{"vulnerability": "CVE-2024-1066", "sightings": [{"uuid": "f26dd02a-ee59-4301-b97e-bf3e63fa6bc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10668", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113442382992604234", "content": "", "creation_timestamp": "2024-11-07T15:29:53.284326Z"}, {"uuid": "ccf83685-f31d-4595-857f-0764fa3c3bc8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10669", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113451152276638271", "content": "", "creation_timestamp": "2024-11-09T04:40:02.068875Z"}, {"uuid": "e959bb44-b2dc-4158-93e0-c5cc2903f5e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10667", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113451152260299298", "content": "", "creation_timestamp": "2024-11-09T04:40:01.817525Z"}, {"uuid": "819896a0-c1b1-4c27-a374-4ced1277c8b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10665", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113514621003193193", "content": "", "creation_timestamp": "2024-11-20T09:40:57.862901Z"}, {"uuid": "8e102c77-fe89-4790-a3eb-e1d5813e0115", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10665", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113514635485716870", "content": "", "creation_timestamp": "2024-11-20T09:44:38.863727Z"}, {"uuid": "d49a31ae-9348-45c1-abc2-c2e9a1ae2506", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10664", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113593423669860868", "content": "", "creation_timestamp": "2024-12-04T07:41:31.243661Z"}, {"uuid": "27415cc0-1951-4dfd-ae31-81acc0326355", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10666", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113525011749459802", "content": "", "creation_timestamp": "2024-11-22T05:43:28.226529Z"}, {"uuid": "0380fead-5257-45b9-a48b-87124f1023c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10663", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113592288867590287", "content": "", "creation_timestamp": "2024-12-04T02:52:55.462206Z"}, {"uuid": "03bf195e-3df6-4f81-9366-1d52bbcadb1f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10668", "type": "seen", "source": "https://thehackernews.com/2025/04/google-patches-quick-share.html", "content": "", "creation_timestamp": "2025-04-03T06:21:00.000000Z"}, {"uuid": "524cc1da-35b7-40fc-8551-99d27cb6173f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10668", "type": "seen", "source": "https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3llwhozylqvd2", "content": "", "creation_timestamp": "2025-04-03T17:52:54.049411Z"}, {"uuid": "e5c51a31-9aa6-464c-8777-bfacaf24bce0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10668", "type": "seen", "source": "https://bsky.app/profile/insightsintothings.bsky.social/post/3llyk22rks22d", "content": "", "creation_timestamp": "2025-04-04T13:36:58.068637Z"}, {"uuid": "92751060-9d1b-4053-96dc-b78775087c31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10668", "type": "seen", "source": "https://poliverso.org/objects/0477a01e-ec51d525-b95f28b6a1ce537c", "content": "", "creation_timestamp": "2025-04-07T07:13:19.273528Z"}, {"uuid": "f64588f1-9bb0-4e8d-b27d-8d011e48d902", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10668", "type": "seen", "source": "https://infosec.exchange/users/tomcat/statuses/114324964545740078", "content": "", "creation_timestamp": "2025-04-12T12:21:58.928794Z"}, {"uuid": "ef44e8cc-b4b6-48e9-80a6-0e2bda4d349a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10665", "type": "seen", "source": "https://t.me/cvedetector/11577", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10665 - Yaad Sarig Payment Gateway For WC WordPress XSS and LFI Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-10665 \nPublished : Nov. 20, 2024, 10:15 a.m. | 38\u00a0minutes ago \nDescription : The Yaad Sarig Payment Gateway For WC plugin for WordPress is vulnerable to unauthorized modification & access of data due to a missing capability check on the yaadpay_view_log_callback() and yaadpay_delete_log_callback() functions in all versions up to, and including, 2.2.4. This makes it possible for authenticated attackers, with Subscriber-level access and above, to view and delete logs. