https://db.gcve.eu/sightings/feed 2026-04-30T11:54:51.417785+00:00 Vulnerability-Lookup info@gcve.eu python-feedgen Contains only the most 10 recent sightings. https://db.gcve.eu/sighting/abb592df-28af-47e6-847b-e07dd8e37674/export 2026-04-30T11:54:51.705051+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "abb592df-28af-47e6-847b-e07dd8e37674", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7340", "type": "seen", "source": "https://t.me/cvedetector/2146", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-7340 - Apache Weave Remote File Traversal and Disclosure Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-7340 \nPublished : July 31, 2024, 3:15 p.m. | 18\u00a0minutes ago \nDescription : The Weave server API allows remote users to fetch files from a specific directory, but due to a lack of input validation, it is possible to traverse and leak arbitrary files remotely. In various common scenarios, this allows a low-privileged user to assume the role of the server admin. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"31 Jul 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-31T17:40:20.000000Z"} 2024-07-31T17:40:20+00:00 https://db.gcve.eu/sighting/aabbd175-f7f6-4709-b344-154cc550383e/export 2026-04-30T11:54:51.704926+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "aabbd175-f7f6-4709-b344-154cc550383e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7340", "type": "published-proof-of-concept", "source": "https://t.me/G18Division/34", "content": "Exploit for W&B Weave Server - Remote Arbitrary File Leak (CVE-2024-7340)\ud83e\udd77\n\nDescription\ud83d\udd08\nThe Weave server API allows remote users to fetch files from a specific directory, but due to a lack of input validation, it is possible to traverse and leak arbitrary files remotely. In various common scenarios, this allows a low-privileged user to assume the role of the server admin.\n\nNuclei Template\ud83c\udf0e\nView the template here CVE-2024-7340.yaml\n\nValidate with Nuclei\necho \"$URL\" | nuclei -t ~/nuclei-templates/http/cves/2024/CVE-2024-7340.yaml\n\nReferences:\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-7340\nhttps://research.jfrog.com/vulnerabilities/wandb-weave-server-remote-arbitrary-file-leak-jfsa-2024-001039248/\nhttps://github.com/wandb/weave/pull/1657\nhttps://github.com/advisories/GHSA-r49h-6qxq-624f", "creation_timestamp": "2024-09-17T09:09:01.000000Z"} 2024-09-17T09:09:01+00:00 https://db.gcve.eu/sighting/53d7d235-62f0-4a98-ace7-930790975351/export 2026-04-30T11:54:51.704770+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "53d7d235-62f0-4a98-ace7-930790975351", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7340", "type": "published-proof-of-concept", "source": "https://t.me/whoisAlixan/2908", "content": "Exploit for W&B Weave Server - Remote Arbitrary File Leak (CVE-2024-7340)\ud83e\udd77\n\nDescription\ud83d\udd08\nThe Weave server API allows remote users to fetch files from a specific directory, but due to a lack of input validation, it is possible to traverse and leak arbitrary files remotely. In various common scenarios, this allows a low-privileged user to assume the role of the server admin.\n\nNuclei Template\ud83c\udf0e\nView the template here CVE-2024-7340.yaml\n\nValidate with Nuclei\necho \"$URL\" | nuclei -t ~/nuclei-templates/http/cves/2024/CVE-2024-7340.yaml\n\nReferences:\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-7340\nhttps://research.jfrog.com/vulnerabilities/wandb-weave-server-remote-arbitrary-file-leak-jfsa-2024-001039248/\nhttps://github.com/wandb/weave/pull/1657\nhttps://github.com/advisories/GHSA-r49h-6qxq-624f", "creation_timestamp": "2024-09-17T20:40:45.000000Z"} 2024-09-17T20:40:45+00:00 https://db.gcve.eu/sighting/d2ed5d39-3e9f-4702-9ca4-3bc37093144b/export 2026-04-30T11:54:51.703312+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "d2ed5d39-3e9f-4702-9ca4-3bc37093144b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-7340", "type": "published-proof-of-concept", "source": "https://t.me/BhinnekaSec/2642", "content": "Exploit for W&B Weave Server - Remote Arbitrary File Leak (CVE-2024-7340)\ud83e\udd77\n\nDescription\ud83d\udd08\nThe Weave server API allows remote users to fetch files from a specific directory, but due to a lack of input validation, it is possible to traverse and leak arbitrary files remotely. In various common scenarios, this allows a low-privileged user to assume the role of the server admin.\n\nNuclei Template\ud83c\udf0e\nView the template here CVE-2024-7340.yaml\n\nValidate with Nuclei\necho \"$URL\" | nuclei -t ~/nuclei-templates/http/cves/2024/CVE-2024-7340.yaml\n\nReferences:\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-7340\nhttps://research.jfrog.com/vulnerabilities/wandb-weave-server-remote-arbitrary-file-leak-jfsa-2024-001039248/\nhttps://github.com/wandb/weave/pull/1657\nhttps://github.com/advisories/GHSA-r49h-6qxq-624f", "creation_timestamp": "2024-10-15T01:39:58.000000Z"} 2024-10-15T01:39:58+00:00