{"vulnerability": "CVE-2021-4424", "sightings": [{"uuid": "fc0352fb-3a16-4334-b626-d2260871e1df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44247", "type": "seen", "source": "https://t.me/cibsecurity/36841", "content": "\u203c CVE-2021-44247 \u203c\n\nTotolink devices A3100R v4.1.2cu.5050_B20200504, A830R v5.9c.4729_B20191112, and A720R v4.1.5cu.470_B20200911 were discovered to contain command injection vulnerability in the function setNoticeCfg. This vulnerability allows attackers to execute arbitrary commands via the IpFrom parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-04T07:37:02.000000Z"}, {"uuid": "130df819-8f39-4b89-b246-ca98da06397f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44246", "type": "seen", "source": "https://t.me/cibsecurity/36822", "content": "\u203c CVE-2021-44246 \u203c\n\nTotolink devices A3100R v4.1.2cu.5050_B20200504, A830R v5.9c.4729_B20191112, and A720R v4.1.5cu.470_B20200911 were discovered to contain a stack overflow in the function setNoticeCfg. This vulnerability allows attackers to cause a Denial of Service (DoS) via the IpTo parameter.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-02-04T07:36:31.000000Z"}, {"uuid": "71e2dbee-6b86-402d-9d3b-c48cfc6946f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44245", "type": "seen", "source": "https://t.me/cibsecurity/35951", "content": "\u203c CVE-2021-44245 \u203c\n\nAn SQL Injection vulnerability exists in Courcecodester COVID 19 Testing Management System (CTMS) 1.0 via the (1) username and (2) contactno parameters.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-20T22:12:05.000000Z"}, {"uuid": "c40e3448-827b-4849-b9b6-2d5b83704502", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44244", "type": "seen", "source": "https://t.me/cibsecurity/35953", "content": "\u203c CVE-2021-44244 \u203c\n\nAn SQL Injection vulnerabiity exists in Sourcecodester Logistic Hub Parcel's Management System 1.0 via the username parameter in login.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-20T22:12:07.000000Z"}, {"uuid": "f00b94d1-d9b9-4011-b806-2d5aa51fa8fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-44249", "type": "seen", "source": "https://t.me/cibsecurity/36461", "content": "\u203c CVE-2021-44249 \u203c\n\nOnline Motorcycle (Bike) Rental System 1.0 is vulnerable to a Blind Time-Based SQL Injection attack within the login portal. This can lead attackers to remotely dump MySQL database credentials.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-01-28T18:26:42.000000Z"}]}