https://db.gcve.eu/sightings/feed 2026-04-30T12:50:00.385607+00:00 Vulnerability-Lookup info@gcve.eu python-feedgen Contains only the most 10 recent sightings. https://db.gcve.eu/sighting/f2e8c9ee-56c7-4eea-a75a-8a6f2e16c362/export 2026-04-30T12:50:00.712973+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "f2e8c9ee-56c7-4eea-a75a-8a6f2e16c362", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-R49H-6QXQ-624F", "type": "published-proof-of-concept", "source": "https://t.me/G18Division/34", "content": "Exploit for W&B Weave Server - Remote Arbitrary File Leak (CVE-2024-7340)\ud83e\udd77\n\nDescription\ud83d\udd08\nThe Weave server API allows remote users to fetch files from a specific directory, but due to a lack of input validation, it is possible to traverse and leak arbitrary files remotely. In various common scenarios, this allows a low-privileged user to assume the role of the server admin.\n\nNuclei Template\ud83c\udf0e\nView the template here CVE-2024-7340.yaml\n\nValidate with Nuclei\necho \"$URL\" | nuclei -t ~/nuclei-templates/http/cves/2024/CVE-2024-7340.yaml\n\nReferences:\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-7340\nhttps://research.jfrog.com/vulnerabilities/wandb-weave-server-remote-arbitrary-file-leak-jfsa-2024-001039248/\nhttps://github.com/wandb/weave/pull/1657\nhttps://github.com/advisories/GHSA-r49h-6qxq-624f", "creation_timestamp": "2024-09-17T09:09:01.000000Z"} 2024-09-17T09:09:01+00:00 https://db.gcve.eu/sighting/412800c7-e21a-4477-83d3-afaaa237eb38/export 2026-04-30T12:50:00.712880+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "412800c7-e21a-4477-83d3-afaaa237eb38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-R49H-6QXQ-624F", "type": "published-proof-of-concept", "source": "https://t.me/whoisAlixan/2908", "content": "Exploit for W&B Weave Server - Remote Arbitrary File Leak (CVE-2024-7340)\ud83e\udd77\n\nDescription\ud83d\udd08\nThe Weave server API allows remote users to fetch files from a specific directory, but due to a lack of input validation, it is possible to traverse and leak arbitrary files remotely. In various common scenarios, this allows a low-privileged user to assume the role of the server admin.\n\nNuclei Template\ud83c\udf0e\nView the template here CVE-2024-7340.yaml\n\nValidate with Nuclei\necho \"$URL\" | nuclei -t ~/nuclei-templates/http/cves/2024/CVE-2024-7340.yaml\n\nReferences:\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-7340\nhttps://research.jfrog.com/vulnerabilities/wandb-weave-server-remote-arbitrary-file-leak-jfsa-2024-001039248/\nhttps://github.com/wandb/weave/pull/1657\nhttps://github.com/advisories/GHSA-r49h-6qxq-624f", "creation_timestamp": "2024-09-17T20:40:45.000000Z"} 2024-09-17T20:40:45+00:00 https://db.gcve.eu/sighting/ab1652f7-4444-42fd-a5f2-11fd6350d0fd/export 2026-04-30T12:50:00.709318+00:00 cedric http://db.gcve.eu/user/cedric {"uuid": "ab1652f7-4444-42fd-a5f2-11fd6350d0fd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "GHSA-R49H-6QXQ-624F", "type": "published-proof-of-concept", "source": "https://t.me/BhinnekaSec/2642", "content": "Exploit for W&B Weave Server - Remote Arbitrary File Leak (CVE-2024-7340)\ud83e\udd77\n\nDescription\ud83d\udd08\nThe Weave server API allows remote users to fetch files from a specific directory, but due to a lack of input validation, it is possible to traverse and leak arbitrary files remotely. In various common scenarios, this allows a low-privileged user to assume the role of the server admin.\n\nNuclei Template\ud83c\udf0e\nView the template here CVE-2024-7340.yaml\n\nValidate with Nuclei\necho \"$URL\" | nuclei -t ~/nuclei-templates/http/cves/2024/CVE-2024-7340.yaml\n\nReferences:\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-7340\nhttps://research.jfrog.com/vulnerabilities/wandb-weave-server-remote-arbitrary-file-leak-jfsa-2024-001039248/\nhttps://github.com/wandb/weave/pull/1657\nhttps://github.com/advisories/GHSA-r49h-6qxq-624f", "creation_timestamp": "2024-10-15T01:39:58.000000Z"} 2024-10-15T01:39:58+00:00