{"vulnerability": "CVE-2024-5566", "sightings": [{"uuid": "20685dd5-a9ae-4e04-934f-2a03512446f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55660", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113637199321243723", "content": "", "creation_timestamp": "2024-12-12T01:14:14.772453Z"}, {"uuid": "cd3cc75d-2484-4061-acd8-67ef394e50d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55662", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113641035648128218", "content": "", "creation_timestamp": "2024-12-12T17:29:52.583437Z"}, {"uuid": "16c199e2-67db-47a2-8a3f-1d0045952028", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55663", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113641379176104368", "content": "", "creation_timestamp": "2024-12-12T18:57:14.101929Z"}, {"uuid": "01788d57-0016-4829-bab7-845248cec74a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55661", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/113651936422336008", "content": "", "creation_timestamp": "2024-12-14T15:42:04.783285Z"}, {"uuid": "f2b3cf06-8320-483e-b820-3e4535cd9be5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55661", "type": "seen", "source": "Telegram/bwVzUQfKSxu5nCl33CD_LUzO1KudwUst0NGX-dgwqjNGVZk", "content": "", "creation_timestamp": "2025-09-10T11:52:35.000000Z"}, {"uuid": "ca6d8fca-ceaa-4975-b3f4-70c658d88d2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55661", "type": "published-proof-of-concept", "source": "Telegram/vpx3YKOcAueFTTlBXmAmNxsIEwTkvSUeFD5DKiDa4uIA5wkK", "content": "", "creation_timestamp": "2025-09-11T08:57:04.000000Z"}, {"uuid": "abd3e615-6e15-4343-9c1c-f38395212fde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55661", "type": "published-proof-of-concept", "source": "Telegram/zNiXDuAdWj1sUxxVU5JjhobD5YqZbFR_XafKNg2cvfA4J_I", "content": "", "creation_timestamp": "2025-09-10T09:39:11.000000Z"}, {"uuid": "a1781270-8686-462d-940f-1b834528cf99", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55661", "type": "seen", "source": "Telegram/oK6YZ201yH3u36Ld86AIM6irgNnEFdkEpiqcu6eWwkf1L3w", "content": "", "creation_timestamp": "2025-09-11T08:57:05.000000Z"}, {"uuid": "44c3fc86-cfb5-4c51-b7af-59eafa7816ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55661", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lrbs3rtyaj2o", "content": "", "creation_timestamp": "2025-06-10T21:02:35.370520Z"}, {"uuid": "8dda6536-5726-4bc2-abd7-dab9b3dcf7de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55661", "type": "seen", "source": "Telegram/njw-SNmCnbbXLCSpNl5uy3bNGXnaRITwKMK2nK-7tXRcVmk", "content": "", "creation_timestamp": "2025-09-10T00:16:42.000000Z"}, {"uuid": "4685475f-f8bc-4605-be52-3eacbde9faa3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55662", "type": "seen", "source": "https://t.me/cvedetector/12799", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-55662 - XWiki Platform Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-55662 \nPublished : Dec. 12, 2024, 6:15 p.m. | 22\u00a0minutes ago \nDescription : XWiki Platform is a generic wiki platform. Starting in version 3.3-milestone-1 and prior to versions 15.10.9 and 16.3.0, on instances where `Extension Repository Application` is installed, any user can execute any code requiring `programming` rights on the server. This vulnerability has been fixed in XWiki 15.10.9 and 16.3.0. Since `Extension Repository Application` is not mandatory, it can be safely disabled on instances that do not use it as a workaround. It is also possible to manually apply the patches from commit 8659f17d500522bf33595e402391592a35a162e8 to the page `ExtensionCode.ExtensionSheet` and to the page `ExtensionCode.ExtensionAuthorsDisplayer`. \nSeverity: 9.9 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-12T19:41:34.000000Z"}, {"uuid": "cd5e2166-c52c-446e-8351-e7425416a8b7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55661", "type": "published-proof-of-concept", "source": "Telegram/t1LhqdJOG1EFy6jlM73bhz_qlF1T-sLBuRLYxQFOHpc1fDqB", "content": "", "creation_timestamp": "2025-09-10T09:39:10.000000Z"}, {"uuid": "f1c1bf12-07cd-4e1c-98d4-4900007f9163", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55661", "type": "seen", "source": "Telegram/Ej67y3-U2qHOzlICcSBmxU5ToM5GicFe3MyQPrVdZemdOpk", "content": "", "creation_timestamp": "2025-09-11T00:11:52.000000Z"}, {"uuid": "bcda5fa2-32e8-4cc5-8027-9e0bcc902447", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55661", "type": "published-proof-of-concept", "source": "Telegram/lVThFqOS_-THLS2nDZbOqeID9ULvGm_dMtchXCk4uxGtisKK", "content": "", "creation_timestamp": "2025-09-10T00:16:41.000000Z"}, {"uuid": "de98cf6c-c706-4353-81a2-bd9a7a77d5f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55661", "type": "seen", "source": "Telegram/yPqQ91miaB-2D89EM1FeuaCQM9WzAEZThEuC_Ossz7SbN555", "content": "", "creation_timestamp": "2025-09-11T00:11:51.000000Z"}, {"uuid": "4befdb8a-cd88-41a3-a70b-ff1f52e47188", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55661", "type": "seen", "source": "Telegram/qnVR2SX41ef1kt-yWW971_--D-c1QbD0TjF0HQIOIn_BSoof", "content": "", "creation_timestamp": "2025-09-10T11:52:34.000000Z"}, {"uuid": "231d50d4-0bdb-472a-b387-e69ff96c82db", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55661", "type": "seen", "source": "https://t.me/CyberBulletin/1766", "content": "\u26a1\ufe0fCVE-2024-55661: RCE Vulnerability Discovered in Laravel Pulse Monitoring Tool.