{"vulnerability": "CVE-2021-4031", "sightings": [{"uuid": "04e404ef-0678-4f73-b103-b3f9b60df90b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40317", "type": "seen", "source": "https://t.me/cibsecurity/43371", "content": "\u203c CVE-2021-40317 \u203c\n\nPiwigo 11.5.0 is affected by a SQL injection vulnerability via admin.php and the id parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-05-26T16:14:06.000000Z"}, {"uuid": "7ed4472c-9c53-400b-b4f8-3a500d7c6dba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-4031", "type": "seen", "source": "https://t.me/cibsecurity/39247", "content": "\u203c CVE-2021-4031 \u203c\n\nSyltek application before its 10.22.00 version, does not correctly check that a product ID has a valid payment associated to it. This could allow an attacker to forge a request and bypass the payment system by marking items as payed without any verification.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-03-18T21:28:57.000000Z"}, {"uuid": "6bff0a8c-c3ba-4417-951d-a316b8b70f19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40310", "type": "seen", "source": "https://t.me/cibsecurity/29395", "content": "\u203c CVE-2021-40310 \u203c\n\nOpenSIS Community Edition version 8.0 is affected by a cross-site scripting (XSS) vulnerability in the TakeAttendance.php via the cp_id_miss_attn parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-24T20:30:58.000000Z"}, {"uuid": "62e63b31-04a6-48b2-8b59-deedbf5e709f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-40313", "type": "seen", "source": "https://t.me/cibsecurity/33420", "content": "\u203c CVE-2021-40313 \u203c\n\nPiwigo v11.5 was discovered to contain a SQL injection vulnerability via the parameter pwg_token in /admin/batch_manager_global.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-07T00:22:43.000000Z"}]}