{"vulnerability": "CVE-2024-1031", "sightings": [{"uuid": "026026aa-0283-4fec-8e0a-654f304bf20f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10314", "type": "seen", "source": "https://t.me/cvedetector/10498", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10314 - Helix Core Unauthenticated Remote Denial of Service Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-10314 \nPublished : Nov. 11, 2024, 2:15 p.m. | 35\u00a0minutes ago \nDescription : In Helix Core versions prior to 2024.2, an unauthenticated remote Denial of Service (DoS) via the auto-generation function was identified.  Reported by Karol Wi\u0119sek. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-11T16:06:13.000000Z"}, {"uuid": "fbb0a3a9-60ef-4256-a9a7-6b271b590f05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10319", "type": "seen", "source": "https://t.me/cvedetector/9858", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10319 - Elementor Xpro Addons Sensitive Information Exposure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-10319 \nPublished : Nov. 5, 2024, 11:15 a.m. | 39\u00a0minutes ago \nDescription : The 140+ Widgets | Xpro Addons For Elementor \u2013 FREE plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.4.6 via the render function in widgets/content-toggle/layout/frontend.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft template data. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-05T13:01:47.000000Z"}, {"uuid": "fb84cc66-39c0-40e0-9ddc-71fde41b3edb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10314", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113464733329954459", "content": "", "creation_timestamp": "2024-11-11T14:13:52.339094Z"}, {"uuid": "ebfe7677-2e7a-44ab-a3fe-fc59c8e1704f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10315", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113465940847914471", "content": "", "creation_timestamp": "2024-11-11T19:20:57.631777Z"}, {"uuid": "7701838c-fc09-4004-b875-358525bf97f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10316", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113520643174586222", "content": "", "creation_timestamp": "2024-11-21T11:12:28.873094Z"}, {"uuid": "c302d58c-5a02-47c9-8c0c-972f921e32f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10315", "type": "seen", "source": "https://t.me/cvedetector/10540", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10315 - Gliffy Online Insecure Configuration Denial of Service\", \n  \"Content\": \"CVE ID : CVE-2024-10315 \nPublished : Nov. 11, 2024, 8:15 p.m. | 37\u00a0minutes ago \nDescription : In Gliffy Online an insecure configuration was discovered in versions before 4.14.0-6 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-11T21:57:58.000000Z"}, {"uuid": "50d097b8-d5b6-48ac-8275-867956d76982", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10312", "type": "seen", "source": "https://t.me/cvedetector/9250", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10312 - Elementor Exclusive Addons Sensitive Data Exposure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-10312 \nPublished : Oct. 29, 2024, 8:15 a.m. | 20\u00a0minutes ago \nDescription : The Exclusive Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.7.4 via the render function in elements/tabs/tabs.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft template data. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-29T09:44:50.000000Z"}, {"uuid": "24e405f9-61a4-4b8b-8f60-b2ed4ae82a8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10313", "type": "seen", "source": "https://t.me/cvedetector/8831", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10313 - iniNet Solutions SpiderControl SCADA PC Path Traversal Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-10313 \nPublished : Oct. 24, 2024, 6:15 p.m. | 41\u00a0minutes ago \nDescription : iniNet Solutions SpiderControl SCADA PC HMI Editor has a path traversal   \nvulnerability. When the software loads a malicious \u2018ems' project   \ntemplate file constructed by an attacker, it can write files to   \narbitrary directories. This can lead to overwriting system files,   \ncausing system paralysis, or writing to startup items, resulting in   \nremote control. \nSeverity: 8.0 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"24 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-24T21:00:26.000000Z"}, {"uuid": "3bcbf64a-5fc5-4e36-85f2-240bb513ccb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-1031", "type": "seen", "source": "https://t.me/ctinow/189649", "content": "https://ift.tt/bBJxAqe\nCVE-2024-1031 | CodeAstro Expense Management System 1.0 Add Expenses Page 5-Add-Expenses.php item cross site scripting", "creation_timestamp": "2024-02-21T15:11:52.000000Z"}, {"uuid": "1ec77f5f-89c0-4aa4-8b37-62e8e7cba2b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10313", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-298-02", "content": "", "creation_timestamp": "2024-10-24T12:00:00.000000Z"}, {"uuid": "ed75c19a-4856-4673-a342-aaf66634199f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10319", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113430039335400358", "content": "", "creation_timestamp": "2024-11-05T11:10:44.404974Z"}, {"uuid": "6117d89c-1f51-409a-93ae-3cbc05c43c1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10311", "type": "seen", "source": "https://t.me/cvedetector/11053", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10311 - WordPress External Database Based Actions Plugin Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-10311 \nPublished : Nov. 15, 2024, 10:15 a.m. | 17\u00a0minutes ago \nDescription : The External Database Based Actions plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 0.1. This is due to a missing capability check in the 'edba_admin_handle' function. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to update the plugin settings and log in as any existing user on the site, such as an administrator. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-15T11:34:53.000000Z"}, {"uuid": "3aab88a9-a6c1-4bc8-b093-d328b0b4340e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10310", "type": "seen", "source": "https://t.me/cvedetector/9635", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10310 - Elementor Addons for WordPress Stored Cross-Site Scripting\", \n  \"Content\": \"CVE ID : CVE-2024-10310 \nPublished : Nov. 2, 2024, 2:15 a.m. | 29\u00a0minutes ago \nDescription : The Element Pack Elementor Addons (Header Footer, Template Library, Dynamic Grid & Carousel, Remote Arrows) plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Custom Gallery Widget 'image_title' parameter in all versions up to, and including, 5.10.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"02 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-02T03:53:50.000000Z"}]}