{"vulnerability": "CVE-2024-5107", "sightings": [{"uuid": "ce2374bb-bfa6-48a8-8a51-6c0a8874ef3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-51076", "type": "seen", "source": "https://t.me/cvedetector/9331", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-51076 - PHPGurukul Online DJ Booking Management System XSS\", \n  \"Content\": \"CVE ID : CVE-2024-51076 \nPublished : Oct. 29, 2024, 2:15 p.m. | 44\u00a0minutes ago \nDescription : A Reflected Cross Site Scripting (XSS) vulnerability was found in /odms/admin/booking-search.php in PHPGurukul Online DJ Booking Management System 1.0, which allows remote attackers to execute arbitrary code via the \"searchdata\" parameter. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-29T16:27:06.000000Z"}, {"uuid": "0f037d6b-e48e-4604-806a-7e7918dc11be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-51075", "type": "seen", "source": "https://t.me/cvedetector/9330", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-51075 - PHPGurukul Online DJ Booking Management System Reflected XSS\", \n  \"Content\": \"CVE ID : CVE-2024-51075 \nPublished : Oct. 29, 2024, 2:15 p.m. | 44\u00a0minutes ago \nDescription : A Reflected Cross Site Scripting (XSS) vulnerability was found in /odms/admin/user-search.php in PHPGurukul Online DJ Booking Management System v1.0, which allows remote attackers to execute arbitrary code via the searchdata parameter. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-29T16:27:06.000000Z"}, {"uuid": "120fd8fc-1900-4fb6-af58-15c13fe92054", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-51072", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1152", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-51072\n\ud83d\udd39 Description: An issue in KIA Seltos vehicle instrument cluster with software and hardware v1.0 allows attackers to cause a Denial of Service (DoS) via ECU reset UDS service. NOTE: this is disputed by the Supplier because the findings came from a potentially unrealistic test environment (an isolated ECU part that was not in a vehicle), and because the ECUReset specification does not allow a manufacturer to require SecurityAccess and Authentication.\n\ud83d\udccf Published: 2024-11-22T00:00:00\n\ud83d\udccf Modified: 2025-01-10T14:21:13.205282Z\n\ud83d\udd17 References:\n1. https://www.iso.org/standard/77323.html\n2. https://udsoncan.readthedocs.io/en/latest/udsoncan/services.html\n3. https://github.com/nitinronge91/KIA-SELTOS-Cluster-Vulnerabilities/blob/628b1550f0093f79380929074b6a5e6ca6f2d04b/CVE/Denial%20of%20Service%20via%20ECU%20Reset%20Service%20For%20KIA%20SELTOS%20CVE-2024-51072.md", "creation_timestamp": "2025-01-10T15:04:33.000000Z"}]}