{"vulnerability": "CVE-2021-4067", "sightings": [{"uuid": "d5bee2c8-dfa2-4bdb-a1dc-32778ddae5ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40670", "type": "seen", "source": "https://t.me/cibsecurity/29003", "content": "\u203c CVE-2021-40670 \u203c\n\nSQL Injection vulnerability exists in Wuzhi CMS 4.1.0 via the keywords iparameter under the /coreframe/app/order/admin/card.php file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-16T22:23:26.000000Z"}, {"uuid": "5143df96-d1c4-4cf4-aec0-255aeaead0b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40678", "type": "seen", "source": "https://t.me/cibsecurity/44399", "content": "\u203c CVE-2021-40678 \u203c\n\nIn Piwigo 11.5.0, there exists a persistent cross-site scripting in the single mode function through /admin.php?page=batch_manager&mode=unit.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-14T16:20:57.000000Z"}, {"uuid": "9a18cefb-e140-4a22-a654-1bc67cbc4995", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40674", "type": "seen", "source": "https://t.me/cibsecurity/29109", "content": "\u203c CVE-2021-40674 \u203c\n\nAn SQL injection vulnerability exists in Wuzhi CMS v4.1.0 via the KeyValue parameter in coreframe/app/order/admin/index.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-20T18:27:12.000000Z"}]}