{"vulnerability": "cve-2024-4933", "sightings": [{"uuid": "b3975ed9-8798-4bdb-b945-7fc75ea4879d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49336", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113680669150084414", "content": "", "creation_timestamp": "2024-12-19T17:29:11.570484Z"}, {"uuid": "a6d644e8-bcc9-47ff-bbaa-5c2a85f42394", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49336", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldoi4shh362x", "content": "", "creation_timestamp": "2024-12-19T18:15:58.609451Z"}, {"uuid": "cd59e67a-1555-4237-b766-dbe0722bcaf6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49338", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113849958872907896", "content": "", "creation_timestamp": "2025-01-18T15:01:48.175462Z"}, {"uuid": "72f8e57b-27c5-474c-bebb-e4efd0ed85da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49338", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfzlzp7shw2f", "content": "", "creation_timestamp": "2025-01-18T15:15:29.105518Z"}, {"uuid": "5fa3887f-b313-4321-a846-f7efc909c849", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49338", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfznf36wot2e", "content": "", "creation_timestamp": "2025-01-18T15:39:45.501752Z"}, {"uuid": "48c637e6-0eab-4c43-9b2b-0c5067c8c0f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49333", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113866642993345864", "content": "", "creation_timestamp": "2025-01-21T13:44:48.910662Z"}, {"uuid": "3a77635e-94ff-40b8-bead-49a798fde96b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49333", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgb23v5mwp2p", "content": "", "creation_timestamp": "2025-01-21T14:15:52.765290Z"}, {"uuid": "f62ff505-125c-4522-981a-650e620c9c28", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49333", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgb3g7qagf2b", "content": "", "creation_timestamp": "2025-01-21T14:39:36.767375Z"}, {"uuid": "cac1aa2a-0e3c-4d73-af8a-3fcfebc900e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49333", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113866893980975285", "content": "", "creation_timestamp": "2025-01-21T14:48:43.464230Z"}, {"uuid": "995c480f-6b8f-4119-865c-27396bf7d1eb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49339", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lh2isifgr42f", "content": "", "creation_timestamp": "2025-01-31T17:15:37.405748Z"}, {"uuid": "bbcf2fb4-7531-4cec-be1f-a45cda78f069", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49339", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lh2xd6pr6z2y", "content": "", "creation_timestamp": "2025-01-31T21:35:29.837289Z"}, {"uuid": "5bb8604c-ff71-4340-b0ae-1294495050e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49337", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3limla6jvn72v", "content": "", "creation_timestamp": "2025-02-20T15:12:10.854866Z"}, {"uuid": "e21e598b-5b1b-417d-b956-6632d3c6db32", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-49330", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mii7n67wzi2r", "content": "", "creation_timestamp": "2026-04-02T03:00:15.083596Z"}, {"uuid": "f91fabbe-ca38-4ea0-88b4-e2d26e78c11b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-49331", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mit4d5xbxs2v", "content": "", "creation_timestamp": "2026-04-06T11:00:15.367242Z"}, {"uuid": "4d410cad-dd4b-40d5-9b7b-c81ffe26950b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49337", "type": "seen", "source": "Telegram/ld7KcSXmAJCbkiKnWtulOqLd1f9OVkqTNQFYzJchqIxFw5Ow", "content": "", "creation_timestamp": "2025-02-20T23:26:54.000000Z"}, {"uuid": "3977dda0-5201-402c-9aca-b6f2ddb26411", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49337", "type": "seen", "source": "https://t.me/cvedetector/18543", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49337 - IBM OpenPages with Watson HTML Injection\", \n  \"Content\": \"CVE ID : CVE-2024-49337 \nPublished : Feb. 20, 2025, 12:15 p.m. | 1\u00a0hour, 7\u00a0minutes ago \nDescription : IBM OpenPages with Watson 8.3 and 9.0 IBM OpenPages   \n  \n  \n  \n  \n  \nis vulnerable to HTML injection, caused by improper validation of user-supplied input of text fields used to construct workflow email notifications. A remote authenticated attacker could exploit this vulnerability using HTML tags in a text field of an object to inject malicious script into an email which would be executed in a victim's mail client within the security context of the OpenPages mail message. An attacker could use this for phishing or identity theft attacks. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-20T14:49:36.000000Z"}, {"uuid": "2a633c1c-742b-40c8-af7d-74e85333728f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49338", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2301", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-49338\n\ud83d\udd39 Description: IBM App Connect Enterprise 12.0.1.0 through 12.0.7.0and 13.0.1.0 under certain configurations could allow a privileged user to obtain JMS credentials.\n\ud83d\udccf Published: 2025-01-18T15:00:16.148Z\n\ud83d\udccf Modified: 2025-01-18T15:00:16.148Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/7175396", "creation_timestamp": "2025-01-18T15:58:07.000000Z"}, {"uuid": "d1b5fbd3-c5bd-48a9-bba5-fcdfd0df1632", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49333", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/2403", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-49333\n\ud83d\udd39 Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NotFound Hero Mega Menu - Responsive WordPress Menu Plugin allows SQL Injection. This issue affects Hero Mega Menu - Responsive WordPress Menu Plugin: from n/a through 1.16.5.\n\ud83d\udccf Published: 2025-01-21T13:40:32.700Z\n\ud83d\udccf Modified: 2025-01-21T13:40:32.700Z\n\ud83d\udd17 References:\n1. https://patchstack.com/database/wordpress/plugin/hmenu/vulnerability/wordpress-hero-menu-plugin-1-16-5-sql-injection-vulnerability-2?