{"vulnerability": "CVE-2021-4018", "sightings": [{"uuid": "f264de2f-6566-463f-b962-5a4cc605df52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40180", "type": "seen", "source": "https://t.me/cibsecurity/47016", "content": "\u203c CVE-2021-40180 \u203c\n\nIn the WeChat application 8.0.10 for Android and iOS, a mini program can obtain sensitive information from a user's address book via wx.searchContacts.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-07-27T02:35:24.000000Z"}, {"uuid": "455a581e-af1d-40de-978e-d2c196d62e74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-4018", "type": "seen", "source": "https://t.me/cibsecurity/33177", "content": "\u203c CVE-2021-4018 \u203c\n\nsnipe-it is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-01T12:35:13.000000Z"}, {"uuid": "976ab739-b0b6-43e1-a93d-e5e2aa7dbe32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40188", "type": "seen", "source": "https://t.me/cibsecurity/30367", "content": "\u203c CVE-2021-40188 \u203c\n\nPHPFusion 9.03.110 is affected by an arbitrary file upload vulnerability. The File Manager function in admin panel does not filter all PHP extensions such as \".php, .php7, .phtml, .php5, ...\". An attacker can upload a malicious file and execute code on the server.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-11T22:24:53.000000Z"}, {"uuid": "0ff39585-69eb-4bc9-bdd9-5221e967e09c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40189", "type": "seen", "source": "https://t.me/cibsecurity/30366", "content": "\u203c CVE-2021-40189 \u203c\n\nPHPFusion 9.03.110 is affected by a remote code execution vulnerability. The theme function will extract a file to \"webroot/themes/{Theme Folder], where an attacker can access and execute arbitrary code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-11T22:24:52.000000Z"}]}