{"vulnerability": "CVE-2021-3639", "sightings": [{"uuid": "2b4cdafd-cf7a-4604-81a7-69727ea2f23e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36396", "type": "seen", "source": "Telegram/pXCDNbBq4j8o3PMlLIK60jSkU1gWE3A_DUnaw25cESPtu9Kn", "content": "", "creation_timestamp": "2025-03-06T02:16:32.000000Z"}, {"uuid": "845824e4-73f0-4c71-aabf-20366951c0af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36393", "type": "published-proof-of-concept", "source": "Telegram/GaTpOqyDc8HYp7QSAHID-mMQfCk7lqveShZUxbbVzm3_EA", "content": "", "creation_timestamp": "2023-11-05T16:59:49.000000Z"}, {"uuid": "904feb57-b046-4856-aa80-b7ad8ade6b1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36399", "type": "seen", "source": "Telegram/Vtgs3TrlaFTgV2DzuKp3silDHB1hDq28HRe1KYprCT_inMHB", "content": "", "creation_timestamp": "2025-03-08T04:35:52.000000Z"}, {"uuid": "e994d42b-1f72-472b-9726-b062556a29ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36398", "type": "seen", "source": "Telegram/23yM20JGN3PWGb65ff6s3FBvIpIywqh1qFVcjwdnmcv2WFRo", "content": "", "creation_timestamp": "2025-03-08T04:35:52.000000Z"}, {"uuid": "d0735136-d4f9-4830-96e4-4790d20c1b8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36397", "type": "seen", "source": "Telegram/NFpHfECNO6KmN4m9lnReeWolU_jSTC_seXtT7vETYL2yz4Hc", "content": "", "creation_timestamp": "2025-03-08T04:35:52.000000Z"}, {"uuid": "3ef99816-3659-41fe-aa94-99b56b4c3a25", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36395", "type": "seen", "source": "Telegram/aAJSDWf1g0GK5dC4y_6tSFSEKa8fhm8ml-smU2bOzxZeiN_s", "content": "", "creation_timestamp": "2025-03-08T04:35:52.000000Z"}, {"uuid": "8ff21ea5-b31e-4993-bc28-0ebdb4c29c4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36393", "type": "published-proof-of-concept", "source": "https://t.me/hitshare/1951", "content": "- CVE-2021-36393 Exploit\n\n+ Enabling SQL injection attacks that can lead to unauthorized database access\n+ Exploiting this vulnerability requires minimal privileges, such as a student role, and significantly compromises data confidentiality and integrity\n\nShare for everybody \n- Download  :\nhttps://github.com/T0X1Cx/CVE-2021-36393-Exploit", "creation_timestamp": "2024-06-14T08:36:48.000000Z"}, {"uuid": "3d0b354a-65a2-447c-b87b-9275d3a28d28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36393", "type": "published-proof-of-concept", "source": "https://t.me/LeakingCode/42133", "content": "- CVE-2021-36393 Exploit\n\n+ Enabling SQL injection attacks that can lead to unauthorized database access\n+ Exploiting this vulnerability requires minimal privileges, such as a student role, and significantly compromises data confidentiality and integrity\n\nShare for everybody \n- Download  :\nhttps://github.com/T0X1Cx/CVE-2021-36393-Exploit", "creation_timestamp": "2024-06-16T14:56:39.000000Z"}, {"uuid": "179811a5-56fa-4aeb-b980-3ed3a7e473ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36393", "type": "published-proof-of-concept", "source": "https://t.me/islamiccyberteam/6728", "content": "- CVE-2021-36393 Exploit\n\n+ Enabling SQL injection attacks that can lead to unauthorized database access\n+ Exploiting this vulnerability requires minimal privileges, such as a student role, and significantly compromises data confidentiality and integrity\n\nShare for everybody \n- Download\u00a0 :\nhttps://github.com/T0X1Cx/CVE-2021-36393-Exploit", "creation_timestamp": "2024-06-14T10:34:18.000000Z"}, {"uuid": "15202fad-9b99-45e2-8c70-96166e222dd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36393", "type": "seen", "source": "https://t.me/arpsyndicate/1596", "content": "#ExploitObserverAlert\n\nCVE-2021-36393\n\nDESCRIPTION: Exploit Observer has 3 entries related to CVE-2021-36393. In Moodle, an SQL injection risk was identified in the library fetching a user's recent courses.