{"vulnerability": "CVE-2021-4063", "sightings": [{"uuid": "e8b5830b-3f55-45f8-a680-b391e358ade9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40639", "type": "seen", "source": "https://t.me/cibsecurity/28956", "content": "\u203c CVE-2021-40639 \u203c\n\nImproper access control in Jfinal CMS 5.1.0 allows attackers to access sensitive information via /classes/conf/db.properties&config=filemanager.config.js.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-16T02:22:16.000000Z"}, {"uuid": "1a395702-e973-42a9-98e1-0f9e98260d21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40637", "type": "seen", "source": "https://t.me/cibsecurity/38357", "content": "\u203c CVE-2021-40637 \u203c\n\nOS4ED openSIS 8.0 is affected by cross-site scripting (XSS) in EmailCheckOthers.php. An attacker can inject JavaScript code to get the user's cookie and take over the working session of user.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-03T18:26:06.000000Z"}, {"uuid": "ae9ea3fb-bccd-40fd-996f-a62785d8e764", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40636", "type": "seen", "source": "https://t.me/cibsecurity/38354", "content": "\u203c CVE-2021-40636 \u203c\n\nOS4ED openSIS 8.0 is affected by SQL Injection in CheckDuplicateName.php, which can extract information from the database.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-03T16:26:06.000000Z"}, {"uuid": "edc6b368-378e-4794-b9bc-84db76e39869", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40635", "type": "seen", "source": "https://t.me/cibsecurity/38352", "content": "\u203c CVE-2021-40635 \u203c\n\nOS4ED openSIS 8.0 is affected by SQL injection in ChooseCpSearch.php, ChooseRequestSearch.php. An attacker can inject a SQL query to extract information from the database.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-03T16:26:04.000000Z"}]}