{"vulnerability": "cve-2024-4921", "sightings": [{"uuid": "6a6da5b3-ce30-4a37-baca-36f60f28cd7e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49210", "type": "seen", "source": "https://t.me/cvedetector/8631", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49210 - Archer Platform UX - Reflected Cross-Site Scripting (XSS) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49210 \nPublished : Oct. 22, 2024, 5:15 p.m. | 44\u00a0minutes ago \nDescription : Reflected XSS was discovered in an iView List Archer Platform UX page in Archer Platform 6.x before version 2024.09. A remote unauthenticated attacker could potentially exploit this by tricking a victim application user into supplying malicious HTML or JavaScript code to the vulnerable web application; the malicious code is then reflected back to the victim and executed by the web browser in the context of the vulnerable web application. \nSeverity: 5.2 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-22T20:28:28.000000Z"}, {"uuid": "33e8f899-e09b-4a0f-a5bb-ae37fefdad59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49215", "type": "seen", "source": "https://t.me/cvedetector/8444", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49215 - Sangoma Asterisk File Traversal Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49215 \nPublished : Oct. 21, 2024, 1:15 a.m. | 40\u00a0minutes ago \nDescription : An issue was discovered in Sangoma Asterisk through 18.20.0, 19.x and 20.x through 20.5.0, and 21.x through 21.0.0, and Certified Asterisk through 18.9-cert5. In manager.c, the functions action_getconfig() and action_getconfigJson() do not process the input file path, resulting in a path traversal vulnerability. In versions without the restrictedFile() function, no processing is done on the input path. In versions with the restrictedFile() function, path traversal is not processed. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-21T04:17:57.000000Z"}, {"uuid": "7acfbd89-66ec-4508-887d-89f1efe7a6d0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49214", "type": "seen", "source": "https://t.me/cvedetector/7799", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49214 - HAProxy QUIC Spoofed IP Address Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-49214 \nPublished : Oct. 14, 2024, 4:15 a.m. | 42\u00a0minutes ago \nDescription : QUIC in HAProxy 3.1.x before 3.1-dev7, 3.0.x before 3.0.5, and 2.9.x before 2.9.11 allows opening a 0-RTT session with a spoofed IP address. This can bypass the IP allow/block list functionality. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-14T07:28:08.000000Z"}, {"uuid": "6cbf3fe0-f2f4-4328-8241-5935f7169fb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49219", "type": "seen", "source": "https://t.me/cvedetector/8221", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49219 - Themexpo RS-Members Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49219 \nPublished : Oct. 17, 2024, 6:15 p.m. | 26\u00a0minutes ago \nDescription : Incorrect Privilege Assignment vulnerability in themexpo RS-Members allows Privilege Escalation.This issue affects RS-Members: from n/a through 1.0.3. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-17T20:49:58.000000Z"}, {"uuid": "d8c7c557-e89b-4c0d-a97a-4478106a8cd0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49218", "type": "seen", "source": "https://t.me/cvedetector/8080", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49218 - Al Imran Akash Recently Object Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49218 \nPublished : Oct. 16, 2024, 2:15 p.m. | 38\u00a0minutes ago \nDescription : Deserialization of Untrusted Data vulnerability in Al Imran Akash Recently allows Object Injection.This issue affects Recently: from n/a through 1.1. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-16T17:13:34.000000Z"}, {"uuid": "c89ce695-9362-466d-9a21-f7b11570eb38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49216", "type": "seen", "source": "https://t.me/cvedetector/8078", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49216 - Joshua Clayton Feed Comments Number Unrestricted File Upload RCE\", \n  \"Content\": \"CVE ID : CVE-2024-49216 \nPublished : Oct. 16, 2024, 2:15 p.m. | 38\u00a0minutes ago \nDescription : Unrestricted Upload of File with Dangerous Type vulnerability in Joshua Clayton Feed Comments Number allows Upload a Web Shell to a Web Server.This issue affects Feed Comments Number: from n/a through 0.2.1. \nSeverity: 10.0 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-16T17:13:30.000000Z"}, {"uuid": "bd269218-9bd4-4ffd-a56c-2e616d797c6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-4921", "type": "seen", "source": "Telegram/UsTY0lbExeiJCQxxuU8OmcP6fFMAnkgE6EIKQZZWLmjgz3jf", "content": "", "creation_timestamp": "2025-02-14T09:46:58.000000Z"}, {"uuid": "d1cd5890-6b8a-4a68-9dd7-48b084948353", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49211", "type": "seen", "source": "https://t.me/cvedetector/8627", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49211 - Archer Platform - Dashboard Listing Archer Platform UX Reflected Cross-Site Scripting Vululnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49211 \nPublished : Oct. 22, 2024, 5:15 p.m. | 44\u00a0minutes ago \nDescription : Reflected XSS was discovered in a Dashboard Listing Archer Platform UX page in Archer Platform 6.x before version 2024.08. A remote unauthenticated attacker could potentially exploit this by tricking a victim application user into supplying malicious HTML or JavaScript code to the vulnerable web application; the malicious code is then reflected back to the victim and executed by the web browser in the context of the vulnerable web application. \nSeverity: 5.2 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-22T20:28:25.000000Z"}, {"uuid": "9d053e1b-eac5-426d-8438-2381e3ab0e50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-49217", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3miijoztm2j27", "content": "", "creation_timestamp": "2026-04-02T06:00:15.328715Z"}, {"uuid": "8ec17015-9462-46b1-a5f8-b4f0d7a86a1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-49219", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mile7sby3h2v", "content": "", "creation_timestamp": "2026-04-03T09:00:14.571583Z"}]}