{"vulnerability": "CVE-2020-2112", "sightings": [{"uuid": "083c91df-f122-4e72-beb3-47e0805c04fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-21121", "type": "seen", "source": "https://t.me/cibsecurity/28930", "content": "\u203c CVE-2020-21121 \u203c\n\nPligg CMS 2.0.2 contains a time-based SQL injection vulnerability via the $recordIDValue parameter in the admin_update_module_widgets.php file.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-15T20:22:19.000000Z"}, {"uuid": "231aaf32-cc87-4fa6-b843-d68a376f119a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-21127", "type": "seen", "source": "https://t.me/cibsecurity/28916", "content": "\u203c CVE-2020-21127 \u203c\n\nMetInfo 7.0.0 contains a SQL injection vulnerability via admin/?n=logs&amp;c=index&amp;a=dodel.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-15T20:22:02.000000Z"}, {"uuid": "fd45a6f9-517b-42fd-a2dc-93a584196125", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-21126", "type": "seen", "source": "https://t.me/cibsecurity/28918", "content": "\u203c CVE-2020-21126 \u203c\n\nMetInfo 7.0.0 contains a Cross-Site Request Forgery (CSRF) via admin/?n=admin&amp;c=index&amp;a=doSaveInfo.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-15T20:22:04.000000Z"}, {"uuid": "a610ad6e-deb1-4efb-ab74-3ba341c743e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-21125", "type": "seen", "source": "https://t.me/cibsecurity/28915", "content": "\u203c CVE-2020-21125 \u203c\n\nAn arbitrary file creation vulnerability in UReport 2.2.9 allows attackers to execute arbitrary code.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-15T20:22:00.000000Z"}, {"uuid": "3ac6ba0a-93a7-4171-916d-f1b7ade704d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-21122", "type": "seen", "source": "https://t.me/cibsecurity/28914", "content": "\u203c CVE-2020-21122 \u203c\n\nUReport v2.2.9 contains a Server-Side Request Forgery (SSRF) in the designer page which allows attackers to detect intranet device ports.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-15T20:21:59.000000Z"}, {"uuid": "e65429fc-1da7-44c8-8674-1654bcc780d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-21124", "type": "seen", "source": "https://t.me/cibsecurity/28917", "content": "\u203c CVE-2020-21124 \u203c\n\nUReport 2.2.9 allows attackers to execute arbitrary code due to a lack of access control to the designer page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-09-15T20:22:03.000000Z"}, {"uuid": "2ac8e3fd-4435-4cc8-a068-263a429c9078", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-21120", "type": "seen", "source": "https://t.me/cibsecurity/58298", "content": "\u203c CVE-2020-21120 \u203c\n\nSQL Injection vulnerability in file home\\controls\\cart.class.php in UQCMS 2.1.3, allows attackers execute arbitrary commands via the cookie_cart parameter to /index.php/cart/num.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2023-02-16T00:37:03.000000Z"}]}