{"vulnerability": "CVE-2020-3531", "sightings": [{"uuid": "c5640d29-adee-45ab-8e7e-2261eb8312df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-35313", "type": "published-proof-of-concept", "source": "https://t.me/thebugbountyhunter/6693", "content": "WonderCMS 3.1.3 Vulnerable To Authenticated Server-Side Request Forgery \u2013 CVE-2020-35313\n\nhttps://blog.securelayer7.net/wondercms-3-1-3-vulnerable-to-authenticated-server-side-request-forgery/", "creation_timestamp": "2022-12-07T08:32:54.000000Z"}, {"uuid": "b7ea2334-4f5e-49d5-a06f-e8e4321da4b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-3531", "type": "seen", "source": "https://t.me/cibsecurity/16551", "content": "\u203c CVE-2020-3531 \u203c\n\nA vulnerability in the REST API of Cisco IoT Field Network Director (FND) could allow an unauthenticated, remote attacker to access the back-end database of an affected system. The vulnerability exists because the affected software does not properly authenticate REST API calls. An attacker could exploit this vulnerability by obtaining a cross-site request forgery (CSRF) token and then using the token with REST API requests. A successful exploit could allow the attacker to access the back-end database of the affected device and read, alter, or drop information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-18T22:40:41.000000Z"}]}