{"vulnerability": "cve-2021-42663", "sightings": [{"uuid": "a3392089-5ad7-4753-a6c3-260ab5301db9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-42663", "type": "published-proof-of-concept", "source": "https://t.me/hacker_trick/400", "content": "The Engineers Online Portal System\n\n#CVE-2021-42662 - Stored Cross-Site Scripting vulnerability in the Online event booking and reservation system\nhttps://github.com/TheHackingRabbi/CVE-2021-42662\n\n#CVE-2021-42663 - HTML Injection vulnerability in the Online event booking and reservation system\nhttps://github.com/TheHackingRabbi/CVE-2021-42663\n\n#CVE-2021-42664 - Stored Cross-Site Scripting vulnerability in the Engineers online portal system\nhttps://github.com/TheHackingRabbi/CVE-2021-42664\n\n#CVE-2021-42665 - SQL Injection authentication bypass vulnerability in the Engineers online portal system\nhttps://github.com/TheHackingRabbi/CVE-2021-42665\n\n#CVE-2021-42666 - SQL Injection vulnerability in the Engineers online portal system\nhttps://github.com/TheHackingRabbi/CVE-2021-42666\n\n#CVE-2021-42667 - SQL Injection vulnerability in the Online event booking and reservation system\nhttps://github.com/TheHackingRabbi/CVE-2021-42667", "creation_timestamp": "2021-11-06T19:08:05.000000Z"}, {"uuid": "72af0d50-e0a1-44e0-b378-935238435a61", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-42663", "type": "seen", "source": "https://t.me/hacker_trick/394", "content": "Some docker images to play with #CVE-2021-41773 and #CVE-2021-42013\nhttps://github.com/Hydragyrum/CVE-2021-41773-Playground\n\n#CVE-2021-42663 HTML Injection vulnerability in the Online event booking and reservation system\nhttps://github.com/TheHackingRabbi/CVE-2021-42663", "creation_timestamp": "2021-11-05T12:22:44.000000Z"}, {"uuid": "c7b4da82-bf15-4856-9434-acd8c1d0518c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-42663", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/809", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01\n\n\u66f4\u65b0\u4e86\uff1aCVE-2021\n\u63cf\u8ff0\uff1aCVE-2021-42663 - HTML Injection vulnerability in the Online event booking and reservation system. \nURL\uff1ahttps://github.com/TheHackingRabbi/CVE-2021-42663", "creation_timestamp": "2021-11-05T10:55:18.000000Z"}, {"uuid": "7f04b57e-e29e-4d47-945f-25db10dc4cf3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2021-42663", "type": "seen", "source": "https://t.me/cibsecurity/31877", "content": "\u203c CVE-2021-42663 \u203c\n\nAn HTML injection vulnerability exists in Sourcecodester Online Event Booking and Reservation System in PHP/MySQL via the msg parameter to /event-management/index.php. An attacker can leverage this vulnerability in order to change the visibility of the website. Once the target user clicks on a given link he will display the content of the HTML code of the attacker's choice.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-05T15:27:12.000000Z"}]}