{"vulnerability": "CVE-2019-11604", "sightings": [{"uuid": "4ee4d56b-fe28-47ba-b40d-8179b6030590", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-11604", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/418", "content": "#exploit\n1. CVE-2019-11604:\nQuest KACE Systems Management Appliance <= 9.0 kbot_service_notsoap.php METHOD Reflected CSS\nhttps://seclist.org/fulldisclosure/2019/May/40\n\n2. CVE-2019-0232:\nRCE in CGI Servlet - Apache Tomcat on Windows\nhttps://wwws.nightwatchcybersecurity.com/2019/04/30/remote-code-execution-rce-in-cgi-servlet-apache-tomcat-on-windows-cve-2019-0232", "creation_timestamp": "2022-06-25T14:25:27.000000Z"}, {"uuid": "30d8ee6c-167b-45d2-bdab-00ee59a94199", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-11604", "type": "seen", "source": "https://t.me/cve_mitre_org/285", "content": "CVE-2019-11604 An issue was discovered in Quest KACE Systems Management Appliance before 9.1. The script at /service/kbot_service_notsoap.php is vulnerable to unauthenticated reflected XSS when user-supplied input to the METHOD GET parameter is processe... https://t.co/fJwFS1gbqw\u2014 CVE (@CVEnew) May 24, 2019\n\nMay 24, 2019 at 07:45PM\nvia Twitter https://twitter.com/CVEnew", "creation_timestamp": "2019-05-24T16:48:16.000000Z"}]}