{"vulnerability": "CVE-2020-2915", "sightings": [{"uuid": "8cecff99-574a-4e68-a3cd-279efae42741", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2915", "type": "published-proof-of-concept", "source": "Telegram/5T9p9Zashh8_t2QaMEcrWCxGmV69ND__6VmH0ET2CJ3Gp-A", "content": "", "creation_timestamp": "2023-03-14T09:24:23.000000Z"}, {"uuid": "f01a7b3b-21a9-4556-981b-1c4c12b567ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-29159", "type": "seen", "source": "https://t.me/cibsecurity/21339", "content": "\u203c CVE-2020-29159 \u203c\n\nAn issue was discovered in Zammad before 3.5.1. The default signup Role (for newly created Users) can be a privileged Role, if configured by an admin. This behvaior was unintended.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-28T12:28:31.000000Z"}, {"uuid": "119054c3-8f4d-4b95-878f-78445e4c26b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-29157", "type": "seen", "source": "https://t.me/cibsecurity/26170", "content": "\u203c CVE-2020-29157 \u203c\n\nAn issue in RAONWIZ K Editor v2018.0.0.10 allows attackers to perform a DLL hijacking attack when the service or system is restarted.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-07-15T00:25:39.000000Z"}, {"uuid": "470d0549-c323-4a0e-a090-0ed076b2830f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-29158", "type": "seen", "source": "https://t.me/cibsecurity/21330", "content": "\u203c CVE-2020-29158 \u203c\n\nAn issue was discovered in Zammad before 3.5.1. An Agent with Customer permissions in a Group can bypass intended access control on internal Articles via the Ticket detail view.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-28T12:28:22.000000Z"}, {"uuid": "e1640c5b-b11a-4018-a344-e6e9f96ad0f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-29156", "type": "seen", "source": "https://t.me/cibsecurity/21327", "content": "\u203c CVE-2020-29156 \u203c\n\nThe WooCommerce plugin before 4.7.0 for WordPress allows remote attackers to view the status of arbitrary orders via the order_id parameter in a fetch_order_status action.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-27T22:27:51.000000Z"}, {"uuid": "50954a2e-d0a3-41b0-b2cc-f5e5d9b4eb65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2915", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/7921", "content": "#exploit\n1. CVE-2020-2546, CVE-2020-2915,\nCVE-2020-2801, CVE-2020-2798,\nCVE-2020-2883, CVE-2020-2884,\nCVE-2020-2950:\nWebLogic T3 payload exploit PoC python3\nhttps://github.com/hktalent/CVE_2020_2546\n\n2. Tips, Tricks, and Scripts for Linux Post Exploitation\nhttps://github.com/regorsec/Linux-Post-Exploitation\n\n3. CVE-2023-23488:\nUnauthenticated SQL Injection - Paid Memberships Pro < 2.9.8 (WordPress Plugin)\nhttps://github.com/r3nt0n/CVE-2023-23488-PoC", "creation_timestamp": "2023-03-13T22:21:06.000000Z"}]}