{"vulnerability": "CVE-2019-1251", "sightings": [{"uuid": "7de2b702-1202-46ea-9b56-11e8b2b8bbc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-12518", "type": "exploited", "source": "https://www.exploit-db.com/exploits/48092", "content": "", "creation_timestamp": "2020-02-17T00:00:00.000000Z"}, {"uuid": "c85777d4-f888-48af-842e-cee30584d276", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-12518", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:12.000000Z"}, {"uuid": "937afc2b-1b13-4716-97d1-fe9f78555938", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-12518", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:44.000000Z"}, {"uuid": "c44c12c0-351f-42ac-ab92-a1161303784e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-12518", "type": "seen", "source": "https://t.me/ctinow/200046", "content": "https://ift.tt/jIdlBho\nCVE-2019-12518 | Anviz CrossChex Access Control Management Software 4.3.8.0/4.3.12 buffer overflow (ID 156335)", "creation_timestamp": "2024-03-05T09:42:25.000000Z"}, {"uuid": "a36e1118-2464-4988-b176-bee181ac4a71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-12518", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/misc/crosschex_device_bof.rb", "content": "", "creation_timestamp": "2020-02-13T15:58:47.000000Z"}, {"uuid": "6efbcac7-b47a-4cc1-8a94-cc52faa3ec8b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-12519", "type": "seen", "source": "https://t.me/cibsecurity/11317", "content": "ATENTION\u203c New - CVE-2019-12519\n\nAn issue was discovered in Squid through 4.7. When handling the tag esi:when when ESI is enabled, Squid calls ESIExpression::Evaluate. This function uses a fixed stack buffer to hold the expression while it's being evaluated. When processing the expression, it could either evaluate the top of the stack, or add a new member to the stack. When adding a new member, there is no check to ensure that the stack won't overflow.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-04-16T01:14:02.000000Z"}, {"uuid": "77781605-e350-4936-947e-6ea9fa2214fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-12516", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/408", "content": "#exploit\n1. CVE-2019-12517:\nSlickQuiz for Wordpress 1.3.7 \"/wp-admin/admin.php?page=slickquiz\" Multiple Stored XSS\nhttps://seclists.org/fulldisclosure/2019/Sep/20\n\n2. CVE-2019-12516:\nSlickQuiz for Wordpress 1.3.7 \"/wp-admin/admin.php?page=slickquiz-*\" Multiple Authenticated SQL Injections\nhttps://seclists.org/fulldisclosure/2019/Sep/21\n\n3. vBulletin 5.x - 0day pre-auth RCE exploit\nhttps://seclists.org/fulldisclosure/2019/Sep/31", "creation_timestamp": "2023-04-30T19:17:18.000000Z"}, {"uuid": "81df90b8-b253-4054-8c1d-76c64cad2bd8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2019-12517", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/408", "content": "#exploit\n1. CVE-2019-12517:\nSlickQuiz for Wordpress 1.3.7 \"/wp-admin/admin.php?page=slickquiz\" Multiple Stored XSS\nhttps://seclists.org/fulldisclosure/2019/Sep/20\n\n2. CVE-2019-12516:\nSlickQuiz for Wordpress 1.3.7 \"/wp-admin/admin.php?page=slickquiz-*\" Multiple Authenticated SQL Injections\nhttps://seclists.org/fulldisclosure/2019/Sep/21\n\n3. vBulletin 5.x - 0day pre-auth RCE exploit\nhttps://seclists.org/fulldisclosure/2019/Sep/31", "creation_timestamp": "2023-04-30T19:17:18.000000Z"}]}