{"vulnerability": "CVE-2024-3184", "sightings": [{"uuid": "019bc997-65de-4f0b-849a-9bf2eb626e5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-31844", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7508", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-31844\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered in Italtel Embrace 1.6.4. The server does not properly handle application errors. In some cases, this leads to a disclosure of information about the server. An unauthenticated user is able craft specific requests in order to make the application generate an error. Inside an error message, some information about the server is revealed, such as the absolute path of the source code of the application. This kind of information can help an attacker to perform other attacks against the system. This can be exploited without authentication.\n\ud83d\udccf Published: 2024-05-21T15:33:17.348Z\n\ud83d\udccf Modified: 2025-03-13T20:26:02.820Z\n\ud83d\udd17 References:\n1. https://www.gruppotim.it/it/footer/red-team.html", "creation_timestamp": "2025-03-13T20:43:19.000000Z"}, {"uuid": "49a5be8f-eb30-43f3-baf8-43e54b6e51f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-31848", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7241", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPoC for Exploiting CVE-2024-31848/49/50/51 - File Path Traversal \nURL\uff1ahttps://github.com/Stuub/CVE-2024-31848-PoC\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-05-07T10:54:35.000000Z"}, {"uuid": "bb1ccea0-7cc2-471d-a4e0-12877ec1696c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-31847", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7445", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-31847\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue was discovered in Italtel Embrace 1.6.4. A stored cross-site scripting (XSS) vulnerability allows authenticated and unauthenticated remote attackers to inject arbitrary web script or HTML into a GET parameter. This reflects/stores the user input without sanitization.\n\ud83d\udccf Published: 2024-05-21T15:34:04.208Z\n\ud83d\udccf Modified: 2025-03-13T17:32:58.883Z\n\ud83d\udd17 References:\n1. https://www.gruppotim.it/it/footer/red-team.html", "creation_timestamp": "2025-03-13T17:44:59.000000Z"}, {"uuid": "3399dcfe-608a-41b0-bed6-8f6a98b94d2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-31849", "type": "published-proof-of-concept", "source": "https://t.me/ZeroEthical_Course/118", "content": "#exploit\n1. SQL Injection to RCE in Apple Masa/Mura CMS\nhttps://blog.projectdiscovery.io/hacking-apple-with-sql-injection\n\n2. CVE-2024-31848,\nCVE-2024-31849,\nCVE-2024-31850,\nCVE-2024-31851:\nJetty Server File Path Traversal\nhttps://github.com/Stuub/CVE-2024-31848-PoC", "creation_timestamp": "2024-05-10T08:17:13.000000Z"}, {"uuid": "e7fe2b1f-2395-4e84-8a8e-9c3d92a00c35", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-3184", "type": "seen", "source": "https://t.me/cvedetector/8153", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-3184 - GoAhead Web Server NULL Pointer Dereference Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-3184 \nPublished : Oct. 17, 2024, 8:15 a.m. | 30\u00a0minutes ago \nDescription : Multiple CWE-476 NULL Pointer Dereference vulnerabilities were found in GoAhead Web Server up to version 6.0.0 when compiled with the ME_GOAHEAD_REPLACE_MALLOC flag. Without a memory notifier for allocation failures, remote attackers can exploit these vulnerabilities by sending malicious requests, leading to a crash and Denial of Service (DoS). \nSeverity: 5.9 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-17T10:47:15.000000Z"}, {"uuid": "7c97136d-1373-4cee-8d22-037f52e66379", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-31842", "type": "seen", "source": "https://t.me/cvedetector/3685", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-31842 - Italtel Embrace Insecure Access Token Leak Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-31842 \nPublished : Aug. 20, 2024, 8:15 p.m. | 43\u00a0minutes ago \nDescription : An issue was discovered in Italtel Embrace 1.6.4. The web application inserts the access token of an authenticated user inside GET requests. The query string for the URL could be saved in the browser's history, passed through Referers to other web sites, stored in web logs, or otherwise recorded in other sources. If the query string contains sensitive information such as session identifiers, then attackers can use this information to launch further attacks. Because the access token in sent in GET requests, this vulnerability could lead to complete account takeover. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-20T22:59:32.000000Z"}, {"uuid": "a960e753-4490-441d-87f8-69632e865e4e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-31848", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/2473", "content": "https://github.com/Stuub/CVE-2024-31848-PoC\n\nGET  /ui/..\\src\\getSettings.rsb?@json\n\n#poc #exploit", "creation_timestamp": "2024-06-16T16:44:22.000000Z"}, {"uuid": "97342d8a-6e2b-4767-be29-75d9ae51ff5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-31848", "type": "published-proof-of-concept", "source": "https://t.me/ZeroEthical_Course/118", "content": "#exploit\n1. SQL Injection to RCE in Apple Masa/Mura CMS\nhttps://blog.projectdiscovery.io/hacking-apple-with-sql-injection\n\n2. CVE-2024-31848,\nCVE-2024-31849,\nCVE-2024-31850,\nCVE-2024-31851:\nJetty Server File Path Traversal\nhttps://github.com/Stuub/CVE-2024-31848-PoC", "creation_timestamp": "2024-05-10T08:17:13.000000Z"}, {"uuid": "63cbe00b-893a-4642-b349-26253836531b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-31848", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/211", "content": "\ud83d\udea8POC RELEASED\ud83d\udea8PoC for CData within Jetty servers released (CVE-2024-31848/49/50/51). File Path Traversal & File Read. https://github.com/Stuub/CVE-2024-31848-PoC\n\n#DarkWebInformer #DarkWeb #Exploit #Cyberattack #Cybercrime #Infosec #CTI #CVE202431848 #Vulnerability\n\nA prototype PoC for the automation of vulnerability analysis on targets running CData applications on an embedded Jetty server.\n\nX Link: https://twitter.com/DarkWebInformer/status/1788607746545226054", "creation_timestamp": "2024-05-09T20:56:51.000000Z"}, {"uuid": "7e9d8732-40f9-4cab-af3f-97a0fd47d503", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-31848", "type": "seen", "source": "Telegram/K6PCb4_-lX7w9-2V3EkuWDbxgtQ_4wiK9Hiy049ilypP-Jw", "content": "", "creation_timestamp": "2024-05-05T17:10:20.000000Z"}, {"uuid": "be878d5c-0664-451b-9360-62ef2051ddca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-31849", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10480", "content": "#exploit\n1. SQL Injection to RCE in Apple Masa/Mura CMS\nhttps://blog.projectdiscovery.io/hacking-apple-with-sql-injection\n\n2. CVE-2024-31848, CVE-2024-31849,\nCVE-2024-31850, CVE-2024-31851:\nJetty Server File Path Traversal\nhttps://github.com/Stuub/CVE-2024-31848-PoC", "creation_timestamp": "2024-05-10T19:37:07.000000Z"}, {"uuid": "2c3b16d4-cf2a-42d2-b20f-18eff489292f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-31848", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/10480", "content": "#exploit\n1. SQL Injection to RCE in Apple Masa/Mura CMS\nhttps://blog.projectdiscovery.io/hacking-apple-with-sql-injection\n\n2. CVE-2024-31848, CVE-2024-31849,\nCVE-2024-31850, CVE-2024-31851:\nJetty Server File Path Traversal\nhttps://github.com/Stuub/CVE-2024-31848-PoC", "creation_timestamp": "2024-05-10T19:37:07.000000Z"}]}