{"vulnerability": "cve-2024-4967", "sightings": [{"uuid": "7c129250-a458-4334-acac-a79c905abab0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49671", "type": "seen", "source": "MISP/371508bd-549b-44db-871c-2fd5e0bcd09e", "content": "", "creation_timestamp": "2024-11-07T13:07:11.000000Z"}, {"uuid": "6897e93d-ba09-47d3-add6-8bfc06997eb1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49677", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113673666322197224", "content": "", "creation_timestamp": "2024-12-18T11:48:16.845438Z"}, {"uuid": "ec2366ce-9404-48fb-ad9b-0687e3e3e89c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49677", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113673652181175453", "content": "", "creation_timestamp": "2024-12-18T11:44:41.184766Z"}, {"uuid": "c13c9b01-0949-4ee5-a4f5-fa044e7b0268", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49670", "type": "seen", "source": "https://t.me/cvedetector/9283", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49670 - \"Sam Glover Client Power Tools Portal Reflected Cross-site Scripting Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-49670 \nPublished : Oct. 29, 2024, 11:15 a.m. | 41\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Sam Glover Client Power Tools Portal allows Reflected XSS.This issue affects Client Power Tools Portal: from n/a through 1.8.6. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-29T13:05:44.000000Z"}, {"uuid": "b95fb0ce-1e05-49ce-bb2e-9d53dba284df", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49679", "type": "seen", "source": "https://t.me/cvedetector/9287", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49679 - WPKoi Templates for Elementor Stored Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49679 \nPublished : Oct. 29, 2024, 11:15 a.m. | 41\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WPKoi WPKoi Templates for Elementor allows Stored XSS.This issue affects WPKoi Templates for Elementor: from n/a through 3.1.0. \nSeverity: 5.9 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-29T13:05:50.000000Z"}, {"uuid": "56cf2f64-b47e-4b6a-8953-2e334a22677f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49678", "type": "seen", "source": "https://t.me/cvedetector/9286", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49678 - \"Jinwen js Reflected XSS\"\", \n  \"Content\": \"CVE ID : CVE-2024-49678 \nPublished : Oct. 29, 2024, 11:15 a.m. | 41\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Jinwen js allows Reflected XSS.This issue affects js paper: from n/a through 2.5.7. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-29T13:05:49.000000Z"}, {"uuid": "7e28c3d1-1191-46e2-a504-db300b868e86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49673", "type": "seen", "source": "https://t.me/cvedetector/9285", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49673 - \"Van Abel LaTeX2HTML Cross-site Scripting\"\", \n  \"Content\": \"CVE ID : CVE-2024-49673 \nPublished : Oct. 29, 2024, 11:15 a.m. | 41\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Van Abel LaTeX2HTML allows Reflected XSS.This issue affects LaTeX2HTML: from n/a through 2.5.4. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-29T13:05:48.000000Z"}, {"uuid": "edad95e6-b7df-4096-89be-b7f16343e630", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49675", "type": "seen", "source": "https://t.me/cvedetector/8695", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49675 - iBryl Switch User Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-49675 \nPublished : Oct. 23, 2024, 3:15 p.m. | 42\u00a0minutes ago \nDescription : Authentication Bypass Using an Alternate Path or Channel vulnerability in Vitalii Bryl iBryl Switch User allows Authentication Bypass.This issue affects iBryl Switch User: from n/a through 1.0.1. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T18:13:28.000000Z"}, {"uuid": "5f4bb06d-42e2-44df-a972-f7284a9ac6cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-4967", "type": "seen", "source": "Telegram/xkQmb77V0vJApdBwPo7CkWw7WD-4tHy8iY9a4o8rtS8o6-nn", "content": "", "creation_timestamp": "2025-02-14T09:46:59.000000Z"}, {"uuid": "2b102c05-6f5e-4a1b-bfa4-7e32066d7595", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49677", "type": "seen", "source": "https://t.me/cvedetector/13197", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49677 - Bootstrap Buttons Cross-site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49677 \nPublished : Dec. 18, 2024, 12:15 p.m. | 23\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in David Cramer Bootstrap Buttons allows Reflected XSS.This issue affects Bootstrap Buttons: from n/a through 1.2. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-18T13:41:54.000000Z"}, {"uuid": "fd5ef869-a750-444a-8010-6307cea53d53", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49674", "type": "seen", "source": "https://t.me/cvedetector/9498", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49674 - Lukas Huser EKC Tournament Manager CSRF Web Shell Upload\", \n  \"Content\": \"CVE ID : CVE-2024-49674 \nPublished : Oct. 31, 2024, 10:15 a.m. | 32\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in Lukas Huser EKC Tournament Manager allows Upload a Web Shell to a Web Server.This issue affects EKC Tournament Manager: from n/a through 2.2.1. \nSeverity: 9.6 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-31T11:55:48.000000Z"}, {"uuid": "115fb229-c40f-43ac-b113-f69baa45c0d4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49671", "type": "seen", "source": "https://t.me/cvedetector/8712", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49671 - Dogu Pekgoz AI Image Generator for Your Content & Featured Images - AI Postpix Unrestricted File Upload Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49671 \nPublished : Oct. 23, 2024, 4:15 p.m. | 43\u00a0minutes ago \nDescription : Unrestricted Upload of File with Dangerous Type vulnerability in Dogu Pekgoz AI Image Generator for Your Content & Featured Images \u2013 AI Postpix allows Upload a Web Shell to a Web Server.This issue affects AI Image Generator for Your Content & Featured Images \u2013 AI Postpix: from n/a through 1.1.8. \nSeverity: 9.9 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T19:03:56.000000Z"}, {"uuid": "9d0309ef-cece-483c-8e06-ea740e2dc7b8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49676", "type": "seen", "source": "https://t.me/cvedetector/8709", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49676 - Elementor Custom Icons RCE\", \n  \"Content\": \"CVE ID : CVE-2024-49676 \nPublished : Oct. 23, 2024, 4:15 p.m. | 43\u00a0minutes ago \nDescription : Unrestricted Upload of File with Dangerous Type vulnerability in Michael Bourne Custom Icons for Elementor allows Upload a Web Shell to a Web Server.This issue affects Custom Icons for Elementor: from n/a through 0.3.3. \nSeverity: 6.6 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-23T19:03:50.000000Z"}, {"uuid": "8c1d7f0c-4269-418d-9edc-3856881f02ec", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "4f29edb9-4c4b-44ca-b041-9b050656b6ae", "vulnerability": "CVE-2024-49675", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mikoy57al72v", "content": "", "creation_timestamp": "2026-04-03T02:40:09.542232Z"}, {"uuid": "8a0ea1b5-9157-4592-8aac-bb096803c46e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-49672", "type": "seen", "source": "https://t.me/cvedetector/9284", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49672 - Google Docs RSVP Stored Cross-Site Scripting and Cross-Site Request Forgery (XSS/CSRF)\", \n  \"Content\": \"CVE ID : CVE-2024-49672 \nPublished : Oct. 29, 2024, 11:15 a.m. | 41\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in Gifford Cheung, Brian Watanabe, Chongsun Ahn Google Docs RSVP allows Stored XSS.This issue affects Google Docs RSVP: from n/a through 2.0.1. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-29T13:05:47.000000Z"}]}