_s_id=cve", "creation_timestamp": "2025-01-21T14:01:56.000000Z"}, {"uuid": "676f42ad-ff8f-40ed-b295-50e4a94684e6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49336", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/5267", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-49336\n\ud83d\udd25 CVSS Score: 6.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N)\n\ud83d\udd39 Description: IBM Security Guardium 11.5 and 12.0 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks.\n\ud83d\udccf Published: 2024-12-19T17:21:22.636Z\n\ud83d\udccf Modified: 2025-02-25T11:45:45.850Z\n\ud83d\udd17 References:\n1. https://www.ibm.com/support/pages/node/7179369", "creation_timestamp": "2025-02-25T12:24:14.000000Z"}, {"uuid": "36ab0f36-96b7-4526-a194-37ece1e45f93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49339", "type": "seen", "source": "https://t.me/cvedetector/16959", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49339 - IBM Financial Transaction Manager for SWIFT Services for Multiplatforms Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49339 \nPublished : Jan. 31, 2025, 5:15 p.m. | 46\u00a0minutes ago \nDescription : IBM Financial Transaction Manager for SWIFT Services for Multiplatforms 3.2.4.0 through 3.2.4.1 is vulnerable to stored cross-site scripting. This vulnerability allows authenticated users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-31T19:34:15.000000Z"}, {"uuid": "49b0359d-3877-4e60-914d-195b34f6b4aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49338", "type": "seen", "source": "https://t.me/cvedetector/15805", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49338 - IBM App Connect Enterprise JMS Credential Exposure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49338 \nPublished : Jan. 18, 2025, 3:15 p.m. | 35\u00a0minutes ago \nDescription : IBM App Connect Enterprise 12.0.1.0 through 12.0.7.0and 13.0.1.0 under certain configurations could allow a privileged user to obtain JMS credentials. \nSeverity: 4.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-18T17:03:53.000000Z"}, {"uuid": "f5db2377-44ba-4edc-bde3-8baa008652f8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49336", "type": "seen", "source": "https://t.me/cvedetector/13353", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49336 - IBM Security Guardium SSRF Injection\", \n  \"Content\": \"CVE ID : CVE-2024-49336 \nPublished : Dec. 19, 2024, 6:15 p.m. | 33\u00a0minutes ago \nDescription : IBM Security Guardium 11.5 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-19T19:50:12.000000Z"}, {"uuid": "9cdf95f1-3466-4bd1-9883-3cd930e60601", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49334", "type": "seen", "source": "https://t.me/cvedetector/8397", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49334 - Unizoe Web Solutions jLayer Parallax Slider Reflected Cross-site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2024-49334 \nPublished : Oct. 20, 2024, 8:15 a.m. | 21\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Unizoe Web Solutions jLayer Parallax Slider allows Reflected XSS.This issue affects jLayer Parallax Slider: from n/a through 1.0. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-20T10:44:10.000000Z"}, {"uuid": "4bd376a0-e684-4eec-aff9-9ee4e712b529", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49335", "type": "seen", "source": "https://t.me/cvedetector/8429", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49335 - GoogleDrive Stored CSRF-XSS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49335 \nPublished : Oct. 20, 2024, 10:15 a.m. | 41\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in Edush Maxim GoogleDrive folder list allows Stored XSS.This issue affects GoogleDrive folder list: from n/a through 2.2.2. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-20T13:15:01.000000Z"}, {"uuid": "e00a8ea5-dc3a-4101-815f-05951aa7a42c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49331", "type": "seen", "source": "https://t.me/cvedetector/8407", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49331 - Myriad Solutionz Property Lot Management System Unrestricted Upload of File with Web Shell Upload\", \n  \"Content\": \"CVE ID : CVE-2024-49331 \nPublished : Oct. 20, 2024, 9:15 a.m. | 43\u00a0minutes ago \nDescription : Unrestricted Upload of File with Dangerous Type vulnerability in Myriad Solutionz Property Lot Management System allows Upload a Web Shell to a Web Server.This issue affects Property Lot Management System: from n/a through 4.2.38. \nSeverity: 9.9 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-20T12:24:27.000000Z"}, {"uuid": "f6537b86-d13e-4424-a15e-7c4a3d9f5c58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49330", "type": "seen", "source": "https://t.me/cvedetector/8406", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49330 - Nice Backgrounds Unrestricted File Upload RCE\", \n  \"Content\": \"CVE ID : CVE-2024-49330 \nPublished : Oct. 20, 2024, 9:15 a.m. | 43\u00a0minutes ago \nDescription : Unrestricted Upload of File with Dangerous Type vulnerability in brx8r Nice Backgrounds allows Upload a Web Shell to a Web Server.This issue affects Nice Backgrounds: from n/a through 1.0. \nSeverity: 10.0 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-20T12:24:26.000000Z"}, {"uuid": "ff4b3678-878f-407a-93b3-1e473e1f07f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49332", "type": "seen", "source": "https://t.me/cvedetector/8408", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49332 - Giveaway Boost Object Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49332 \nPublished : Oct. 20, 2024, 9:15 a.m. | 43\u00a0minutes ago \nDescription : Deserialization of Untrusted Data vulnerability in Giveaway Boost allows Object Injection.This issue affects Giveaway Boost: from n/a through 2.1.4. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-20T12:24:27.000000Z"}]}