{"vulnerability": "cve-2024-4821", "sightings": [{"uuid": "a3fd9876-5417-495f-aafc-825b0b091f85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48217", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8911", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-48217 Sismart Vulnerability\nURL\uff1ahttps://github.com/ajrielrm/CVE-2024-48217\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-11-01T04:45:33.000000Z"}, {"uuid": "c7efe9e5-dbc5-45b6-9742-040c491dde2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48217", "type": "seen", "source": "https://t.me/cvedetector/9621", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48217 - SiSMART Insecure Direct Object Reference Horizontal Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2024-48217 \nPublished : Nov. 1, 2024, 5:15 p.m. | 17\u00a0minutes ago \nDescription : An Insecure Direct Object Reference (IDOR) in the dashboard of SiSMART v7.4.0 allows attackers to execute a horizontal-privilege escalation. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-01T18:42:02.000000Z"}, {"uuid": "c66e635c-9ca1-407b-b743-9cd1b59ea9a6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48213", "type": "seen", "source": "https://t.me/cvedetector/8772", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48213 - RockOA Directory Traversal\", \n  \"Content\": \"CVE ID : CVE-2024-48213 \nPublished : Oct. 23, 2024, 10:15 p.m. | 31\u00a0minutes ago \nDescription : RockOA v2.6.5 is vulnerable to Directory Traversal in webmain/system/beifen/beifenAction.php. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-24T00:55:57.000000Z"}, {"uuid": "c9357ede-1b35-4f76-9c25-f65e5a7b8ea4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48214", "type": "seen", "source": "https://t.me/cvedetector/9446", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48214 - Tuya Camera Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-48214 \nPublished : Oct. 30, 2024, 6:15 p.m. | 41\u00a0minutes ago \nDescription : KERUI HD 3MP 1080P Tuya Camera 1.0.4 has a command injection vulnerability in the module that connects to the local network via a QR code. This vulnerability allows an attacker to create a custom, unauthenticated QR code and abuse one of the parameters, either SSID or PASSWORD, in the JSON data contained within the QR code. By that, the attacker can execute arbitrary code on the camera. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-30T20:02:54.000000Z"}, {"uuid": "97fce4d2-baa9-4044-bb0a-b38339305f4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-48218", "type": "seen", "source": "https://t.me/cvedetector/8988", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48218 - Funadmin SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-48218 \nPublished : Oct. 25, 2024, 9:15 p.m. | 31\u00a0minutes ago \nDescription : Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/list. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-25T23:46:40.000000Z"}]}