{"vulnerability": "cve-2024-3645", "sightings": [{"uuid": "a02d116e-b013-4d07-8d41-db751ac2ee31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-36450", "type": "seen", "source": "https://t.me/cvedetector/522", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-36450 - Cross-site scripting vulnerability exists in sysin\", \n  \"Content\": \"CVE ID : CVE-2024-36450 \nPublished : July 10, 2024, 7:15 a.m. | 18\u00a0minutes ago \nDescription : Cross-site scripting vulnerability exists in sysinfo.cgi of Webmin versions prior to 1.910. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the website using the product. As a result, a session ID may be obtained, a webpage may be altered, or a server may be halted. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-10T09:39:28.000000Z"}, {"uuid": "1bab1181-b8ca-4678-a57a-6da223f7a7cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-36451", "type": "seen", "source": "https://t.me/cvedetector/520", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-36451 - Improper handling of insufficient permissions or p\", \n  \"Content\": \"CVE ID : CVE-2024-36451 \nPublished : July 10, 2024, 7:15 a.m. | 18\u00a0minutes ago \nDescription : Improper handling of insufficient permissions or privileges vulnerability exists in ajaxterm module of Webmin prior to 2.003. If this vulnerability is exploited, a console session may be hijacked by an unauthorized user. As a result, data within a system may be referred, a webpage may be altered, or a server may be permanently halted. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-10T09:39:23.000000Z"}, {"uuid": "3a5a9e59-045d-4dcd-9737-7e35a220d3bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-36453", "type": "seen", "source": "https://t.me/cvedetector/519", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-36453 - Cross-site scripting vulnerability exists in sessi\", \n  \"Content\": \"CVE ID : CVE-2024-36453 \nPublished : July 10, 2024, 7:15 a.m. | 18\u00a0minutes ago \nDescription : Cross-site scripting vulnerability exists in session_login.cgi of Webmin versions prior to 1.970 and Usermin versions prior to 1.820. If this vulnerability is exploited, an arbitrary script may be executed on the web browser of the user who accessed the website using the product. As a result, a webpage may be altered or sensitive information such as a credential may be disclosed. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-10T09:39:22.000000Z"}, {"uuid": "064cee97-d81d-4544-b9ac-db31e129ba49", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-36452", "type": "seen", "source": "https://t.me/cvedetector/517", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-36452 - Cross-site request forgery vulnerability exists in\", \n  \"Content\": \"CVE ID : CVE-2024-36452 \nPublished : July 10, 2024, 7:15 a.m. | 18\u00a0minutes ago \nDescription : Cross-site request forgery vulnerability exists in ajaxterm module of Webmin versions prior to 2.003. If this vulnerability is exploited, unintended operations may be performed when a user views a malicious page while logged in. As a result, data within a system may be referred, a webpage may be altered, or a server may be permanently halted. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-10T09:39:20.000000Z"}, {"uuid": "0e2e17f3-53aa-49a9-8333-babc817f9093", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-36456", "type": "seen", "source": "https://t.me/cvedetector/872", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-36456 - \"RHEL PAM Remote Code Execution Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-36456 \nPublished : July 15, 2024, 2:15 p.m. | 33\u00a0minutes ago \nDescription : This vulnerability allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by uploading a specially crafted PAM upgrade file. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-15T16:50:56.000000Z"}, {"uuid": "5fb1f7d7-e06c-41db-a3e0-5a4c1a8ba1d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-36458", "type": "seen", "source": "https://t.me/cvedetector/870", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-36458 - Adobe Reader File Format DSA Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-36458 \nPublished : July 15, 2024, 2:15 p.m. | 33\u00a0minutes ago \nDescription : The vulnerability allows a malicious low-privileged PAM user to perform server upgrade related actions. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-15T16:50:54.000000Z"}, {"uuid": "af0f01de-5d8c-403c-9916-8b9612e82b91", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-36457", "type": "seen", "source": "https://t.me/cvedetector/871", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-36457 - Apache PAM Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-36457 \nPublished : July 15, 2024, 2:15 p.m. | 33\u00a0minutes ago \nDescription : The vulnerability allows an attacker to bypass the authentication requirements for a specific PAM endpoint. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-15T16:50:55.000000Z"}, {"uuid": "7285444d-86d4-46cf-8b48-bb48f84bd469", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-36455", "type": "seen", "source": "https://t.me/cvedetector/873", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-36455 - Dynatrace PAM Command Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-36455 \nPublished : July 15, 2024, 2:15 p.m. | 33\u00a0minutes ago \nDescription : An improper input validation allows an unauthenticated attacker to achieve remote command execution on the affected PAM system by sending a specially crafted HTTP request. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-15T16:50:57.000000Z"}, {"uuid": "87610221-5c13-440d-90ba-227b16f63615", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-36451", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/5818", "content": "\u200aCVE-2024-36451 (CVSS 8.8): Webmin Vulnerability Allows Session Hijacking\n\nhttps://securityonline.info/cve-2024-36451-cvss-8-8-webmin-vulnerability-allows-session-hijacking/", "creation_timestamp": "2024-07-12T13:28:15.000000Z"}]}