{"vulnerability": "CVE-2018-1742", "sightings": [{"uuid": "eab5e515-28a3-4f9d-9426-e3091df02d69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-17421", "type": "seen", "source": "https://t.me/cibsecurity/2963", "content": "ATENTION\u203c New - CVE-2018-17421\n\nAn issue was discovered in ZrLog 2.0.3. There is stored XSS in the file upload area via a crafted attached/file/ pathname.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-03-08T02:21:50.000000Z"}, {"uuid": "78a3fb22-60c4-4274-ac26-ef4e0caac757", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-17420", "type": "seen", "source": "https://t.me/cibsecurity/2964", "content": "ATENTION\u203c New - CVE-2018-17420\n\nAn issue was discovered in ZrLog 2.0.3. There is a SQL injection vulnerability in the article management search box via the keywords parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-03-08T02:21:51.000000Z"}, {"uuid": "a8adcd6d-c8e4-4254-8421-71755033315b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-17425", "type": "seen", "source": "https://t.me/cibsecurity/2961", "content": "ATENTION\u203c New - CVE-2018-17425\n\nWUZHI CMS 4.1.0 has stored XSS via the \"Membership Center\" \"I want to ask\" \"detailed description\" field under the index.php?m=member URI.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-03-08T02:21:46.000000Z"}, {"uuid": "04f9b449-8e01-4df8-8b8c-fb4b69b21a1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-17422", "type": "seen", "source": "https://t.me/cibsecurity/2962", "content": "ATENTION\u203c New - CVE-2018-17422\n\ndotCMS before 5.0.2 has open redirects via the html/common/forward_js.jsp FORWARD_URL parameter or the html/portlet/ext/common/page_preview_popup.jsp hostname parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-03-08T02:21:50.000000Z"}, {"uuid": "247491eb-7b38-4cc0-8cc2-109a9e65ca4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-17429", "type": "seen", "source": "https://t.me/cibsecurity/2959", "content": "ATENTION\u203c New - CVE-2018-17429\n\n/console/account/manage.php?type=action&amp;action=add in JTBC v3.0(C) has CSRF for adding an administrator account.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-03-08T02:21:44.000000Z"}, {"uuid": "92f93433-1be3-4d7b-a837-41bc4f13917b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2018-17426", "type": "seen", "source": "https://t.me/cibsecurity/2960", "content": "ATENTION\u203c New - CVE-2018-17426\n\nWUZHI CMS 4.1.0 has stored XSS via the \"Extension module\" \"SMS in station\" field under the index.php?m=core URI.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2019-03-08T02:21:45.000000Z"}]}