\n\nFIRST-EPSS: 0.000760000\nNVD-IS: 5.9\nNVD-ES: 3.9", "creation_timestamp": "2023-12-10T01:53:27.000000Z"}, {"uuid": "77233e3c-20b7-4113-b149-a533caeb69b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36399", "type": "seen", "source": "https://t.me/cibsecurity/59519", "content": "\u203c CVE-2021-36399 \u203c\n\nIn Moodle, ID numbers displayed in the quiz override screens required additional sanitizing to prevent a stored XSS risk.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-07T00:13:19.000000Z"}, {"uuid": "7d2c48fd-011c-46c1-bc2d-b8069fa451bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36393", "type": "published-proof-of-concept", "source": "https://t.me/LeakingCode/12978", "content": "- CVE-2021-36393 Exploit\n\n+ Enabling SQL injection attacks that can lead to unauthorized database access\n+ Exploiting this vulnerability requires minimal privileges, such as a student role, and significantly compromises data confidentiality and integrity\n\nShare for everybody \n- Download  :\nhttps://github.com/T0X1Cx/CVE-2021-36393-Exploit", "creation_timestamp": "2024-06-16T14:56:40.000000Z"}, {"uuid": "0f36e3d5-a1ba-410a-8922-ae9f6d51a1cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36393", "type": "seen", "source": "https://t.me/cibsecurity/59508", "content": "\u203c CVE-2021-36393 \u203c\n\nIn Moodle, an SQL injection risk was identified in the library fetching a user's recent courses.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-07T00:13:08.000000Z"}, {"uuid": "7f7e18c9-acf8-4253-8cd0-df38d08d0477", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36398", "type": "seen", "source": "https://t.me/cibsecurity/59513", "content": "\u203c CVE-2021-36398 \u203c\n\nIn moodle, ID numbers displayed in the web service token list required additional sanitizing to prevent a stored XSS risk.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-07T00:13:13.000000Z"}, {"uuid": "e2caa8ea-bd95-4863-b859-669ebeca7c1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36392", "type": "seen", "source": "https://t.me/cibsecurity/59518", "content": "\u203c CVE-2021-36392 \u203c\n\nIn Moodle, an SQL injection risk was identified in the library fetching a user's enrolled courses.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-07T00:13:18.000000Z"}, {"uuid": "a9ae5ee1-8c52-4b40-b326-824481501145", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36395", "type": "seen", "source": "https://t.me/cibsecurity/59523", "content": "\u203c CVE-2021-36395 \u203c\n\nIn Moodle, the file repository's URL parsing required additional recursion handling to mitigate the risk of recursion denial of service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-07T00:13:23.000000Z"}, {"uuid": "36b39e76-fd0d-4c66-b144-d9a5db323004", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36394", "type": "seen", "source": "https://t.me/cibsecurity/59507", "content": "\u203c CVE-2021-36394 \u203c\n\nIn Moodle, a remote code execution risk was identified in the Shibboleth authentication plugin.