https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Mon, 04 May 2026 01:58:50 +0000 https://db.gcve.eu/sighting/767619fd-d355-418a-8e9a-f70608632b51/export {"uuid": "767619fd-d355-418a-8e9a-f70608632b51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-11579", "type": "published-proof-of-concept", "source": "https://t.me/cKure/1571", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 PHPKB 9.0 Enterprise Edition (MySQL database)\u00a0is affected by an unauthenticated arbitrary file disclosure via a malicious MySQL Server.\nA remote attacker can read any file on a remote victim host with web-server privileges (e.g.\u00a0www-data), via a single HTTP GET request.\nRead more at\u00a0https://shielder.it/blog/mysql-and-cve-2020-11579-exploitation\n\nhttps://github.com/ShielderSec/CVE-2020-11579", "creation_timestamp": "2020-07-30T09:59:08.000000Z"} {"uuid": "767619fd-d355-418a-8e9a-f70608632b51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-11579", "type": "published-proof-of-concept", "source": "https://t.me/cKure/1571", "content": "\u25a0\u25a0\u25a0\u25a1\u25a1 PHPKB 9.0 Enterprise Edition (MySQL database)\u00a0is affected by an unauthenticated arbitrary file disclosure via a malicious MySQL Server.\nA remote attacker can read any file on a remote victim host with web-server privileges (e.g.\u00a0www-data), via a single HTTP GET request.\nRead more at\u00a0https://shielder.it/blog/mysql-and-cve-2020-11579-exploitation\n\nhttps://github.com/ShielderSec/CVE-2020-11579", "creation_timestamp": "2020-07-30T09:59:08.000000Z"} https://db.gcve.eu/sighting/767619fd-d355-418a-8e9a-f70608632b51/export Thu, 30 Jul 2020 09:59:08 +0000 https://db.gcve.eu/sighting/ae0e27cf-b720-474f-86d3-b27c94b2a304/export {"uuid": "ae0e27cf-b720-474f-86d3-b27c94b2a304", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-11579", "type": "seen", "source": "https://t.me/cibsecurity/14466", "content": "ATENTION\u203c New - CVE-2020-11579\n\nAn issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php (part of the installation process) allows a remote unauthenticated attacker to disclose local files on hosts running PHP before 7.2.16, or on hosts where the MySQL ALLOW LOCAL DATA INFILE option is enabled.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-09-03T22:55:16.000000Z"} {"uuid": "ae0e27cf-b720-474f-86d3-b27c94b2a304", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-11579", "type": "seen", "source": "https://t.me/cibsecurity/14466", "content": "ATENTION\u203c New - CVE-2020-11579\n\nAn issue was discovered in Chadha PHPKB 9.0 Enterprise Edition. installer/test-connection.php (part of the installation process) allows a remote unauthenticated attacker to disclose local files on hosts running PHP before 7.2.16, or on hosts where the MySQL ALLOW LOCAL DATA INFILE option is enabled.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-09-03T22:55:16.000000Z"} https://db.gcve.eu/sighting/ae0e27cf-b720-474f-86d3-b27c94b2a304/export Thu, 03 Sep 2020 22:55:16 +0000 https://db.gcve.eu/sighting/69db3e88-c956-40f5-868f-84275113ef8c/export {"uuid": "69db3e88-c956-40f5-868f-84275113ef8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-11579", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/1500", "content": "#Red_Team_Tactics\n1. Exfiltration through MySQL and CVE-2020-11579 (PoC)\nhttps://www.shielder.it/blog/mysql-and-cve-2020-11579-exploitation\n2. Practical Web Cache Poisoning\nhttps://portswigger.net/research/practical-web-cache-poisoning", "creation_timestamp": "2020-12-30T15:05:25.000000Z"} {"uuid": "69db3e88-c956-40f5-868f-84275113ef8c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-11579", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/1500", "content": "#Red_Team_Tactics\n1. Exfiltration through MySQL and CVE-2020-11579 (PoC)\nhttps://www.shielder.it/blog/mysql-and-cve-2020-11579-exploitation\n2. Practical Web Cache Poisoning\nhttps://portswigger.net/research/practical-web-cache-poisoning", "creation_timestamp": "2020-12-30T15:05:25.000000Z"} https://db.gcve.eu/sighting/69db3e88-c956-40f5-868f-84275113ef8c/export Wed, 30 Dec 2020 15:05:25 +0000 https://db.gcve.eu/sighting/e5848df2-5f99-4c94-9a93-4d518bf5e66f/export {"uuid": "e5848df2-5f99-4c94-9a93-4d518bf5e66f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-11579", "type": "exploited", "source": "https://t.me/CyberSecurityTechnologies/1507", "content": "#Red_Team_Tactics\n1. New iOS kernel exploitation technique that turns a one-byte controlled heap overflow directly into a read/write primitive for arbitrary physical addresses (PoC)\nhttps://googleprojectzero.blogspot.com/2020/07/one-byte-to-rule-them-all.html\n2. Exploit code for CVE-2020-11579, an arbitrary file disclosure through the MySQL client in PHPKB\nhttps://github.com/ShielderSec/CVE-2020-11579\n3. Zoom Security Exploit - Cracking private meeting passwords\nhttps://www.tomanthony.co.uk/blog/zoom-security-exploit-crack-private-meeting-passwords", "creation_timestamp": "2022-06-09T03:08:53.000000Z"} {"uuid": "e5848df2-5f99-4c94-9a93-4d518bf5e66f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-11579", "type": "exploited", "source": "https://t.me/CyberSecurityTechnologies/1507", "content": "#Red_Team_Tactics\n1. New iOS kernel exploitation technique that turns a one-byte controlled heap overflow directly into a read/write primitive for arbitrary physical addresses (PoC)\nhttps://googleprojectzero.blogspot.com/2020/07/one-byte-to-rule-them-all.html\n2. Exploit code for CVE-2020-11579, an arbitrary file disclosure through the MySQL client in PHPKB\nhttps://github.com/ShielderSec/CVE-2020-11579\n3. Zoom Security Exploit - Cracking private meeting passwords\nhttps://www.tomanthony.co.uk/blog/zoom-security-exploit-crack-private-meeting-passwords", "creation_timestamp": "2022-06-09T03:08:53.000000Z"} https://db.gcve.eu/sighting/e5848df2-5f99-4c94-9a93-4d518bf5e66f/export Thu, 09 Jun 2022 03:08:53 +0000