{"vulnerability": "cve-2024-4061", "sightings": [{"uuid": "c427e056-9e51-4bcd-a462-3733bd30eb43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40619", "type": "seen", "source": "https://t.me/cvedetector/3201", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40619 - Siemens Simatic S7-1200 Denial of Service\", \n  \"Content\": \"CVE ID : CVE-2024-40619 \nPublished : Aug. 14, 2024, 8:15 p.m. | 40\u00a0minutes ago \nDescription : CVE-2024-40619 IMPACT  \n  \nA denial-of-service vulnerability exists in the affected products. The vulnerability occurs when a malformed CIP packet is sent over the network to the device and results in a major nonrecoverable fault causing a denial-of-service. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-14T23:15:03.000000Z"}, {"uuid": "9456fe28-0b8d-46e6-9e61-b1e4483b6b83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40618", "type": "seen", "source": "https://t.me/cvedetector/621", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40618 - Whale browser before 3.26.244.21 allows an attacke\", \n  \"Content\": \"CVE ID : CVE-2024-40618 \nPublished : July 11, 2024, 2:15 a.m. | 40\u00a0minutes ago \nDescription : Whale browser before 3.26.244.21 allows an attacker to execute malicious JavaScript due to improper sanitization when processing a built-in extension. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-11T04:56:15.000000Z"}, {"uuid": "3c807f8d-869a-4c5d-9aae-19dbc0835558", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40617", "type": "seen", "source": "https://t.me/cvedetector/1068", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40617 - Fujitsu Network Edgiot GW1500 Path Traversal Allows Sensitive Information Access\", \n  \"Content\": \"CVE ID : CVE-2024-40617 \nPublished : July 17, 2024, 9:15 a.m. | 42\u00a0minutes ago \nDescription : Path traversal vulnerability exists in FUJITSU Network Edgiot GW1500 (M2M-GW for FENICS). If a remote authenticated attacker with User Class privilege sends a specially crafted request to the affected product, access restricted files containing sensitive information may be accessed. As a result, Administrator Class privileges of the product may be hijacked. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-17T12:21:57.000000Z"}, {"uuid": "126f8978-225c-44ee-8958-1a1f60cdc0aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40614", "type": "seen", "source": "https://t.me/cvedetector/163", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40614 - EGroupware before 23.1.20240624 mishandles an ORDE\", \n  \"Content\": \"CVE ID : CVE-2024-40614 \nPublished : July 7, 2024, 3:15 p.m. | 19\u00a0minutes ago \nDescription : EGroupware before 23.1.20240624 mishandles an ORDER BY clause. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-07T17:35:51.000000Z"}, {"uuid": "f737952f-50a5-4420-bfc4-f6de0363e1a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40619", "type": "seen", "source": "Telegram/10NuZ5LH3Ze-p9mdnRMwiIijzku0X52HrwXCpcodGdJ9A84a", "content": "", "creation_timestamp": "2025-02-01T17:28:09.000000Z"}, {"uuid": "e87a476a-d2a7-4536-8cbf-0ad4e055ccd4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-4061", "type": "published-proof-of-concept", "source": "https://t.me/openSource3/133", "content": "CVE ID : CVE-2024-4061\nSystem : wordpress < 4.2.9\nType : Stored xss\n\nExploit :\n1. Add New Survey\n2. Choose any Templates\n3. Go to General Settings\n4. Insert the XSS payload into the fields where the question is asked: \">\n5. As a result, when you go to the site, the questionnaire in which XSS works will be displayed\n\u0627\u0644\u0627\u0633\u063a\u0644\u0627\u0644 :\n1. \u0625\u0636\u0627\u0641\u0629 \u0627\u0633\u062a\u0637\u0644\u0627\u0639 \u062c\u062f\u064a\u062f\n2. \u0627\u062e\u062a\u0631 \u0623\u064a \u0642\u0648\u0627\u0644\u0628\n3. \u0627\u0646\u062a\u0642\u0644 \u0625\u0644\u0649 \u0627\u0644\u0625\u0639\u062f\u0627\u062f\u0627\u062a \u0627\u0644\u0639\u0627\u0645\u0629\n4. \u0623\u062f\u062e\u0644 \u0628\u0627\u0644\u0648\u062f XSS \u0641\u064a \u0627\u0644\u062d\u0642\u0648\u0644 \u0627\u0644\u062a\u064a \u064a\u062a\u0645 \u0637\u0631\u062d \u0627\u0644\u0633\u0624\u0627\u0644 \u0641\u064a\u0647\u0627:\n \">\n\n5. \u0648\u0646\u062a\u064a\u062c\u0629 \u0644\u0630\u0644\u0643\u060c \u0639\u0646\u062f\u0645\u0627 \u062a\u0630\u0647\u0628 \u0625\u0644\u0649 \u0627\u0644\u0645\u0648\u0642\u0639\u060c \u0633\u064a\u062a\u0645 \u0639\u0631\u0636 \u0627\u0644\u0627\u0633\u062a\u0628\u064a\u0627\u0646 \u0627\u0644\u0630\u064a \u064a\u0639\u0645\u0644 \u0641\u064a\u0647 XSS", "creation_timestamp": "2024-05-24T07:56:57.000000Z"}, {"uuid": "41053513-f178-49bf-8b65-2d1335540719", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40617", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8125", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aProof of concept to exploit CVE-2024-40617\nURL\uff1ahttps://github.com/KyssK00L/CVE-2024-40617\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-07-30T11:51:29.000000Z"}, {"uuid": "0f4dcd71-be51-4e7c-a596-fae05fb73504", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-4061", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9497", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-4061\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Survey Maker  WordPress plugin before 4.2.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)\n\ud83d\udccf Published: 2024-05-21T06:00:02.007Z\n\ud83d\udccf Modified: 2025-03-28T23:17:49.657Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/175a9f3a-1f8d-44d1-8a12-e037251b025d/", "creation_timestamp": "2025-03-28T23:29:15.000000Z"}]}