{"vulnerability": "cve-2020-2841", "sightings": [{"uuid": "fb35a3df-1693-4025-9d26-d3030efd62ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-28419", "type": "seen", "source": "https://t.me/cibsecurity/32117", "content": "\u203c CVE-2020-28419 \u203c\n\nDuring installation with certain driver software or application packages an arbitrary code execution could occur.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-09T22:35:18.000000Z"}, {"uuid": "dd5ae1d9-25e6-4afa-bd86-4db805e7868f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-28416", "type": "seen", "source": "https://t.me/cibsecurity/31782", "content": "\u203c CVE-2020-28416 \u203c\n\nHP has identified a security vulnerability with the I.R.I.S. OCR (Optical Character Recognition) software available with HP PageWide and OfficeJet printer software installations that could potentially allow unauthorized local code execution.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2021-11-03T23:23:35.000000Z"}, {"uuid": "ee68bdc9-a0e1-4528-9a1c-21ccc20a15b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-28413", "type": "seen", "source": "https://t.me/cibsecurity/21432", "content": "\u203c CVE-2020-28413 \u203c\n\nIn MantisBT 2.24.3, SQL Injection can occur in the parameter \"access\" of the mc_project_get_users function through the API SOAP.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-31T00:30:50.000000Z"}, {"uuid": "af19710e-99b1-4e4c-8e5b-c6399c14019a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-28415", "type": "seen", "source": "https://t.me/cibsecurity/16266", "content": "\u203c CVE-2020-28414 \u203c\n\nA reflected cross-site scripting (XSS) vulnerability exists in the TranzWare Payment Gateway 3.1.12.3.2. A remote unauthenticated attacker is able to execute arbitrary HTML code via crafted url (different vector than CVE-2020-28415).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-12T22:32:13.000000Z"}, {"uuid": "e4780b45-9710-47c5-9f13-73acba712a41", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-28414", "type": "seen", "source": "https://t.me/cibsecurity/16266", "content": "\u203c CVE-2020-28414 \u203c\n\nA reflected cross-site scripting (XSS) vulnerability exists in the TranzWare Payment Gateway 3.1.12.3.2. A remote unauthenticated attacker is able to execute arbitrary HTML code via crafted url (different vector than CVE-2020-28415).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-12T22:32:13.000000Z"}, {"uuid": "bda3e76a-7fc6-4cff-9624-705c37d6a8f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-28415", "type": "seen", "source": "https://t.me/cibsecurity/16268", "content": "\u203c CVE-2020-28415 \u203c\n\nA reflected cross-site scripting (XSS) vulnerability exists in the TranzWare Payment Gateway 3.1.12.3.2. A remote unauthenticated attacker is able to execute arbitrary HTML code via crafted url (different vector than CVE-2020-28414).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-12T22:32:15.000000Z"}, {"uuid": "c352e3a3-c9ca-4a94-beb4-0b3025deef50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-28414", "type": "seen", "source": "https://t.me/cibsecurity/16268", "content": "\u203c CVE-2020-28415 \u203c\n\nA reflected cross-site scripting (XSS) vulnerability exists in the TranzWare Payment Gateway 3.1.12.3.2. A remote unauthenticated attacker is able to execute arbitrary HTML code via crafted url (different vector than CVE-2020-28414).\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-12T22:32:15.000000Z"}]}