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-20T12:03:59.000000Z"}, {"uuid": "9982776b-67df-4600-a8e4-221bc70278b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10663", "type": "seen", "source": "https://t.me/cvedetector/11941", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10663 - The Eleblog \u2013 Elementor Blog And Magazine Addons p\", \n  \"Content\": \"CVE ID : CVE-2024-10663 \nPublished : Dec. 4, 2024, 3:15 a.m. | 39\u00a0minutes ago \nDescription : The Eleblog \u2013 Elementor Blog And Magazine Addons plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the goodbye_form_callback() function in all versions up to, and including, 1.8. This makes it possible for authenticated attackers, with Subscriber-level access and above, to submit a deactivation reason. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-04T05:02:39.000000Z"}, {"uuid": "4ba617e6-2118-4892-b1f6-cdb60f547698", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10664", "type": "seen", "source": "https://t.me/cvedetector/11956", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10664 - The Knowledge Base documentation & wiki plugin \u2013 B\", \n  \"Content\": \"CVE ID : CVE-2024-10664 \nPublished : Dec. 4, 2024, 8:15 a.m. | 44\u00a0minutes ago \nDescription : The Knowledge Base documentation & wiki plugin \u2013 BasePress Docs plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the basepress_db_posts_update() function in all versions up to, and including, 2.16.3.3. This makes it possible for authenticated attackers, with Subscriber-level access and above, to update the database. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-04T10:03:41.000000Z"}, {"uuid": "2111ae7e-b679-4096-bda6-09e0e2fa816c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10667", "type": "seen", "source": "https://t.me/cvedetector/10275", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10667 - WordPress Content Slider Block Information Exposure\", \n  \"Content\": \"CVE ID : CVE-2024-10667 \nPublished : Nov. 9, 2024, 5:15 a.m. | 16\u00a0minutes ago \nDescription : The Content Slider Block plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 3.1.5 via the [csb] shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from password protected, private, or draft posts that they should not have access to. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-09T06:35:53.000000Z"}, {"uuid": "01e364b0-0517-45a6-850e-e72e5314bfdf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10669", "type": "seen", "source": "https://t.me/cvedetector/10272", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10669 - WordPress Countdown Timer plugin Information Exposure\", \n  \"Content\": \"CVE ID : CVE-2024-10669 \nPublished : Nov. 9, 2024, 5:15 a.m. | 16\u00a0minutes ago \nDescription : The Countdown Timer block \u2013 Display the event's date into a timer. plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.2.4 via the [ctb] shortcode due to insufficient restrictions on which posts can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from password protected, private, or draft posts that they should not have access to. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-09T06:35:51.000000Z"}, {"uuid": "dd9cbac5-9a12-4847-ae74-f105c1ce5b00", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10662", "type": "seen", "source": "https://t.me/cvedetector/9612", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10662 - Tenda AC15 Stack-Based Buffer Overflow\", \n  \"Content\": \"CVE ID : CVE-2024-10662 \nPublished : Nov. 1, 2024, 4:15 p.m. | 29\u00a0minutes ago \nDescription : A vulnerability was found in Tenda AC15 15.03.05.19 and classified as critical. This issue affects the function formSetDeviceName of the file /goform/SetOnlineDevName. The manipulation of the argument devName leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-01T17:51:45.000000Z"}, {"uuid": "89271389-97be-4551-ac3d-c1024f588945", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10661", "type": "seen", "source": "https://t.me/cvedetector/9611", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10661 - \"Tenda AC15 Stack-Based Buffer Overflow\"\", \n  \"Content\": \"CVE ID : CVE-2024-10661 \nPublished : Nov. 1, 2024, 4:15 p.m. | 29\u00a0minutes ago \nDescription : A vulnerability has been found in Tenda AC15 15.03.05.19 and classified as critical. This vulnerability affects the function SetDlnaCfg of the file /goform/SetDlnaCfg. The manipulation of the argument scanList leads to stack-based buffer overflow. