{"vulnerability": "cve-2024-1035", "sightings": [{"uuid": "f88cf8d3-9dbf-45ce-b365-01ce81ed6587", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10356", "type": "seen", "source": "https://t.me/cvedetector/13092", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10356 - Elementor ElementsReady Sensitive Information Exposure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-10356 \nPublished : Dec. 17, 2024, 1:15 p.m. | 37\u00a0minutes ago \nDescription : The ElementsReady Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.4.8 in inc/Widgets/accordion/output/content.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft template data. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-17T15:06:15.000000Z"}, {"uuid": "f43ecb51-d224-454a-b146-894612a4aa33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10352", "type": "seen", "source": "https://t.me/cvedetector/10347", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10352 - Elementor Sensitive Information Exposure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-10352 \nPublished : Nov. 9, 2024, 12:15 p.m. | 42\u00a0minutes ago \nDescription : The Magical Addons For Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 1.2.4 via the get_content_type function in includes/widgets/content-reveal.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft template data. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-09T14:08:53.000000Z"}, {"uuid": "fe682d4e-4f30-40e1-a2d2-bd3f7209f633", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10357", "type": "seen", "source": "https://t.me/cvedetector/9031", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10357 - Elementor Clever Addons Sensitive Information Exposure\", \n  \"Content\": \"CVE ID : CVE-2024-10357 \nPublished : Oct. 26, 2024, 10:15 a.m. | 44\u00a0minutes ago \nDescription : The Clever Addons for Elementor plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.1 via the getTemplateContent function in src/widgets/class-clever-widget-base.php. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract sensitive private, pending, and draft template data. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-26T13:08:54.000000Z"}, {"uuid": "b6256a14-8bb8-407f-8496-b38585eee35e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10354", "type": "seen", "source": "https://t.me/cvedetector/8881", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10354 - SourceCodester Petrol Pump Management Software SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-10354 \nPublished : Oct. 25, 2024, 1:15 a.m. | 18\u00a0minutes ago \nDescription : A vulnerability classified as critical was found in SourceCodester Petrol Pump Management Software 1.0. Affected by this vulnerability is an unknown functionality of the file /admin/print.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 4.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-25T03:42:28.000000Z"}, {"uuid": "68936beb-c9c4-41a7-81cd-ae693490585c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10355", "type": "seen", "source": "https://t.me/cvedetector/8880", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10355 - SourceCodester Petrol Pump Management Software SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-10355 \nPublished : Oct. 25, 2024, 1:15 a.m. | 18\u00a0minutes ago \nDescription : A vulnerability, which was classified as critical, has been found in SourceCodester Petrol Pump Management Software 1.0. Affected by this issue is some unknown functionality of the file /admin/invoice.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 4.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-25T03:42:27.000000Z"}, {"uuid": "d2c8972f-61bf-4b01-8d1b-f9821ccdc77e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10353", "type": "seen", "source": "https://t.me/cvedetector/8879", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10353 - SourceCodester Online Exam System: Critical Remote Access Control Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-10353 \nPublished : Oct. 25, 2024, 12:15 a.m. | 27\u00a0minutes ago \nDescription : A vulnerability classified as critical has been found in SourceCodester Online Exam System 1.0. Affected is an unknown function of the file /admin-dashboard. The manipulation leads to improper access controls. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. This affects a different product and is a different issue than CVE-2024-40480. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-25T02:52:17.000000Z"}, {"uuid": "50d4e363-8245-41a1-98f0-1724e50fa8ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10351", "type": "seen", "source": "https://t.me/cvedetector/8878", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10351 - Tenda RX9 Pro Stack-Based Buffer Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-10351 \nPublished : Oct. 25, 2024, 12:15 a.m. | 27\u00a0minutes ago \nDescription : A vulnerability was found in Tenda RX9 Pro 22.03.02.20. It has been rated as critical. This issue affects the function sub_424CE0 of the file /goform/setMacFilterCfg of the component POST Request Handler. The manipulation of the argument deviceList leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-25T02:52:16.000000Z"}, {"uuid": "9cc053c1-cddb-4666-9c37-915ff5d288a4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10350", "type": "seen", "source": "https://t.me/cvedetector/8877", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10350 - \"Code-projects Hospital Management System SQL Injection Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-10350 \nPublished : Oct. 24, 2024, 11:15 p.m. | 36\u00a0minutes ago \nDescription : A vulnerability was found in code-projects Hospital Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/add-doctor.php. The manipulation of the argument docname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 4.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-25T02:02:05.000000Z"}, {"uuid": "9ae0c17a-7068-47cc-b15d-d3a16bff9abd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-1035", "type": "seen", "source": "https://t.me/ctinow/189683", "content": "https://ift.tt/etPEkmg\nCVE-2024-1035 | openBI up to 1.0.8 Icon.php uploadIcon image unrestricted upload", "creation_timestamp": "2024-02-21T15:42:12.000000Z"}, {"uuid": "96c687bd-32ab-4ec7-9fe4-3e8aba006f39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-1035", "type": "seen", "source": "https://t.me/ctinow/176100", "content": "https://ift.tt/H2LnIkm\nCVE-2024-1035", "creation_timestamp": "2024-01-30T17:21:55.000000Z"}, {"uuid": "2eb583b1-c9e7-4c31-8d51-6bd51e56d995", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-10356", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113668272289530654", "content": "", "creation_timestamp": "2024-12-17T12:56:30.496620Z"}]}