\n\n#CyberBulletin", "creation_timestamp": "2024-12-17T08:00:16.000000Z"}, {"uuid": "bef979ba-1f30-479f-afca-151d43fe17e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55663", "type": "seen", "source": "https://t.me/cvedetector/12807", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-55663 - XWiki Platform SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-55663 \nPublished : Dec. 12, 2024, 7:15 p.m. | 45\u00a0minutes ago \nDescription : XWiki Platform is a generic wiki platform. Starting in version 11.10.6 and prior to versions 13.10.5 and 14.3-rc-1, in `getdocument.vm`; the ordering of the returned documents is defined from an unsanitized request parameter (request.sort) and can allow any user to inject HQL. Depending on the used database backend, the attacker may be able to not only obtain confidential information such as password hashes from the database, but also execute UPDATE/INSERT/DELETE queries. This has been patched in 13.10.5 and 14.3-rc-1. There is no known workaround, other than upgrading XWiki. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-12T21:21:58.000000Z"}, {"uuid": "7b877fef-58a5-4116-bd9c-d6a4cdcb75e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55661", "type": "seen", "source": "https://t.me/cvedetector/12897", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-55661 - \"Laravel Pulse Remote Code Execution Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-55661 \nPublished : Dec. 13, 2024, 4:15 p.m. | 43\u00a0minutes ago \nDescription : Laravel Pulse is a real-time application performance monitoring tool and dashboard for Laravel applications. A vulnerability has been discovered in Laravel Pulse prior to version 1.3.1 that could allow remote code execution through the public `remember()` method in the `Laravel\\Pulse\\Livewire\\Concerns\\RemembersQueries` trait. This method is accessible via Livewire components and can be exploited to call arbitrary callables within the application. An authenticated user with access to Laravel Pulse dashboard can execute arbitrary code by calling any function or static method in which the callable is a function or static method and the callable has no parameters or no strict parameter types. The vulnerable to component is `remember(callable $query, string $key = '')` method in `Laravel\\Pulse\\Livewire\\Concerns\\RemembersQueries`, and the vulnerability affects all Pulse card components that use this trait. Version 1.3.1 contains a patch. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-13T18:17:16.000000Z"}, {"uuid": "cb152c4c-3a2d-4ed0-96ff-c11d5f4d8df2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55660", "type": "seen", "source": "https://t.me/cvedetector/12675", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-55660 - SiYuan SSTI Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-55660 \nPublished : Dec. 12, 2024, 2:15 a.m. | 27\u00a0minutes ago \nDescription : SiYuan is a personal knowledge management system. Prior to version 3.1.16, SiYuan's `/api/template/renderSprig` endpoint is vulnerable to Server-Side Template Injection (SSTI) through the Sprig template engine. Although the engine has limitations, it allows attackers to access environment variables. Version 3.1.16 contains a patch for the issue. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-12T03:46:59.000000Z"}, {"uuid": "971c6a8c-599d-48b5-a820-063985249ed0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5566", "type": "seen", "source": "https://t.me/cvedetector/1023", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-5566 - GitHub Enterprise Server Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-5566 \nPublished : July 16, 2024, 10:15 p.m. | 22\u00a0minutes ago \nDescription : An improper privilege management vulnerability allowed users to migrate private repositories without having appropriate scopes defined on the related Personal Access Token. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.14 and was fixed in version 3.13.1, 3.12.6, 3.11.12, 3.10.14, and 3.9.17. \nSeverity: 5.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-17T00:39:28.000000Z"}, {"uuid": "e3b324f6-7395-4667-ace1-178af491ed59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-55661", "type": "seen", "source": "https://t.me/CyberBulletin/26832", "content": "\u26a1\ufe0fCVE-2024-55661: RCE Vulnerability Discovered in Laravel Pulse Monitoring Tool.\n\n#CyberBulletin", "creation_timestamp": "2024-12-17T08:00:16.000000Z"}]}