{"vulnerability": "cve-2020-3561", "sightings": [{"uuid": "c79acc2b-ba9e-4aed-b3cc-a47356fb8af5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-35613", "type": "published-proof-of-concept", "source": "Telegram/ELp7-iIDiecmdH1RYNFuXslf5yrqKKOhnw0CBvUrc8AgfQ", "content": "", "creation_timestamp": "2021-01-07T21:17:36.000000Z"}, {"uuid": "220d562b-adf5-4eae-b43e-fd2135e4cc21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-35616", "type": "published-proof-of-concept", "source": "https://t.me/pwnwiki_zhchannel/19", "content": "CVE-2020-35616 Joomla ACL Privilege Escalation\u6f0f\u6d1e\nhttps://www.pwnwiki.org/index.php?title=CVE-2020-35616_Joomla_ACL_Privilege_Escalation%E6%BC%8F%E6%B4%9E", "creation_timestamp": "2021-09-21T06:42:55.000000Z"}, {"uuid": "28e413de-635f-4ed5-aa48-e6a040252db7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-35611", "type": "seen", "source": "https://t.me/cibsecurity/21365", "content": "\u203c CVE-2020-35611 \u203c\n\nAn issue was discovered in Joomla! 2.5.0 through 3.9.22. The globlal configuration page does not remove secrets from the HTML output, disclosing the current values.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-28T22:28:54.000000Z"}, {"uuid": "b1dd720a-7e51-4396-ab06-c021d68e902f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-35613", "type": "seen", "source": "https://t.me/cibsecurity/21364", "content": "\u203c CVE-2020-35613 \u203c\n\nAn issue was discovered in Joomla! 3.0.0 through 3.9.22. Improper filter blacklist configuration leads to a SQL injection vulnerability in the backend user list.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-28T22:28:53.000000Z"}, {"uuid": "be83a9e0-5fa9-44ed-9ad0-82d663f88702", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-35614", "type": "seen", "source": "https://t.me/cibsecurity/21362", "content": "\u203c CVE-2020-35614 \u203c\n\nAn issue was discovered in Joomla! 3.9.0 through 3.9.22. Improper handling of the username leads to a user enumeration attack vector in the backend login page.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-28T22:28:49.000000Z"}, {"uuid": "8718a613-aa6b-4762-9243-7e08955c64e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-35616", "type": "seen", "source": "https://t.me/cibsecurity/21361", "content": "\u203c CVE-2020-35616 \u203c\n\nAn issue was discovered in Joomla! 1.7.0 through 3.9.22. Lack of input validation while handling ACL rulesets can cause write ACL violations.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-28T22:28:48.000000Z"}, {"uuid": "47515cd7-be50-4f83-88cf-1dabe26ed515", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-35610", "type": "seen", "source": "https://t.me/cibsecurity/21367", "content": "\u203c CVE-2020-35610 \u203c\n\nAn issue was discovered in Joomla! 2.5.0 through 3.9.22. The autosuggestion feature of com_finder did not respect the access level of the corresponding terms.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-28T22:28:56.000000Z"}, {"uuid": "84ef81cb-30ff-4471-beca-f7a50b6d014f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-35615", "type": "seen", "source": "https://t.me/cibsecurity/21372", "content": "\u203c CVE-2020-35615 \u203c\n\nAn issue was discovered in Joomla! 2.5.0 through 3.9.22. A missing token check in the emailexport feature of com_privacy causes a CSRF vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-28T22:29:00.000000Z"}, {"uuid": "a63d485a-85ed-4b3d-b296-ef1043bbc1b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-35612", "type": "seen", "source": "https://t.me/cibsecurity/21371", "content": "\u203c CVE-2020-35612 \u203c\n\nAn issue was discovered in Joomla! 2.5.0 through 3.9.22. The folder parameter of mod_random_image lacked input validation, leading to a path traversal vulnerability.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-12-28T22:28:59.000000Z"}, {"uuid": "c8a70a48-efeb-430a-9d1b-7a1250e2f9ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-35616", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/2371", "content": "#exploit\nCVE-2020-35616:\nJoomla ACL Security Vulnerabilities\nhttps://blog.securelayer7.net/latest-joomla-exploit-cve-2020-35616-acl-security-vulnerabilities", "creation_timestamp": "2022-06-29T03:38:28.000000Z"}, {"uuid": "dcef0712-297a-48a3-af1a-362844f0b56d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-35613", "type": "seen", "source": "MISP/8d084367-868d-4100-a588-b67adcb550df", "content": "", "creation_timestamp": "2024-11-14T06:07:35.000000Z"}]}