{"vulnerability": "cve-2024-45440", "sightings": [{"uuid": "c8bc77f7-1035-4475-9e91-7b579a78a54d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45440", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lnbkcd2n7n2t", "content": "", "creation_timestamp": "2025-04-20T21:02:10.453005Z"}, {"uuid": "37061d5d-770e-4b41-ba2e-d65853fcc6e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45440", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9612", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aDrupal CVE-2024-45440\nURL\uff1ahttps://github.com/w0r1i0g1ht/CVE-2024-45440\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-12-26T13:38:01.000000Z"}, {"uuid": "c196027a-7347-4c98-8f5c-ea6ad77712ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45440", "type": "seen", "source": "https://t.me/cvedetector/4385", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45440 - Drupal Full Path Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-45440 \nPublished : Aug. 29, 2024, 11:15 a.m. | 21\u00a0minutes ago \nDescription : core/authorize.php in Drupal 11.x-dev allows Full Path Disclosure (even when error logging is None) if the value of hash_salt is file_get_contents of a file that does not exist. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-29T13:42:46.000000Z"}, {"uuid": "eea31fd2-7ce9-4ba1-9b31-7f0fe3d16093", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45440", "type": "published-proof-of-concept", "source": "Telegram/6_cMvs3tMeehe309mG6N2g9y4QBq1tvc42OJE7OT1rRPF2s", "content": "", "creation_timestamp": "2025-05-06T00:40:05.000000Z"}, {"uuid": "7af8839b-acd2-4c9a-80ec-c1a33ab7a7fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45440", "type": "published-proof-of-concept", "source": "https://t.me/cyber_hsecurity/4505", "content": "This exploit targets Drupal 11.x-dev, disclosing full file paths via CVE-2024-45440. Affects systems with improperly configured `hash_salt`. Risks include unauthorized access and data leakage. Potentially impacts thousands of vulnerable Drupal sites.\n\nJoin: https://t.me/+qeejqIiGum9jOTI9\nContact: @a1887bot", "creation_timestamp": "2025-05-04T07:31:25.000000Z"}, {"uuid": "427fd3be-b78e-4988-ad46-2353e7c19f68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45440", "type": "published-proof-of-concept", "source": "Telegram/c_gy3Lo3G6i52K-4h-VP8B_Tes7YMoJfZHtD-dMJDNTMxQps", "content": "", "creation_timestamp": "2025-05-06T00:39:05.000000Z"}, {"uuid": "8a0a0da7-3f5e-48cb-b71b-77710c8e049b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45440", "type": "published-proof-of-concept", "source": "https://t.me/codeb0ss/1584", "content": "", "creation_timestamp": "2024-09-01T19:32:51.000000Z"}, {"uuid": "fec9c07a-2dfa-4478-a9eb-55a010530fb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45440", "type": "published-proof-of-concept", "source": "https://t.me/ckeArsenal/271", "content": "https://github.com/w0r1i0g1ht/CVE-2024-45440\n\nCVE-2024-45440\n#github #poc", "creation_timestamp": "2024-12-27T18:55:07.000000Z"}, {"uuid": "ba7716ec-8778-4e64-9a7c-bd6d26f58013", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45440", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/11617", "content": "#exploit\n\n1. CVE-2024-45440:\nDrupal Full Path Disclosure\n\n2. How an obscure PHP footgun led to RCE in Craft CMS\n\n3. CVE-2024-20137:\nMediaTek SOCs\u00a0WLAN Driver - DoS\n\n4. CVE-2024-42845:\nInVesalius DICOM File injection", "creation_timestamp": "2024-12-28T11:38:47.000000Z"}, {"uuid": "dbefc578-0c45-4e18-9958-892c3e3eaeec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45440", "type": "seen", "source": "https://t.me/suboxone_chatroom/1592", "content": "#exploit\n\n1. CVE-2024-45440:\nDrupal Full Path Disclosure\n\n2. How an obscure PHP footgun led to RCE in Craft CMS\n\n3. CVE-2024-20137:\nMediaTek SOCs\u00a0WLAN Driver - DoS\n\n4. CVE-2024-42845:\nInVesalius DICOM File injection", "creation_timestamp": "2025-01-27T07:08:02.000000Z"}]}