{"vulnerability": "cve-2021-42662", "sightings": [{"uuid": "cf703677-6ae2-4648-894d-fa035f99f457", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-42662", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/800", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aCVE-2021-42662 - Stored Cross-Site Scripting vulnerability in the Online event booking and reservation system. \nURL\uff1ahttps://github.com/TheHackingRabbi/CVE-2021-42662", "creation_timestamp": "2021-11-03T21:52:36.000000Z"}, {"uuid": "f7075ed2-c0c6-4d89-a6c8-822400433808", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-42662", "type": "seen", "source": "https://t.me/cibsecurity/31869", "content": "\u203c CVE-2021-42662 \u203c\n\nA Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Online Event Booking and Reservation System in PHP/MySQL via the Holiday reason parameter. An attacker can leverage this vulnerability in order to run javascript commands on the web server surfers behalf, which can lead to cookie stealing and more.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-05T13:25:42.000000Z"}, {"uuid": "93e385de-10df-4a2a-81bf-4169ecc314c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-42662", "type": "published-proof-of-concept", "source": "https://t.me/hacker_trick/400", "content": "The Engineers Online Portal System\n\n#CVE-2021-42662 - Stored Cross-Site Scripting vulnerability in the Online event booking and reservation system\nhttps://github.com/TheHackingRabbi/CVE-2021-42662\n\n#CVE-2021-42663 - HTML Injection vulnerability in the Online event booking and reservation system\nhttps://github.com/TheHackingRabbi/CVE-2021-42663\n\n#CVE-2021-42664 - Stored Cross-Site Scripting vulnerability in the Engineers online portal system\nhttps://github.com/TheHackingRabbi/CVE-2021-42664\n\n#CVE-2021-42665 - SQL Injection authentication bypass vulnerability in the Engineers online portal system\nhttps://github.com/TheHackingRabbi/CVE-2021-42665\n\n#CVE-2021-42666 - SQL Injection vulnerability in the Engineers online portal system\nhttps://github.com/TheHackingRabbi/CVE-2021-42666\n\n#CVE-2021-42667 - SQL Injection vulnerability in the Online event booking and reservation system\nhttps://github.com/TheHackingRabbi/CVE-2021-42667", "creation_timestamp": "2021-11-06T19:08:05.000000Z"}]}