{"vulnerability": "CVE-2024-1214", "sightings": [{"uuid": "ea23d7fd-a8e5-40eb-bdca-ad2e66073afd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12148", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113595787186792018", "content": "", "creation_timestamp": "2024-12-04T17:42:35.575726Z"}, {"uuid": "256b1ff6-279f-4ad6-8f75-43402cd711e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12149", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113595787202124007", "content": "", "creation_timestamp": "2024-12-04T17:42:35.732743Z"}, {"uuid": "9168d3a9-b1d2-4c55-8686-ced6a064bb2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12140", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf4vg55d522c", "content": "", "creation_timestamp": "2025-01-07T05:16:17.363343Z"}, {"uuid": "1e4e0484-0ad6-4de8-890b-ab4a5844d18b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12144", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3ljrxij7o742d", "content": "", "creation_timestamp": "2025-03-07T12:00:05.806435Z"}, {"uuid": "87a4c3d2-7b7d-4822-8659-29f9233abf6a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12142", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113843197471243477", "content": "", "creation_timestamp": "2025-01-17T10:22:17.187970Z"}, {"uuid": "68c2c2a5-72e5-41cc-9562-6aecb9f048cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12142", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lfwo5kct5e2b", "content": "", "creation_timestamp": "2025-01-17T11:15:26.239132Z"}, {"uuid": "df7a35fc-777d-4f15-8fc1-a166d1d23eba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12142", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113843536835559621", "content": "", "creation_timestamp": "2025-01-17T11:48:36.542665Z"}, {"uuid": "bddec75d-2156-4107-83e7-257adfdd0a21", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12142", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfwpzrkos42k", "content": "", "creation_timestamp": "2025-01-17T11:49:08.619117Z"}, {"uuid": "8a893956-ff1b-4eb3-88f5-f7cbf7c322f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12142", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lfwpzro55e2k", "content": "", "creation_timestamp": "2025-01-17T11:49:09.205276Z"}, {"uuid": "aaf342d4-eaa6-49e5-8cc0-a650acf2a9cd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12142", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/113843982218783924", "content": "", "creation_timestamp": "2025-01-17T13:41:51.811848Z"}, {"uuid": "efd85b93-1cb1-439f-8b36-4727d7f8add0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12142", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-25-035-06", "content": "", "creation_timestamp": "2025-02-04T11:00:00.000000Z"}, {"uuid": "16c41c70-43f2-4613-9f27-acfdc53e00fc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12140", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/313", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-12140\n\ud83d\udd39 Description: The Elementor Addons AI Addons \u2013 70 Widgets, Premium Templates, Ultimate Elements plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.2.1 via the render function due to insufficient restrictions on which templates can be included. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from private or draft templates that they should not have access to.\n\ud83d\udccf Published: 2025-01-07T04:22:18.330Z\n\ud83d\udccf Modified: 2025-01-07T04:22:18.330Z\n\ud83d\udd17 References:\n1. https://www.wordfence.com/threat-intel/vulnerabilities/id/c00d83a7-dd7a-407d-b44e-7ee0a2a1492a?source=cve\n2. https://plugins.trac.wordpress.org/browser/ai-addons-for-elementor/tags/2.2.1/includes/widgets/accordion.php#L958\n3. https://plugins.trac.wordpress.org/browser/ai-addons-for-elementor/tags/2.2.1/includes/widgets/tab.php#L905", "creation_timestamp": "2025-01-07T04:37:46.000000Z"}, {"uuid": "01f1c3b9-3ed2-4c5f-a705-f3348a592788", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12144", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3ljqpb4czra2v", "content": "", "creation_timestamp": "2025-03-07T00:00:09.984922Z"}, {"uuid": "894cc5e8-e159-4a9d-ac29-ff1a53c86739", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12144", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114116272593188604", "content": "", "creation_timestamp": "2025-03-06T15:48:53.403563Z"}, {"uuid": "0da7496e-6902-4a1b-89e5-90881fd21560", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12143", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lsmf5b5apl2m", "content": "", "creation_timestamp": "2025-06-27T19:35:07.621729Z"}, {"uuid": "3dc15b2b-40a0-4aef-a623-dd81ee3a0d10", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12142", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2119", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-12142\n\ud83d\udd39 Description: CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could\ncause information disclosure of restricted web page, modification of web page and denial of\nservice when specific web pages are modified and restricted functions are invoked.\n\ud83d\udccf Published: 2025-01-17T10:19:11.768Z\n\ud83d\udccf Modified: 2025-01-17T10:19:11.768Z\n\ud83d\udd17 References:\n1. https://download.schneider-electric.com/files?p_Doc_Ref=SEVD-2025-014-05&p_enDocType=Security+and+Safety+Notice&p_File_Name=SEVD-2025-014-05.pdf", "creation_timestamp": "2025-01-17T10:57:03.000000Z"}, {"uuid": "823ceada-90b1-4b7f-833a-3d64d9d3f298", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12144", "type": "seen", "source": "Telegram/r7L7G8oKPBDz5OJDMt3y9E2VropIbAUYmbPTkFb7QutKGUhy", "content": "", "creation_timestamp": "2025-03-08T04:34:09.000000Z"}, {"uuid": "99d827db-abc2-49f8-afb8-38f02fc35bb2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12144", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6673", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-12144\n\ud83d\udd25 CVSS Score: 9.8 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Finder Fire Safety Finder ERP/CRM (Old System) allows SQL Injection.This issue affects Finder ERP/CRM (Old System): before 18.12.2024.