{"vulnerability": "cve-2021-3118", "sightings": [{"uuid": "109fe375-6d55-402f-9fda-b9ae0ef12926", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-31181", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/3531", "content": "#exploit\nCVE-2021-31181:\nMicrosoft SharePoint Webpart Interpretation Conflict RCE\nhttps://www.zerodayinitiative.com/blog/2021/6/1/cve-2021-31181-microsoft-sharepoint-webpart-interpretation-conflict-remote-code-execution-vulnerability", "creation_timestamp": "2021-06-03T15:03:25.000000Z"}, {"uuid": "6179f824-a18a-435b-aaf0-af4dc2f1cd10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-31184", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/4079", "content": "#exploit\n1.  CVE-2021-31184:\nInformation disclosure in Microsoft Windows\nInfrared Data Association (IrDA)\nhttps://github.com/waleedassar/CVE-2021-31184\n2.  CVE-2021-22545:\nA CVE from BinDiff & IDA Pro\nhttps://jhftss.github.io/CVE-2021-22545", "creation_timestamp": "2021-08-16T11:57:28.000000Z"}, {"uuid": "e647599c-8893-4c83-9795-ea1fd47f12b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-31181", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:37.000000Z"}, {"uuid": "e293612f-48e3-4e64-8c88-0994541dbfa2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-3118", "type": "seen", "source": "https://t.me/cibsecurity/21899", "content": "\u203c CVE-2021-3118 \u203c\n\n** UNSUPPORTED WHEN ASSIGNED ** EVOLUCARE ECSIMAGING (aka ECS Imaging) through 6.21.5 has multiple SQL Injection issues in the login form and the password-forgotten form (such as /req_password_user.php?email=). This allows an attacker to steal data in the database and obtain access to the application. (The database component runs as root.) NOTE: This vulnerability only affects products that are no longer supported by the maintainer.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-11T12:45:21.000000Z"}, {"uuid": "c148d8f1-8f79-4da0-9d19-5a8c8672f1b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-31181", "type": "seen", "source": "https://t.me/pwnwiki_zhchannel/681", "content": "CVE-2021-31181 Microsoft SharePoint Unsafe Control And ViewState \u9060\u7a0b\u4ee3\u78bc\u57f7\u884c\u6f0f\u6d1e\nhttps://www.pwnwiki.org/index.php?title=CVE-2021-31181_Microsoft_SharePoint_Unsafe_Control_And_ViewState_%E9%81%A0%E7%A8%8B%E4%BB%A3%E7%A2%BC%E5%9F%B7%E8%A1%8C%E6%BC%8F%E6%B4%9E", "creation_timestamp": "2021-06-20T02:02:06.000000Z"}, {"uuid": "3659e06b-57d2-4ee1-a8ab-bc97ddd30c12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-31181", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/http/sharepoint_unsafe_control.rb", "content": "", "creation_timestamp": "2021-06-16T15:47:38.000000Z"}, {"uuid": "588d3ca1-776e-4154-aabf-83cd4b85a7f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-31181", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:45.000000Z"}, {"uuid": "5a678c76-6284-416b-ab92-f159557cb717", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-31181", "type": "published-proof-of-concept", "source": "https://t.me/ptswarm/45", "content": "CVE-2021-31181: MicroSoft SharePoint webpart interpretation conflict RCE vulnerability \n\nTo quote @thezdi: \"this vulnerability could be used by an authenticated user to execute arbitrary code on the server in the context of the service account of the SharePoint web application. For a successful attack, the attacker must have SPBasePermissions.ManageLists permissions on any SharePoint site. By default, any authenticated user can create their own site where they have the necessary permission.\"\n\nContents:\n \u2022 The Vulnerability\n \u2022 Proof of Concept\n \u2022 Getting Remote Code Execution\n \u2022 Conclusion\n\nhttps://www.zerodayinitiative.com/blog/2021/6/1/cve-2021-31181-microsoft-sharepoint-webpart-interpretation-conflict-remote-code-execution-vulnerability", "creation_timestamp": "2021-06-03T07:14:15.000000Z"}]}