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-01T17:51:44.000000Z"}, {"uuid": "601e91a1-bb27-4f9a-af52-2c20e53b46f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10660", "type": "seen", "source": "https://t.me/cvedetector/9610", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10660 - ESAFENET CDG SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-10660 \nPublished : Nov. 1, 2024, 4:15 p.m. | 29\u00a0minutes ago \nDescription : A vulnerability, which was classified as critical, was found in ESAFENET CDG 5. This affects the function deleteHook of the file /com/esafenet/servlet/policy/HookService.java. The manipulation of the argument hookId leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"01 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-01T17:51:43.000000Z"}, {"uuid": "b0327878-3dc2-4532-aceb-da787d930e21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10668", "type": "seen", "source": "https://t.me/cvedetector/10097", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-10668 - Google Quickshare File Type\u0430\u0442\u0435 Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-10668 \nPublished : Nov. 7, 2024, 4:15 p.m. | 25\u00a0minutes ago \nDescription : There exists an auth bypass in Google Quickshare where an attacker can upload an unknown file type to a victim.\u00a0The root cause of the vulnerability lies in the fact that when a Payload Transfer frame of type FILE is sent to Quick Share, the file that is contained in this frame is written to disk in the Downloads folder. Quickshare normally deletes unkown files, however an attacker can send two Payload transfer frames of type FILE and the same payload ID. The deletion logic will only delete the first file and not the second. We recommend upgrading past commit\u00a05d8b9156e0c339d82d3dab0849187e8819ad92c0 or\u00a0Quick Share Windows v1.0.2002.2 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"07 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-07T17:46:20.000000Z"}, {"uuid": "b4d1f47b-9d3a-47d1-ab77-e444b8da8dcc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10668", "type": "seen", "source": "https://t.me/ton618cyber/3393", "content": "Google Patches Quick Share Vulnerability Enabling Silent File Transfers Without Consent\n\nQuick Share flaw CVE-2024-10668 bypasses earlier fixes, enabling DoS or unauthorized file delivery.\n\nThe Hacker News | thehackernews.com \u2022 Apr 3, 2025", "creation_timestamp": "2025-04-04T17:19:33.000000Z"}, {"uuid": "dcc2812c-6a5c-4b42-8aa7-50869e916180", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10668", "type": "seen", "source": "https://t.me/ton618cyber/8631", "content": "Google Patches Quick Share Vulnerability Enabling Silent File Transfers Without Consent\n\nQuick Share flaw CVE-2024-10668 bypasses earlier fixes, enabling DoS or unauthorized file delivery.\n\nThe Hacker News | thehackernews.com \u2022 Apr 3, 2025", "creation_timestamp": "2025-04-04T17:19:32.000000Z"}, {"uuid": "775332b6-2b07-4aa0-b033-c1ba645ce48a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10668", "type": "seen", "source": "Telegram/Wf6JsnCUoP6oSY7JvLrr47sik-MAJgwrudMnjYKkVfFibQ", "content": "", "creation_timestamp": "2025-04-03T12:04:15.000000Z"}, {"uuid": "d21894bc-ac78-4362-9117-d03347badf58", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1066", "type": "seen", "source": "https://t.me/ctinow/181032", "content": "https://ift.tt/JoTNE74\nCVE-2024-1066", "creation_timestamp": "2024-02-07T23:31:58.000000Z"}, {"uuid": "1348b9f2-f950-4809-a668-0ac4e67bc329", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-10668", "type": "seen", "source": "https://t.me/thehackernews/6604", "content": "\ud83d\udea8 New Google Quick Share flaw exposed.\n\ud83d\udccc CVE-2024-10668\n\nAttackers could crash your PC or send files to it without approval via Quick Share for Windows.\n\n\ud83d\udd17 Learn more: https://thehackernews.com/2025/04/google-patches-quick-share.html", "creation_timestamp": "2025-04-03T10:33:41.000000Z"}]}