{"vulnerability": "CVE-2021-42664", "sightings": [{"uuid": "8ca739c9-a760-46d4-bbfd-0b65faf17ffa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42664", "type": "seen", "source": "https://t.me/cibsecurity/31878", "content": "\u203c CVE-2021-42664 \u203c\n\nA Stored Cross Site Scripting (XSS) Vulneraibiilty exists in Sourcecodester Engineers Online Portal in PHP via the (1) Quiz title and (2) quiz description parameters to add_quiz.php. An attacker can leverage this vulnerability in order to run javascript commands on the web server surfers behalf, which can lead to cookie stealing and more.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-05T15:27:14.000000Z"}, {"uuid": "1e1b063b-fe0a-4291-a1bb-140c201bcc1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2021-42664", "type": "published-proof-of-concept", "source": "https://t.me/hacker_trick/400", "content": "The Engineers Online Portal System\n\n#CVE-2021-42662 - Stored Cross-Site Scripting vulnerability in the Online event booking and reservation system\nhttps://github.com/TheHackingRabbi/CVE-2021-42662\n\n#CVE-2021-42663 - HTML Injection vulnerability in the Online event booking and reservation system\nhttps://github.com/TheHackingRabbi/CVE-2021-42663\n\n#CVE-2021-42664 - Stored Cross-Site Scripting vulnerability in the Engineers online portal system\nhttps://github.com/TheHackingRabbi/CVE-2021-42664\n\n#CVE-2021-42665 - SQL Injection authentication bypass vulnerability in the Engineers online portal system\nhttps://github.com/TheHackingRabbi/CVE-2021-42665\n\n#CVE-2021-42666 - SQL Injection vulnerability in the Engineers online portal system\nhttps://github.com/TheHackingRabbi/CVE-2021-42666\n\n#CVE-2021-42667 - SQL Injection vulnerability in the Online event booking and reservation system\nhttps://github.com/TheHackingRabbi/CVE-2021-42667", "creation_timestamp": "2021-11-06T19:08:05.000000Z"}]}