{"vulnerability": "CVE-2024-8503", "sightings": [{"uuid": "e4fadadb-ec1c-41a7-9b07-34b1a0166c70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8503", "type": "seen", "source": "https://t.me/HackerArsenal/369", "content": "CVE-2024-8504 \u0438 CVE-2024-8503\n*\nSQLi and RCE  - VICIdial\n*\nExploit", "creation_timestamp": "2024-09-15T17:46:38.000000Z"}, {"uuid": "33756598-2dec-4dd8-8377-ef80eb909301", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8503", "type": "published-proof-of-concept", "source": "https://t.me/cKure/13608", "content": "\u25a0\u25a0\u25a0\u25a0\u25a1 \u2623\ufe0f Exploit for CVE-2024-8504 & CVE-2024-8503: SQLi and RCE.\n\nhttps://darkwebinformer.com/exploit-for-cve-2024-8504-cve-2024-8503-sqli-and-rce/", "creation_timestamp": "2024-09-15T21:38:10.000000Z"}, {"uuid": "b2f394aa-22d3-465a-8230-d0887e741657", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8503", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8527", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aVICIdial Unauthenticated SQLi to RCE Exploit (CVE-2024-8503 and CVE-2024-8504)\nURL\uff1ahttps://github.com/Chocapikk/CVE-2024-8504\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-09-14T06:31:55.000000Z"}, {"uuid": "1747a93d-6f34-4466-8dfd-63ee31031b4f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8503", "type": "published-proof-of-concept", "source": "Telegram/TohYDeIuVZAPrMW-eMaPaRDc6ooYv7pvZtWGGCpbn-z3FQ", "content": "", "creation_timestamp": "2024-09-15T11:00:18.000000Z"}, {"uuid": "b474b224-502b-4655-9877-f26f487de255", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8503", "type": "seen", "source": "https://t.me/cvedetector/5299", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-8503 - VICIdial SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-8503 \nPublished : Sept. 10, 2024, 8:15 p.m. | 15\u00a0minutes ago \nDescription : An unauthenticated attacker can leverage a time-based SQL injection vulnerability in VICIdial to enumerate database records. By default, VICIdial stores plaintext credentials within the database. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-10T22:37:06.000000Z"}, {"uuid": "2bf66353-7f60-4bbb-84f3-9f082a48126e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8503", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/3625", "content": "\ud83d\udea8Exploit for CVE-2024-8504 & CVE-2024-8503: SQLi and RCE\n\nhttps://darkwebinformer.com/exploit-for-cve-2024-8504-cve-2024-8503-sqli-and-rce/", "creation_timestamp": "2024-09-15T23:24:35.000000Z"}, {"uuid": "f8f11a11-f009-4457-b195-6af339fb52b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8503", "type": "seen", "source": "https://t.me/CyberBulletin/686", "content": "\u26a1\ufe0fExploit for CVE-2024-8504 & CVE-2024-8503: SQLi and RCE.\n\n#CyberBulletin", "creation_timestamp": "2024-09-15T15:58:03.000000Z"}, {"uuid": "e7c7c6e8-8b2b-4149-b53e-f4b3d6f4f713", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8503", "type": "seen", "source": "https://t.me/CyberBulletin/654", "content": "\u26a1\ufe0fExploit for CVE-2024-8504 & CVE-2024-8503: SQLi and RCE.\n\n#CyberBulletin", "creation_timestamp": "2024-09-15T15:18:29.000000Z"}, {"uuid": "bfd7eec1-df8a-4d8d-b32d-e15b73d5c4d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8503", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/1990", "content": "https://github.com/Chocapikk/CVE-2024-8504\n\nExploit for CVE-2024-8504 & CVE-2024-8503: SQLi and RCE\n#github #exploit", "creation_timestamp": "2024-09-15T11:00:14.000000Z"}, {"uuid": "303b8b0b-9a4d-4582-8915-b4ebb21a2455", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8503", "type": "published-proof-of-concept", "source": "https://t.me/realLulzSec/18698", "content": "https://github.com/Chocapikk/CVE-2024-8504\n\nExploit for CVE-2024-8504 & CVE-2024-8503: SQLi and RCE\n#github #exploit", "creation_timestamp": "2024-09-15T11:00:14.000000Z"}, {"uuid": "02594d67-abda-4f11-82fb-b90f0b274cc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8503", "type": "published-proof-of-concept", "source": "https://t.me/Root_Exploit/728", "content": "Exploit