{"vulnerability": "CVE-2024-5717", "sightings": [{"uuid": "cf0a6175-2046-4422-ac85-2805950908e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5717", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113528843661388449", "content": "", "creation_timestamp": "2024-11-22T21:57:58.685349Z"}, {"uuid": "12ce2b1c-fa5b-43f3-94e1-6df6df43f06c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57175", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhc5lfrwag2c", "content": "", "creation_timestamp": "2025-02-03T18:16:06.028730Z"}, {"uuid": "842060ce-9082-433a-bf6f-006b141f1c92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57174", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ljo5njut622r", "content": "", "creation_timestamp": "2025-03-05T23:39:37.697308Z"}, {"uuid": "bdff7c51-938a-4891-9cf0-f2a36af1e845", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57176", "type": "seen", "source": "MISP/9ca82492-7deb-4197-a6f1-191e121eef96", "content": "", "creation_timestamp": "2025-08-25T13:32:04.000000Z"}, {"uuid": "8cae53cf-85db-47ca-b75c-d48cc5503845", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57176", "type": "seen", "source": "https://t.me/cvedetector/18671", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-57176 - White-Jotter Directory Traversal Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-57176 \nPublished : Feb. 21, 2025, 6:15 p.m. | 23\u00a0minutes ago \nDescription : An issue in the shiroFilter function of White-Jotter project v0.2.2 allows attackers to execute a directory traversal and access sensitive endpoints via a crafted URL. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-21T19:46:42.000000Z"}, {"uuid": "bb4e1345-6777-452a-b711-a937765a9e84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57174", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6776", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-57174\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A misconfiguration in Alphion ASEE-1443 Firmware v0.4.H.00.02.15 defines a previously unregistered domain name as the default DNS suffix. This allows attackers to register the unclaimed domain and point its wildcard DNS entry to an attacker-controlled IP address, making it possible to access sensitive information.\n\ud83d\udccf Published: 2025-03-05T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-06T21:55:15.495Z\n\ud83d\udd17 References:\n1. https://chenzw.medium.com/internal-domain-names-f1cd2886c654\n2. https://github.com/geo-chen/BSides-SG-2022---Internal-Domain-Names?tab=readme-ov-file#finding-1---cve-2024-57174-alphion-routers", "creation_timestamp": "2025-03-06T22:33:49.000000Z"}, {"uuid": "3ce2421d-14c3-4e51-b865-5785c409b5c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57171", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9688", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-57151\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: SQL Injection vulnerability in rainrocka xinhu v.2.6.5 and before allows a remote attacker to execute arbitrary code via the inputAction.php file and the saveAjax function\n\ud83d\udccf Published: 2025-03-18T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-31T14:58:46.707Z\n\ud83d\udd17 References:\n1. https://github.com/jcxj/jcxj/blob/master/source/_posts/%E4%BF%A1%E5%91%BCoa%E5%AE%A1%E8%AE%A1.md\n2. https://github.com/l1uyi/cve-list/blob/main/cve-list/xinhu-CVE-2024-57171.md", "creation_timestamp": "2025-03-31T15:31:28.000000Z"}, {"uuid": "125d625a-2acf-421e-85eb-e5adff075912", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57174", "type": "seen", "source": "Telegram/-k3K8XXcyBels88Qkm2GOq6AszuLNYOxgggJJI22u18SGwlH", "content": "", "creation_timestamp": "2025-03-08T04:34:55.000000Z"}, {"uuid": "060a1d9a-4831-4060-b975-1dd727f17e9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5717", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/8622", "content": "Tools - Hackers Factory \n\nEyes is an OSINT tool to get existing accounts from an email\n\nhttps://github.com/N0rz3/Eyes\n\nA wordlist of API names used for fuzzing web application APIs.\n\nhttps://github.com/chrislockard/api_wordlist\n\nSafeLine - Make your web apps secure\n\nhttps://github.com/chaitin/SafeLine\n\nLogsign Unified SecOps Platform: Detection CVE-2024-5716 to CVE-2024-5722 - Exploiting CVE-2024-5716 and CVE-2024-5717, Proof of Concept (PoC)\n\nhttps://github.com/j4nk3/Logsign-RCE\n\nMDUT (Multiple Database Utilization Tools) is a Chinese database cross platform utilization tool that integrates multiple mainstream database types.Based on the foundation of the predecessors SQLTOOLS, this program was developed (a tribute to SQLTOOLS), which aims to integrate common database utilization methods in one program, breaking the barriers that various database utilization tools require various environments and cause considerable inconvenience. In addition, the tool uses JAVAFx as the GUI operation interface, which is beautiful. At the same time, the program also supports simultaneous operation of multiple databases, each of which is independent of each other, which greatly facilitates the use of network security workers.