{"vulnerability": "CVE-2024-3652", "sightings": [{"uuid": "9d1c08cf-6ccc-49c8-9af8-1b63ea4a0528", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36527", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7722", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPOC for CVE-2024-36527: puppeteer-renderer v.3.2.0 and before is vulnerable to Directory Traversal\nURL\uff1ahttps://github.com/bigb0x/CVE-2024-36527\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-06-20T09:47:38.000000Z"}, {"uuid": "da6a1683-8258-4117-81f2-6f116710353f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36527", "type": "published-proof-of-concept", "source": "https://t.me/TheDarkWebInformer/1158", "content": "\ud83d\udea8POC RELEASED\ud83d\udea8POC for CVE-2024-36527: puppeteer-renderer v.3.2.0 and before is vulnerable to Directory Traversal. Attackers can exploit the URL parameter using the file protocol to read sensitive information from the server.\ud83d\udc47\n\nhttps://github.com/bigb0x/CVE-2024-36527\n\nhttps://x.com/DarkWebInformer/status/1803791122180821122", "creation_timestamp": "2024-06-20T16:05:23.000000Z"}, {"uuid": "cb042831-998a-4518-a3b7-bc083637320d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-36522", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/1637", "content": "\u200aApache Wicket Addresses Critical RCE Vulnerability (CVE-2024-36522)\n\nhttps://securityonline.info/apache-wicket-addresses-critical-rce-vulnerability-cve-2024-36522/", "creation_timestamp": "2024-06-05T11:43:02.000000Z"}]}