{"vulnerability": "CVE-2020-2012", "sightings": [{"uuid": "ec0b396a-c11b-4fc8-837d-744923843629", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-20129", "type": "seen", "source": "https://t.me/cibsecurity/29697", "content": "\u203c CVE-2020-20129 \u203c\n\nLaraCMS v1.0.1 contains a stored cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the content editor.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-30T02:37:23.000000Z"}, {"uuid": "93ee9a11-44ab-444f-8985-d368eb7a12df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-20128", "type": "seen", "source": "https://t.me/cibsecurity/29692", "content": "\u203c CVE-2020-20128 \u203c\n\nLaraCMS v1.0.1 transmits sensitive information in cleartext which can be intercepted by attackers.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-30T02:37:15.000000Z"}, {"uuid": "d0886402-ece1-438f-afda-69dab056746f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-20125", "type": "seen", "source": "https://t.me/cibsecurity/29614", "content": "\u203c CVE-2020-20125 \u203c\n\nEARCLINK ESPCMS-P8 contains a cross-site scripting (XSS) vulnerability in espcms_web\\espcms_load.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-29T02:36:17.000000Z"}, {"uuid": "3b4292ad-d67c-436a-bce0-3808fe4ef0f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-20120", "type": "seen", "source": "https://t.me/cibsecurity/29613", "content": "\u203c CVE-2020-20120 \u203c\n\nThinkPHP v3.2.3 and below contains a SQL injection vulnerability which is triggered when the array is not passed to the \"where\" and \"query\" methods.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-29T02:36:16.000000Z"}, {"uuid": "3a18614a-dc1b-4523-8442-4750eeb8eb40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-20124", "type": "seen", "source": "https://t.me/cibsecurity/29612", "content": "\u203c CVE-2020-20124 \u203c\n\nWuzhi CMS v4.1.0 contains a remote code execution (RCE) vulnerability in \\attachment\\admin\\index.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-29T02:36:15.000000Z"}, {"uuid": "887d25f5-11d0-4535-a4a9-2325bdc0b2bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-20122", "type": "seen", "source": "https://t.me/cibsecurity/29611", "content": "\u203c CVE-2020-20122 \u203c\n\nWuzhi CMS v4.1 contains a SQL injection vulnerability in the checktitle() function in /coreframe/app/content/admin/content.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-29T02:36:14.000000Z"}]}