{"vulnerability": "cve-2024-5057", "sightings": [{"uuid": "29008aa0-7e0e-40f3-804c-0e07c2189035", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5057", "type": "exploited", "source": "https://t.me/DEVIL_La_RSx/1632", "content": "CVE-2024-5057\n\nLet's try to inject and get the creds.\n\ncd cve-2024-5057\n./configure\nmake\nmake install\nThe expoit is installed as /usr/local/bin/cve-2024-5057.\n\nSo\n\ncve-2024-5057 https://wp.example.com\nwhere https://wp.example.com is a target Wordpress site.\n\nResult output\nIf the site is not vulnerable:\n\nThe  site is not vulnerable\nIf the injection succeeded:\n\nusername: Admin\npassword: Secret\n\nhttps://github.com/g1thubb004/poc-CVE-2024-5057", "creation_timestamp": "2024-12-02T01:56:50.000000Z"}, {"uuid": "0d330eac-2ec6-45de-95b6-c912e0b797c8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50572", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113470427663412276", "content": "", "creation_timestamp": "2024-11-12T14:22:01.241773Z"}, {"uuid": "95715671-c703-432f-aa68-cbc3b7c1b724", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50572", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-06", "content": "", "creation_timestamp": "2024-11-14T12:00:00.000000Z"}, {"uuid": "0121785f-2174-4c0c-a4ce-b81ea33bfb0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50570", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113675676122890458", "content": "", "creation_timestamp": "2024-12-18T20:19:24.191385Z"}, {"uuid": "af303cbc-57ab-426a-bdc6-dda64ad7984a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50570", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113673904061166339", "content": "", "creation_timestamp": "2024-12-18T12:48:44.766612Z"}, {"uuid": "ee0f5080-4e1a-432b-b312-5d571157969d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50572", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-044-09", "content": "", "creation_timestamp": "2025-02-13T11:00:00.000000Z"}, {"uuid": "b5f7f2a4-0c4e-4a82-ace0-068f382335c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5057", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-5057.yaml", "content": "", "creation_timestamp": "2025-12-28T12:11:40.000000Z"}, {"uuid": "ec7dd6ac-24f3-495a-9ca0-2f2c7748ec03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5057", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mbfbpeztng2f", "content": "", "creation_timestamp": "2026-01-01T21:02:59.111956Z"}, {"uuid": "5a79c2e6-edff-48e4-9932-293036a7a881", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50570", "type": "seen", "source": "https://t.me/cvedetector/13201", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50570 - FortiClient Cleartext Storage of Sensitive Information Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-50570 \nPublished : Dec. 18, 2024, 1:15 p.m. | 46\u00a0minutes ago \nDescription : A Cleartext Storage of Sensitive Information vulnerability [CWE-312] in FortiClientWindows 7.4.0 through 7.4.1, 7.2.0 through 7.2.6, 7.0.0 through 7.0.13 and FortiClientLinux 7.4.0 through 7.4.2, 7.2.0 through 7.2.7, 7.0.0 through 7.0.13 may permit a local authenticated user to retrieve VPN password via memory dump, due to JavaScript's garbage collector \nSeverity: 5.0 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-18T15:22:10.000000Z"}, {"uuid": "e2c8f07a-614d-4fe1-b76f-8d61fa215d6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50572", "type": "seen", "source": "https://t.me/cvedetector/10596", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50572 - Siemens RUGGEDCOM and SCALANCE Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-50572 \nPublished : Nov. 12, 2024, 1:15 p.m. | 21\u00a0minutes ago \nDescription : A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All versions < V8.2), RUGGEDCOM RM1224 LTE(4G) NAM (6GK6108-4AM00-2DA2) (All versions < V8.2), SCALANCE M804PB (6GK5804-0AP00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1AA00-2AA2) (All versions < V8.2), SCALANCE M812-1 ADSL-Router (6GK5812-1BA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1AA00-2AA2) (All versions < V8.2), SCALANCE M816-1 ADSL-Router (6GK5816-1BA00-2AA2) (All versions < V8.2), SCALANCE M826-2 SHDSL-Router (6GK5826-2AB00-2AB2) (All versions < V8.2), SCALANCE M874-2 (6GK5874-2AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 (6GK5874-3AA00-2AA2) (All versions < V8.2), SCALANCE M874-3 3G-Router (CN) (6GK5874-3AA00-2FA2) (All versions < V8.2), SCALANCE M876-3 (6GK5876-3AA02-2BA2) (All versions < V8.2), SCALANCE M876-3 (ROK) (6GK5876-3AA02-2EA2) (All versions < V8.2), SCALANCE M876-4 (6GK5876-4AA10-2BA2) (All versions < V8.2), SCALANCE M876-4 (EU) (6GK5876-4AA00-2BA2) (All versions < V8.2), SCALANCE M876-4 (NAM) (6GK5876-4AA00-2DA2) (All versions < V8.2), SCALANCE MUM853-1 (A1) (6GK5853-2EA10-2AA1) (All versions < V8.2), SCALANCE MUM853-1 (B1) (6GK5853-2EA10-2BA1) (All versions < V8.2), SCALANCE MUM853-1 (EU) (6GK5853-2EA00-2DA1) (All versions < V8.2), SCALANCE MUM856-1 (A1) (6GK5856-2EA10-3AA1) (All versions < V8.2), SCALANCE MUM856-1 (B1) (6GK5856-2EA10-3BA1) (All versions < V8.2), SCALANCE MUM856-1 (CN) (6GK5856-2EA00-3FA1) (All versions < V8.2), SCALANCE MUM856-1 (EU) (6GK5856-2EA00-3DA1) (All versions < V8.2), SCALANCE MUM856-1 (RoW) (6GK5856-2EA00-3AA1) (All versions < V8.2), SCALANCE S615 EEC LAN-Router (6GK5615-0AA01-2AA2) (All versions < V8.2), SCALANCE S615 LAN-Router (6GK5615-0AA00-2AA2) (All versions < V8.2). Affected devices do not properly sanitize an input field.  This could allow an authenticated remote attacker with administrative privileges to inject code or spawn a system root shell. \nSeverity: 7.