https://db.gcve.eu Contains only the most 10 recent sightings. http://www.rssboard.org/rss-specification python-feedgen en Wed, 20 May 2026 03:51:40 +0000 https://db.gcve.eu/sighting/83f9f99a-b998-410a-9c93-75e9d014d6be/export {"uuid": "83f9f99a-b998-410a-9c93-75e9d014d6be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45058", "type": "seen", "source": "https://t.me/cvedetector/4356", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-45058 - i-Educar Unvalidated User Permissions Privilege Escalation Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-45058 \nPublished : Aug. 28, 2024, 9:15 p.m. | 42\u00a0minutes ago \nDescription : i-Educar is free, completely online school management software that allows school secretaries, teachers, coordinators and area managers. An attacker with only minimal viewing privileges in the settings section is able to change their user type to Administrator (or another type with super-permissions). Any user is capable of becoming an administrator, which can lead to account theft, changing administrative tasks, etc. The failure occurs in the file located in ieducar/intranet/educar_usuario_cad.php on line 446 , which does not perform checks on the user's current permission level to make changes. This issue has not yet been patched. Users are advised to contact the developer and to coordinate an update schedule. \nSeverity: 8.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"28 Aug 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-29T00:19:44.000000Z"} {"uuid": "83f9f99a-b998-410a-9c93-75e9d014d6be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45058", "type": "seen", "source": "https://t.me/cvedetector/4356", "content": "{\n \"Source\": \"CVE FEED\",\n \"Title\": \"CVE-2024-45058 - i-Educar Unvalidated User Permissions Privilege Escalation Vulnerability\", \n \"Content\": \"CVE ID : CVE-2024-45058 \nPublished : Aug. 28, 2024, 9:15 p.m. | 42\u00a0minutes ago \nDescription : i-Educar is free, completely online school management software that allows school secretaries, teachers, coordinators and area managers. An attacker with only minimal viewing privileges in the settings section is able to change their user type to Administrator (or another type with super-permissions). Any user is capable of becoming an administrator, which can lead to account theft, changing administrative tasks, etc. The failure occurs in the file located in ieducar/intranet/educar_usuario_cad.php on line 446 , which does not perform checks on the user's current permission level to make changes. This issue has not yet been patched. Users are advised to contact the developer and to coordinate an update schedule. \nSeverity: 8.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n \"Detection Date\": \"28 Aug 2024\",\n \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-29T00:19:44.000000Z"} https://db.gcve.eu/sighting/83f9f99a-b998-410a-9c93-75e9d014d6be/export Thu, 29 Aug 2024 00:19:44 +0000 https://db.gcve.eu/sighting/2fe5faa9-a871-4d38-bb76-d58a81bbd0bc/export {"uuid": "2fe5faa9-a871-4d38-bb76-d58a81bbd0bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45058", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8418", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPoC for CVE-2024-45058 Broken Access Control, allowing any user with view permission in the user configuration section to become an administrator. \nURL\uff1ahttps://github.com/0xbhsu/CVE-2024-45058\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-08-30T18:47:28.000000Z"} {"uuid": "2fe5faa9-a871-4d38-bb76-d58a81bbd0bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45058", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8418", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPoC for CVE-2024-45058 Broken Access Control, allowing any user with view permission in the user configuration section to become an administrator. \nURL\uff1ahttps://github.com/0xbhsu/CVE-2024-45058\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-08-30T18:47:28.000000Z"} https://db.gcve.eu/sighting/2fe5faa9-a871-4d38-bb76-d58a81bbd0bc/export Fri, 30 Aug 2024 18:47:28 +0000