\n\nhttps://github.com/SafeGroceryStore/MDUT\n\nSearch by Image is a browser extension that makes effortless reverse image searches possible, and comes with support for more than 30 search engines.\n\nhttps://github.com/dessant/search-by-image\n\nUnleashing an Ultimate XSS Polyglot\n\nhttps://github.com/0xsobky/HackVault/wiki/Unleashing-an-Ultimate-XSS-Polyglot\n\nBadsectorlabs/sccm-http-looter: Find interesting files stored on (System Center) Configuration Manager (SCCM/CM) shares via HTTP(s)''\n\nhttps://github.com/badsectorlabs/sccm-http-looter\n\nStreaming Overseer: A Telegram Monitoring Tool\n\nhttps://github.com/afolivieri/streaming_overseer\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-08-18T06:23:44.000000Z"}, {"uuid": "8a0ba608-765c-4e26-b2d1-dfa731711d84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5717", "type": "published-proof-of-concept", "source": "https://t.me/dilagrafie/3677", "content": "Tools - Hackers Factory \n\nEyes is an OSINT tool to get existing accounts from an email\n\nhttps://github.com/N0rz3/Eyes\n\nA wordlist of API names used for fuzzing web application APIs.\n\nhttps://github.com/chrislockard/api_wordlist\n\nSafeLine - Make your web apps secure\n\nhttps://github.com/chaitin/SafeLine\n\nLogsign Unified SecOps Platform: Detection CVE-2024-5716 to CVE-2024-5722 - Exploiting CVE-2024-5716 and CVE-2024-5717, Proof of Concept (PoC)\n\nhttps://github.com/j4nk3/Logsign-RCE\n\nMDUT (Multiple Database Utilization Tools) is a Chinese database cross platform utilization tool that integrates multiple mainstream database types.Based on the foundation of the predecessors SQLTOOLS, this program was developed (a tribute to SQLTOOLS), which aims to integrate common database utilization methods in one program, breaking the barriers that various database utilization tools require various environments and cause considerable inconvenience. In addition, the tool uses JAVAFx as the GUI operation interface, which is beautiful. At the same time, the program also supports simultaneous operation of multiple databases, each of which is independent of each other, which greatly facilitates the use of network security workers.\n\nhttps://github.com/SafeGroceryStore/MDUT\n\nSearch by Image is a browser extension that makes effortless reverse image searches possible, and comes with support for more than 30 search engines.\n\nhttps://github.com/dessant/search-by-image\n\nUnleashing an Ultimate XSS Polyglot\n\nhttps://github.com/0xsobky/HackVault/wiki/Unleashing-an-Ultimate-XSS-Polyglot\n\nBadsectorlabs/sccm-http-looter: Find interesting files stored on (System Center) Configuration Manager (SCCM/CM) shares via HTTP(s)''\n\nhttps://github.com/badsectorlabs/sccm-http-looter\n\nStreaming Overseer: A Telegram Monitoring Tool\n\nhttps://github.com/afolivieri/streaming_overseer\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-08-18T06:23:33.000000Z"}, {"uuid": "5a0b58be-796c-49a4-b545-490eb14ebad6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5717", "type": "published-proof-of-concept", "source": "https://t.me/GrayHatsHack/7299", "content": "Tools - Hackers Factory \n\nEyes is an OSINT tool to get existing accounts from an email\n\nhttps://github.com/N0rz3/Eyes\n\nA wordlist of API names used for fuzzing web application APIs.\n\nhttps://github.com/chrislockard/api_wordlist\n\nSafeLine - Make your web apps secure\n\nhttps://github.com/chaitin/SafeLine\n\nLogsign Unified SecOps Platform: Detection CVE-2024-5716 to CVE-2024-5722 - Exploiting CVE-2024-5716 and CVE-2024-5717, Proof of Concept (PoC)\n\nhttps://github.com/j4nk3/Logsign-RCE\n\nMDUT (Multiple Database Utilization Tools) is a Chinese database cross platform utilization tool that integrates multiple mainstream database types.Based on the foundation of the predecessors SQLTOOLS, this program was developed (a tribute to SQLTOOLS), which aims to integrate common database utilization methods in one program, breaking the barriers that various database utilization tools require various environments and cause considerable inconvenience. In addition, the tool uses JAVAFx as the GUI operation interface, which is beautiful. At the same time, the program also supports simultaneous operation of multiple databases, each of which is independent of each other, which greatly facilitates the use of network security workers.\n\nhttps://github.com/SafeGroceryStore/MDUT\n\nSearch by Image is a browser extension that makes effortless reverse image searches possible, and comes with support for more than 30 search engines.