{"vulnerability": "CVE-2021-3736", "sightings": [{"uuid": "145b4188-d2cf-4cd7-a9a6-b057ce6c6b7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-37364", "type": "seen", "source": "https://t.me/cibsecurity/31226", "content": "\u203c CVE-2021-37364 \u203c\n\nOpenClinic GA 5.194.18 is affected by Insecure Permissions. By default the Authenticated Users group has the modify permission to openclinic folders/files. A low privilege account is able to rename mysqld.exe or tomcat8.exe files located in bin folders and replace with a malicious file that would connect back to an attacking computer giving system level privileges (nt authority\\system) due to the service running as Local System. While a low privilege user is unable to restart the service through the application, a restart of the computer triggers the execution of the malicious file. The application also have unquoted service path issues.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-26T18:15:08.000000Z"}, {"uuid": "8d55a739-671b-461a-99b5-cf1775628bf2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-37365", "type": "seen", "source": "https://t.me/cibsecurity/27089", "content": "\u203c CVE-2021-37365 \u203c\n\nCTparental before 4.45.03 is vulnerable to cross-site scripting (XSS) in the CTparental admin panel. In bl_categires_help.php, the 'categories' variable is assigned with the content of the query string param 'cat' without sanitization or encoding, enabling an attacker to inject malicious code into the output webpage.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-10T20:37:25.000000Z"}, {"uuid": "5d146772-a6da-4435-b424-20e4c4c0f3a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-37366", "type": "seen", "source": "https://t.me/cibsecurity/27088", "content": "\u203c CVE-2021-37366 \u203c\n\nCTparental before 4.45.03 is vulnerable to cross-site request forgery (CSRF) in the CTparental admin panel. By combining CSRF with XSS, an attacker can trick the administrator into clicking a link that cancels the filtering for all standard users.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-10T20:37:24.000000Z"}, {"uuid": "2a304fc7-d3c4-40a7-bb60-7698fd4c9092", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-37367", "type": "seen", "source": "https://t.me/cibsecurity/27085", "content": "\u203c CVE-2021-37367 \u203c\n\nCTparental before 4.45.07 is affected by a code execution vulnerability in the CTparental admin panel. Because The file \"bl_categories_help.php\" is vulnerable to directory traversal, an attacker can create a file that contains scripts and run arbitrary commands.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-10T20:37:21.000000Z"}, {"uuid": "6c01f0b2-3a9b-453a-a71a-80acbca842c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-37363", "type": "seen", "source": "https://t.me/cibsecurity/31230", "content": "\u203c CVE-2021-37363 \u203c\n\nAn Insecure Permissions issue exists in Gestionale Open 11.00.00. A low privilege account is able to rename the mysqld.exe file located in bin folder and replace with a malicious file that would connect back to an attacking computer giving system level privileges (nt authority\\system) due to the service running as Local System. While a low privilege user is unable to restart the service through the application, a restart of the computer triggers the execution of the malicious file. The application also have unquoted service path issues.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-26T18:15:18.000000Z"}]}