{"vulnerability": "cve-2024-4074", "sightings": [{"uuid": "792acd6b-fb72-44ab-8236-46ac9461e169", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40747", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf65mye7dj2o", "content": "", "creation_timestamp": "2025-01-07T17:15:56.944299Z"}, {"uuid": "e97a2eb7-0eca-49d7-b18c-b886982ffbf5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40748", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf65n34y672f", "content": "", "creation_timestamp": "2025-01-07T17:15:59.821318Z"}, {"uuid": "dab2aefc-67ba-4163-ac4e-9f625eaae91d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40748", "type": "seen", "source": "https://bsky.app/profile/opsmatters.bsky.social/post/3lfbokr2zob24", "content": "", "creation_timestamp": "2025-01-09T02:56:55.325420Z"}, {"uuid": "4d7cefa6-3030-4c10-a213-ec54333e1d2b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40749", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf65n5unsz2o", "content": "", "creation_timestamp": "2025-01-07T17:16:02.673256Z"}, {"uuid": "feb099f7-44dc-4591-b7ee-ad3000a19aed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40748", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lf67hpn6mo2b", "content": "", "creation_timestamp": "2025-01-07T17:48:47.657397Z"}, {"uuid": "910339ee-5a7b-427f-a5f2-390f80ddcfc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40749", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lf67hpwfwm25", "content": "", "creation_timestamp": "2025-01-07T17:48:48.483456Z"}, {"uuid": "215c9037-3679-4a25-9d3b-a77499199912", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40747", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lf67hq7ysz2k", "content": "", "creation_timestamp": "2025-01-07T17:48:50.303352Z"}, {"uuid": "4b9d5632-7808-483f-8f3a-15f772bdf519", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40747", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113788009448134261", "content": "", "creation_timestamp": "2025-01-07T16:27:14.516765Z"}, {"uuid": "0df8fd4b-ff57-4573-8776-ecd32d9ca707", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40748", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113788009462822787", "content": "", "creation_timestamp": "2025-01-07T16:27:14.988019Z"}, {"uuid": "e2611c9c-e6f0-4f18-a429-3a2dac30c8cc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40749", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113788009476631166", "content": "", "creation_timestamp": "2025-01-07T16:27:15.491957Z"}, {"uuid": "f742ea23-02e5-4275-bd9d-1c07a614375f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40749", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/474", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-40749\n\ud83d\udd39 Description: Improper Access Controls allows access to protected views.\n\ud83d\udccf Published: 2025-01-07T16:22:12.593Z\n\ud83d\udccf Modified: 2025-01-07T16:22:12.593Z\n\ud83d\udd17 References:\n1. https://developer.joomla.org/security-centre/956-20250103-core-read-acl-violation-in-multiple-core-views.html", "creation_timestamp": "2025-01-07T16:43:13.000000Z"}, {"uuid": "7d0d20c3-8584-4368-bf4c-0231227fcb66", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40746", "type": "seen", "source": "https://t.me/cvedetector/8502", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40746 - HikaShop Joomla Stored XSS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-40746 \nPublished : Oct. 21, 2024, 5:15 p.m. | 45\u00a0minutes ago \nDescription : A stored cross-site scripting (XSS) vulnerability in HikaShop Joomla Component &lt; 5.1.1 allows remote attackers to execute arbitrary JavaScript in the web browser of a user, by including a malicious payload in the `description` parameter of any product. The `description `parameter is not sanitised in the backend. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-21T20:11:42.000000Z"}, {"uuid": "7309c6d6-cfbd-4f29-b5f8-f92f86422c74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40748", "type": "seen", "source": "https://bsky.app/profile/opsmatters.bsky.social/post/3lfyclgcsdm2b", "content": "", "creation_timestamp": "2025-01-18T02:53:46.588584Z"}, {"uuid": "b6478531-d78d-4dc1-8057-58ccd389376b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40743", "type": "seen", "source": "https://t.me/cvedetector/3666", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40743 - Apache Struts Cross-Site Scripting (XSS) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-40743 \nPublished : Aug. 20, 2024, 4:15 p.m. | 33\u00a0minutes ago \nDescription : The stripImages and stripIframes methods didn't properly process inputs, leading to XSS vectors. