{"uuid": "767619fd-d355-418a-8e9a-f70608632b51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-11579", "type": "published-proof-of-concept", "source": "https://t.me/cKure/1571", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 PHPKB 9.0 Enterprise Edition (MySQL database)\u00a0is affected by an unauthenticated arbitrary file disclosure via a malicious MySQL Server.\nA remote attacker can read any file on a remote victim host with web-server privileges (e.g.\u00a0www-data), via a single HTTP GET request.\nRead more at\u00a0https://shielder.it/blog/mysql-and-cve-2020-11579-exploitation\n\nhttps://github.com/ShielderSec/CVE-2020-11579", "creation_timestamp": "2020-07-30T09:59:08.000000Z"}