{"vulnerability": "CVE-2024-4257", "sightings": [{"uuid": "4e0bc919-f2a5-4e35-9ca8-a8297ee84cf7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42573", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8291", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-42573\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at dtmarks.php.\n\ud83d\udccf Published: 2024-08-20T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-20T20:59:27.853Z\n\ud83d\udd17 References:\n1. https://gist.github.com/topsky979/d44aabca29c1a6a9845fde465b924e79", "creation_timestamp": "2025-03-20T21:18:38.000000Z"}, {"uuid": "90fa4cf3-6e10-4c55-889a-c960b984d9e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42575", "type": "seen", "source": "https://t.me/cvedetector/3631", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42575 - Apache School Management System SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-42575 \nPublished : Aug. 20, 2024, 1:15 p.m. | 38\u00a0minutes ago \nDescription : School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at substaff.php. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-20T16:17:44.000000Z"}, {"uuid": "6da52a63-cb7c-40b1-8a5b-912c8bb0b61e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42573", "type": "seen", "source": "https://t.me/cvedetector/3630", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42573 - DTMarks School Management System SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42573 \nPublished : Aug. 20, 2024, 1:15 p.m. | 38\u00a0minutes ago \nDescription : School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at dtmarks.php. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-20T16:17:41.000000Z"}, {"uuid": "c68a588a-856e-46be-99f7-f406a36d44e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42576", "type": "seen", "source": "https://t.me/cvedetector/3627", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42576 - Warehouse Inventory System CSRF Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2024-42576 \nPublished : Aug. 20, 2024, 1:15 p.m. | 38\u00a0minutes ago \nDescription : A Cross-Site Request Forgery (CSRF) in the component edit_categorie.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-20T16:17:38.000000Z"}, {"uuid": "f3dd934b-6b2d-42e3-9a9a-e1efdb19a9bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42577", "type": "seen", "source": "https://t.me/cvedetector/3622", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42577 - \"Warehouse Inventory System CSRF Privilege Escalation\"\", \n  \"Content\": \"CVE ID : CVE-2024-42577 \nPublished : Aug. 20, 2024, 1:15 p.m. | 38\u00a0minutes ago \nDescription : A Cross-Site Request Forgery (CSRF) in the component add_product.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-20T16:17:30.000000Z"}, {"uuid": "f6f9eb4e-02b3-404d-a81d-a37d643e8385", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42579", "type": "seen", "source": "https://t.me/cvedetector/3621", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42579 - Apache Warehouse Inventory System CSRF Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2024-42579 \nPublished : Aug. 20, 2024, 1:15 p.m. | 38\u00a0minutes ago \nDescription : A Cross-Site Request Forgery (CSRF) in the component add_group.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-20T16:17:29.000000Z"}, {"uuid": "4945f05d-821e-46ba-98b4-e45df33d6a3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42570", "type": "seen", "source": "https://t.me/cvedetector/3633", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42570 - \"School Management System SQL Injection\"\", \n  \"Content\": \"CVE ID : CVE-2024-42570 \nPublished : Aug. 20, 2024, 1:15 p.m. | 38\u00a0minutes ago \nDescription : School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at admininsert.php. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-20T16:17:46.000000Z"}, {"uuid": "f06e433c-54bd-4172-96a9-942c52f81f62", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42578", "type": "seen", "source": "https://t.me/cvedetector/3625", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42578 - \"Adobe Warehouse Inventory System CSRF Privilege Escalation\"\", \n  \"Content\": \"CVE ID : CVE-2024-42578 \nPublished : Aug. 20, 2024, 1:15 p.m. | 38\u00a0minutes ago \nDescription : A Cross-Site Request Forgery (CSRF) in the component edit_product.php of Warehouse Inventory System v2.0 allows attackers to escalate privileges. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-20T16:17:33.000000Z"}, {"uuid": "81385800-3548-49b7-a470-286a268b4b6c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42574", "type": "seen", "source": "https://t.me/cvedetector/3624", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42574 - \"School Management System SQL Injection\"\", \n  \"Content\": \"CVE ID : CVE-2024-42574 \nPublished : Aug. 20, 2024, 1:15 p.m. | 38\u00a0minutes ago \nDescription : School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at attendance.php. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-20T16:17:32.000000Z"}, {"uuid": "1e4622e2-8123-4ba6-b1ea-d94c720813a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42572", "type": "seen", "source": "https://t.me/cvedetector/3623", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42572 - \"School Management System SQL Injection\"\", \n  \"Content\": \"CVE ID : CVE-2024-42572 \nPublished : Aug. 20, 2024, 1:15 p.m. | 38\u00a0minutes ago \nDescription : School Management System commit bae5aa was discovered to contain a SQL injection vulnerability via the medium parameter at unitmarks.php. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-20T16:17:31.000000Z"}]}