{"vulnerability": "CVE-2021-3172", "sightings": [{"uuid": "548f3125-a989-480b-8af7-65a8643e5e5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3172", "type": "seen", "source": "https://t.me/cibsecurity/58447", "content": "\u203c CVE-2021-3172 \u203c\n\nAn issue in Php-Fusion v9.03.90 fixed in v9.10.00 allows authenticated attackers to cause a Distributed Denial of Service via the Polling feature.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-17T20:13:19.000000Z"}, {"uuid": "7fcb11c1-6cd8-488c-824b-5c47a04f6447", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31721", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/550", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aPoC for exploiting CVE-2021-31721 : Chevereto before 3.17.1 allows Cross Site Scripting (XSS) via an image title at the image upload stage.\nURL\uff1ahttps://github.com/AlAIAL90/CVE-2021-30704", "creation_timestamp": "2021-09-18T02:46:03.000000Z"}, {"uuid": "ff063b82-d03a-41c1-84c9-30df3306800e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31727", "type": "seen", "source": "https://t.me/arpsyndicate/2729", "content": "#ExploitObserverAlert\n\nCVE-2021-31727\n\nDESCRIPTION: Exploit Observer has 5 entries related to CVE-2021-31727. Incorrect access control in zam64.sys, zam32.sys in MalwareFox AntiMalware 2.74.0.150 where IOCTL's 0x80002014, 0x80002018 expose unrestricted disk read/write capabilities respectively. A non-privileged process can open a handle to \\.\\ZemanaAntiMalware, register with the driver using IOCTL 0x80002010 and send these IOCTL's to escalate privileges by overwriting the boot sector or overwriting critical code in the pagefile.\n\nFIRST-EPSS: 0.000440000\nNVD-IS: 5.9\nNVD-ES: 1.8", "creation_timestamp": "2024-01-09T07:47:08.000000Z"}, {"uuid": "ac135e92-7746-4237-a6dc-325574596d98", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31728", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/3325", "content": "#exploit\nCVE-2021-31727, CVE-2021-31728:\nVulnerability in zam64.sys, zam32.sys allowing ring 0 code execution\nhttps://github.com/irql0/CVE-2021-31728", "creation_timestamp": "2024-02-17T14:55:47.000000Z"}, {"uuid": "b9e5d171-a40d-4567-aefc-ee2e151cc65e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-31727", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/3325", "content": "#exploit\nCVE-2021-31727, CVE-2021-31728:\nVulnerability in zam64.sys, zam32.sys allowing ring 0 code execution\nhttps://github.com/irql0/CVE-2021-31728", "creation_timestamp": "2024-02-17T14:55:47.000000Z"}]}