{"vulnerability": "CVE-2020-1914", "sightings": [{"uuid": "f152658d-b498-4971-b760-e5442cdb99f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-19147", "type": "seen", "source": "https://t.me/cibsecurity/28910", "content": "\u203c CVE-2020-19147 \u203c\n\nImproper Access Control in Jfinal CMS v4.7.1 and earlier allows remote attackers to obtain sensitive infromation via the 'getFolder()' function in the component '/modules/filemanager/FileManager.java'.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-15T18:22:36.000000Z"}, {"uuid": "56a06f66-7c5b-49e3-aeaa-985ec49167e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-19146", "type": "seen", "source": "https://t.me/cibsecurity/28906", "content": "\u203c CVE-2020-19146 \u203c\n\nImproper Access Control in Jfinal CMS v4.7.1 and earlier allows remote attackers to obtain sensitive information via the 'TemplatePath' parameter in the component 'jfinal_cms/admin/folder/list'.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-15T18:22:29.000000Z"}, {"uuid": "85598611-b836-490a-ac18-ecee5b3213bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-19148", "type": "seen", "source": "https://t.me/cibsecurity/28901", "content": "\u203c CVE-2020-19148 \u203c\n\nCross Site Scripting (XSS) in Jfinal CMS v4.7.1 and earlier allows remote attackers to execute arbitrary code via the 'Nickname' parameter in the component '/jfinal_cms/front/person/profile.html'.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-15T18:22:22.000000Z"}, {"uuid": "e42534af-d9a2-404f-85c5-908bfb7bedeb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-19142", "type": "seen", "source": "https://t.me/cibsecurity/19655", "content": "\u203c CVE-2020-19142 \u203c\n\niCMS 7 attackers to execute arbitrary OS commands via shell metacharacters in the DB_PREFIX parameter to install/install.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-11T02:37:33.000000Z"}, {"uuid": "96c84e5b-f492-43ec-853e-ee426b22db68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-19143", "type": "seen", "source": "https://t.me/cibsecurity/28590", "content": "\u203c CVE-2020-19143 \u203c\n\nBuffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the \"TIFFVGetField\" funtion in the component 'libtiff/tif_dir.c'.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-09T18:29:32.000000Z"}, {"uuid": "36b61d86-60d9-47fb-9ab0-6f9c2e319243", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-19144", "type": "seen", "source": "https://t.me/cibsecurity/28598", "content": "\u203c CVE-2020-19144 \u203c\n\nBuffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the 'in _TIFFmemcpy' funtion in the component 'tif_unix.c'.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-09T18:29:42.000000Z"}, {"uuid": "db54d59c-75c5-465a-9698-98b309b57550", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-19142", "type": "seen", "source": "https://t.me/cibsecurity/19715", "content": "\u203c CVE-2020-19142 \u203c\n\niCMS 7 attackers to execute arbitrary OS commands via shell metacharacters in the DB_PREFIX parameter to install/install.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-11T05:25:13.000000Z"}, {"uuid": "97a0243a-9114-45f1-8572-47a6e4f2903f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-19142", "type": "seen", "source": "https://t.me/cibsecurity/19675", "content": "\u203c CVE-2020-19142 \u203c\n\niCMS 7 attackers to execute arbitrary OS commands via shell metacharacters in the DB_PREFIX parameter to install/install.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-11T03:25:22.000000Z"}, {"uuid": "bc107503-d29d-454e-81e2-fa0d9d268e4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-19142", "type": "seen", "source": "https://t.me/cibsecurity/19755", "content": "\u203c CVE-2020-19142 \u203c\n\niCMS 7 attackers to execute arbitrary OS commands via shell metacharacters in the DB_PREFIX parameter to install/install.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-11T07:25:25.000000Z"}, {"uuid": "f89cd9db-8a95-4b36-9b35-bd0aaef9ead8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-19142", "type": "seen", "source": "https://t.me/cibsecurity/19735", "content": "\u203c CVE-2020-19142 \u203c\n\niCMS 7 attackers to execute arbitrary OS commands via shell metacharacters in the DB_PREFIX parameter to install/install.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-11T06:25:16.000000Z"}, {"uuid": "957bf9aa-d401-4f38-892d-386abf02d5c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-19142", "type": "seen", "source": "https://t.me/cibsecurity/19695", "content": "\u203c CVE-2020-19142 \u203c\n\niCMS 7 attackers to execute arbitrary OS commands via shell metacharacters in the DB_PREFIX parameter to install/install.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-11T04:25:17.000000Z"}, {"uuid": "6a81501b-8627-4aa3-9014-3337246a3991", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-19142", "type": "seen", "source": "https://t.me/cibsecurity/19635", "content": "\u203c CVE-2020-19142 \u203c\n\niCMS 7 attackers to execute arbitrary OS commands via shell metacharacters in the DB_PREFIX parameter to install/install.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-11T02:34:29.000000Z"}]}