\n\nhttps://github.com/dessant/search-by-image\n\nUnleashing an Ultimate XSS Polyglot\n\nhttps://github.com/0xsobky/HackVault/wiki/Unleashing-an-Ultimate-XSS-Polyglot\n\nBadsectorlabs/sccm-http-looter: Find interesting files stored on (System Center) Configuration Manager (SCCM/CM) shares via HTTP(s)''\n\nhttps://github.com/badsectorlabs/sccm-http-looter\n\nStreaming Overseer: A Telegram Monitoring Tool\n\nhttps://github.com/afolivieri/streaming_overseer\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-08-18T06:23:44.000000Z"}, {"uuid": "b42d22fa-77b1-41d1-b4e4-5949aee2bd10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57170", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lkoihyyia62l", "content": "", "creation_timestamp": "2025-03-18T20:18:37.104141Z"}, {"uuid": "59239c9c-0c89-4f3d-938e-86071f3be3a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57174", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114118157679394786", "content": "", "creation_timestamp": "2025-03-06T23:48:17.096342Z"}, {"uuid": "306231f7-395a-42a8-84cc-ca7c6e101bb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57178", "type": "seen", "source": "https://t.me/cvedetector/17603", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-57178 - Apache Stock-Forecaster SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-57178 \nPublished : Feb. 10, 2025, 8:15 p.m. | 1\u00a0hour, 28\u00a0minutes ago \nDescription : An SQL injection vulnerability exists in Stock-Forecaster <=01-04-2020.\nSeverity: 5.9 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-10T22:56:55.000000Z"}, {"uuid": "893f5143-49f3-40a6-abf4-1292a6b8420d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57174", "type": "seen", "source": "https://t.me/cvedetector/19665", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-57174 - Alphion ASEE-1443 DNS Suffix Misconfiguration Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-57174 \nPublished : March 5, 2025, 9:15 p.m. | 2\u00a0hours, 22\u00a0minutes ago \nDescription : A misconfiguration in Alphion ASEE-1443 Firmware v0.4.H.00.02.15 defines a previously unregistered domain name as the default DNS suffix. This allows attackers to register the unclaimed domain and point its wildcard DNS entry to an attacker-controlled IP address, making it possible to access sensitive information. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-06T01:18:23.000000Z"}, {"uuid": "9a91079c-59c3-4c56-8d3c-dbb78f826b17", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5717", "type": "published-proof-of-concept", "source": "https://t.me/HackerArsenal/160", "content": "\u041f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 Logsign Unified SecOps\n*\nCVE: CVE-2024-5716 to CVE-2024-5722 \u0438 CVE-2024-5716 CVE-2024-5717\n*\nRCE + ByPass  (+ \u0448\u0430\u0431\u043b\u043e\u043d\u044b nuclei)\n*\nPOC exploits", "creation_timestamp": "2024-08-13T07:31:57.000000Z"}, {"uuid": "3435b89e-7ff5-433a-93b7-2455a6271246", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5717", "type": "published-proof-of-concept", "source": "https://t.me/CyberDilara/700", "content": "Tools - Hackers Factory \n\nEyes is an OSINT tool to get existing accounts from an email\n\nhttps://github.com/N0rz3/Eyes\n\nA wordlist of API names used for fuzzing web application APIs.\n\nhttps://github.com/chrislockard/api_wordlist\n\nSafeLine - Make your web apps secure\n\nhttps://github.com/chaitin/SafeLine\n\nLogsign Unified SecOps Platform: Detection CVE-2024-5716 to CVE-2024-5722 - Exploiting CVE-2024-5716 and CVE-2024-5717, Proof of Concept (PoC)\n\nhttps://github.com/j4nk3/Logsign-RCE\n\nMDUT (Multiple Database Utilization Tools) is a Chinese database cross platform utilization tool that integrates multiple mainstream database types.Based on the foundation of the predecessors SQLTOOLS, this program was developed (a tribute to SQLTOOLS), which aims to integrate common database utilization methods in one program, breaking the barriers that various database utilization tools require various environments and cause considerable inconvenience. In addition, the tool uses JAVAFx as the GUI operation interface, which is beautiful. At the same time, the program also supports simultaneous operation of multiple databases, each of which is independent of each other, which greatly facilitates the use of network security workers.\n\nhttps://github.com/SafeGroceryStore/MDUT\n\nSearch by Image is a browser extension that makes effortless reverse image searches possible, and comes with support for more than 30 search engines.