{"vulnerability": "CVE-2021-4142", "sightings": [{"uuid": "e3981fee-870b-4e8a-aedb-dbb8c319e5ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41428", "type": "seen", "source": "https://t.me/cibsecurity/29313", "content": "\u203c CVE-2021-41428 \u203c\n\nInsecure permissions in Update Manager &lt;= 5.8.0.2300 and DFL &lt;= 12.5.1001.5 in DATEV programs v14.1 allows attacker to escalate privileges via insufficient configuration of service components.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-23T18:29:32.000000Z"}, {"uuid": "3df330b2-7f80-4425-921f-097af6cac956", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41420", "type": "seen", "source": "https://t.me/cibsecurity/44653", "content": "\u203c CVE-2021-41420 \u203c\n\nA stored XSS vulnerability in MaianAffiliate v.1.0 allows an authenticated attacker for arbitrary JavaScript code execution in the context of authenticated and unauthenticated users through the MaianAffiliate admin panel.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-16T20:27:43.000000Z"}, {"uuid": "e7a38ac1-f1c2-4f1d-9d8c-41de4f1beb93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41421", "type": "seen", "source": "https://t.me/cibsecurity/44651", "content": "\u203c CVE-2021-41421 \u203c\n\nA PHP code injection vulnerability in MaianAffiliate v.1.0 allows an authenticated attacker to gain RCE through the MaianAffiliate admin panel.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-16T20:27:40.000000Z"}, {"uuid": "09b3104d-2873-40ef-998d-a8b86c0f8bf9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41427", "type": "seen", "source": "https://t.me/cibsecurity/32165", "content": "\u203c CVE-2021-41427 \u203c\n\nBeeline Smart Box 2.0.38 is vulnerable to Cross Site Scripting (XSS) via the choose_mac parameter to setup.cgi.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-10T18:36:35.000000Z"}, {"uuid": "3eaffad9-189c-48b5-b2df-943995fc059e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41426", "type": "seen", "source": "https://t.me/cibsecurity/32162", "content": "\u203c CVE-2021-41426 \u203c\n\nBeeline Smart box 2.0.38 is vulnerable to Cross Site Request Forgery (CSRF) via mgt_end_user.htm.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-10T18:36:28.000000Z"}]}