{"vulnerability": "CVE-2020-18917", "sightings": [{"uuid": "9fbbd58e-d4e4-4949-bb87-7f6982f8c4d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-18917", "type": "seen", "source": "https://t.me/cibsecurity/27853", "content": "\u203c CVE-2020-18917 \u203c\n\nThe plus/search.php component in DedeCMS 5.7 SP2 allows remote attackers to execute arbitrary PHP code via the typename parameter because the contents of typename.inc are under an attacker's control.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-08-25T00:23:36.000000Z"}]}