{"vulnerability": "CVE-2020-1429", "sightings": [{"uuid": "641e7679-0279-4973-9203-54d97b7514da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14295", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:44.000000Z"}, {"uuid": "1ed1a402-81a5-4c0b-9402-e92bac243016", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14295", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:10:24.000000Z"}, {"uuid": "3f306520-c79b-4bf8-8b6e-bcc273bae244", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14295", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/http/cacti_filter_sqli_rce.rb", "content": "", "creation_timestamp": "2021-06-01T16:48:17.000000Z"}, {"uuid": "7b991e10-6cf4-4e5b-99e3-b9ee98ba6ff0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14295", "type": "published-proof-of-concept", "source": "https://t.me/pwnwiki_zhchannel/278", "content": "CVE-2020-14295 Cacti 1.2.12 - 'filter' SQL\u6ce8\u5165&\u9060\u7a0b\u4ee3\u78bc\u57f7\u884c\u6f0f\u6d1e\nhttps://www.pwnwiki.org/index.php?title=CVE-2020-14295_Cacti_1.2.12_-_%27filter%27_SQL%E6%B3%A8%E5%85%A5%26%E9%81%A0%E7%A8%8B%E4%BB%A3%E7%A2%BC%E5%9F%B7%E8%A1%8C%E6%BC%8F%E6%B4%9E", "creation_timestamp": "2021-04-30T02:55:19.000000Z"}, {"uuid": "09df2f54-e1ad-42ed-8cda-0e4548c2361d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14295", "type": "published-proof-of-concept", "source": "Telegram/9HCgKR91_JMeyqsjbR4qmyN8atTWBZW9gIK462bqIYt7mQ", "content": "", "creation_timestamp": "2021-09-22T06:26:58.000000Z"}, {"uuid": "75e8ddd1-f58d-46e3-86ad-b34532db4298", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14296", "type": "seen", "source": "https://t.me/cibsecurity/14034", "content": "ATENTION\u203c New - CVE-2020-14296\n\nRed Hat CloudForms 4.7 and 5 was vulnerable to Server-Side Request Forgery (SSRF) flaw. With the access to add Ansible Tower provider, an attacker could scan and attack systems from the internal network which are not normally accessible.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-08-11T18:55:23.000000Z"}, {"uuid": "c5e6cbe6-785f-465a-bd7c-49be398a216b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14295", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/3248", "content": "#exploit\nCVE-2020-14295:\nAuthenticated SQL injection to command execution on Cacti 1.2.12 (PoC)\nhttps://github.com/0z09e/CVE-2020-14295\n]-> Vulnerability details:\nhttps://github.com/Cacti/cacti/issues/3622", "creation_timestamp": "2021-04-30T11:02:06.000000Z"}, {"uuid": "9cac578f-eb9e-4b0d-9c6a-ff52209a2cc1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-14299", "type": "seen", "source": "https://t.me/cibsecurity/15328", "content": "\u203c CVE-2020-14299 \u203c\n\nA flaw was found in JBoss EAP, where the authentication configuration is set-up using a legacy SecurityRealm, to delegate to a legacy PicketBox SecurityDomain, and then reloaded to admin-only mode. This flaw allows an attacker to perform a complete authentication bypass by using an arbitrary user and password. The highest threat to vulnerability is to system availability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-10-16T18:42:23.000000Z"}]}