{"vulnerability": "CVE-2024-1010", "sightings": [{"uuid": "19f9b41c-f156-4f21-9383-7042df94456c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10104", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113485513562755593", "content": "", "creation_timestamp": "2024-11-15T06:18:33.609579Z"}, {"uuid": "7fac1522-d4ef-44e1-89b9-062a9cebbbb4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10102", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lf4zpmy7nq2y", "content": "", "creation_timestamp": "2025-01-07T06:33:11.800029Z"}, {"uuid": "a65643bd-3a57-496b-9198-6b0c34fe86d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10106", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113798982541004567", "content": "", "creation_timestamp": "2025-01-09T14:57:50.562309Z"}, {"uuid": "7727da92-7839-4312-aa08-43329d7b39ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10106", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-027-03", "content": "", "creation_timestamp": "2026-01-27T11:00:00.000000Z"}, {"uuid": "069da6e2-9dfd-4f10-9877-1445fb664252", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10100", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10478", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-10100\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_0, Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: A path traversal vulnerability exists in binary-husky/gpt_academic version 3.83. The vulnerability is due to improper handling of the file parameter, which is open to path traversal through URL encoding. This allows attackers to view any file on the host system, including sensitive files such as critical application files, SSH keys, API keys, and configuration values.\n\ud83d\udccf Published: 2024-10-17T18:12:06.622Z\n\ud83d\udccf Modified: 2025-04-04T14:46:58.848Z\n\ud83d\udd17 References:\n1. https://huntr.com/bounties/e58a0fb4-2b1d-49ef-b32e-bb62659a6f99", "creation_timestamp": "2025-04-04T15:37:07.000000Z"}, {"uuid": "4263e0a0-01ba-4d28-8e26-858f3e813ea9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10106", "type": "seen", "source": "https://t.me/cvedetector/14849", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10106 - Citrix NetScaler Packet Handoff Plugin Buffer Overflow\", \n  \"Content\": \"CVE ID : CVE-2024-10106 \nPublished : Jan. 9, 2025, 3:15 p.m. | 39\u00a0minutes ago \nDescription : A buffer overflow vulnerability in the packet handoff plugin allows an attacker to overwrite memory outside the plugin's buffer. \nSeverity: 3.7 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-09T16:55:40.000000Z"}, {"uuid": "dbedc836-5802-42aa-9d44-1aa54f692611", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10103", "type": "seen", "source": "https://t.me/cvedetector/11435", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10103 - \"MailPoet Stored Cross-Site Scripting (XSS) Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-10103 \nPublished : Nov. 19, 2024, 6:15 a.m. | 42\u00a0minutes ago \nDescription : In the process of testing the MailPoet  WordPress plugin before 5.3.2, a vulnerability was found that allows you to implement Stored XSS on behalf of the editor by embedding malicious script, which entails account takeover backdoor \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-19T08:26:59.000000Z"}, {"uuid": "8911fcab-1ef8-43a2-bf6a-96092e1a72ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10101", "type": "seen", "source": "https://t.me/cvedetector/8239", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10101 - Binary-Husky GPT Academic Stored XSS\", \n  \"Content\": \"CVE ID : CVE-2024-10101 \nPublished : Oct. 17, 2024, 7:15 p.m. | 16\u00a0minutes ago \nDescription : A stored cross-site scripting (XSS) vulnerability exists in binary-husky/gpt_academic version 3.83. The vulnerability occurs at the /file endpoint, which renders HTML files. Malicious HTML files containing XSS payloads can be uploaded and stored in the backend, leading to the execution of the payload in the victim's browser when the file is accessed. This can result in the theft of session cookies or other sensitive information. \nSeverity: 8.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-17T21:40:32.000000Z"}, {"uuid": "c36eff90-6bf5-4213-a650-15a30a5221fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10100", "type": "seen", "source": "https://t.me/cvedetector/8238", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10100 - Binary-Husky GPT Academic Path Traversal Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-10100 \nPublished : Oct. 17, 2024, 7:15 p.m. | 16\u00a0minutes ago \nDescription : A path traversal vulnerability exists in binary-husky/gpt_academic version 3.83. The vulnerability is due to improper handling of the file parameter, which is open to path traversal through URL encoding. This allows attackers to view any file on the host system, including sensitive files such as critical application files, SSH keys, API keys, and configuration values. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-17T21:40:31.000000Z"}, {"uuid": "ed08d656-bdf0-4851-885e-0e61f9bbaffe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-1010", "type": "seen", "source": "https://t.me/ctinow/175442", "content": "https://ift.tt/TeUMWxq\nCVE-2024-1010", "creation_timestamp": "2024-01-29T18:22:24.000000Z"}, {"uuid": "fc585f7a-542e-469b-a332-3d9029d05a90", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10106", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfcxty2wea2f", "content": "", "creation_timestamp": "2025-01-09T15:15:47.651266Z"}, {"uuid": "3c9c7f4a-419c-468f-9038-1a2e79ae2b3d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10106", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfcz4lrmkl2i", "content": "", "creation_timestamp": "2025-01-09T15:38:31.103703Z"}, {"uuid": "73f29691-7672-46ab-9886-2d9cc0aa109c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10102", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/361", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-10102\n\ud83d\udd39 Description: The Photo Gallery, Images, Slider in Rbs Image Gallery WordPress plugin before 3.2.22 does not sanitise and escape some of its Gallery settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks\n\ud83d\udccf Published: 2025-01-07T06:00:02.472Z\n\ud83d\udccf Modified: 2025-01-07T06:00:02.472Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/3b34d1ec-5370-40a8-964e-663f4f9f42f8/", "creation_timestamp": "2025-01-07T06:37:03.000000Z"}, {"uuid": "36f0a20f-5994-4497-8fe0-4a47b4dca35f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10104", "type": "seen", "source": "https://t.me/cvedetector/11046", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10104 - \"WordPress Jobs Stored Cross-Site Scripting Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-10104 \nPublished : Nov. 15, 2024, 7:15 a.m. | 45\u00a0minutes ago \nDescription : The Jobs for WordPress plugin before 2.7.8 does not sanitise and escape some of its Job settings, which could allow high privilege users such as contributor to perform Stored Cross-Site Scripting attacks \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-15T09:23:47.000000Z"}, {"uuid": "7393e01e-7fb6-4c0a-b078-42aae1639725", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10103", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113508138237056733", "content": "", "creation_timestamp": "2024-11-19T06:12:18.733698Z"}, {"uuid": "2a104618-38e8-49fd-a90a-2907818123b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10102", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf4yqbaytp25", "content": "", "creation_timestamp": "2025-01-07T06:15:39.290945Z"}, {"uuid": "b054f0b6-9cdf-4313-a15e-21c535f589ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10106", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/959", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-10106\n\ud83d\udd39 Description: A buffer overflow vulnerability in the packet handoff plugin allows an attacker to overwrite memory outside the plugin's buffer.\n\ud83d\udccf Published: 2025-01-09T14:56:47.355Z\n\ud83d\udccf Modified: 2025-01-09T14:56:47.355Z\n\ud83d\udd17 References:\n1. https://github.com/SiliconLabs/simplicity_sdk/releases\n2. https://community.silabs.com/069Vm00000I1JawIAF", "creation_timestamp": "2025-01-09T15:14:42.000000Z"}, {"uuid": "65119daa-ab80-4ea1-89d3-a3b966ee00d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10108", "type": "seen", "source": "https://t.me/cvedetector/9403", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10108 - WordPress WPAdverts - Classifieds Plugin Stored Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-10108 \nPublished : Oct. 30, 2024, 7:15 a.m. | 36\u00a0minutes ago \nDescription : The WPAdverts \u2013 Classifieds Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's adverts_add shortcode in all versions up to, and including, 2.1.6 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 7.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-30T09:10:31.000000Z"}, {"uuid": "9d71586e-52fd-4615-a5ee-dc194aab2149", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-1010", "type": "seen", "source": "https://t.me/ctinow/179426", "content": "https://ift.tt/oVprC14\nCVE-2024-1010 Exploit", "creation_timestamp": "2024-02-05T19:16:49.000000Z"}, {"uuid": "62e9bdf5-fe11-4ccd-848a-3f4e51fdb5ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-1010", "type": "seen", "source": "https://t.me/ctinow/175268", "content": "https://ift.tt/D98ykIz\nCVE-2024-1010 | SourceCodester Employee Management System 1.0 edit-profile.php cross site scripting", "creation_timestamp": "2024-01-29T14:41:46.000000Z"}]}