for CVE-2024-8504 & CVE-2024-8503: SQLi and RCE \u26a1\ufe0f\n\nGithub\n\nReadhere\n\n#cve #exploit #sqli #rce\n\nJoin RootExploit \ud83d\udc8e", "creation_timestamp": "2024-09-16T09:11:51.000000Z"}, {"uuid": "52ac950f-239a-4231-8a37-ff268b929359", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8503", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/3178", "content": "https://github.com/Chocapikk/CVE-2024-8504\n\nExploit for CVE-2024-8504 & CVE-2024-8503: SQLi and RCE\n#github #exploit", "creation_timestamp": "2024-09-15T10:34:19.000000Z"}, {"uuid": "2f9cf114-8c0c-4316-ae9a-80f5d84465a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8503", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "85f0e210-aba9-44f3-9e25-da59a9d409b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8503", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3llf73zyd3u2n", "content": "", "creation_timestamp": "2025-03-27T21:02:07.866313Z"}, {"uuid": "3fa69618-b2f8-4711-a42e-22097273d076", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8503", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:04.000000Z"}, {"uuid": "91a9b9e2-e2af-4f96-9ac5-36369785f79c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8503", "type": "seen", "source": "https://mastodon.social/users/leakix/statuses/115586629732624033", "content": "", "creation_timestamp": "2025-11-21T08:00:04.791941Z"}, {"uuid": "885875a9-be62-42ba-8db9-48b30bd353b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8503", "type": "seen", "source": "https://bsky.app/profile/leakix.bsky.social/post/3m64stphv4w2u", "content": "", "creation_timestamp": "2025-11-21T08:00:07.072539Z"}, {"uuid": "633ebe96-e680-409b-8c91-f8b112a26dab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8503", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/auxiliary/scanner/http/vicidial_sql_enum_users_pass.rb", "content": "", "creation_timestamp": "2024-09-25T18:44:58.000000Z"}, {"uuid": "5fa30474-c4df-4e92-83b4-2d4f7a96a85c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8503", "type": "seen", "source": "https://t.me/cvedetector/5298", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-8504 - VICIdial Root Shell Command Execution\", \n  \"Content\": \"CVE ID : CVE-2024-8504 \nPublished : Sept. 10, 2024, 8:15 p.m. | 15\u00a0minutes ago \nDescription : An attacker with authenticated access to VICIdial as an \"agent\" can execute arbitrary shell commands as the \"root\" user. This attack can be chained with CVE-2024-8503 to execute arbitrary shell commands starting from an unauthenticated perspective. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-10T22:37:05.000000Z"}, {"uuid": "1275b6db-e817-4a96-8b66-0cfb8918aeee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8503", "type": "seen", "source": "https://t.me/z3xploit/348", "content": "Exploit for CVE-2024-8504 & CVE-2024-8503: SQLi and RCE \u26a1\ufe0f\n\nGithub\n\nReadhere\n\n#cve #exploit #sqli #rce\n\nJoin Z3XPLOIT \ud83d\udc8e", "creation_timestamp": "2024-09-21T12:50:59.000000Z"}, {"uuid": "f997d12f-5a39-4a76-b69a-b6c2c6b34a0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8503", "type": "seen", "source": "https://t.me/ton618cyber/3681", "content": "#exploit\n1. CVE-2024-8503,\nCVE-2024-8504:\nVICIdial unauth SQLi to RCE\nhttps://github.com/Chocapikk/CVE-2024-8504\n\n2. Exploiting Exchange PowerShell After ProxyNotShell\nPart 1: https://www.zerodayinitiative.com/blog/2024/9/4/exploiting-exchange-powershell-after-proxynotshell-part-1-multivaluedproperty\nPart 2: https://www.zerodayinitiative.com/blog/2024/9/11/exploiting-exchange-powershell-after-proxynotshell-part-2-approvedapplicationcollection", "creation_timestamp": "2024-09-16T05:41:06.000000Z"}, {"uuid": "83d4ab64-55bf-49de-a110-2b718c97afab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8503", "type": "seen", "source": "https://t.me/proxy_bar/2264", "content": "CVE-2024-8504 \u0438 CVE-2024-8503\n*\nSQLi and RCE  - VICIdial\n*\nExploit", "creation_timestamp": "2024-09-15T08:46:36.000000Z"}, {"uuid": "ba00bb10-dd9c-4fe2-bf67-ad9b37d3fa45", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8503", "type": "seen", "source": "https://t.me/Rootsec_2/4447", "content": "#exploit\n1. CVE-2024-8503,\nCVE-2024-8504:\nVICIdial