{"vulnerability": "CVE-2021-3874", "sightings": [{"uuid": "a4aa1adc-717d-4298-9762-5a5ca005b9e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-38745", "type": "seen", "source": "https://t.me/cibsecurity/39349", "content": "\u203c CVE-2021-38745 \u203c\n\nChamilo LMS v1.11.14 was discovered to contain a zero click code injection vulnerability which allows attackers to execute arbitrary code via a crafted plugin. This vulnerability is triggered through user interaction with the attacker's profile page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-21T23:26:39.000000Z"}, {"uuid": "f20542b5-30a8-4c43-9eb7-b80594498f05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-3874", "type": "seen", "source": "https://t.me/cibsecurity/30637", "content": "\u203c CVE-2021-3874 \u203c\n\nbookstack is vulnerable to Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-15T18:28:50.000000Z"}]}