{"vulnerability": "cve-2020-1995", "sightings": [{"uuid": "6c3c94c7-60a0-4174-954d-0158b5b40065", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-19952", "type": "seen", "source": "https://t.me/cibsecurity/68359", "content": "\u203c CVE-2020-19952 \u203c\n\nCross Site Scripting (XSS) vulnerability in Rendering Engine in jbt Markdown Editor thru commit 2252418c27dffbb35147acd8ed324822b8919477, allows remote attackers to execute arbirary code via crafted payload or opening malicious .md file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-08-11T18:17:03.000000Z"}, {"uuid": "7772a366-79ae-47e5-8b2f-9c529a3c2062", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-19957", "type": "seen", "source": "https://t.me/cibsecurity/30568", "content": "\u203c CVE-2020-19957 \u203c\n\nA SQL injection vulnerability has been discovered in zz cms version 2019 which allows attackers to retrieve sensitive data via the id parameter on the /dl/dl_print.php page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-14T18:27:46.000000Z"}, {"uuid": "dc0c4230-6f26-4ded-8482-633b93cbb262", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-19959", "type": "seen", "source": "https://t.me/cibsecurity/30572", "content": "\u203c CVE-2020-19959 \u203c\n\nA SQL injection vulnerability has been discovered in zz cms version 2019 which allows attackers to retrieve sensitive data via the dlid parameter in the /dl/dl_sendmail.php page cookie.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-14T18:27:53.000000Z"}, {"uuid": "412d200b-807d-4dd6-8bf1-b566dbcb583b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-19954", "type": "seen", "source": "https://t.me/cibsecurity/30569", "content": "\u203c CVE-2020-19954 \u203c\n\nAn XML External Entity (XXE) vulnerability was discovered in /api/notify.php in S-CMS 3.0 which allows attackers to read arbitrary files.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-10-14T18:27:47.000000Z"}, {"uuid": "c60f9279-c34d-46b7-9fd1-a4bdb1979b68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-19950", "type": "seen", "source": "https://t.me/cibsecurity/29348", "content": "\u203c CVE-2020-19950 \u203c\n\nA cross-site scripting (XSS) vulnerability in the /banner/add.html component of YzmCMS v5.3 allows attackers to execute arbitrary web scripts or HTML.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-24T00:30:14.000000Z"}, {"uuid": "b60f704e-f68d-412e-88b4-8f8494a94e15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-19951", "type": "seen", "source": "https://t.me/cibsecurity/29347", "content": "\u203c CVE-2020-19951 \u203c\n\nA cross-site request forgery (CSRF) in /controller/pay.class.php of YzmCMS v5.5 allows attackers to access sensitive components of the application.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-24T00:30:11.000000Z"}]}