings.jsp in SysAid ITIL 20.4.74 b10 allows a remote authenticated attacker to copy arbitrary files on the server filesystem to the web root (with an arbitrary filename) via the tempFile and fileName parameters in the HTTP POST body.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-11T22:16:21.000000Z"} https://vulnerability.circl.lu/sighting/8831eecf-7eea-438a-a8c9-24f0c2836d45/export Tue, 11 Jan 2022 22:16:21 +0000 https://vulnerability.circl.lu/sighting/68ff3024-d982-40d0-af22-e68c29949349/export {"uuid": "68ff3024-d982-40d0-af22-e68c29949349", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43974", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1646", "content": "#exploit\n- Unauthenticated RCE Chain in SysAid ITIL - CVE-2021-43971, CVE-2021-43972, CVE-2021-43973, CVE-2021-43974\nhttps://www.atredis.com/blog/2022/1/5/unauthenticated-rce-chain-in-sysaid-itil\n- CVE-2022-0219:\nImproper Restriction of XML External Entity Reference in\u00a0skylot/jadx\nhttps://github.com/Haxatron/CVE-2022-0219\n\n@BlueRedTeam", "creation_timestamp": "2022-01-22T08:45:24.000000Z"} {"uuid": "68ff3024-d982-40d0-af22-e68c29949349", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43974", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1646", "content": "#exploit\n- Unauthenticated RCE Chain in SysAid ITIL - CVE-2021-43971, CVE-2021-43972, CVE-2021-43973, CVE-2021-43974\nhttps://www.atredis.com/blog/2022/1/5/unauthenticated-rce-chain-in-sysaid-itil\n- CVE-2022-0219:\nImproper Restriction of XML External Entity Reference in\u00a0skylot/jadx\nhttps://github.com/Haxatron/CVE-2022-0219\n\n@BlueRedTeam", "creation_timestamp": "2022-01-22T08:45:24.000000Z"} https://vulnerability.circl.lu/sighting/68ff3024-d982-40d0-af22-e68c29949349/export Sat, 22 Jan 2022 08:45:24 +0000 https://vulnerability.circl.lu/sighting/01eea761-c255-4978-8f16-f56ac86a7100/export {"uuid": "01eea761-c255-4978-8f16-f56ac86a7100", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43973", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1646", "content": "#exploit\n- Unauthenticated RCE Chain in SysAid ITIL - CVE-2021-43971, CVE-2021-43972, CVE-2021-43973, CVE-2021-43974\nhttps://www.atredis.com/blog/2022/1/5/unauthenticated-rce-chain-in-sysaid-itil\n- CVE-2022-0219:\nImproper Restriction of XML External Entity Reference in\u00a0skylot/jadx\nhttps://github.com/Haxatron/CVE-2022-0219\n\n@BlueRedTeam", "creation_timestamp": "2022-01-22T08:45:24.000000Z"} {"uuid": "01eea761-c255-4978-8f16-f56ac86a7100", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43973", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1646", "content": "#exploit\n- Unauthenticated RCE Chain in SysAid ITIL - CVE-2021-43971, CVE-2021-43972, CVE-2021-43973, CVE-2021-43974\nhttps://www.atredis.com/blog/2022/1/5/unauthenticated-rce-chain-in-sysaid-itil\n- CVE-2022-0219:\nImproper Restriction of XML External Entity Reference in\u00a0skylot/jadx\nhttps://github.com/Haxatron/CVE-2022-0219\n\n@BlueRedTeam", "creation_timestamp": "2022-01-22T08:45:24.000000Z"} https://vulnerability.circl.lu/sighting/01eea761-c255-4978-8f16-f56ac86a7100/export Sat, 22 Jan 2022 08:45:24 +0000 https://vulnerability.circl.lu/sighting/7641c15e-5dc2-43dc-bb32-82c1866d880d/export {"uuid": "7641c15e-5dc2-43dc-bb32-82c1866d880d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43972", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1646", "content": "#exploit\n- Unauthenticated RCE Chain in SysAid ITIL - CVE-2021-43971, CVE-2021-43972, CVE-2021-43973, CVE-2021-43974\nhttps://www.atredis.com/blog/2022/1/5/unauthenticated-rce-chain-in-sysaid-itil\n- CVE-2022-0219:\nImproper Restriction of XML External Entity Reference in\u00a0skylot/jadx\nhttps://github.com/Haxatron/CVE-2022-0219\n\n@BlueRedTeam", "creation_timestamp": "2022-01-22T08:45:24.000000Z"} {"uuid": "7641c15e-5dc2-43dc-bb32-82c1866d880d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43972", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1646", "content": "#exploit\n- Unauthenticated RCE Chain in SysAid ITIL - CVE-2021-43971, CVE-2021-43972, CVE-2021-43973, CVE-2021-43974\nhttps://www.atredis.com/blog/2022/1/5/unauthenticated-rce-chain-in-sysaid-itil\n- CVE-2022-0219:\nImproper