{"vulnerability": "CVE-2021-4090", "sightings": [{"uuid": "4ac6c670-389f-4634-92a3-6adfb306ee15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40901", "type": "seen", "source": "https://t.me/cibsecurity/45180", "content": "\u203c CVE-2021-40901 \u203c\n\nA Regular Expression Denial of Service (ReDOS) vulnerability was discovered in scniro-validator v1.0.1 when validating crafted invalid emails.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-27T16:34:40.000000Z"}, {"uuid": "605cc62e-a9a8-4ead-82bc-72baa0db06a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40906", "type": "published-proof-of-concept", "source": "https://t.me/noobhackersyoutube/1570", "content": "#exploit\nCVE-2021-40906:\nCheckMK Management Web Console - Reflected XSS\nin an unauthenticated zone\nhttps://github.com/Edgarloyola/CVE-2021-40906", "creation_timestamp": "2022-01-04T15:30:58.000000Z"}, {"uuid": "f4a20525-fef5-4bd1-b796-1cd73cef0c1c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40903", "type": "seen", "source": "https://t.me/cibsecurity/44741", "content": "\u203c CVE-2021-40903 \u203c\n\nA vulnerability in Antminer Monitor 0.50.0 exists because of backdoor or misconfiguration inside a settings file in flask server. Settings file has a predefined secret string, which would be randomly generated, however it is static.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-17T18:23:22.000000Z"}, {"uuid": "118343e6-53da-4832-b307-7ff446e014ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40900", "type": "seen", "source": "https://t.me/cibsecurity/45179", "content": "\u203c CVE-2021-40900 \u203c\n\nA Regular Expression Denial of Service (ReDOS) vulnerability was discovered in regexfn v1.0.5 when validating crafted invalid emails.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-27T16:34:40.000000Z"}, {"uuid": "a6ef06df-18a8-4fde-82eb-f29803d554d3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40907", "type": "seen", "source": "https://t.me/cibsecurity/36135", "content": "\u203c CVE-2021-40907 \u203c\n\nSQL injection vulnerability in Sourcecodester Storage Unit Rental Management System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username parameter to /storage/classes/Login.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-24T18:17:35.000000Z"}, {"uuid": "3e95db46-cd07-4767-8e7b-7af884abfe04", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40908", "type": "seen", "source": "https://t.me/cibsecurity/36136", "content": "\u203c CVE-2021-40908 \u203c\n\nSQL injection vulnerability in Login.php in Sourcecodester Purchase Order Management System v1 by oretnom23, allows attackers to execute arbitrary SQL commands via the username parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-24T18:17:36.000000Z"}, {"uuid": "9a9d89d2-8a55-44bf-897d-6d7e5e8216a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40909", "type": "seen", "source": "https://t.me/cibsecurity/36133", "content": "\u203c CVE-2021-40909 \u203c\n\nCross site scripting (XSS) vulnerability in sourcecodester PHP CRUD without Refresh/Reload using Ajax and DataTables Tutorial v1 by oretnom23, allows remote attackers to execute arbitrary code via the first_name, last_name, and email parameters to /ajax_crud.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-24T18:17:32.000000Z"}, {"uuid": "d132cd6f-0603-4663-8d9a-bdb0f880ffab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-40906", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/5111", "content": "#exploit\nCVE-2021-40906:\nCheckMK Management Web Console - Reflected XSS in an unauthenticated zone\nhttps://github.com/Edgarloyola/CVE-2021-40906", "creation_timestamp": "2022-01-05T19:06:04.000000Z"}]}