{"vulnerability": "CVE-2020-2904", "sightings": [{"uuid": "f7b41f89-9c5c-4c2c-b361-1c2940407119", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-29047", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lqingbu3fr2s", "content": "", "creation_timestamp": "2025-05-31T21:02:18.669710Z"}, {"uuid": "c6e7e7d5-f2d9-4acb-bdb4-11cc337142f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-29047", "type": "seen", "source": "https://t.me/cibsecurity/24415", "content": "\u203c CVE-2020-29047 \u203c\n\nThe wp-hotel-booking plugin through 1.10.2 for WordPress allows remote attackers to execute arbitrary code because of an unserialize operation on the thimpress_hotel_booking_1 cookie in load in includes/class-wphb-sessions.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-03-03T20:45:55.000000Z"}, {"uuid": "eb63caad-e087-4711-9629-5e4b31adbd40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-29045", "type": "seen", "source": "https://t.me/cibsecurity/24808", "content": "\u203c CVE-2020-29045 \u203c\n\nThe food-and-drink-menu plugin through 2.2.0 for WordPress allows remote attackers to execute arbitrary code because of an unserialize operation on the fdm_cart cookie in load_cart_from_cookie in includes/class-cart-manager.php.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-03-11T22:54:38.000000Z"}, {"uuid": "52016d10-61a0-428a-ac03-1982fa0d6f4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-29043", "type": "seen", "source": "https://t.me/cibsecurity/16870", "content": "\u203c CVE-2020-29043 \u203c\n\nAn issue was discovered in BigBlueButton through 2.2.29. When at attacker is able to view an account_activations/edit?token= URI, the attacker can create an approved user account associated with an email address that has an arbitrary domain name.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-26T20:48:58.000000Z"}, {"uuid": "9f566c60-99be-459c-b66f-750ae04d16bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-29040", "type": "seen", "source": "https://t.me/cibsecurity/16795", "content": "\u203c CVE-2020-29040 \u203c\n\nAn issue was discovered in Xen through 4.14.x allowing x86 HVM guest OS users to cause a denial of service (stack corruption), cause a data leak, or possibly gain privileges because of an off-by-one error. NOTE: this issue is caused by an incorrect fix for CVE-2020-27671.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-24T20:46:56.000000Z"}, {"uuid": "ef25d3fc-c4a1-461c-ab56-c08d750fcaa0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-29041", "type": "seen", "source": "https://t.me/cibsecurity/21720", "content": "\u203c CVE-2020-29041 \u203c\n\nA misconfiguration in Web-Sesame 2020.1.1.3375 allows an unauthenticated attacker to download the source code of the application, facilitating its comprehension (code review). Specifically, JavaScript source maps were inadvertently included in the production Webpack configuration. These maps contain sources used to generate the bundle, configuration settings (e.g., API keys), and developers' comments.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-01-07T00:39:39.000000Z"}, {"uuid": "76999e45-ffaa-4d77-af09-b981d60baa13", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-29042", "type": "seen", "source": "https://t.me/cibsecurity/16875", "content": "\u203c CVE-2020-29042 \u203c\n\nAn issue was discovered in BigBlueButton through 2.2.29. A brute-force attack may occur because an unlimited number of codes can be entered for a meeting that is protected by an access code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-26T20:49:06.000000Z"}]}