{"vulnerability": "CVE-2020-7471", "sightings": [{"uuid": "8cb297a9-0262-421c-8aa3-5413d43e389a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7471", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/611", "content": "#exploit\n1. CVE-2020-7471:\nDjango 1.11 - 1.11.28, 2.2 - 2.2.10, 3.0 - 3.0.3 StringAgg SQL Injection\nhttps://github.com/secoba/DjVul_StringAgg \n\n2. CVE-2020-8417:\nCode Snippets plugin <2.14.0 for WordPress allows CSRF because of the lack of a Referer check on the import menu\nhttps://github.com/vulncrate/wp-codesnippets-cve-2020-8417\nhttps://github.com/Vulnmachines/WordPress_CVE-2020-8417 \n\n3. CVE-2020-9273:\nIn ProFTPD 1.3.7, it is possible to corrupt the memory pool by interrupting the data transfer channel\nhttps://github.com/ptef/CVE-2020-9273", "creation_timestamp": "2024-03-13T13:46:38.000000Z"}, {"uuid": "fcf72d2c-8167-4a7d-b155-689e11b4cb77", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-7471", "type": "seen", "source": "https://gist.github.com/aw-junaid/ed30afd1f8d04325e68a70aa2e002932", "content": "", "creation_timestamp": "2026-01-30T19:25:35.000000Z"}]}