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-12T14:41:28.000000Z"}, {"uuid": "5ab41cf5-91c9-4be1-b29d-9d8debcc70c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5057", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3luqgm53wk623", "content": "", "creation_timestamp": "2025-07-24T21:02:22.755359Z"}, {"uuid": "6aed14ff-4f62-4119-82f6-f2e727d8bf3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50570", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lygmjgu5q42l", "content": "", "creation_timestamp": "2025-09-09T21:02:36.617613Z"}, {"uuid": "30d7ea7c-c815-4c0d-81cd-841e9ff39483", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5057", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8700", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aLet's try to inject, because it's CVE-2024-5057 \nURL\uff1ahttps://github.com/enter0x13/poc-CVE-2024-5057\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-10-09T00:46:25.000000Z"}, {"uuid": "34747f6a-4f5d-488c-9ac3-172f671339fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5057", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9184", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1apoc-CVE-2024-5057\nURL\uff1ahttps://github.com/g1thubb004/poc-CVE-2024-5057\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-11-25T23:13:49.000000Z"}, {"uuid": "5b714f73-4ae4-4f9f-a3a8-47809925f07b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50577", "type": "seen", "source": "https://t.me/cvedetector/9116", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50577 - JetBrains YouTrack Angular Template Injection Stored XSS\", \n  \"Content\": \"CVE ID : CVE-2024-50577 \nPublished : Oct. 28, 2024, 1:15 p.m. | 42\u00a0minutes ago \nDescription : In JetBrains YouTrack before 2024.3.47707 stored XSS was possible via Angular template injection in Hub settings \nSeverity: 4.6 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-28T15:19:30.000000Z"}, {"uuid": "a046360b-76d9-462e-902f-515ece08d422", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50576", "type": "seen", "source": "https://t.me/cvedetector/9115", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50576 - JetBrains YouTrack Unvalidated Redirect to Data Uri Stored Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2024-50576 \nPublished : Oct. 28, 2024, 1:15 p.m. | 42\u00a0minutes ago \nDescription : In JetBrains YouTrack before 2024.3.47707 stored XSS was possible via vendor URL in App manifest \nSeverity: 4.6 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-28T15:19:26.000000Z"}, {"uuid": "6081c170-1624-4f84-857c-fe11225dd6fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50575", "type": "seen", "source": "https://t.me/cvedetector/9114", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50575 - JetBrains YouTrack Reflected Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-50575 \nPublished : Oct. 28, 2024, 1:15 p.m. | 42\u00a0minutes ago \nDescription : In JetBrains YouTrack before 2024.3.47707 reflected XSS was possible in Widget API \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-28T15:19:26.000000Z"}, {"uuid": "6b784962-02a3-496d-ab42-58612f65300d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50574", "type": "seen", "source": "https://t.me/cvedetector/9113", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50574 - JetBrains YouTrack Email Header Parsing ReDoS\", \n  \"Content\": \"CVE ID : CVE-2024-50574 \nPublished : Oct. 28, 2024, 1:15 p.m. | 42\u00a0minutes ago \nDescription : In JetBrains YouTrack before 2024.3.47707 potential ReDoS exploit was possible via email header parsing in Helpdesk functionality \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-28T15:19:25.000000Z"}, {"uuid": "d737abc0-a67a-414b-ba79-b180aa0c1fc6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50573", "type": "seen", "source": "https://t.me/cvedetector/9112", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50573 - JetBrains Hub Permanent Token Spoofing Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-50573 \nPublished : Oct. 28, 2024, 1:15 p.m. | 42\u00a0minutes ago \nDescription : In JetBrains Hub before 2024.3.47707 improper access control allowed users to generate permanent tokens for unauthorized services \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-28T15:19:24.000000Z"}, {"uuid": "e3d6ea3a-72d2-47bc-ba00-b4cf9f60754d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50579", "type": "seen", "source": "https://t.me/cvedetector/9109", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50579 - JetBrains YouTrack Reflective Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-50579 \nPublished : Oct. 28, 2024, 1:15 p.m. | 42\u00a0minutes ago \nDescription : In JetBrains YouTrack before 2024.3.47707 reflected XSS due to insecure link sanitization was possible \nSeverity: 4.6 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-28T15:19:19.000000Z"}, {"uuid": "4e0bee00-3d58-476c-bce7-e9b7e6aca324", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-50578", "type": "seen", "source": "https://t.me/cvedetector/9108", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50578 - JetBrains YouTrack Stored XSS\", \n  \"Content\": \"CVE ID : CVE-2024-50578 \nPublished : Oct. 28, 2024, 1:15 p.m. | 42\u00a0minutes ago \nDescription : In JetBrains YouTrack before 2024.3.47707 stored XSS was possible via sprint value on agile boards page \nSeverity: 4.6 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-28T15:19:18.000000Z"}, {"uuid": "436de748-b3f8-43b7-8005-21121e3197b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5057", "type": "seen", "source": "https://t.me/cvedetector/4398", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-5057 - Easy Digital Downloads SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-5057 \nPublished : Aug. 29, 2024, 2:15 p.m. | 46\u00a0minutes ago \nDescription : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Easy Digital Downloads allows SQL Injection.This issue affects Easy Digital Downloads: from n/a through 3.2.12. \nSeverity: 9.3 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-29T17:03:21.000000Z"}]}