{"vulnerability": "CVE-2020-3654", "sightings": [{"uuid": "33e5e03b-b894-4319-92f6-c6348e2e1a4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-36547", "type": "seen", "source": "https://t.me/cibsecurity/44719", "content": "\u203c CVE-2020-36547 \u203c\n\nA vulnerability was found in GE Voluson S8. It has been rated as critical. This issue affects the Service Browser which itroduces hard-coded credentials. Attacking locally is a requirement. It is recommended to change the configuration settings.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-17T16:23:28.000000Z"}, {"uuid": "ae3a9d6e-3a8b-4918-9a15-7c1e5b6e1b20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-36549", "type": "seen", "source": "https://t.me/cibsecurity/44732", "content": "\u203c CVE-2020-36549 \u203c\n\nA vulnerability classified as critical was found in GE Voluson S8. Affected is the underlying Windows XP operating system. Missing patches might introduce an excessive attack surface. Access to the local network is required for this attack to succeed.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-17T16:23:43.000000Z"}, {"uuid": "31500ce6-184d-4614-bcb9-3711ccc11d12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-36548", "type": "seen", "source": "https://t.me/cibsecurity/44720", "content": "\u203c CVE-2020-36548 \u203c\n\nA vulnerability classified as problematic has been found in GE Voluson S8. Affected is the file /uscgi-bin/users.cgi of the Service Browser. The manipulation leads to improper authentication and elevated access possibilities. It is possible to launch the attack on the local host.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-17T16:23:29.000000Z"}, {"uuid": "2f459c7f-3c20-4c6a-813e-b4eaca7372b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-36543", "type": "seen", "source": "https://t.me/cibsecurity/43986", "content": "\u203c CVE-2020-36543 \u203c\n\nA vulnerability, which was classified as critical, was found in SialWeb CMS. This affects an unknown part of the file /about.php. The manipulation of the argument Id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-08T12:45:06.000000Z"}, {"uuid": "f7196246-aade-42ea-bba4-aec78daaad14", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-36541", "type": "seen", "source": "https://t.me/cibsecurity/43955", "content": "\u203c CVE-2020-36541 \u203c\n\nA vulnerability was found in Demokratian. It has been rated as critical. Affected by this issue is some unknown functionality of the file basicos_php/genera_select.php. The manipulation of the argument id_provincia with the input -1%20union%20all%20select%201,2,3,4,database() leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2022-06-07T22:31:32.000000Z"}]}