{"vulnerability": "cve-2024-5238", "sightings": [{"uuid": "598c3334-b3f5-4868-a25f-d4327020fdb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52385", "type": "seen", "source": "https://t.me/cvedetector/12398", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52385 - Apache Team Member PHP Remote File Inclusion Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-52385 \nPublished : Dec. 9, 2024, 2:15 p.m. | 43\u00a0minutes ago \nDescription : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Sk. Abul Hasan Team Member.This issue affects Team Member: from n/a through 7.3. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-09T16:22:21.000000Z"}, {"uuid": "e667ef5a-5b04-4707-8c6c-19505829fd19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52388", "type": "seen", "source": "https://t.me/cvedetector/11465", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52388 - Hebrew Date CSRF Stored XSS\", \n  \"Content\": \"CVE ID : CVE-2024-52388 \nPublished : Nov. 19, 2024, 5:15 p.m. | 37\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in Mike \u201cMikeage\u201d Miller Hebrew Date allows Stored XSS.This issue affects Hebrew Date: from n/a through 2.1.0. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-19T19:19:09.000000Z"}, {"uuid": "ce27acbf-cf35-4721-9f5b-acc98d998e5e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52386", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113494719514670406", "content": "", "creation_timestamp": "2024-11-16T21:19:45.290429Z"}, {"uuid": "48ff605e-f339-4e15-abd2-64a203bd03f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52386", "type": "seen", "source": "https://t.me/cvedetector/11249", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52386 - RadiusTheme Classified Listing PHP Remote File Inclusion Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-52386 \nPublished : Nov. 16, 2024, 10:15 p.m. | 43\u00a0minutes ago \nDescription : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Business Directory Team by RadiusTheme Classified Listing classified-listing allows PHP Local File Inclusion.This issue affects Classified Listing: from n/a through 3.1.15.1. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-17T00:25:30.000000Z"}, {"uuid": "1d4b6d14-825c-4cd9-8c70-294cf54fc592", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52382", "type": "seen", "source": "https://t.me/cvedetector/10985", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52382 - Medma Technologies Matix Popup Builder Authorization Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-52382 \nPublished : Nov. 14, 2024, 6:15 p.m. | 39\u00a0minutes ago \nDescription : Missing Authorization vulnerability in Medma Technologies Matix Popup Builder allows Privilege Escalation.This issue affects Matix Popup Builder: from n/a through 1.0.0. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-14T20:00:34.000000Z"}, {"uuid": "2c9c94ed-694a-4fa1-aeb5-05a9f7d56e72", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52381", "type": "seen", "source": "https://t.me/cvedetector/10984", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52381 - Shoaib Rehmat ZIJ KART PHP Remote File Inclusion\", \n  \"Content\": \"CVE ID : CVE-2024-52381 \nPublished : Nov. 14, 2024, 6:15 p.m. | 39\u00a0minutes ago \nDescription : Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File Inclusion') vulnerability in Shoaib Rehmat ZIJ KART allows PHP Local File Inclusion.This issue affects ZIJ KART: from n/a through 1.1. \nSeverity: 8.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-14T20:00:33.000000Z"}, {"uuid": "f5e54210-c5fe-425a-bc43-63a583b91266", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52380", "type": "seen", "source": "https://t.me/cvedetector/10990", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52380 - Softpulse Infotech Picsmize: Unrestricted File Upload with Code Execution\", \n  \"Content\": \"CVE ID : CVE-2024-52380 \nPublished : Nov. 14, 2024, 6:15 p.m. | 39\u00a0minutes ago \nDescription : Unrestricted Upload of File with Dangerous Type vulnerability in Softpulse Infotech Picsmize allows Upload a Web Shell to a Web Server.This issue affects Picsmize: from n/a through 1.0.0. \nSeverity: 10.0 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-14T20:00:42.000000Z"}, {"uuid": "114ec420-4dd4-46b9-ade8-e52369e0bb4d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52384", "type": "seen", "source": "https://t.me/cvedetector/10987", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52384 - Sage AI: Unrestricted Upload of Web Shell Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-52384 \nPublished : Nov. 14, 2024, 6:15 p.m. | 39\u00a0minutes ago \nDescription : Unrestricted Upload of File with Dangerous Type vulnerability in Sage AI Sage AI: Chatbots, OpenAI GPT-4 Bulk Articles, Dalle-3 Image Generation allows Upload a Web Shell to a Web Server.This issue affects Sage AI: Chatbots, OpenAI GPT-4 Bulk Articles, Dalle-3 Image Generation: from n/a through 2.4.9. \nSeverity: 9.9 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-14T20:00:36.000000Z"}, {"uuid": "8e7b3045-e256-411e-b53c-d00c2b10d8f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52383", "type": "seen", "source": "https://t.me/cvedetector/10986", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52383 - KCT Ai Auto Tool Content Writing Assistant (Gemini Writer, ChatGPT) Missing Authorization Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-52383 \nPublished : Nov. 14, 2024, 6:15 p.m. | 39\u00a0minutes ago \nDescription : Missing Authorization vulnerability in KCT Ai Auto Tool Content Writing Assistant (Gemini Writer, ChatGPT ) All in One allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ai Auto Tool Content Writing Assistant (Gemini Writer, ChatGPT ) All in One: from n/a through 2.1.2. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-14T20:00:36.000000Z"}, {"uuid": "def0b65b-6bc0-43c3-8dde-aeb261369d96", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52388", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113513489563044386", "content": "", "creation_timestamp": "2024-11-20T04:53:13.780675Z"}, {"uuid": "2e1c78dd-863c-4b96-af4e-dcb5d74511b9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52382", "type": "seen", "source": "https://infosec.exchange/users/random_robbie/statuses/113783266241333921", "content": "", "creation_timestamp": "2025-01-06T20:20:58.702183Z"}, {"uuid": "126a73b0-5897-422b-8e01-ba3b78c06b68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52389", "type": "seen", "source": "https://t.me/cvedetector/11393", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52389 - \"WP Job Portal Stored Cross-site Scripting Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-52389 \nPublished : Nov. 18, 2024, 10:15 p.m. | 39\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in WP Job Portal allows Stored XSS.This issue affects WP Job Portal: from n/a through 2.2.0. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-19T00:04:45.000000Z"}, {"uuid": "828e49dd-9f1c-4e7d-8c1e-9120f98e72bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52380", "type": "published-proof-of-concept", "source": "Telegram/G_qy6fSvXdNnqcQ265v2GZ_0kTm5jNqyGNVgXp2i2FVwHAY", "content": "", "creation_timestamp": "2025-01-18T10:00:06.000000Z"}, {"uuid": "c35e7bfc-c58d-4297-99f6-5447a4c58d60", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-52380", "type": "seen", "source": "https://infosec.exchange/users/random_robbie/statuses/113783264112187910", "content": "", "creation_timestamp": "2025-01-06T20:20:26.309982Z"}]}