\n\nhttps://github.com/dessant/search-by-image\n\nUnleashing an Ultimate XSS Polyglot\n\nhttps://github.com/0xsobky/HackVault/wiki/Unleashing-an-Ultimate-XSS-Polyglot\n\nBadsectorlabs/sccm-http-looter: Find interesting files stored on (System Center) Configuration Manager (SCCM/CM) shares via HTTP(s)''\n\nhttps://github.com/badsectorlabs/sccm-http-looter\n\nStreaming Overseer: A Telegram Monitoring Tool\n\nhttps://github.com/afolivieri/streaming_overseer\n\n#CyberDilara\nhttps://t.me/CyberDilara", "creation_timestamp": "2024-08-18T06:23:26.000000Z"}, {"uuid": "f969c9b0-8e92-4898-a9d4-d2a516f67054", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57177", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113981192080802875", "content": "", "creation_timestamp": "2025-02-10T19:16:08.008696Z"}, {"uuid": "0d841a43-182e-4cc4-b0cb-e2d237d9e57e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57178", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113981223105355170", "content": "", "creation_timestamp": "2025-02-10T19:24:01.005005Z"}, {"uuid": "9d8013c0-3c7f-4089-a9c9-e4e1624064c6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57177", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhtxkc72fm2i", "content": "", "creation_timestamp": "2025-02-10T20:16:02.452562Z"}, {"uuid": "1648b9f6-7e10-4852-b153-d0908f27c6d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57178", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhtxkf7amf2n", "content": "", "creation_timestamp": "2025-02-10T20:16:04.817685Z"}, {"uuid": "18a489d6-0656-408a-9f0c-29d22cb78274", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5717", "type": "published-proof-of-concept", "source": "https://t.me/Kelvinseccommunity/730", "content": "\u041f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 Logsign Unified SecOps\n*\nCVE: CVE-2024-5716 to CVE-2024-5722 \u0438 CVE-2024-5716 CVE-2024-5717\n*\nRCE + ByPass  (+ \u0448\u0430\u0431\u043b\u043e\u043d\u044b nuclei)\n*\nPOC exploits", "creation_timestamp": "2024-08-13T07:31:39.000000Z"}, {"uuid": "e900df4d-e0c1-4b11-b118-cb035ccf6dd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57177", "type": "seen", "source": "https://t.me/cvedetector/17607", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-57177 - \"Couch-Auth Host Header Injection SSTI Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-57177 \nPublished : Feb. 10, 2025, 8:15 p.m. | 1\u00a0hour, 28\u00a0minutes ago \nDescription : A host header injection vulnerability exists in the NPM package of perfood/couch-auth <=\nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-10T22:57:01.000000Z"}, {"uuid": "219e518b-0de8-4235-89c0-ded7beb1b60f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57176", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/4950", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-57176\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue in the shiroFilter function of White-Jotter project v0.2.2 allows attackers to execute a directory traversal and access sensitive endpoints via a crafted URL.\n\ud83d\udccf Published: 2025-02-21T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-21T18:02:49.903Z\n\ud83d\udd17 References:\n1. https://github.com/DYX217/Incorrect-Access-Control", "creation_timestamp": "2025-02-21T18:19:09.000000Z"}, {"uuid": "205b9c0b-3eae-4cdd-b3c2-eaffbc0ef679", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57170", "type": "seen", "source": "https://t.me/cvedetector/20574", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-57170 - SOPlanning Directory Traversal Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-57170 \nPublished : March 18, 2025, 4:15 p.m. | 16\u00a0minutes ago \nDescription : SOPlanning 1.53.00 is vulnerable to a directory traversal issue in /process/upload.php. The \"fichier_to_delete\" parameter allows authenticated attackers to specify file paths containing directory traversal sequences (e.g., ../). This vulnerability enables attackers to delete arbitrary files outside the intended upload directory, potentially leading to denial of service or disruption of application functionality. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-18T17:44:09.000000Z"}, {"uuid": "79e56748-9cab-46e3-9d49-0f216b18200d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-57175", "type": "seen", "source": "https://t.me/cvedetector/17083", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-57175 - PHPGURUKUL Online Birth Certificate System Stored XSS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-57175 \nPublished : Feb. 3, 2025, 6:15 p.m. | 22\u00a0minutes ago \nDescription : A Stored Cross-Site Scripting (XSS) vulnerability was identified in the PHPGURUKUL Online Birth Certificate System v1.0 via the profile name to /user/certificate-form.php. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-03T20:19:13.000000Z"}, {"uuid": "a553f729-2869-4aa6-8b68-e352b3ed9a9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5717", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/2225", "content": "\u041f\u043b\u0430\u0442\u0444\u043e\u0440\u043c\u0430 Logsign Unified SecOps\n*\nCVE: CVE-2024-5716 to CVE-2024-5722 \u0438 CVE-2024-5716 CVE-2024-5717\n*\nRCE + ByPass  (+ \u0448\u0430\u0431\u043b\u043e\u043d\u044b nuclei)\n*\nPOC exploits", "creation_timestamp": "2024-08-13T07:17:46.000000Z"}]}