{"vulnerability": "CVE-2020-1891", "sightings": [{"uuid": "6e379c4f-4f17-42bb-a1af-5b641166c8d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-18912", "type": "seen", "source": "https://t.me/cibsecurity/69403", "content": "\u203c CVE-2020-18912 \u203c\n\nAn issue found in Earcms Ear App v.20181124 allows a remote attacker to execute arbitrary code via the uload/index-uplog.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-30T02:17:47.000000Z"}, {"uuid": "7a62ae42-9a71-4865-88c9-50401c11a7af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-18913", "type": "seen", "source": "https://t.me/cibsecurity/27854", "content": "\u203c CVE-2020-18913 \u203c\n\nEARCLINK ESPCMS-P8 was discovered to contain a SQL injection vulnerability in the espcms_web/Search.php component via the attr_array parameter. This vulnerability allows attackers to access sensitive database information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-25T00:23:38.000000Z"}, {"uuid": "9fbbd58e-d4e4-4949-bb87-7f6982f8c4d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-18917", "type": "seen", "source": "https://t.me/cibsecurity/27853", "content": "\u203c CVE-2020-18917 \u203c\n\nThe plus/search.php component in DedeCMS 5.7 SP2 allows remote attackers to execute arbitrary PHP code via the typename parameter because the contents of typename.inc are under an attacker's control.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-25T00:23:36.000000Z"}]}