{"vulnerability": "CVE-2024-1117", "sightings": [{"uuid": "caaeb42f-e6c1-4a1c-acda-e0897094583f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11179", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113514635516139263", "content": "", "creation_timestamp": "2024-11-20T09:44:39.325692Z"}, {"uuid": "57989965-c33b-4a17-8356-144ac4db6ac5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11179", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113514621035570349", "content": "", "creation_timestamp": "2024-11-20T09:40:58.709823Z"}, {"uuid": "85a762c9-2115-4b0a-b40d-3d9573f96925", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11178", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113604563774187098", "content": "", "creation_timestamp": "2024-12-06T06:54:37.695001Z"}, {"uuid": "bff23629-f1b2-422f-a860-938c76dbc841", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11176", "type": "seen", "source": "https://t.me/cvedetector/11572", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11176 - M-Files Aino Access Control Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-11176 \nPublished : Nov. 20, 2024, 9:15 a.m. | 38\u00a0minutes ago \nDescription : Improper access control vulnerability in M-Files Aino in versions before 24.10 allowed an authenticated user to access object information via incorrect calculation of effective permissions. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-20T11:13:48.000000Z"}, {"uuid": "f4a9b8d5-9a7d-4875-8091-aad512a4eeeb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11179", "type": "seen", "source": "https://t.me/cvedetector/11575", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11179 - WordPress MStore API SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-11179 \nPublished : Nov. 20, 2024, 10:15 a.m. | 38\u00a0minutes ago \nDescription : The MStore API \u2013 Create Native Android & iOS Apps On The Cloud plugin for WordPress is vulnerable to SQL Injection via the 'status_type' parameter in all versions up to, and including, 4.15.7 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query.  This makes it possible for authenticated attackers, with Subscriber-level access and above, to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-20T12:03:58.000000Z"}, {"uuid": "475b3933-1e34-41a2-a165-50308ed34907", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11178", "type": "seen", "source": "https://t.me/cvedetector/12174", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11178 - The Login With OTP plugin for WordPress is vulnera\", \n  \"Content\": \"CVE ID : CVE-2024-11178 \nPublished : Dec. 6, 2024, 7:15 a.m. | 31\u00a0minutes ago \nDescription : The Login With OTP plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 1.4.2. This is due to the plugin generating too weak OTP, and there\u2019s no attempt or time limit. This makes it possible for unauthenticated attackers to generate and brute force the 6-digit numeric OTP that makes it possible to log in as any existing user on the site, such as an administrator, if they have access to the email. \nSeverity: 8.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-06T08:55:36.000000Z"}, {"uuid": "3ffac5b0-029b-48f2-9acc-85cc6417e65f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11175", "type": "seen", "source": "https://t.me/cvedetector/10845", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11175 - Public CMS Voting Management Cross-Site Scripting\", \n  \"Content\": \"CVE ID : CVE-2024-11175 \nPublished : Nov. 13, 2024, 4:15 p.m. | 39\u00a0minutes ago \nDescription : A vulnerability was found in Public CMS 5.202406.d and classified as problematic. This issue affects some unknown processing of the file /admin/cmsVote/save of the component Voting Management. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The patch is named b9530b9cc1f5cfdad4b637874f59029a6283a65c. It is recommended to apply a patch to fix this issue. \nSeverity: 3.5 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-13T18:04:12.000000Z"}, {"uuid": "81ce890f-3bea-4497-b969-afbe1cd2baea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1117", "type": "seen", "source": "https://t.me/ctinow/190784", "content": "https://ift.tt/8jquAbk\nCVE-2024-1117 | openBI up to 1.0.8 Screen.php index fileurl code injection", "creation_timestamp": "2024-02-22T15:12:35.000000Z"}, {"uuid": "7758da6a-0ae4-4deb-b237-663b89dbf508", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1117", "type": "seen", "source": "https://t.me/ctinow/177129", "content": "https://ift.tt/6EAyTkP\nCVE-2024-1117", "creation_timestamp": "2024-01-31T22:23:07.000000Z"}]}