{"vulnerability": "CVE-2024-4284", "sightings": [{"uuid": "d05a1211-e92f-4cf4-9bae-e191d7362c7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42844", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114117215236097852", "content": "", "creation_timestamp": "2025-03-06T19:48:36.374814Z"}, {"uuid": "d1bd5271-0c53-46e7-abf2-454e3ecaa875", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42844", "type": "seen", "source": "https://gist.github.com/arjunnair-resideo/82aaa468b9f9ee025a20bdbaecb60490", "content": "", "creation_timestamp": "2025-03-04T08:37:10.000000Z"}, {"uuid": "5c9bd993-253a-4284-badd-682f5b555ccb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42844", "type": "seen", "source": "https://gist.github.com/getHecked/dc4ae46526d181d3deb17092815b9bec", "content": "", "creation_timestamp": "2025-03-04T08:38:35.000000Z"}, {"uuid": "a3693341-6e97-4da6-9305-f402bd77d9bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42845", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8346", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aInVesalius discovered CVE. CVE-2024-42845\nURL\uff1ahttps://github.com/partywavesec/invesalius3_vulnerabilities\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-08-23T21:19:02.000000Z"}, {"uuid": "ee2cba43-5343-48c9-bb87-367d61cd0bce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42845", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/9943", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aRCE\n\u63cf\u8ff0\uff1aExploit For: CVE-2024-42845: Remote Code Execution (RCE) in Invesalius 3.1\nURL\uff1ahttps://github.com/theexploiters/CVE-2024-42845-Exploit\n\n\u6807\u7b7e\uff1a#RCE", "creation_timestamp": "2025-01-10T20:05:15.000000Z"}, {"uuid": "8a322faf-680a-4042-bfca-d1cf1db31ce9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42845", "type": "seen", "source": "https://t.me/suboxone_chatroom/1592", "content": "#exploit\n\n1. CVE-2024-45440:\nDrupal Full Path Disclosure\n\n2. How an obscure PHP footgun led to RCE in Craft CMS\n\n3. CVE-2024-20137:\nMediaTek SOCs\u00a0WLAN Driver - DoS\n\n4. CVE-2024-42845:\nInVesalius DICOM File injection", "creation_timestamp": "2025-01-27T07:08:02.000000Z"}, {"uuid": "2a758eb5-3131-4df6-bad0-197f80449bb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42844", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6690", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-42844\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A SQL Injection vulnerability has been identified in EPICOR Prophet 21 (P21) up to 23.2.5232. This vulnerability allows authenticated remote attackers to execute arbitrary SQL commands through unsanitized user input fields to obtain unauthorized information\n\ud83d\udccf Published: 2025-03-06T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-06T15:10:38.236Z\n\ud83d\udd17 References:\n1. https://gist.github.com/getHecked/dc4ae46526d181d3deb17092815b9bec", "creation_timestamp": "2025-03-06T16:07:12.000000Z"}, {"uuid": "57aab83b-7f4e-440b-9583-1d037948e743", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42844", "type": "seen", "source": "https://t.me/cvedetector/19709", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42844 - EPICOR Prophet 21 SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-42844 \nPublished : March 6, 2025, 3:15 p.m. | 53\u00a0minutes ago \nDescription : A SQL Injection vulnerability has been identified in EPICOR Prophet 21 (P21) up to 23.2.5232. This vulnerability allows authenticated remote attackers to execute arbitrary SQL commands through unsanitized user input fields to obtain unauthorized information \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-06T17:11:03.000000Z"}, {"uuid": "37970b78-7c57-48c3-8439-a945784a6926", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42849", "type": "seen", "source": "https://t.me/cvedetector/3361", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42849 - Silverpeas Remote Denial of Service\", \n  \"Content\": \"CVE ID : CVE-2024-42849 \nPublished : Aug. 16, 2024, 7:15 p.m. | 38\u00a0minutes ago \nDescription : An issue in Silverpeas v.6.4.2 and lower allows a remote attacker to cause a denial of service via the password change function. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-16T22:05:04.000000Z"}, {"uuid": "42ab9a0e-4e32-44ce-bfb3-067ac1db202e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42845", "type": "seen", "source": "https://t.me/cvedetector/4039", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42845 - InVesalius DICOM eval Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42845 \nPublished : Aug. 23, 2024, 7:15 p.m. | 41\u00a0minutes ago \nDescription : An eval Injection vulnerability in the component invesalius/reader/dicom.py of InVesalius 3.1.99991 through 3.1.99998 allows attackers to execute arbitrary code via loading a crafted DICOM file. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-23T22:09:15.000000Z"}, {"uuid": "a3b38a28-d507-48ee-b240-4dc6a8dcf5b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42845", "type": "published-proof-of-concept", "source": "Telegram/cGezkY-sNGeXP7suZ-_mxlbHZXJUtespjJiYiVVk1k7JN70", "content": "", "creation_timestamp": "2025-01-11T04:00:06.000000Z"}, {"uuid": "1e803043-a403-4e6c-97fb-061c27fa0c5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42845", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/11617", "content": "#exploit\n\n1. CVE-2024-45440:\nDrupal Full Path Disclosure\n\n2. How an obscure PHP footgun led to RCE in Craft CMS\n\n3. CVE-2024-20137:\nMediaTek SOCs\u00a0WLAN Driver - DoS\n\n4. CVE-2024-42845:\nInVesalius DICOM File injection", "creation_timestamp": "2024-12-28T11:38:47.000000Z"}, {"uuid": "7b9a750d-0efc-41d8-81ab-1a417a72840d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42845", "type": "published-proof-of-concept", "source": "https://t.me/ckeArsenal/336", "content": "https://github.com/theexploiters/CVE-2024-42845-Exploit\n\nExploit For: CVE-2024-42845: Remote Code Execution (RCE) in Invesalius 3.1\n#github #exploit", "creation_timestamp": "2025-01-12T16:52:08.000000Z"}]}