{"vulnerability": "CVE-2024-5330", "sightings": [{"uuid": "f9115dd5-d0d4-4ae4-b28e-1dbad9f0cfe6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-53309", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113998927564496857", "content": "", "creation_timestamp": "2025-02-13T22:26:29.526526Z"}, {"uuid": "f200c56e-8616-44fa-a8a5-152c7174d061", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-53309", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3li3syr6c5u2z", "content": "", "creation_timestamp": "2025-02-13T23:15:56.232905Z"}, {"uuid": "76760618-1c16-404b-a4c1-388729b95ef1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-53309", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3li3xgdnojd2e", "content": "", "creation_timestamp": "2025-02-14T00:35:10.163006Z"}, {"uuid": "50ac8355-9072-4fe7-abc4-4031f99ff571", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-53309", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/4375", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-53309\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: No description available\n\ud83d\udccf Published: 2025-02-13T23:15:10.400\n\ud83d\udccf Modified: N/A\n\ud83d\udd17 References:\n1. https://github.com/ufist/vulnerability-research/blob/main/CVE-2024-53309/CVE-2024-53309.md", "creation_timestamp": "2025-02-14T01:10:25.000000Z"}, {"uuid": "56a92f80-3043-48ab-b506-12055444d9b5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-53307", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/7026", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-53307\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A reflected cross-site scripting (XSS) vulnerability in the /mw/ endpoint of Evisions MAPS v6.10.2.267 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload.\n\ud83d\udccf Published: 2025-03-10T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-10T17:09:07.901Z\n\ud83d\udd17 References:\n1. https://gist.github.com/Xib3rR4dAr/bf754848f1cd77162f79226144b04648\n2. https://webhelp.evisions.com/releaseguides/maps/default.htm#6.11/6.11%20Release%20Notes.htm?TocPath=MAPS%25206.11%2520Release%2520Guide%257C_____3", "creation_timestamp": "2025-03-10T17:38:25.000000Z"}, {"uuid": "a4c3f8e6-b3d2-415d-a864-cfaf7f4b88e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-5330", "type": "seen", "source": "https://t.me/cvedetector/2222", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-5330 - WordPress Breakdance Plugin Stored Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-5330 \nPublished : Aug. 1, 2024, 7:15 a.m. | 40\u00a0minutes ago \nDescription : The Breakdance plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the breakdance_css_file_paths_cache parameter in all versions up to, and including, 1.7.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-01T10:24:27.000000Z"}, {"uuid": "14814607-9413-4a3d-9b46-46d1d802cabc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-53303", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/12112", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-53303\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A remote code execution (RCE) vulnerability in the upload_file function of LRQA Nettitude PoshC2 after commit 123db87 allows authenticated attackers to execute arbitrary code via a crafted POST request.\n\ud83d\udccf Published: 2025-04-16T00:00:00.000Z\n\ud83d\udccf Modified: 2025-04-16T17:50:12.625Z\n\ud83d\udd17 References:\n1. https://gist.github.com/fern89/3464e8428d7675e4f0f390a6b2b2842e", "creation_timestamp": "2025-04-16T17:56:39.000000Z"}, {"uuid": "9280dd19-9537-4391-98da-c6809bf14afb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-53307", "type": "seen", "source": "https://t.me/cvedetector/19978", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-53307 - Evisions MAPS Reflected Cross-Site Scripting (XSS) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-53307 \nPublished : March 10, 2025, 6:15 p.m. | 1\u00a0hour, 7\u00a0minutes ago \nDescription : A reflected cross-site scripting (XSS) vulnerability in the /mw/ endpoint of Evisions MAPS v6.10.2.267 allows attackers to execute arbitrary code in the context of a user's browser via injecting a crafted payload. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-10T20:43:08.000000Z"}, {"uuid": "435e1f7a-4e1e-4ec7-a849-db76af6ab985", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-53309", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/4390", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-53309\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A stack-based buffer overflow vulnerability exists in Effectmatrix Total Video Converter Command Line (TVCC) 2.50 when an overly long string is passed to the \"-f\" parameter. This can lead to memory corruption, potentially allowing arbitrary code execution or causing a denial of service via specially crafted input.\n\ud83d\udccf Published: 2025-02-14T00:30:44Z\n\ud83d\udccf Modified: 2025-02-14T00:30:45Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-53309\n2. https://github.com/ufist/vulnerability-research/blob/main/CVE-2024-53309/CVE-2024-53309.md", "creation_timestamp": "2025-02-14T01:15:02.000000Z"}, {"uuid": "c77a9b95-29ed-44d0-9d70-2b4bd2b3b7ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-53309", "type": "seen", "source": "https://t.me/cvedetector/18050", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-53309 - Effectmatrix Total Video Converter Command Line Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-53309 \nPublished : Feb. 13, 2025, 11:15 p.m. | 33\u00a0minutes ago \nDescription : A stack-based buffer overflow vulnerability exists in Effectmatrix Total Video Converter Command Line (TVCC) 2.50 when an overly long string is passed to the \"-f\" parameter. This can lead to memory corruption, potentially allowing arbitrary code execution or causing a denial of service via specially crafted input. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-14T01:32:11.000000Z"}, {"uuid": "84fd52d8-ba19-4d46-ba94-757766ee4431", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-53309", "type": "seen", "source": "Telegram/E23MheXR_qgUE4MBdQR7zOKVD8UCKH0kxPnCI9TWsIW6zeuo", "content": "", "creation_timestamp": "2025-02-14T10:09:24.000000Z"}]}