{"vulnerability": "CVE-2024-5690", "sightings": [{"uuid": "4f2e62d6-ae68-4342-8dc0-ccb5001f7bde", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56902", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113941938425776547", "content": "", "creation_timestamp": "2025-02-03T20:53:24.492890Z"}, {"uuid": "e90c58f4-9ab1-4807-a2d4-75e32dddb8c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56901", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113941938411528140", "content": "", "creation_timestamp": "2025-02-03T20:53:24.151114Z"}, {"uuid": "94975bf4-fe87-47cf-94ac-50f89177b7ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56903", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113941938439591094", "content": "", "creation_timestamp": "2025-02-03T20:53:24.560242Z"}, {"uuid": "7b4463ed-6e17-4acb-a6bf-a20294cb5e84", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56902", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhchmntpsb2w", "content": "", "creation_timestamp": "2025-02-03T21:15:45.590808Z"}, {"uuid": "13d1d549-afab-4ea3-b946-6bfdd9c2c310", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56901", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhchmliidb2e", "content": "", "creation_timestamp": "2025-02-03T21:15:43.143905Z"}, {"uuid": "ca3a0b16-48c9-4c3c-a2e3-eff7d8b5ba93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56903", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhchmqgmvc2p", "content": "", "creation_timestamp": "2025-02-03T21:15:48.145938Z"}, {"uuid": "f20fec34-ec38-4464-a96f-ae1d9e9af9b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56902", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhckkrsodv2e", "content": "", "creation_timestamp": "2025-02-03T22:08:26.794527Z"}, {"uuid": "8669b3ea-1dbc-49f5-93f3-32ac6c5a7a0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56901", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhckkr2s7g2k", "content": "", "creation_timestamp": "2025-02-03T22:08:23.466151Z"}, {"uuid": "48543f68-f599-4506-bdad-cb52800482f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56901", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113946638527273443", "content": "", "creation_timestamp": "2025-02-04T16:48:44.805195Z"}, {"uuid": "803f424e-0c9b-4002-96c3-8437ec0dc36f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56903", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhckkrf6rq2q", "content": "", "creation_timestamp": "2025-02-03T22:08:25.091874Z"}, {"uuid": "ea27614c-4a90-440d-aa78-88a21c93b13c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56903", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113946638683230999", "content": "", "creation_timestamp": "2025-02-04T16:48:45.584965Z"}, {"uuid": "8e8b683c-451c-46b3-9d5f-2d0e28d72379", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56902", "type": "published-proof-of-concept", "source": "Telegram/Zz7KT0QW6jx788iRVLTrCBTX3Cn9rhr0SRN7kgKXbioAX_Y", "content": "", "creation_timestamp": "2025-02-02T22:00:05.000000Z"}, {"uuid": "b4f11ee2-cffb-4d1f-83d9-6be643c3027d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56908", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113998927592912791", "content": "", "creation_timestamp": "2025-02-13T22:26:30.327610Z"}, {"uuid": "bc01d178-26b5-46df-a63b-f55186ab3134", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56908", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3li3sz32aj42z", "content": "", "creation_timestamp": "2025-02-13T23:16:06.736487Z"}, {"uuid": "f26102bc-f339-4fa5-83a2-587924cb7e19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56908", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3li3xgd5aeh2h", "content": "", "creation_timestamp": "2025-02-14T00:35:07.397585Z"}, {"uuid": "85ab04a8-1d82-499b-b960-18ceb0b635bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56901", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lmngl3xoxt2t", "content": "", "creation_timestamp": "2025-04-12T21:02:23.984762Z"}, {"uuid": "961865d2-0c9c-4b4f-a50a-3dc1c74f069e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56908", "type": "seen", "source": "https://t.me/cvedetector/18054", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-56908 - Perfex Crm File Upload Bypass and Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-56908 \nPublished : Feb. 13, 2025, 11:15 p.m. | 33\u00a0minutes ago \nDescription : In Perfex Crm < 3.2.1, an authenticated attacker can send a crafted HTTP POST request to the affected upload_sales_file endpoint. By providing malicious input in the rel_id parameter, combined with improper input validation, the attacker can bypass restrictions and upload arbitrary files to directories of their choice, potentially leading to remote code execution or server compromise. