{"vulnerability": "CVE-2024-5515", "sightings": [{"uuid": "07a1ad9d-4ed1-4aae-97ce-41ec74e13694", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55159", "type": "seen", "source": "https://t.me/cvedetector/18670", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-55159 - GFast SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-55159 \nPublished : Feb. 21, 2025, 6:15 p.m. | 23\u00a0minutes ago \nDescription : GFast between v2 to v3.2 was discovered to contain a SQL injection vulnerability via the SortName parameter at /system/loginLog/list. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-21T19:46:42.000000Z"}, {"uuid": "93cd745c-cd66-4720-8576-958267eb45aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55156", "type": "seen", "source": "MISP/9ca82492-7deb-4197-a6f1-191e121eef96", "content": "", "creation_timestamp": "2025-08-25T13:32:04.000000Z"}, {"uuid": "a38703d1-df94-4562-a2e1-bd22eb3e16a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55159", "type": "seen", "source": "MISP/9ca82492-7deb-4197-a6f1-191e121eef96", "content": "", "creation_timestamp": "2025-08-25T13:32:04.000000Z"}, {"uuid": "539584af-6567-4360-82ba-43f1aca0b87e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55156", "type": "seen", "source": "https://t.me/cvedetector/18669", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-55156 - Apache CloudEvents Java SDK XXE Injection\", \n  \"Content\": \"CVE ID : CVE-2024-55156 \nPublished : Feb. 21, 2025, 6:15 p.m. | 23\u00a0minutes ago \nDescription : An XML External Entity (XXE) vulnerability in the deserializeArgs() method of Java SDK for CloudEvents v4.0.1 allows attackers to access sensitive information via supplying a crafted XML-formatted event message. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-21T19:46:41.000000Z"}, {"uuid": "77ff2481-0aca-4291-ae2b-0a8aa32575b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5515", "type": "seen", "source": "Telegram/XJvh5MoZknC_nUpcNtM8Rdz8jlkzsUI_K25497Ta3SUHQtj8", "content": "", "creation_timestamp": "2025-02-14T09:46:59.000000Z"}, {"uuid": "a55afac0-c937-4126-9db7-d47a431134b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55156", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/4937", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-55156\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An XML External Entity (XXE) vulnerability in the deserializeArgs() method of Java SDK for CloudEvents v4.0.1 allows attackers to access sensitive information via supplying a crafted XML-formatted event message.\n\ud83d\udccf Published: 2025-02-21T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-21T18:05:37.685Z\n\ud83d\udd17 References:\n1. https://github.com/aixiao0621/CVE/blob/main/CVE-2024-55156/README.md", "creation_timestamp": "2025-02-21T18:18:49.000000Z"}, {"uuid": "96336a8e-b9c0-4df2-a54d-92c598aeffd6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55159", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/4936", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-55159\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: GFast between v2 to v3.2 was discovered to contain a SQL injection vulnerability via the SortName parameter at /system/loginLog/list.\n\ud83d\udccf Published: 2025-02-21T00:00:00.000Z\n\ud83d\udccf Modified: 2025-02-21T18:07:30.428Z\n\ud83d\udd17 References:\n1. https://github.com/tiger1103/gfast/blob/os-v3.2/internal/app/system/logic/sysLoginLog/sys_login_log.go#L75\n2. https://github.com/SuperDu1/CVE/issues/1", "creation_timestamp": "2025-02-21T18:18:48.000000Z"}]}