{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-05-08T04:44:17.603","vulnerabilities":[{"cve":{"id":"CVE-2021-42839","sourceIdentifier":"twcert@cert.org.tw","published":"2021-11-15T10:15:07.920","lastModified":"2024-11-21T06:28:12.610","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Grand Vice info Co. webopac7 file upload function fails to filter special characters. While logging in with general user’s permission, remote attackers can upload malicious script and execute arbitrary code to control the system or interrupt services."},{"lang":"es","value":"La función file upload de Grand Vice info Co. webopac7 falla al filtrar caracteres especiales. Mientras es iniciada la sesión con el permiso del usuario general, atacantes remotos pueden cargar un script malicioso y ejecutar código arbitrario para controlar el sistema o interrumpir los servicios"}],"metrics":{"cvssMetricV31":[{"source":"twcert@cert.org.tw","type":"Secondary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H","baseScore":8.8,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:C/I:C/A:C","baseScore":9.0,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.0,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"twcert@cert.org.tw","type":"Secondary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:vice:webopac:1.8.20160701:*:*:*:*:*:*:*","matchCriteriaId":"EB26E8B5-3741-411B-AAF5-D9686066E1B5"},{"vulnerable":true,"criteria":"cpe:2.3:a:vice:webopac:7.1.20160701:*:*:*:*:*:*:*","matchCriteriaId":"9DDE0E5E-7C6E-46A7-ABCE-BE94BC2A480C"}]}]}],"references":[{"url":"https://www.twcert.org.tw/tw/cp-132-5288-9d546-1.html","source":"twcert@cert.org.tw","tags":["Third Party Advisory"]},{"url":"https://www.twcert.org.tw/tw/cp-132-5288-9d546-1.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory"]}]}}]}