{"vulnerability": "cve-2024-4490", "sightings": [{"uuid": "4aa87261-8c5c-4765-8803-1a27cddd64f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44902", "type": "seen", "source": "https://t.me/cvedetector/5129", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-44902 - Thinkphp Deserialization Code Execution\", \n  \"Content\": \"CVE ID : CVE-2024-44902 \nPublished : Sept. 9, 2024, 8:15 p.m. | 41\u00a0minutes ago \nDescription : A deserialization vulnerability in Thinkphp v6.1.3 to v8.0.4 allows attackers to execute arbitrary code. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-09T23:10:33.000000Z"}, {"uuid": "dd3c3bc4-e585-4ad9-bfb3-aea3f919773f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44905", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lrgfozgvfb2e", "content": "", "creation_timestamp": "2025-06-12T17:03:52.609741Z"}, {"uuid": "8dca8985-66c8-4cee-9c88-fcfb27926afd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44906", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lrgggejunb2r", "content": "", "creation_timestamp": "2025-06-12T17:16:55.936563Z"}, {"uuid": "5c022444-a280-48ef-b4f5-ccdc726ad6b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44906", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18196", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-44906\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: uptrace pgdriver v1.2.1 was discovered to contain a SQL injection vulnerability via the appendArg function in /pgdriver/format.go.\n\ud83d\udccf Published: 2025-06-12T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-12T15:50:28.880Z\n\ud83d\udd17 References:\n1. https://media.defcon.org/DEF%20CON%2032/DEF%20CON%2032%20presentations/DEF%20CON%2032%20-%20Paul%20Gerste%20-%20SQL%20Injection%20Isn%27t%20Dead%20Smuggling%20Queries%20at%20the%20Protocol%20Level.pdf\n2. https://github.com/uptrace/bun/tree/master/driver/pgdriver\n3. https://github.com/uptrace/bun/blob/1573ae7c2fffad1a7f72fd2d205e924b2fd4043b/driver/pgdriver/format.go#L62\n4. https://www.sonarsource.com/blog/double-dash-double-trouble-a-subtle-sql-injection-flaw/", "creation_timestamp": "2025-06-12T16:34:38.000000Z"}, {"uuid": "064e56cd-66d2-4444-aacf-c056ad71207a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44905", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/18198", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-44905\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: go-pg pg v10.13.0 was discovered to contain a SQL injection vulnerability via the component /types/append_value.go.\n\ud83d\udccf Published: 2025-06-12T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-12T15:43:05.310Z\n\ud83d\udd17 References:\n1. https://github.com/go-pg/pg\n2. https://media.defcon.org/DEF%20CON%2032/DEF%20CON%2032%20presentations/DEF%20CON%2032%20-%20Paul%20Gerste%20-%20SQL%20Injection%20Isn%27t%20Dead%20Smuggling%20Queries%20at%20the%20Protocol%20Level.pdf\n3. https://github.com/go-pg/pg/blob/30e7053c6cacdd44d06cf2b92183b49188b7c922/types/append_value.go#L151\n4. https://www.sonarsource.com/blog/double-dash-double-trouble-a-subtle-sql-injection-flaw/", "creation_timestamp": "2025-06-12T16:34:39.000000Z"}, {"uuid": "bd3cdc86-aae3-4cac-a4a3-4933cbc8ad59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44903", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ll6v7ztoke26", "content": "", "creation_timestamp": "2025-03-25T08:49:23.498697Z"}, {"uuid": "3684ae4b-407b-4ec5-afbe-45fb0a7bbde9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44903", "type": "seen", "source": "MISP/3e4b778d-5810-4171-a915-f1d106684af4", "content": "", "creation_timestamp": "2025-08-11T18:27:48.000000Z"}, {"uuid": "8acd57bc-7bea-4c2d-b6a3-6f6dc8eb5936", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44902", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m7nxga5bqe2b", "content": "", "creation_timestamp": "2025-12-10T21:02:32.536729Z"}, {"uuid": "df6d3089-e9c2-442c-85f6-3a8d917f9418", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-44902", "type": "published-proof-of-concept", "source": "Telegram/b0MrL-7YyNVMwlRE8cQmf3aSFWZZuNk0ErN3GEJH-SnDaRk", "content": "", "creation_timestamp": "2025-12-10T09:00:05.000000Z"}]}