{"vulnerability": "cve-2024-1266", "sightings": [{"uuid": "2452c778-fe42-48b6-9820-a0e25028cfa7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12664", "type": "seen", "source": "https://t.me/cvedetector/13034", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12664 - Ruifang-tech Rebuild Project Task Comment Handler Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12664 \nPublished : Dec. 16, 2024, 8:15 p.m. | 17\u00a0minutes ago \nDescription : A vulnerability, which was classified as problematic, has been found in ruifang-tech Rebuild 3.8.5. This issue affects some unknown processing of the component Project Task Comment Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 3.5 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-16T21:33:07.000000Z"}, {"uuid": "b34b0b4f-9b25-4d9c-aa58-dfe187a91d38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12661", "type": "seen", "source": "https://t.me/cvedetector/13031", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12661 - IObit Advanced SystemCare Utimate Local Null Pointer Dereference Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12661 \nPublished : Dec. 16, 2024, 7:15 p.m. | 27\u00a0minutes ago \nDescription : A vulnerability was found in IObit Advanced SystemCare Utimate up to 17.0.0. It has been rated as problematic. Affected by this issue is the function 0x8001E024 in the library AscRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. The attack needs to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-16T20:42:56.000000Z"}, {"uuid": "2dab0361-a135-4f35-a8f3-f4bb5e12f886", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12663", "type": "seen", "source": "https://t.me/cvedetector/13030", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12663 - Funnyzpc Mee-Admin Login Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12663 \nPublished : Dec. 16, 2024, 7:15 p.m. | 27\u00a0minutes ago \nDescription : A vulnerability classified as problematic was found in funnyzpc Mee-Admin up to 1.6. This vulnerability affects unknown code of the file /mee/login of the component Login. The manipulation of the argument username leads to observable response discrepancy. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. \nSeverity: 3.7 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-16T20:42:55.000000Z"}, {"uuid": "335e2457-f4cd-4dff-af6a-daed4b63298e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-1266", "type": "seen", "source": "https://t.me/ctinow/197435", "content": "https://ift.tt/sv39BbW\nCVE-2024-1266 | CodeAstro University Management System 1.0 Student Registration Form /st_reg.php Address cross site scripting", "creation_timestamp": "2024-03-01T09:41:39.000000Z"}, {"uuid": "1de1683e-cb98-4c96-9cc0-2e689fc88614", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-1266", "type": "seen", "source": "https://t.me/ctinow/180475", "content": "https://ift.tt/9azc5Ky\nCVE-2024-1266", "creation_timestamp": "2024-02-07T02:32:03.000000Z"}, {"uuid": "7a92f86e-445a-4575-9387-6c27c47053f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12667", "type": "seen", "source": "https://t.me/cvedetector/13037", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12667 - InvoicePlane Remote Session Expiration Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12667 \nPublished : Dec. 16, 2024, 8:15 p.m. | 17\u00a0minutes ago \nDescription : A vulnerability was found in InvoicePlane up to 1.6.1 and classified as problematic. Affected by this issue is some unknown functionality of the file /invoices/view. The manipulation leads to session expiration. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. Upgrading to version 1.6.2-beta-1 is able to address this issue. It is recommended to upgrade the affected component. The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product. \nSeverity: 3.7 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-16T21:33:12.000000Z"}, {"uuid": "7c9ea4ec-d2d0-47b9-ba18-e78ba957d46c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12666", "type": "seen", "source": "https://t.me/cvedetector/13036", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12666 - ClassCMS Remote Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12666 \nPublished : Dec. 16, 2024, 8:15 p.m. | 17\u00a0minutes ago \nDescription : A vulnerability has been found in ClassCMS up to 4.8 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin?do=admin:user:editPost of the component User Management Page. The manipulation leads to improper handling of insufficient privileges. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 4.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-16T21:33:09.000000Z"}, {"uuid": "12a8aaa3-e2ee-4b86-8017-d6aa19da6662", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12665", "type": "seen", "source": "https://t.me/cvedetector/13035", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12665 - Ruifang-tech Rebuild Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12665 \nPublished : Dec. 16, 2024, 8:15 p.m. | 17\u00a0minutes ago \nDescription : A vulnerability, which was classified as problematic, was found in ruifang-tech Rebuild 3.8.5. Affected is an unknown function of the component Task Comment Attachment Upload. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 3.5 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-16T21:33:08.000000Z"}, {"uuid": "bd246f34-272f-4e8a-ac39-b1eceda94596", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12662", "type": "seen", "source": "https://t.me/cvedetector/13029", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12662 - IObit Advanced SystemCare Utimate Ioctl Handler Null Pointer Dereference Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12662 \nPublished : Dec. 16, 2024, 7:15 p.m. | 27\u00a0minutes ago \nDescription : A vulnerability classified as problematic has been found in IObit Advanced SystemCare Utimate up to 17.0.0. This affects the function 0x8001E040 in the library AscRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-16T20:42:55.000000Z"}, {"uuid": "508c3662-179f-48d4-b47d-1ed1c2d9003a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12669", "type": "seen", "source": "https://t.me/cvedetector/13099", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12669 - Autodesk Navisworks Heap-based Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12669 \nPublished : Dec. 17, 2024, 4:15 p.m. | 19\u00a0minutes ago \nDescription : A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can be used to cause a Heap-based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-17T17:36:44.000000Z"}, {"uuid": "7a28c00f-abaf-4379-9b2c-f8d052144af2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12660", "type": "seen", "source": "https://t.me/cvedetector/13028", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12660 - IObit Advanced SystemCare Utimate Null Pointer Dereference Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12660 \nPublished : Dec. 16, 2024, 6:15 p.m. | 32\u00a0minutes ago \nDescription : A vulnerability was found in IObit Advanced SystemCare Utimate up to 17.0.0. It has been declared as problematic. Affected by this vulnerability is the function 0x8001E018 in the library AscRegistryFilter.sys of the component IOCTL Handler. The manipulation leads to null pointer dereference. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-16T19:52:47.000000Z"}, {"uuid": "ca637b8a-eb4f-499f-83c8-34d148c46f7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-1266", "type": "seen", "source": "https://t.me/ctinow/185102", "content": "https://ift.tt/ef3HUOd\nCVE-2024-1266 Exploit", "creation_timestamp": "2024-02-14T23:16:30.000000Z"}, {"uuid": "162a6cfc-0646-4b3f-a0a2-71ad934f38fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12663", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113664073754598762", "content": "", "creation_timestamp": "2024-12-16T19:08:46.123576Z"}, {"uuid": "5c7af6bd-7db6-45ce-ae06-c456f244e037", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12664", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113664164593104440", "content": "", "creation_timestamp": "2024-12-16T19:31:51.943615Z"}, {"uuid": "2005e558-acc6-4d03-8876-b9fd61a8b742", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12665", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113664164608055811", "content": "", "creation_timestamp": "2024-12-16T19:31:52.819380Z"}, {"uuid": "8fdf56b2-769b-40c5-823c-9da0985046fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12666", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113664290594036492", "content": "", "creation_timestamp": "2024-12-16T20:03:54.632284Z"}, {"uuid": "78d8f9a7-6dc0-4ef1-a221-62ce980894c7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12667", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113664290608812481", "content": "", "creation_timestamp": "2024-12-16T20:03:54.865369Z"}, {"uuid": "53fd515a-d8fb-40bb-ab33-e197eaa63695", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-12669", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-24-1700/", "content": "", "creation_timestamp": "2024-12-19T05:00:00.000000Z"}]}