{"vulnerability": "cve-2024-4822", "sightings": [{"uuid": "036a6b6d-7661-4833-82e9-c1e0adc29c88", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-48228", "type": "seen", "source": "https://t.me/cvedetector/8995", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48228 - Funadmin XSS\", \n  \"Content\": \"CVE ID : CVE-2024-48228 \nPublished : Oct. 25, 2024, 10:15 p.m. | 42\u00a0minutes ago \nDescription : An issue was found in funadmin 5.0.2. The selectfiles method in \\backend\\controller\\sys\\Attachh.php directly stores the passed parameters and values into the param parameter without filtering, resulting in Cross Site Scripting (XSS). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-26T01:27:10.000000Z"}, {"uuid": "3e07a120-dd1a-4323-83b5-3e88662b141b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-48226", "type": "seen", "source": "https://t.me/cvedetector/8993", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48226 - Funadmin SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-48226 \nPublished : Oct. 25, 2024, 9:15 p.m. | 31\u00a0minutes ago \nDescription : Funadmin 5.0.2 is vulnerable to SQL Injection in curd/table/savefield. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-25T23:46:47.000000Z"}, {"uuid": "60c4a912-4baa-4397-8bbe-c271bff739f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-48225", "type": "seen", "source": "https://t.me/cvedetector/8992", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48225 - Funadmin Arbitrary File Deletion Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-48225 \nPublished : Oct. 25, 2024, 9:15 p.m. | 31\u00a0minutes ago \nDescription : Funadmin v5.0.2 has an arbitrary file deletion vulnerability in /curd/index/delfile. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-25T23:46:46.000000Z"}, {"uuid": "b80f314e-7873-48e4-9d08-f083b1a264d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-48224", "type": "seen", "source": "https://t.me/cvedetector/8991", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48224 - Funadmin User-Mode Remote File Read Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-48224 \nPublished : Oct. 25, 2024, 9:15 p.m. | 31\u00a0minutes ago \nDescription : Funadmin v5.0.2 has an arbitrary file read vulnerability in /curd/index/editfile. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-25T23:46:42.000000Z"}, {"uuid": "e8d5a583-f0d6-4d23-9eef-d70f5f2293d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-48223", "type": "seen", "source": "https://t.me/cvedetector/8990", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48223 - Funadmin SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-48223 \nPublished : Oct. 25, 2024, 9:15 p.m. | 31\u00a0minutes ago \nDescription : Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/fieldlist. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-25T23:46:41.000000Z"}, {"uuid": "aa810786-3c85-4db0-b218-57f521b7eb79", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-48222", "type": "seen", "source": "https://t.me/cvedetector/8989", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48222 - Funadmin Spring Denial of Service\", \n  \"Content\": \"CVE ID : CVE-2024-48222 \nPublished : Oct. 25, 2024, 9:15 p.m. | 31\u00a0minutes ago \nDescription : Funadmin v5.0.2 has a SQL injection vulnerability in /curd/table/edit. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-25T23:46:40.000000Z"}, {"uuid": "38686e3f-1b01-405d-911b-7e5c4dfd9764", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-48229", "type": "seen", "source": "https://t.me/cvedetector/8984", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48229 - Cisco Funadmin SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-48229 \nPublished : Oct. 25, 2024, 9:15 p.m. | 31\u00a0minutes ago \nDescription : funadmin 5.0.2 has a SQL injection vulnerability in the Curd one click command mode plugin. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-25T23:46:34.000000Z"}, {"uuid": "5ee84b5c-8118-4ea7-83d5-69fb7cdbc07c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-48227", "type": "seen", "source": "https://t.me/cvedetector/8982", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-48227 - Funadmin: Denial of Service Vulnerability in Curd One Click Command Deletion Function\", \n  \"Content\": \"CVE ID : CVE-2024-48227 \nPublished : Oct. 25, 2024, 9:15 p.m. | 31\u00a0minutes ago \nDescription : Funadmin 5.0.2 has a logical flaw in the Curd one click command deletion function, which can result in a Denial of Service (DOS). \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-25T23:46:32.000000Z"}]}