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-03-07T00:13:07.000000Z"}, {"uuid": "bcf4a6c2-8dd4-4087-8f54-d56cbaf1f61b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36393", "type": "seen", "source": "https://t.me/BlueRedTeam/1685", "content": "#Red_Team\n\n1. Moodle: Blind SQL Injection (CVE-2021-36393)\nand Broken Access Control (CVE-2021-36397)\nhttps://0xkasper.com/articles/moodle-sql-injection-broken-access-control.html\n2. Understanding Process Ghosting in Detail\nhttps://dosxuz.gitlab.io/post/processghosting\n\n@BlueRedTeam", "creation_timestamp": "2022-02-03T04:24:02.000000Z"}, {"uuid": "8aeb4e10-3d9f-4cec-9b67-0395a011611b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36397", "type": "seen", "source": "https://t.me/thebugbountyhunter/5998", "content": "Moodle: Blind SQL Injection (CVE-2021-36393) and Broken Access Control (CVE-2021-36397)\n\nhttps://0xkasper.com/articles/moodle-sql-injection-broken-access-control", "creation_timestamp": "2022-02-02T17:41:55.000000Z"}, {"uuid": "2ce9a59f-e95d-45ab-8cfa-a8a60ec14789", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36393", "type": "seen", "source": "https://t.me/thebugbountyhunter/5998", "content": "Moodle: Blind SQL Injection (CVE-2021-36393) and Broken Access Control (CVE-2021-36397)\n\nhttps://0xkasper.com/articles/moodle-sql-injection-broken-access-control", "creation_timestamp": "2022-02-02T17:41:55.000000Z"}, {"uuid": "c91695b5-e5c6-4fcc-88d1-ff248a19f29d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36394", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/4180", "content": "#exploit\nCVE 2021-36394:\nMoodle RCE risk when Shibboleth authentication is enabled\nhttps://github.com/dinhbaouit/CVE-2021-36394\n]-> https://0xd0ff9.wordpress.com/2021/08/28/cve-2021-36394-hack-truong-sua-diem-cac-kieu", "creation_timestamp": "2022-07-12T11:42:21.000000Z"}, {"uuid": "492b6dbe-b2bc-48ea-a18f-80db8e49df2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36397", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/5337", "content": "#Red_Team_Tactics\n1. Moodle: Blind SQL Injection (CVE-2021-36393) and Broken Access Control (CVE-2021-36397)\nhttps://0xkasper.com/articles/moodle-sql-injection-broken-access-control.html\n2. Understanding Process Ghosting in Detail\nhttps://dosxuz.gitlab.io/post/processghosting", "creation_timestamp": "2024-01-21T17:42:38.000000Z"}, {"uuid": "d611f5f0-b665-4095-8f53-45035f6ff6e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36393", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/5337", "content": "#Red_Team_Tactics\n1. Moodle: Blind SQL Injection (CVE-2021-36393) and Broken Access Control (CVE-2021-36397)\nhttps://0xkasper.com/articles/moodle-sql-injection-broken-access-control.html\n2. Understanding Process Ghosting in Detail\nhttps://dosxuz.gitlab.io/post/processghosting", "creation_timestamp": "2024-01-21T17:42:38.000000Z"}, {"uuid": "044f1a37-e9be-4da8-b5d3-53d58f1e6c03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36393", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9327", "content": "#exploit\n1. CVE-2023-45158:\nweb2py notifySendHandler os command injection\nhttps://github.com/Evan-Zhangyf/CVE-2023-45158\n\n2. CVE-2021-36393:\nTime-based blind SQL injection on Moodle platforms\nhttps://github.com/T0X1Cx/CVE-2021-36393-Exploit#cve-2021-36393-exploit\n\n3. The Blooket Redirect exploit\nhttps://github.com/VillainsRule/BlooketRedirect", "creation_timestamp": "2024-04-19T11:38:13.000000Z"}, {"uuid": "12e77d90-62a3-405e-908b-aa25c4adfeaf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-36393", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/1635", "content": "#exploit\n1. CVE-2023-45158:\nweb2py notifySendHandler os command injection\nhttps://github.com/Evan-Zhangyf/CVE-2023-45158\n\n2. CVE-2021-36393:\nTime-based blind SQL injection on Moodle platforms\nhttps://github.com/T0X1Cx/CVE-2021-36393-Exploit#cve-2021-36393-exploit\n\n3. The Blooket Redirect exploit\nhttps://github.com/VillainsRule/BlooketRedirect", "creation_timestamp": "2024-08-16T08:43:29.000000Z"}]}