https://db.gcve.eu/sightings/feed 2026-05-04T00:58:53.218653+00:00 Vulnerability-Lookup info@gcve.eu python-feedgen Contains only the most 10 recent sightings. https://db.gcve.eu/sighting/767619fd-d355-418a-8e9a-f70608632b51/export 2026-05-04T00:58:53.635773+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "767619fd-d355-418a-8e9a-f70608632b51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-11579", "type": "published-proof-of-concept", "source": "https://t.me/cKure/1571", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 PHPKB 9.0 Enterprise Edition (MySQL database)\u00a0is affected by an unauthenticated arbitrary file disclosure via a malicious MySQL Server.\nA remote attacker can read any file on a remote victim host with web-server privileges (e.g.\u00a0www-data), via a single HTTP GET request.\nRead more at\u00a0https://shielder.it/blog/mysql-and-cve-2020-11579-exploitation\n\nhttps://github.com/ShielderSec/CVE-2020-11579", "creation_timestamp": "2020-07-30T09:59:08.000000Z"} 2020-07-30T09:59:08+00:00 https://db.gcve.eu/sighting/ae0e27cf-b720-474f-86d3-b27c94b2a304/export 2026-05-04T00:58:53.635618+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "ae0e27cf-b720-474f-86d3-b27c94b2a304", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-11579", "type": "seen", "source": "https://t.me/cibsecurity/14466", "content": "ATENTION\u203c New - CVE-2020-11579\n\nAn issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php (part of the installation process) allows a remote unauthenticated attacker to disclose local files on hosts running PHP before 7.2.16, or on hosts where the MySQL ALLOW LOCAL DATA INFILE option is enabled.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-09-03T22:55:16.000000Z"} 2020-09-03T22:55:16+00:00 https://db.gcve.eu/sighting/69db3e88-c956-40f5-868f-84275113ef8c/export 2026-05-04T00:58:53.635422+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "69db3e88-c956-40f5-868f-84275113ef8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-11579", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/1500", "content": "#Red_Team_Tactics\n1. Exfiltration through MySQL and CVE-2020-11579 (PoC)\nhttps://www.shielder.it/blog/mysql-and-cve-2020-11579-exploitation\n2. Practical Web Cache Poisoning\nhttps://portswigger.net/research/practical-web-cache-poisoning", "creation_timestamp": "2020-12-30T15:05:25.000000Z"} 2020-12-30T15:05:25+00:00 https://db.gcve.eu/sighting/e5848df2-5f99-4c94-9a93-4d518bf5e66f/export 2026-05-04T00:58:53.633506+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "e5848df2-5f99-4c94-9a93-4d518bf5e66f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-11579", "type": "exploited", "source": "https://t.me/CyberSecurityTechnologies/1507", "content": "#Red_Team_Tactics\n1. New iOS kernel exploitation technique that turns a one-byte controlled heap overflow directly into a read/write primitive for arbitrary physical addresses (PoC)\nhttps://googleprojectzero.blogspot.com/2020/07/one-byte-to-rule-them-all.html\n2. Exploit code for CVE-2020-11579, an arbitrary file disclosure through the MySQL client in PHPKB\nhttps://github.com/ShielderSec/CVE-2020-11579\n3. Zoom Security Exploit - Cracking private meeting passwords\nhttps://www.tomanthony.co.uk/blog/zoom-security-exploit-crack-private-meeting-passwords", "creation_timestamp": "2022-06-09T03:08:53.000000Z"} 2022-06-09T03:08:53+00:00