{"vulnerability": "CVE-2019-7725", "sightings": [{"uuid": "9a6e0693-d4b9-4816-89a7-949b12997a46", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-7725", "type": "seen", "source": "https://t.me/cibsecurity/21438", "content": "\u203c CVE-2019-7725 \u203c\n\nincludes/core/is_user.php in NukeViet before 4.3.04 deserializes the untrusted nvloginhash cookie (i.e., the code relies on PHP's serialization format when JSON can be used to eliminate the risk).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-31T07:31:08.000000Z"}]}