unauth SQLi to RCE\nhttps://github.com/Chocapikk/CVE-2024-8504\n\n2. Exploiting Exchange PowerShell After ProxyNotShell\nPart 1: https://www.zerodayinitiative.com/blog/2024/9/4/exploiting-exchange-powershell-after-proxynotshell-part-1-multivaluedproperty\nPart 2: https://www.zerodayinitiative.com/blog/2024/9/11/exploiting-exchange-powershell-after-proxynotshell-part-2-approvedapplicationcollection", "creation_timestamp": "2024-09-18T04:12:48.000000Z"}, {"uuid": "47b95e77-2b69-46fc-885b-6366a80b8119", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8503", "type": "seen", "source": "https://t.me/ton618cyber/796", "content": "#exploit\n1. CVE-2024-8503,\nCVE-2024-8504:\nVICIdial unauth SQLi to RCE\nhttps://github.com/Chocapikk/CVE-2024-8504\n\n2. Exploiting Exchange PowerShell After ProxyNotShell\nPart 1: https://www.zerodayinitiative.com/blog/2024/9/4/exploiting-exchange-powershell-after-proxynotshell-part-1-multivaluedproperty\nPart 2: https://www.zerodayinitiative.com/blog/2024/9/11/exploiting-exchange-powershell-after-proxynotshell-part-2-approvedapplicationcollection", "creation_timestamp": "2024-09-16T05:41:06.000000Z"}, {"uuid": "7a7d70b0-645e-4d7c-b091-4726e076d58d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8503", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/13361", "content": "\u200aCritical Flaws Found in VICIdial Contact Center Suite: CVE-2024-8503 and CVE-2024-8504, PoC Published\n\nhttps://securityonline.info/critical-flaws-found-in-vicidial-contact-center-suite-cve-2024-8503-and-cve-2024-8504-poc-published/", "creation_timestamp": "2024-09-18T09:07:10.000000Z"}, {"uuid": "f99e3615-2e06-4f06-85eb-6dc480fbb399", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8503", "type": "published-proof-of-concept", "source": "https://t.me/ExploitQuest/27", "content": "\u26a1\ufe0f Exploit for CVE-2024-8504 & CVE-2024-8503: SQLi and RCE \u26a1\ufe0f\n\n\n\nhttps://github.com/Chocapikk/CVE-2024-8504/blob/main/", "creation_timestamp": "2024-09-15T10:16:32.000000Z"}, {"uuid": "3e5f6efd-8254-4c52-a2ee-e9d5d9fbaeec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8503", "type": "published-proof-of-concept", "source": "https://t.me/Cyberwise_tools/100", "content": "VICIdial Unauthenticated SQLi to RCE Exploit (CVE-2024-8503 and CVE-2024-8504) \ud83d\udea8\nExploit :  \u2b07\ufe0f\u2b07\ufe0f\u2b07\ufe0f\nhttps://github.com/Chocapikk/CVE-2024-8504/", "creation_timestamp": "2024-09-18T03:29:21.000000Z"}, {"uuid": "83f92dcd-330f-40c4-a7ca-332b8b57f92b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8503", "type": "seen", "source": "https://t.me/CyberDilara/886", "content": "\u26a1\ufe0fExploit for CVE-2024-8504 & CVE-2024-8503: SQLi and RCE.\n\n#CyberBulletin", "creation_timestamp": "2024-09-15T15:18:34.000000Z"}, {"uuid": "b40a098f-3333-410a-a034-874b0134d510", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8503", "type": "seen", "source": "https://t.me/CyberBulletin/25524", "content": "\u26a1\ufe0fExploit for CVE-2024-8504 & CVE-2024-8503: SQLi and RCE.\n\n#CyberBulletin", "creation_timestamp": "2024-09-21T03:00:30.000000Z"}, {"uuid": "b3e053a5-43de-434d-b4c8-b0b3bd8178d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8503", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/11140", "content": "#exploit\n1. CVE-2024-8503,\nCVE-2024-8504:\nVICIdial unauth SQLi to RCE\nhttps://github.com/Chocapikk/CVE-2024-8504\n\n2. Exploiting Exchange PowerShell After ProxyNotShell\nPart 1: https://www.zerodayinitiative.com/blog/2024/9/4/exploiting-exchange-powershell-after-proxynotshell-part-1-multivaluedproperty\nPart 2: https://www.zerodayinitiative.com/blog/2024/9/11/exploiting-exchange-powershell-after-proxynotshell-part-2-approvedapplicationcollection", "creation_timestamp": "2024-09-16T10:55:46.000000Z"}, {"uuid": "482bc5c5-016e-4e90-9ebb-3635b27e1985", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-8503", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:11:06.000000Z"}]}