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-20T18:48:50.000000Z"}, {"uuid": "7e639410-8ec2-47ea-8170-f97877167b05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40741", "type": "seen", "source": "https://t.me/cvedetector/408", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40741 - A cross-site scripting (XSS) vulnerability in netb\", \n  \"Content\": \"CVE ID : CVE-2024-40741 \nPublished : July 9, 2024, 6:15 p.m. | 16\u00a0minutes ago \nDescription : A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the circuit ID parameter at /circuits/circuits/{id}/edit/. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-09T20:39:48.000000Z"}, {"uuid": "aca8313a-ec8c-43ab-86bd-45ae9c5d60b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40742", "type": "seen", "source": "https://t.me/cvedetector/406", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40742 - A cross-site scripting (XSS) vulnerability in netb\", \n  \"Content\": \"CVE ID : CVE-2024-40742 \nPublished : July 9, 2024, 6:15 p.m. | 16\u00a0minutes ago \nDescription : A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the circuit ID parameter at /circuits/circuits/add. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-09T20:39:46.000000Z"}, {"uuid": "b1cde8ec-7e4e-4b00-aa39-a8b26351d669", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40740", "type": "seen", "source": "https://t.me/cvedetector/405", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40740 - A cross-site scripting (XSS) vulnerability in netb\", \n  \"Content\": \"CVE ID : CVE-2024-40740 \nPublished : July 9, 2024, 6:15 p.m. | 16\u00a0minutes ago \nDescription : A cross-site scripting (XSS) vulnerability in netbox v4.0.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter at /dcim/power-feeds/{id}/edit/. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-09T20:39:45.000000Z"}, {"uuid": "7a6624f4-0735-45bf-9866-809750de7e86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40748", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/702", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-40748\n\ud83d\udd39 Description: Lack of output escaping in the id attribute of menu lists.\n\ud83d\udccf Published: 2025-01-07T16:22:00.896Z\n\ud83d\udccf Modified: 2025-01-08T14:51:06.931Z\n\ud83d\udd17 References:\n1. https://developer.joomla.org/security-centre/955-20250102-core-xss-vector-in-the-id-attribute-of-menu-lists.html", "creation_timestamp": "2025-01-08T15:14:04.000000Z"}, {"uuid": "da9dd08a-3585-44ba-bbf4-d5e0f8377e9f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40749", "type": "seen", "source": "https://t.me/cvedetector/14585", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40749 - Apache Stratus Remote Access Violation\", \n  \"Content\": \"CVE ID : CVE-2024-40749 \nPublished : Jan. 7, 2025, 5:15 p.m. | 31\u00a0minutes ago \nDescription : Improper Access Controls allows access to protected views. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-07T18:54:13.000000Z"}, {"uuid": "e90d856d-4a8a-4cb6-aafe-c35e9bef9ca8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40748", "type": "seen", "source": "https://t.me/cvedetector/14584", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40748 - \"Apache Struts HTML Injection\"\", \n  \"Content\": \"CVE ID : CVE-2024-40748 \nPublished : Jan. 7, 2025, 5:15 p.m. | 31\u00a0minutes ago \nDescription : Lack of output escaping in the id attribute of menu lists. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-07T18:54:13.000000Z"}, {"uuid": "fe8f01eb-5536-4949-923a-c350a9d4c445", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40747", "type": "seen", "source": "https://t.me/cvedetector/14583", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40747 - Chromium Modules Cross-Site Scripting (XSS) Vuln\", \n  \"Content\": \"CVE ID : CVE-2024-40747 \nPublished : Jan. 7, 2025, 5:15 p.m. | 31\u00a0minutes ago \nDescription : Various module chromes didn't properly process inputs, leading to XSS vectors. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-07T18:54:12.000000Z"}, {"uuid": "63080572-0b1c-41be-86e4-79c81c7cecec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40745", "type": "seen", "source": "https://t.me/cvedetector/12008", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40745 - Reflected Cross site scripting vulnerability in Co\", \n  \"Content\": \"CVE ID : CVE-2024-40745 \nPublished : Dec. 4, 2024, 3:15 p.m. | 18\u00a0minutes ago \nDescription : Reflected Cross site scripting vulnerability in Convert Forms component for Joomla in versions before 4.4.6. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-04T16:45:46.000000Z"}, {"uuid": "b18867dc-883a-4fba-bd4b-54f7807e5412", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-40744", "type": "seen", "source": "https://t.me/cvedetector/12007", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-40744 - Unrestricted file upload via security bypass in Co\", \n  \"Content\": \"CVE ID : CVE-2024-40744 \nPublished : Dec. 4, 2024, 3:15 p.m. | 18\u00a0minutes ago \nDescription : Unrestricted file upload via security bypass in Convert Forms component for Joomla in versions before 4.4.6. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-04T16:45:45.000000Z"}]}