Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-myft-jnpz-r7gb
Summary
Multiple vulnerabilities were found in PHP, the worst of which lead
    to remote execution of arbitrary code.
Aliases
0
alias CVE-2012-1823
Fixed_packages
0
url pkg:ebuild/dev-lang/php@5.3.15
purl pkg:ebuild/dev-lang/php@5.3.15
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/php@5.3.15
1
url pkg:ebuild/dev-lang/php@5.4.5
purl pkg:ebuild/dev-lang/php@5.4.5
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/dev-lang/php@5.4.5
Affected_packages
0
url pkg:rpm/redhat/php@5.1.6-23.3?arch=el5_3
purl pkg:rpm/redhat/php@5.1.6-23.3?arch=el5_3
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-myft-jnpz-r7gb
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php@5.1.6-23.3%3Farch=el5_3
1
url pkg:rpm/redhat/php@5.1.6-27.el5_6?arch=4
purl pkg:rpm/redhat/php@5.1.6-27.el5_6?arch=4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-myft-jnpz-r7gb
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php@5.1.6-27.el5_6%3Farch=4
2
url pkg:rpm/redhat/php@5.1.6-34?arch=el5_8
purl pkg:rpm/redhat/php@5.1.6-34?arch=el5_8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-myft-jnpz-r7gb
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php@5.1.6-34%3Farch=el5_8
3
url pkg:rpm/redhat/php@5.3.2-6.el6_0?arch=2
purl pkg:rpm/redhat/php@5.3.2-6.el6_0?arch=2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-myft-jnpz-r7gb
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php@5.3.2-6.el6_0%3Farch=2
4
url pkg:rpm/redhat/php@5.3.3-3.el6_1?arch=4
purl pkg:rpm/redhat/php@5.3.3-3.el6_1?arch=4
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-myft-jnpz-r7gb
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php@5.3.3-3.el6_1%3Farch=4
5
url pkg:rpm/redhat/php@5.3.3-3.el6_2?arch=8
purl pkg:rpm/redhat/php@5.3.3-3.el6_2?arch=8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-myft-jnpz-r7gb
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php@5.3.3-3.el6_2%3Farch=8
6
url pkg:rpm/redhat/php53@5.3.3-1.el5_6?arch=2
purl pkg:rpm/redhat/php53@5.3.3-1.el5_6?arch=2
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-myft-jnpz-r7gb
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php53@5.3.3-1.el5_6%3Farch=2
7
url pkg:rpm/redhat/php53@5.3.3-7?arch=el5_8
purl pkg:rpm/redhat/php53@5.3.3-7?arch=el5_8
is_vulnerable true
affected_by_vulnerabilities
0
vulnerability VCID-myft-jnpz-r7gb
resource_url http://public2.vulnerablecode.io/packages/pkg:rpm/redhat/php53@5.3.3-7%3Farch=el5_8
References
0
reference_url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1823.json
reference_id
reference_type
scores
url https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-1823.json
1
reference_url https://api.first.org/data/v1/epss?cve=CVE-2012-1823
reference_id
reference_type
scores
0
value 0.94363
scoring_system epss
scoring_elements 0.99965
published_at 2026-04-26T12:55:00Z
1
value 0.94386
scoring_system epss
scoring_elements 0.99971
published_at 2026-04-18T12:55:00Z
2
value 0.94386
scoring_system epss
scoring_elements 0.99972
published_at 2026-04-08T12:55:00Z
3
value 0.94386
scoring_system epss
scoring_elements 0.9997
published_at 2026-04-21T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2012-1823
2
reference_url http://www.openwall.com/lists/oss-security/2024/06/07/1
reference_id 1
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/
url http://www.openwall.com/lists/oss-security/2024/06/07/1
3
reference_url http://www.php.net/archive/2012.php#id2012-05-03-1
reference_id 2012.php#id2012-05-03-1
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/
url http://www.php.net/archive/2012.php#id2012-05-03-1
4
reference_url http://secunia.com/advisories/49014
reference_id 49014
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/
url http://secunia.com/advisories/49014
5
reference_url http://secunia.com/advisories/49065
reference_id 49065
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/
url http://secunia.com/advisories/49065
6
reference_url http://secunia.com/advisories/49085
reference_id 49085
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/
url http://secunia.com/advisories/49085
7
reference_url http://secunia.com/advisories/49087
reference_id 49087
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/
