{"vulnerability": "CVE-2020-17363", "sightings": [{"uuid": "098c86d6-6a57-4b1e-92a4-a8de67cf43c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-17363", "type": "seen", "source": "https://t.me/cibsecurity/21435", "content": "\u203c CVE-2020-17363 \u203c\n\nUSVN (aka User-friendly SVN) before 1.0.9 allows remote code execution via shell metacharacters in the number_start or number_end parameter to LastHundredRequest (aka lasthundredrequestAction) in the Timeline module. NOTE: this may overlap CVE-2020-25069.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-31T07:31:06.000000Z"}, {"uuid": "1c156e5a-0114-4cc5-a6a1-97e2590138d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-17363", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/1627", "content": "#exploit\nCVE-2020-17363, CVE-2020-17364:\nUser-Friendly USVN <1.0.8 - RCE/stored XSS\nhttps://sysdream.com/news/lab/2020-08-12-cve-2020-17363-usvn-remote-code-execution\n]-> https://sysdream.com/news/lab/2020-08-12-cve-2020-17364-usvn-stored-xss", "creation_timestamp": "2024-05-08T02:55:24.000000Z"}]}