{"vulnerability": "cve-2021-3824", "sightings": [{"uuid": "f977f2a7-677b-44ba-9cd3-f246943f82ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-38241", "type": "seen", "source": "https://t.me/cibsecurity/54791", "content": "\u203c CVE-2021-38241 \u203c\n\nDeserialization issue discovered in Ruoyi before 4.6.1 allows remote attackers to run arbitrary code via weak cipher in Shiro framework.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-12-17T00:24:42.000000Z"}, {"uuid": "72f2a49c-f82f-41b0-bbbe-cb66d9a10692", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-3824", "type": "seen", "source": "https://t.me/cibsecurity/29318", "content": "\u203c CVE-2021-3824 \u203c\n\nOpenVPN Access Server 2.9.0 through 2.9.4 allow remote attackers to inject arbitrary web script or HTML via the web login page URL.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-23T18:29:37.000000Z"}, {"uuid": "541323ab-53c1-4819-bb9a-77b3d625a03b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-38243", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18750", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2021-38243\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: xunruicms up to v4.5.1 was discovered to contain a remote code execution (RCE) vulnerability in /index.php. This vulnerability allows attackers to execute arbitrary code via a crafted GET request.\n\ud83d\udccf Published: 2023-09-26T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-18T14:19:19.143Z\n\ud83d\udd17 References:\n1. https://github.com/P0wfuu/xunruicms-RCE", "creation_timestamp": "2025-06-18T14:41:53.000000Z"}, {"uuid": "07e1f659-89c9-4c71-8106-7701ed2bfa1e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-38244", "type": "seen", "source": "https://t.me/cibsecurity/34159", "content": "\u203c CVE-2021-38244 \u203c\n\nA regular expression denial of service (ReDoS) vulnerability exits in cbioportal 3.6.21 and older via a POST request to /ProteinArraySignificanceTest.json.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-12-16T22:36:00.000000Z"}]}