url http://secunia.com/advisories/49087
8
reference_url http://www.kb.cert.org/vuls/id/520827
reference_id 520827
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/
url http://www.kb.cert.org/vuls/id/520827
9
reference_url https://bugzilla.redhat.com/show_bug.cgi?id=818607
reference_id 818607
reference_type
scores
url https://bugzilla.redhat.com/show_bug.cgi?id=818607
10
reference_url http://www.mandriva.com/security/advisories?name=MDVSA-2012:068
reference_id advisories?name=MDVSA-2012:068
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/
url http://www.mandriva.com/security/advisories?name=MDVSA-2012:068
11
reference_url https://bugs.php.net/bug.php?id=61910
reference_id bug.php?id=61910
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/
url https://bugs.php.net/bug.php?id=61910
12
reference_url http://www.php.net/ChangeLog-5.php#5.4.2
reference_id ChangeLog-5.php#5.4.2
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/
url http://www.php.net/ChangeLog-5.php#5.4.2
13
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/18836.py
reference_id CVE-2012-2336;CVE-2012-2311;CVE-2012-1823;OSVDB-81633
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/18836.py
14
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/29290.c
reference_id CVE-2012-2336;CVE-2012-2311;CVE-2012-1823;OSVDB-81633
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/29290.c
15
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/29316.py
reference_id CVE-2012-2336;CVE-2012-2311;CVE-2012-1823;OSVDB-81633
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/29316.py
16
reference_url http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/
reference_id CVE-2012-2336;OSVDB-81633;CVE-2012-2311;CVE-2012-1823
reference_type exploit
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/
url http://eindbazen.net/2012/05/php-cgi-advisory-cve-2012-1823/
17
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/18834.rb
reference_id CVE-2012-2336;OSVDB-81633;CVE-2012-2311;CVE-2012-1823
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/php/remote/18834.rb
18
reference_url http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041
reference_id Document.jsp?objectID=c03360041
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/
url http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03360041
19
reference_url http://www.debian.org/security/2012/dsa-2465
reference_id dsa-2465
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/
url http://www.debian.org/security/2012/dsa-2465
20
reference_url https://security.gentoo.org/glsa/201209-03
reference_id GLSA-201209-03
reference_type
scores
url https://security.gentoo.org/glsa/201209-03
21
reference_url http://www.securitytracker.com/id?1027022
reference_id id?1027022
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/
url http://www.securitytracker.com/id?1027022
22
reference_url http://marc.info/?l=bugtraq&m=134012830914727&w=2
reference_id ?l=bugtraq&m=134012830914727&w=2
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/
url http://marc.info/?l=bugtraq&m=134012830914727&w=2
23
reference_url http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00002.html
reference_id msg00002.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/
url http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00002.html
24
reference_url http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00007.html
reference_id msg00007.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/
url http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00007.html
25
reference_url http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00011.html
reference_id msg00011.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/
url http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00011.html
26
reference_url https://bugs.php.net/patch-display.php?bug_id=61910&patch=cgi.diff&revision=1335984315&display=1
reference_id patch-display.php?bug_id=61910&patch=cgi.diff&revision=1335984315&display=1
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/
url https://bugs.php.net/patch-display.php?bug_id=61910&patch=cgi.diff&revision=1335984315&display=1
27
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/
reference_id PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/PKGTQUOA2NTZ3RXN22CSAUJPIRUYRB4B/
