{"vulnerability": "CVE-2020-2227", "sightings": [{"uuid": "5266ac02-5d65-46a3-a043-28c95852bd52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-22274", "type": "seen", "source": "https://t.me/cibsecurity/15834", "content": "\u203c CVE-2020-22274 \u203c\n\nJomSocial (Joomla Social Network Extention) 4.7.6 allows CSV injection via a customer's profile.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-04T20:44:11.000000Z"}, {"uuid": "dff69f27-f5d6-4025-9f0e-487759ef6c15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-22273", "type": "seen", "source": "https://t.me/cibsecurity/15835", "content": "\u203c CVE-2020-22273 \u203c\n\nNeoflex Video Subscription System Version 2.0 is affected by CSRF which allows the Website's Settings to be changed (such as Payment Settings)\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-04T20:44:13.000000Z"}, {"uuid": "02ba3abc-27ed-40c2-a1a3-8d69a4efa6ad", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-22276", "type": "seen", "source": "https://t.me/cibsecurity/15836", "content": "\u203c CVE-2020-22276 \u203c\n\nWeForms Wordpress Plugin 1.4.7 allows CSV injection via a form's entry.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-04T20:44:14.000000Z"}, {"uuid": "fd05ac53-78ff-4a53-9c9e-6b2e09ef641a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-22278", "type": "seen", "source": "https://t.me/cibsecurity/15837", "content": "\u203c CVE-2020-22278 \u203c\n\nphpMyAdmin through 5.0.2 allows CSV injection via Export Section\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-04T20:44:14.000000Z"}, {"uuid": "3c2524e8-3e0f-438b-83fc-cb3f3091f8f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-22275", "type": "seen", "source": "https://t.me/cibsecurity/15838", "content": "\u203c CVE-2020-22275 \u203c\n\nEasy Registration Forms (ER Forms) Wordpress Plugin 2.0.6 allows an attacker to submit an entry with malicious CSV commands. After that, when the system administrator generates CSV output from the forms information, there is no check on this inputs and the codes are executable.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-11-04T20:44:16.000000Z"}]}