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-14T01:32:14.000000Z"}, {"uuid": "290dee74-97f8-42ec-b55f-36898c342d9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56908", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/4371", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-56908\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2025-02-13T23:15:10.773\n\ud83d\udccf Modified: N/A\n\ud83d\udd17 References:\n1. https://gist.github.com/JuyLang/7406077e3e5e6b2ff35c80f1853e298f", "creation_timestamp": "2025-02-14T01:09:58.000000Z"}, {"uuid": "111e8bd9-7177-497f-bd9c-28773348d1b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56903", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6297", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-56901\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A Cross-Site Request Forgery (CSRF) vulnerability in Geovision GV-ASWeb application with the version 6.1.1.0 or less that allows attackers to arbitrarily create Administrator accounts via a crafted GET request method. This vulnerability is used in chain with CVE-2024-56903 for a successful CSRF attack.\n\ud83d\udccf Published: 2025-02-03T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-03T21:52:53.109Z\n\ud83d\udd17 References:\n1. https://github.com/DRAGOWN/CVE-2024-56901", "creation_timestamp": "2025-03-03T22:30:45.000000Z"}, {"uuid": "52218caf-dd6a-48e6-8348-69f85a5da0f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56902", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/6298", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-56902\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Information disclosure vulnerability in Geovision GV-ASManager web application with the version v6.1.0.0 or less, which discloses account information, including cleartext password.\n\ud83d\udccf Published: 2025-02-03T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-03T21:49:43.929Z\n\ud83d\udd17 References:\n1. https://github.com/DRAGOWN/CVE-2024-56902", "creation_timestamp": "2025-03-03T22:30:46.000000Z"}, {"uuid": "5781bcd5-dd12-4b55-bda8-d2eb7a6095b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56901", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6297", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-56901\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A Cross-Site Request Forgery (CSRF) vulnerability in Geovision GV-ASWeb application with the version 6.1.1.0 or less that allows attackers to arbitrarily create Administrator accounts via a crafted GET request method. This vulnerability is used in chain with CVE-2024-56903 for a successful CSRF attack.\n\ud83d\udccf Published: 2025-02-03T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-03T21:52:53.109Z\n\ud83d\udd17 References:\n1. https://github.com/DRAGOWN/CVE-2024-56901", "creation_timestamp": "2025-03-03T22:30:45.000000Z"}, {"uuid": "c7b9ace6-ec0c-4382-9fec-e199a4ca3f52", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56901", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6296", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-56903\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Geovision GV-ASWeb with the version 6.1.1.0 or less allows attackers to modify POST request method with the GET against critical functionalities, such as account management. This vulnerability is used in chain with CVE-2024-56901 for a successful CSRF attack.\n\ud83d\udccf Published: 2025-02-03T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-03T21:56:43.233Z\n\ud83d\udd17 References:\n1. https://github.com/DRAGOWN/CVE-2024-56903", "creation_timestamp": "2025-03-03T22:30:44.000000Z"}, {"uuid": "74d66375-538d-45f5-bbdb-5f91b1c4f008", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56903", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6296", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-56903\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: Geovision GV-ASWeb with the version 6.1.1.0 or less allows attackers to modify POST request method with the GET against critical functionalities, such as account management. This vulnerability is used in chain with CVE-2024-56901 for a successful CSRF attack.\n\ud83d\udccf Published: 2025-02-03T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-03T21:56:43.233Z\n\ud83d\udd17 References:\n1. https://github.com/DRAGOWN/CVE-2024-56903", "creation_timestamp": "2025-03-03T22:30:44.000000Z"}, {"uuid": "453fddf3-4e1c-44e7-80d8-c1604233e59b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56903", "type": "published-proof-of-concept", "source": "Telegram/Zz7KT0QW6jx788iRVLTrCBTX3Cn9rhr0SRN7kgKXbioAX_Y", "content": "", "creation_timestamp": "2025-02-02T22:00:05.000000Z"}, {"uuid": "bcea4afc-4377-4208-b60c-eee8de2c22de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-56901", "type": "published-proof-of-concept", "source": "Telegram/Zz7KT0QW6jx788iRVLTrCBTX3Cn9rhr0SRN7kgKXbioAX_Y", "content": "", "creation_timestamp": "2025-02-02T22:00:05.000000Z"}, {"uuid": "95c79121-1145-4d07-b031-c57b4c46e0a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5690", "type": "seen", "source": "https://t.me/Rootsec_2/5144", "content": "#exploit\n#WebApp_Security\nCVE-2024-9398, CVE-2024-5690:\nMozilla Firefox 0-day: URL protocol handler leak\nhttps://ricercasecurity.blogspot.com/2024/11/mozilla-firefox-0-day-url-cve-2024-9398.html", "creation_timestamp": "2024-11-18T10:52:19.000000Z"}, {"uuid": "457c1001-c533-477e-a397-99123cafe56d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5690", "type": "seen", "source": "https://t.me/CyberSecurityTechnologies/11446", "content": "#exploit\n#WebApp_Security\nCVE-2024-9398, CVE-2024-5690:\nMozilla Firefox 0-day: URL protocol handler leak\nhttps://ricercasecurity.blogspot.com/2024/11/mozilla-firefox-0-day-url-cve-2024-9398.html", "creation_timestamp": "2024-11-20T18:54:19.000000Z"}]}