{"vulnerability": "CVE-2024-1039", "sightings": [{"uuid": "0372d89c-71cc-4e69-8d04-ecad7f23a4c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10390", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113504938721653052", "content": "", "creation_timestamp": "2024-11-18T16:38:37.970912Z"}, {"uuid": "1903d832-bf02-45a7-a5e9-270377c38b3c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10394", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113482915256078070", "content": "", "creation_timestamp": "2024-11-14T19:17:46.564544Z"}, {"uuid": "57b8a1a0-8142-40c5-a730-6ad0b39d5736", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10397", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113482980354175945", "content": "", "creation_timestamp": "2024-11-14T19:34:20.024459Z"}, {"uuid": "1ad2e07b-5a70-4db1-b7a4-abe554d7083c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10396", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113482980334287462", "content": "", "creation_timestamp": "2024-11-14T19:34:19.506808Z"}, {"uuid": "dff7a370-ac44-433d-ad80-3c4b7ab93b0d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10393", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113519631650246899", "content": "", "creation_timestamp": "2024-11-21T06:55:14.793787Z"}, {"uuid": "fb54384f-0c01-40fb-9bb2-e3daa6ecb617", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10395", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhbbj7gv4h2r", "content": "", "creation_timestamp": "2025-02-03T09:53:47.558575Z"}, {"uuid": "6f8a99b5-8b1e-482c-ad75-bf038a0c0012", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10395", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhayoai7ew27", "content": "", "creation_timestamp": "2025-02-03T07:15:32.671377Z"}, {"uuid": "eaa22110-8f7e-45ba-bb30-713b3bc6c9f5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10390", "type": "seen", "source": "https://t.me/cvedetector/11369", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10390 - Elfsight Telegram Chat CC Plugin Stored Cross-Site Scripting (XSS) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-10390 \nPublished : Nov. 18, 2024, 5:15 p.m. | 42\u00a0minutes ago \nDescription : The Elfsight Telegram Chat CC plugin for WordPress is vulnerable to unauthorized modification of data to a missing capability check on the 'updatePreferences' function in all versions up to, and including, 1.1.0. This makes it possible for authenticated attackers, with subscriber-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-18T19:03:54.000000Z"}, {"uuid": "e604c61b-fbe7-44aa-b881-a711ac2960d8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10395", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113939089406796286", "content": "", "creation_timestamp": "2025-02-03T08:48:52.486070Z"}, {"uuid": "ab96403a-7a53-4ef3-b0b4-b00c876a8f7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10395", "type": "seen", "source": "https://t.me/cvedetector/17054", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10395 - Apache HTTP Server Input Validation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-10395 \nPublished : Feb. 3, 2025, 7:15 a.m. | 52\u00a0minutes ago \nDescription : No proper validation of the length of user input in http_server_get_content_type_from_extension. \nSeverity: 8.6 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Feb 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-02-03T09:27:12.000000Z"}, {"uuid": "dd3a9898-662e-461a-b838-7698d913a791", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10395", "type": "seen", "source": "MISP/f7787455-9994-4047-b6f7-77347597c104", "content": "", "creation_timestamp": "2025-08-26T18:36:19.000000Z"}, {"uuid": "b75b3684-6429-4099-ba1b-e6b77b69a5cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10396", "type": "seen", "source": "https://t.me/cvedetector/11007", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10396 - Apache Fileserver Unauthenticated ACL Remote Crash and Memory Exposure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-10396 \nPublished : Nov. 14, 2024, 8:15 p.m. | 23\u00a0minutes ago \nDescription : An authenticated user can provide a malformed ACL to the fileserver's StoreACL  \nRPC, causing the fileserver to crash, possibly expose uninitialized memory, and  \npossibly store garbage data in the audit log.  \nMalformed ACLs provided in responses to client FetchACL RPCs can cause client  \nprocesses to crash and possibly expose uninitialized memory into other ACLs  \nstored on the server. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-14T21:41:09.000000Z"}, {"uuid": "02d5333b-c46e-4e53-88f4-af02cb6628c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10394", "type": "seen", "source": "https://t.me/cvedetector/11006", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10394 - OpenAFS Unix Client Credentials Theft\", \n  \"Content\": \"CVE ID : CVE-2024-10394 \nPublished : Nov. 14, 2024, 8:15 p.m. | 23\u00a0minutes ago \nDescription : A local user can bypass the OpenAFS PAG (Process Authentication Group)  \nthrottling mechanism in Unix clients, allowing the user to create a PAG using  \nan existing id number, effectively joining the PAG and letting the user steal  \nthe credentials in that PAG. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-14T21:41:08.000000Z"}, {"uuid": "ad9f77ce-65fb-4562-af5c-9db4e06abe12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10397", "type": "seen", "source": "https://t.me/cvedetector/11005", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10397 - OpenAFS Server Denial of Service and Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-10397 \nPublished : Nov. 14, 2024, 8:15 p.m. | 23\u00a0minutes ago \nDescription : A malicious server can crash the OpenAFS cache manager and other client  \nutilities, and possibly execute arbitrary code. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-14T21:41:08.000000Z"}, {"uuid": "2a82aa60-e0e9-45db-9ecf-9f1d83f3edc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1039", "type": "seen", "source": "https://t.me/ctinow/192523", "content": "https://ift.tt/Z9EiFoT\nCVE-2024-1039 | Gessler WEB-MASTER 7.9 weak credentials (icsa-24-032-01)", "creation_timestamp": "2024-02-24T10:11:20.000000Z"}, {"uuid": "cf6843f6-f09b-40bb-818e-b02ebfd573e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10392", "type": "seen", "source": "https://t.me/cvedetector/9490", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10392 - WordPress Complete AI Pack Plugin Remote File Upload Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-10392 \nPublished : Oct. 31, 2024, 6:15 a.m. | 27\u00a0minutes ago \nDescription : The AI Power: Complete AI Pack plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'handle_image_upload' function in all versions up to, and including, 1.8.89. This makes it possible for unauthenticated attackers to upload arbitrary files on the affected site's server which may make remote code execution possible. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-31T07:45:06.000000Z"}, {"uuid": "92fcb248-8f5b-4f87-9f00-4e19ca83a1a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10395", "type": "seen", "source": "Telegram/F-grXC0WKmQcK9gCsONW9AqHxOmVCufzMwaPOKNwJn5yC3mQ", "content": "", "creation_timestamp": "2025-02-06T02:39:11.000000Z"}, {"uuid": "66946d5f-12c9-4bc8-abf4-c2d6a74f8cd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10399", "type": "seen", "source": "https://t.me/cvedetector/9400", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10399 - WordPress Download Monitor Unauthenticated User Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-10399 \nPublished : Oct. 30, 2024, 6:15 a.m. | 35\u00a0minutes ago \nDescription : The Download Monitor plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the ajax_search_users function in all versions up to, and including, 5.0.13. This makes it possible for authenticated attackers, with Subscriber-level access and above, to obtain usernames and emails of site users. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-30T08:20:20.000000Z"}, {"uuid": "057df9b8-4c2c-42ba-91b5-d6a2cb12bb4b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1039", "type": "seen", "source": "https://t.me/ctinow/177824", "content": "https://ift.tt/SGrzBO4\nCVE-2024-1039", "creation_timestamp": "2024-02-01T23:26:36.000000Z"}]}