28
reference_url https://access.redhat.com/errata/RHSA-2012:0546
reference_id RHSA-2012:0546
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0546
29
reference_url http://rhn.redhat.com/errata/RHSA-2012-0546.html
reference_id RHSA-2012-0546.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/
url http://rhn.redhat.com/errata/RHSA-2012-0546.html
30
reference_url https://access.redhat.com/errata/RHSA-2012:0547
reference_id RHSA-2012:0547
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0547
31
reference_url http://rhn.redhat.com/errata/RHSA-2012-0547.html
reference_id RHSA-2012-0547.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/
url http://rhn.redhat.com/errata/RHSA-2012-0547.html
32
reference_url https://access.redhat.com/errata/RHSA-2012:0568
reference_id RHSA-2012:0568
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0568
33
reference_url http://rhn.redhat.com/errata/RHSA-2012-0568.html
reference_id RHSA-2012-0568.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/
url http://rhn.redhat.com/errata/RHSA-2012-0568.html
34
reference_url https://access.redhat.com/errata/RHSA-2012:0569
reference_id RHSA-2012:0569
reference_type
scores
url https://access.redhat.com/errata/RHSA-2012:0569
35
reference_url http://rhn.redhat.com/errata/RHSA-2012-0569.html
reference_id RHSA-2012-0569.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/
url http://rhn.redhat.com/errata/RHSA-2012-0569.html
36
reference_url http://rhn.redhat.com/errata/RHSA-2012-0570.html
reference_id RHSA-2012-0570.html
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/
url http://rhn.redhat.com/errata/RHSA-2012-0570.html
37
reference_url https://usn.ubuntu.com/1437-1/
reference_id USN-1437-1
reference_type
scores
url https://usn.ubuntu.com/1437-1/
38
reference_url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/
reference_id W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK
reference_type
scores
0
value 9.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
1
value Act
scoring_system ssvc
scoring_elements SSVCv2/E:A/A:Y/T:T/P:M/B:A/M:M/D:C/2025-02-07T13:10:55Z/
url https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/W45DBOH56NQDRTOM2DN2LNA2FZIMC3PK/
Weaknesses
Exploits
0
date_added 2012-05-05
description PHP < 5.3.12 / < 5.4.2 - CGI Argument Injection
required_action null
due_date null
notes null
known_ransomware_campaign_use true
source_date_published 2012-05-05
exploit_type remote
platform php
source_date_updated 2012-05-08
data_source Exploit-DB
source_url
1
date_added null
description 
When run as a CGI, PHP up to version 5.3.12 and 5.4.2 is vulnerable to
          an argument injection vulnerability.  This module takes advantage of
          the -d flag to set php.ini directives to achieve code execution.

          From the advisory: "if there is NO unescaped '=' in the query string,
          the string is split on '+' (encoded space) characters, urldecoded,
          passed to a function that escapes shell metacharacters (the "encoded in
          a system-defined manner" from the RFC) and then passes them to the CGI
          binary." This module can also be used to exploit the plesk 0day disclosed
          by kingcope and exploited in the wild on June 2013.
required_action null
due_date null
notes 
Stability:
  - crash-safe
Reliability:
  - repeatable-session
SideEffects:
  - ioc-in-logs
known_ransomware_campaign_use false
source_date_published 2012-05-03
exploit_type null
platform PHP
source_date_updated null
data_source Metasploit
source_url https://github.com/rapid7/metasploit-framework/tree/master/modules/exploits/multi/http/php_cgi_arg_injection.rb
2
date_added 2022-03-25
description sapi/cgi/cgi_main.c in PHP, when configured as a CGI script, does not properly handle query strings, which allows remote attackers to execute arbitrary code.
required_action Apply updates per vendor instructions.
due_date 2022-04-15
notes https://nvd.nist.gov/vuln/detail/CVE-2012-1823
known_ransomware_campaign_use false
source_date_published null
exploit_type null
platform null
source_date_updated null
data_source KEV
source_url null
Severity_range_score9.8 - 9.8
Exploitability2.0
Weighted_severity8.8
Risk_score10.0
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-myft-jnpz-r7gb