{"vulnerability": "CVE-2020-20295", "sightings": [{"uuid": "1aa5fa1d-b1c0-4234-a236-bbf3586c735a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-20295", "type": "seen", "source": "https://t.me/cibsecurity/22914", "content": "\u203c CVE-2020-20295 \u203c\n\nAn issue was found in CMSWing project version 1.3.8. Because the updateAction function does not check the detail parameter, malicious parameters can execute arbitrary SQL commands.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-02-01T21:25:13.000000Z"}]}