{"vulnerability": "CVE-2020-2923", "sightings": [{"uuid": "c066a8d2-efb2-48a5-930f-24e02ac6740d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-29233", "type": "exploited", "source": "https://www.exploit-db.com/exploits/49085", "content": "", "creation_timestamp": "2020-11-20T00:00:00.000000Z"}, {"uuid": "77a4d671-7b61-4fda-8fc7-844d43d510db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-29238", "type": "seen", "source": "MISP/c8d078cb-4f20-4e28-ba79-22d6ac6a34a8", "content": "", "creation_timestamp": "2024-11-14T06:09:50.000000Z"}, {"uuid": "f7c0524d-a43f-4a9e-8d9d-c979fc6b5c66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-29238", "type": "published-proof-of-concept", "source": "https://t.me/pwnwiki_zhchannel/168", "content": "CVE-2020-29238 ExpressVPN VPN Router 1.0 \u8def\u7531\u5668\u9762\u677f\u6ea2\u51fa\u6f0f\u6d1e\nhttps://www.pwnwiki.org/index.php?title=CVE-2020-29238_ExpressVPN_VPN_Router_1.0_%E8%B7%AF%E7%94%B1%E5%99%A8%E9%9D%A2%E6%9D%BF%E6%BA%A2%E5%87%BA%E6%BC%8F%E6%B4%9E", "creation_timestamp": "2021-09-21T06:42:48.000000Z"}, {"uuid": "1e0191e3-57fa-4569-9714-bc76f74fef79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-29238", "type": "seen", "source": "https://t.me/cibsecurity/24669", "content": "\u203c CVE-2020-29238 \u203c\n\nAn integer buffer overflow in the Nginx webserver of ExpressVPN Router version 1 allows remote attackers to obtain sensitive information when the server running as reverse proxy via specially crafted request.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-03-10T07:52:14.000000Z"}, {"uuid": "90e794ef-8943-4bff-9de9-803a591e436f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-29239", "type": "seen", "source": "https://t.me/cibsecurity/17047", "content": "\u203c CVE-2020-29239 \u203c\n\nOnline Birth Certificate System Project V 1.0 is affected by cross-site scripting (XSS). This vulnerability can result in an attacker injecting the XSS payload in the User Registration section. When an admin visits the View Detail of Application section from the admin panel, the attacker can able to steal the cookie according to the crafted payload.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-02T20:55:17.000000Z"}]}