{"uuid": "a03abd55-9861-4156-84b0-b7b82acd8a81", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2020-8417", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/611", "content": "#exploit\n1. CVE-2020-7471:\nDjango 1.11 - 1.11.28, 2.2 - 2.2.10, 3.0 - 3.0.3 StringAgg SQL Injection\nhttps://github.com/secoba/DjVul_StringAgg \n\n2. CVE-2020-8417:\nCode Snippets plugin <2.14.0 for WordPress allows CSRF because of the lack of a Referer check on the import menu\nhttps://github.com/vulncrate/wp-codesnippets-cve-2020-8417\nhttps://github.com/Vulnmachines/WordPress_CVE-2020-8417 \n\n3. CVE-2020-9273:\nIn ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel\nhttps://github.com/ptef/CVE-2020-9273", "creation_timestamp": "2024-03-13T13:46:38.000000Z"}