Restriction of XML External Entity Reference in\u00a0skylot/jadx\nhttps://github.com/Haxatron/CVE-2022-0219\n\n@BlueRedTeam", "creation_timestamp": "2022-01-22T08:45:24.000000Z"} https://vulnerability.circl.lu/sighting/7641c15e-5dc2-43dc-bb32-82c1866d880d/export Sat, 22 Jan 2022 08:45:24 +0000 https://vulnerability.circl.lu/sighting/d528c863-8e53-4095-abbc-ce6e5269e7ac/export {"uuid": "d528c863-8e53-4095-abbc-ce6e5269e7ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43971", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1646", "content": "#exploit\n- Unauthenticated RCE Chain in SysAid ITIL - CVE-2021-43971, CVE-2021-43972, CVE-2021-43973, CVE-2021-43974\nhttps://www.atredis.com/blog/2022/1/5/unauthenticated-rce-chain-in-sysaid-itil\n- CVE-2022-0219:\nImproper Restriction of XML External Entity Reference in\u00a0skylot/jadx\nhttps://github.com/Haxatron/CVE-2022-0219\n\n@BlueRedTeam", "creation_timestamp": "2022-01-22T08:45:24.000000Z"} {"uuid": "d528c863-8e53-4095-abbc-ce6e5269e7ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43971", "type": "published-proof-of-concept", "source": "https://t.me/BlueRedTeam/1646", "content": "#exploit\n- Unauthenticated RCE Chain in SysAid ITIL - CVE-2021-43971, CVE-2021-43972, CVE-2021-43973, CVE-2021-43974\nhttps://www.atredis.com/blog/2022/1/5/unauthenticated-rce-chain-in-sysaid-itil\n- CVE-2022-0219:\nImproper Restriction of XML External Entity Reference in\u00a0skylot/jadx\nhttps://github.com/Haxatron/CVE-2022-0219\n\n@BlueRedTeam", "creation_timestamp": "2022-01-22T08:45:24.000000Z"} https://vulnerability.circl.lu/sighting/d528c863-8e53-4095-abbc-ce6e5269e7ac/export Sat, 22 Jan 2022 08:45:24 +0000 https://vulnerability.circl.lu/sighting/e67f496e-de1e-401f-872d-9a9ba3035060/export {"uuid": "e67f496e-de1e-401f-872d-9a9ba3035060", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43974", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5254", "content": "#exploit\n1. Unauthenticated RCE Chain in SysAid ITIL - CVE-2021-43971, CVE-2021-43972, CVE-2021-43973, CVE-2021-43974\nhttps://www.atredis.com/blog/2022/1/5/unauthenticated-rce-chain-in-sysaid-itil\n\n2. CVE-2022-0219:\nImproper Restriction of XML External Entity Reference in\u00a0skylot/jadx\nhttps://github.com/Haxatron/CVE-2022-0219", "creation_timestamp": "2022-01-22T22:20:00.000000Z"} {"uuid": "e67f496e-de1e-401f-872d-9a9ba3035060", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43974", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5254", "content": "#exploit\n1. Unauthenticated RCE Chain in SysAid ITIL - CVE-2021-43971, CVE-2021-43972, CVE-2021-43973, CVE-2021-43974\nhttps://www.atredis.com/blog/2022/1/5/unauthenticated-rce-chain-in-sysaid-itil\n\n2. CVE-2022-0219:\nImproper Restriction of XML External Entity Reference in\u00a0skylot/jadx\nhttps://github.com/Haxatron/CVE-2022-0219", "creation_timestamp": "2022-01-22T22:20:00.000000Z"} https://vulnerability.circl.lu/sighting/e67f496e-de1e-401f-872d-9a9ba3035060/export Sat, 22 Jan 2022 22:20:00 +0000 https://vulnerability.circl.lu/sighting/bfb27f6c-909e-4b94-aa97-a796fee282f4/export {"uuid": "bfb27f6c-909e-4b94-aa97-a796fee282f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43973", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5254", "content": "#exploit\n1. Unauthenticated RCE Chain in SysAid ITIL - CVE-2021-43971, CVE-2021-43972, CVE-2021-43973, CVE-2021-43974\nhttps://www.atredis.com/blog/2022/1/5/unauthenticated-rce-chain-in-sysaid-itil\n\n2. CVE-2022-0219:\nImproper Restriction of XML External Entity Reference in\u00a0skylot/jadx\nhttps://github.com/Haxatron/CVE-2022-0219", "creation_timestamp": "2022-01-22T22:20:00.000000Z"} {"uuid": "bfb27f6c-909e-4b94-aa97-a796fee282f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43973", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5254", "content": "#exploit\n1. Unauthenticated RCE Chain in SysAid ITIL - CVE-2021-43971, CVE-2021-43972, CVE-2021-43973, CVE-2021-43974\nhttps://www.atredis.com/blog/2022/1/5/unauthenticated-rce-chain-in-sysaid-itil\n\n2. CVE-2022-0219:\nImproper Restriction of XML External Entity Reference in\u00a0skylot/jadx\nhttps://github.com/Haxatron/CVE-2022-0219", "creation_timestamp": "2022-01-22T22:20:00.000000Z"} https://vulnerability.circl.lu/sighting/bfb27f6c-909e-4b94-aa97-a796fee282f4/export