{"vulnerability": "CVE-2019-13294", "sightings": [{"uuid": "af11af67-040c-49ad-84a5-853f4fb58746", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2019-13294", "type": "seen", "source": "https://t.me/cveNotify/216", "content": "\ud83d\udea8 #CVE-2019-13294\nAROX School-ERP Pro has a command execution vulnerability. import_stud.php and upload_fille.php do not have session control. Therefore an unauthenticated user can execute a command on the system. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13294\n\n\ud83c\udf96@cveNotify", "creation_timestamp": "2019-07-05T01:59:52.000000Z"}]}