{"vulnerability": "CVE-2021-4156", "sightings": [{"uuid": "2f389630-63cc-4822-9924-168853455031", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41569", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-41569.yaml", "content": "", "creation_timestamp": "2023-04-27T09:58:59.000000Z"}, {"uuid": "11a687ea-fa57-45df-bbbe-10ef2628400e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41569", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-02-02)", "content": "", "creation_timestamp": "2025-02-02T00:00:00.000000Z"}, {"uuid": "454c120e-53ac-4c70-9891-5f1cc41be2ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41569", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2024-11-22)", "content": "", "creation_timestamp": "2024-11-22T00:00:00.000000Z"}, {"uuid": "ba895cb5-74fc-449f-aaab-4efdc0b7e16a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41569", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-04-19)", "content": "", "creation_timestamp": "2025-04-19T00:00:00.000000Z"}, {"uuid": "93c9b6aa-811d-4d8b-abd7-c5f66fa0221d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41569", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-04-14)", "content": "", "creation_timestamp": "2025-04-14T00:00:00.000000Z"}, {"uuid": "8e86e6cf-b962-4152-8e5d-eb8cb2bd9143", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41569", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-05-18)", "content": "", "creation_timestamp": "2025-05-18T00:00:00.000000Z"}, {"uuid": "7b73803e-9a00-472b-a2a1-27da8a7d41ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41569", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-06-29)", "content": "", "creation_timestamp": "2025-06-29T00:00:00.000000Z"}, {"uuid": "7250fb81-95a5-4a69-acb4-4d04f00d36b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41569", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-10-06)", "content": "", "creation_timestamp": "2025-10-06T00:00:00.000000Z"}, {"uuid": "ed3e1611-44d4-4e4f-bb95-fe16eacf3f70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41569", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-06-01)", "content": "", "creation_timestamp": "2025-06-01T00:00:00.000000Z"}, {"uuid": "892f189e-79db-4ac4-bbb6-dd687ccf1383", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41562", "type": "seen", "source": "https://t.me/cibsecurity/31779", "content": "\u203c CVE-2021-41562 \u203c\n\nA vulnerability in Snow Snow Agent for Windows allows a non-admin user to cause arbitrary deletion of files. This issue affects: Snow Snow Agent for Windows version 5.0.0 to 6.7.1 on Windows.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-03T23:23:31.000000Z"}, {"uuid": "3f605bf6-7332-4274-9556-f34dafffecaa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41569", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-09-20)", "content": "", "creation_timestamp": "2025-09-20T00:00:00.000000Z"}, {"uuid": "9735f6f3-853d-48df-b6a0-f45f82d80a6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41569", "type": "seen", "source": "https://t.me/cibsecurity/32718", "content": "\u203c CVE-2021-41569 \u203c\n\nSAS/Intrnet 9.4 build 1520 and earlier allows Local File Inclusion. The samples library (included by default) in the appstart.sas file, allows end-users of the application to access the sample.webcsf1.sas program, which contains user-controlled macro variables that are passed to the DS2CSF macro. Users can escape the context of the configured user-controllable variable and append additional functions native to the macro but not included as variables within the library. This includes a function that retrieves files from the host OS.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-19T20:17:08.000000Z"}, {"uuid": "733fb045-aca4-46ef-9374-77006f41c541", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41569", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-08)", "content": "", "creation_timestamp": "2026-04-08T00:00:00.000000Z"}, {"uuid": "e464fd96-34f3-4a66-ba4c-5345c05f731b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41561", "type": "seen", "source": "https://t.me/cibsecurity/34269", "content": "\u203c CVE-2021-41561 \u203c\n\nImproper Input Validation vulnerability in Parquet-MR of Apache Parquet allows an attacker to DoS by malicious Parquet files. This issue affects Apache Parquet-MR version 1.9.0 and later versions.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-20T14:39:53.000000Z"}, {"uuid": "1013e153-1d22-4e1e-85d4-2bb946d5609b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41566", "type": "seen", "source": "https://t.me/cibsecurity/30262", "content": "\u203c CVE-2021-41566 \u203c\n\nThe file extension of the TadTools file upload function fails to filter, thus remote attackers can upload any types of files and execute arbitrary code without logging in.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-08T20:40:30.000000Z"}, {"uuid": "3797f98a-60a4-4260-8968-15f99bb834d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41564", "type": "seen", "source": "https://t.me/cibsecurity/30254", "content": "\u203c CVE-2021-41564 \u203c\n\nTad Honor viewing book list function is vulnerable to authorization bypass, thus remote attackers can use special parameters to delete articles arbitrarily without logging in.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-08T20:40:21.000000Z"}, {"uuid": "4693261e-9759-48ac-9ef1-145900fcda51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41567", "type": "seen", "source": "https://t.me/cibsecurity/30270", "content": "\u203c CVE-2021-41567 \u203c\n\nThe new add subject parameter of Tad Uploader view book list function fails to filter special characters. Unauthenticated attackers can remotely inject JavaScript syntax and execute stored XSS attacks.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-08T20:40:39.000000Z"}, {"uuid": "08e0d664-2031-4d52-978c-47293a47366d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41565", "type": "seen", "source": "https://t.me/cibsecurity/30268", "content": "\u203c CVE-2021-41565 \u203c\n\nTadTools special page parameter does not properly restrict the input of specific characters, thus remote attackers can inject JavaScript syntax without logging in, and further perform reflective XSS attacks.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-08T20:40:37.000000Z"}, {"uuid": "69fadb0d-fff4-43b4-9e52-a0e7cc44165d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41568", "type": "seen", "source": "https://t.me/cibsecurity/30265", "content": "\u203c CVE-2021-41568 \u203c\n\nTad Web is vulnerable to authorization bypass, thus remote attackers can exploit the vulnerability to use the original function of viewing bulletin boards and uploading files in the system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-08T20:40:33.000000Z"}, {"uuid": "4519e022-1e15-41b2-a201-ed6eddce605c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-41563", "type": "seen", "source": "https://t.me/cibsecurity/30264", "content": "\u203c CVE-2021-41563 \u203c\n\nTad Book3 editing book function does not filter special characters. Unauthenticated attackers can remotely inject JavaScript syntax and execute stored XSS attacks.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-08T20:40:33.000000Z"}]}