Sat, 22 Jan 2022 22:20:00 +0000 https://vulnerability.circl.lu/sighting/3e42bfa5-432f-43f1-b6e3-cb3e624f363e/export {"uuid": "3e42bfa5-432f-43f1-b6e3-cb3e624f363e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43972", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5254", "content": "#exploit\n1. Unauthenticated RCE Chain in SysAid ITIL - CVE-2021-43971, CVE-2021-43972, CVE-2021-43973, CVE-2021-43974\nhttps://www.atredis.com/blog/2022/1/5/unauthenticated-rce-chain-in-sysaid-itil\n\n2. CVE-2022-0219:\nImproper Restriction of XML External Entity Reference in\u00a0skylot/jadx\nhttps://github.com/Haxatron/CVE-2022-0219", "creation_timestamp": "2022-01-22T22:20:00.000000Z"} {"uuid": "3e42bfa5-432f-43f1-b6e3-cb3e624f363e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43972", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5254", "content": "#exploit\n1. Unauthenticated RCE Chain in SysAid ITIL - CVE-2021-43971, CVE-2021-43972, CVE-2021-43973, CVE-2021-43974\nhttps://www.atredis.com/blog/2022/1/5/unauthenticated-rce-chain-in-sysaid-itil\n\n2. CVE-2022-0219:\nImproper Restriction of XML External Entity Reference in\u00a0skylot/jadx\nhttps://github.com/Haxatron/CVE-2022-0219", "creation_timestamp": "2022-01-22T22:20:00.000000Z"} https://vulnerability.circl.lu/sighting/3e42bfa5-432f-43f1-b6e3-cb3e624f363e/export Sat, 22 Jan 2022 22:20:00 +0000 https://vulnerability.circl.lu/sighting/02aa4f2a-f5ab-4e97-92ca-a04d22d267b1/export {"uuid": "02aa4f2a-f5ab-4e97-92ca-a04d22d267b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43971", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5254", "content": "#exploit\n1. Unauthenticated RCE Chain in SysAid ITIL - CVE-2021-43971, CVE-2021-43972, CVE-2021-43973, CVE-2021-43974\nhttps://www.atredis.com/blog/2022/1/5/unauthenticated-rce-chain-in-sysaid-itil\n\n2. CVE-2022-0219:\nImproper Restriction of XML External Entity Reference in\u00a0skylot/jadx\nhttps://github.com/Haxatron/CVE-2022-0219", "creation_timestamp": "2022-01-22T22:20:00.000000Z"} {"uuid": "02aa4f2a-f5ab-4e97-92ca-a04d22d267b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43971", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5254", "content": "#exploit\n1. Unauthenticated RCE Chain in SysAid ITIL - CVE-2021-43971, CVE-2021-43972, CVE-2021-43973, CVE-2021-43974\nhttps://www.atredis.com/blog/2022/1/5/unauthenticated-rce-chain-in-sysaid-itil\n\n2. CVE-2022-0219:\nImproper Restriction of XML External Entity Reference in\u00a0skylot/jadx\nhttps://github.com/Haxatron/CVE-2022-0219", "creation_timestamp": "2022-01-22T22:20:00.000000Z"} https://vulnerability.circl.lu/sighting/02aa4f2a-f5ab-4e97-92ca-a04d22d267b1/export Sat, 22 Jan 2022 22:20:00 +0000 https://vulnerability.circl.lu/sighting/3585aca8-5307-4d0b-9583-ab505546f135/export {"uuid": "3585aca8-5307-4d0b-9583-ab505546f135", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43970", "type": "seen", "source": "https://t.me/cibsecurity/38652", "content": "\u203c CVE-2021-43970 \u203c\n\nAn arbitrary file upload vulnerability exists in albumimages.jsp in Quicklert for Digium 10.0.0 (1043) via a .mp3;.jsp filename for a file that begins with audio data bytes. It allows an authenticated (low privileged) attacker to execute remote code on the target server within the context of application's permissions (SYSTEM).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-18T06:56:35.000000Z"} {"uuid": "3585aca8-5307-4d0b-9583-ab505546f135", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-43970", "type": "seen", "source": "https://t.me/cibsecurity/38652", "content": "\u203c CVE-2021-43970 \u203c\n\nAn arbitrary file upload vulnerability exists in albumimages.jsp in Quicklert for Digium 10.0.0 (1043) via a .mp3;.jsp filename for a file that begins with audio data bytes. It allows an authenticated (low privileged) attacker to execute remote code on the target server within the context of application's permissions (SYSTEM).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-18T06:56:35.000000Z"} https://vulnerability.circl.lu/sighting/3585aca8-5307-4d0b-9583-ab505546f135/export Fri, 18 Mar 2022 06:56:35 +0000