\n\ud83d\udccf Published: 2025-03-06T14:05:09.395Z\n\ud83d\udccf Modified: 2025-03-06T14:05:09.395Z\n\ud83d\udd17 References:\n1. https://www.usom.gov.tr/bildirim/tr-25-0060", "creation_timestamp": "2025-03-06T15:10:43.000000Z"}, {"uuid": "39bf29a4-b2cc-4904-b60f-a1a21ffeb4aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12146", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/6672", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-12146\n\ud83d\udd25 CVSS Score: 7.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N)\n\ud83d\udd39 Description: Improper Validation of Syntactic Correctness of Input vulnerability in Finder Fire Safety Finder ERP/CRM (New System) allows SQL Injection.This issue affects Finder ERP/CRM (New System): before 18.12.2024.\n\ud83d\udccf Published: 2025-03-06T14:08:33.654Z\n\ud83d\udccf Modified: 2025-03-06T14:08:33.654Z\n\ud83d\udd17 References:\n1. https://www.usom.gov.tr/bildirim/tr-25-0060", "creation_timestamp": "2025-03-06T15:10:42.000000Z"}, {"uuid": "e14c7f78-3b89-426e-b3a8-73e624814efe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12149", "type": "seen", "source": "https://t.me/cvedetector/12023", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12149 - Incorrect permission assignment in temporary acces\", \n  \"Content\": \"CVE ID : CVE-2024-12149 \nPublished : Dec. 4, 2024, 6:15 p.m. | 50\u00a0minutes ago \nDescription : Incorrect permission assignment in temporary access requests component in Devolutions Remote Desktop Manager 2024.3.19.0 and earlier on Windows allows an authenticated user that request temporary permissions on an entry to obtain more privileges than requested. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-04T20:06:40.000000Z"}, {"uuid": "f7e555ce-8505-484f-8f99-df76eaae6de6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12148", "type": "seen", "source": "https://t.me/cvedetector/12022", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12148 - Incorrect authorization in permission validation c\", \n  \"Content\": \"CVE ID : CVE-2024-12148 \nPublished : Dec. 4, 2024, 6:15 p.m. | 50\u00a0minutes ago \nDescription : Incorrect authorization in permission validation component in Devolutions Server 2024.3.6.0 and earlier allows an authenticated user to access some reporting endpoints. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-04T20:06:39.000000Z"}, {"uuid": "96b2e24d-45ba-4464-b17f-71e393554cdb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12147", "type": "seen", "source": "https://t.me/cvedetector/12025", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12147 - A vulnerability was found in Netgear R6900 1.0.1.2\", \n  \"Content\": \"CVE ID : CVE-2024-12147 \nPublished : Dec. 4, 2024, 6:15 p.m. | 50\u00a0minutes ago \nDescription : A vulnerability was found in Netgear R6900 1.0.1.26_1.0.20. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file upgrade_check.cgi of the component HTTP Header Handler. The manipulation of the argument Content-Length leads to buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-04T20:06:45.000000Z"}, {"uuid": "6f26adb0-7d4e-41d6-90a5-33368a0bbb69", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12144", "type": "seen", "source": "https://t.me/cvedetector/19711", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12144 - Finder Fire Safety Finder ERP/CRM SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-12144 \nPublished : March 6, 2025, 2:15 p.m. | 1\u00a0hour, 52\u00a0minutes ago \nDescription : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Finder Fire Safety Finder ERP/CRM (Old System) allows SQL Injection.This issue affects Finder ERP/CRM (Old System): before 18.12.2024. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-06T17:11:04.000000Z"}, {"uuid": "24437656-e919-4358-ba48-aa1f0ecb70f4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12146", "type": "seen", "source": "https://t.me/cvedetector/19708", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12146 - Finder Fire Safety Finder ERP/CRM SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12146 \nPublished : March 6, 2025, 3:15 p.m. | 53\u00a0minutes ago \nDescription : Improper Validation of Syntactic Correctness of Input vulnerability in Finder Fire Safety Finder ERP/CRM (New System) allows SQL Injection.This issue affects Finder ERP/CRM (New System): before 18.12.2024. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-06T17:11:02.000000Z"}, {"uuid": "dc12d230-4c27-4eea-abdb-dd7b6972b074", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12142", "type": "seen", "source": "https://t.me/cvedetector/15700", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12142 - Apache HTTP Server Information Disclosure and Modification Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12142 \nPublished : Jan. 17, 2025, 11:15 a.m. | 19\u00a0minutes ago \nDescription : CWE-200: Exposure of Sensitive Information to an Unauthorized Actor vulnerability exists that could  \ncause information disclosure of restricted web page, modification of web page and denial of  \nservice when specific web pages are modified and restricted functions are invoked. \nSeverity: 8.6 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-17T12:36:38.000000Z"}]}