{"vulnerability": "cve-2020-2314", "sightings": [{"uuid": "99290f09-a41c-4c28-86cf-95482bcbceda", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-2314", "type": "seen", "source": "https://t.me/cibsecurity/15831", "content": "\u203c CVE-2020-2314 \u203c\n\nJenkins AppSpider Plugin 1.0.12 and earlier stores a password unencrypted in its global configuration file on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-04T18:42:22.000000Z"}, {"uuid": "9cad28a0-a3b9-4b23-8fa9-54a0906b6f40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-23149", "type": "seen", "source": "https://t.me/cibsecurity/27039", "content": "\u203c CVE-2020-23149 \u203c\n\nThe dbName parameter in ajaxDbInstall.php of rConfig 3.9.5 is unsanitized, allowing attackers to perform a SQL injection and access sensitive database information.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-10T02:50:54.000000Z"}, {"uuid": "b1524d09-2c6d-4cb1-b5e2-577f9f34b7a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-23140", "type": "seen", "source": "https://t.me/cibsecurity/16040", "content": "\u203c CVE-2020-23140 \u203c\n\nMicroweber 1.1.18 is affected by insufficient session expiration. When changing passwords, both sessions for when a user changes email and old sessions in any other browser or device, the session does not expire and remains active.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-09T20:55:31.000000Z"}]}