{"vulnerability": "CVE-2024-1313", "sightings": [{"uuid": "d7d89bde-ea28-40d7-be1e-c508764926aa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13130", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113773053753439191", "content": "", "creation_timestamp": "2025-01-05T01:03:48.736343Z"}, {"uuid": "09dc67eb-dce6-4de5-a337-181344d8ed50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13130", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lexgzrxokf25", "content": "", "creation_timestamp": "2025-01-05T01:15:32.208301Z"}, {"uuid": "d8157909-4073-4399-9466-3ca9211a7766", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13131", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113773522572719102", "content": "", "creation_timestamp": "2025-01-05T03:03:02.571932Z"}, {"uuid": "3764db84-7e38-4f21-a933-985a172e6ffe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13131", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lexpkxueqi2b", "content": "", "creation_timestamp": "2025-01-05T03:48:44.560578Z"}, {"uuid": "706e5566-8fc0-49c2-849e-e400b95d6e56", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13132", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113773900515803514", "content": "", "creation_timestamp": "2025-01-05T04:39:09.460526Z"}, {"uuid": "ca5279bf-73b0-4a6b-b538-a70ff8ce92f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13133", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113773999758967309", "content": "", "creation_timestamp": "2025-01-05T05:04:24.412257Z"}, {"uuid": "42b2d586-b997-4384-92a9-aed0b6c238ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13134", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113774711733188942", "content": "", "creation_timestamp": "2025-01-05T08:05:27.561575Z"}, {"uuid": "fa226fe3-1fa4-4857-82b4-d2d16c2d02e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13134", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ley6ir3rdc2k", "content": "", "creation_timestamp": "2025-01-05T08:15:30.623832Z"}, {"uuid": "7c56d9f5-fe9e-4c14-902d-8ddc5b200767", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13135", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113774829307776648", "content": "", "creation_timestamp": "2025-01-05T08:35:21.615225Z"}, {"uuid": "1bcf56a3-62ca-4391-811a-d398705fb61f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13134", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ley7q7tzu52k", "content": "", "creation_timestamp": "2025-01-05T08:37:34.667353Z"}, {"uuid": "14299e60-030e-4c01-888d-3c5e4b666064", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13136", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113774960384335568", "content": "", "creation_timestamp": "2025-01-05T09:08:41.663698Z"}, {"uuid": "b6a21c84-777b-4d52-a9bf-8ea63c74bd86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13135", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3leybttrkex2m", "content": "", "creation_timestamp": "2025-01-05T09:15:23.720563Z"}, {"uuid": "261849cc-4d64-4446-af04-4ed92041395d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13136", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3leybtwwmqx2m", "content": "", "creation_timestamp": "2025-01-05T09:15:27.041908Z"}, {"uuid": "8a8460d1-3e14-4eaf-8ff8-deb07a0c3249", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13135", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3leydekaloe2e", "content": "", "creation_timestamp": "2025-01-05T09:42:37.845776Z"}, {"uuid": "ccfa137f-79bf-4b4f-b0fa-76813e672c23", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13136", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3leydekqlfe2e", "content": "", "creation_timestamp": "2025-01-05T09:42:38.471146Z"}, {"uuid": "6cfd39e2-7a1e-4f70-9c1f-37ccb1a392c2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13137", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113775181358738152", "content": "", "creation_timestamp": "2025-01-05T10:04:53.454738Z"}, {"uuid": "5235cd97-6534-49a8-b0d6-30ce93de811e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13137", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3leyf7gmmhd2o", "content": "", "creation_timestamp": "2025-01-05T10:15:33.732755Z"}, {"uuid": "0a649e39-e6b2-4c29-8c5e-39f4857d7df6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13138", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113775293668984827", "content": "", "creation_timestamp": "2025-01-05T10:33:27.091826Z"}, {"uuid": "80c8e442-00b2-4441-9f99-5e4a205f569e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13137", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3leygyx3vgi2k", "content": "", "creation_timestamp": "2025-01-05T10:47:43.672949Z"}, {"uuid": "01e10d00-703a-42b8-ba71-3f1043bc44b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13139", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113775419724463486", "content": "", "creation_timestamp": "2025-01-05T11:05:31.028095Z"}, {"uuid": "c2485f34-7035-4368-b0ae-9329baa8d246", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13138", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3leyikrsmra2k", "content": "", "creation_timestamp": "2025-01-05T11:15:35.827912Z"}, {"uuid": "709644d7-e573-4cce-8540-03314478c351", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13139", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3leyikufl2q2k", "content": "", "creation_timestamp": "2025-01-05T11:15:38.455379Z"}, {"uuid": "9d8ffb9d-24f5-47bd-851a-9be315b6ed6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13138", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3leykedrxns2e", "content": "", "creation_timestamp": "2025-01-05T11:47:47.290496Z"}, {"uuid": "edce2644-5a5a-48e3-848a-6b2557acb757", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13139", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3leykee6c5y2e", "content": "", "creation_timestamp": "2025-01-05T11:47:47.933451Z"}, {"uuid": "ca4bfb9d-ce71-4b9d-a4df-33a07f70fbfc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13134", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/125", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: GHSA-5pqj-phv8-qxmc\n\ud83d\udd17 Aliases: CVE-2024-13134\n\ud83d\udd39 Details: A vulnerability, which was classified as critical, was found in ZeroWdd studentmanager 1.0. Affected is the function addTeacher/editTeacher of the file src/main/Java/com/wdd/studentmanager/controller/TeacherController. java. The manipulation of the argument file leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udd22 Severity: CVSS_V3: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L, CVSS_V4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\n\ud83d\uddd3\ufe0f Modified: 2025-01-05T09:30:42Z\n\ud83d\uddd3\ufe0f Published: 2025-01-05T09:30:42Z\n\ud83c\udff7\ufe0f CWE IDs: CWE-284\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-13134\n2. https://github.com/ZeroWdd/studentmanager/issues/16\n3. https://github.com/ZeroWdd/studentmanager/issues/16#issue-2553409\n4. https://vuldb.com/?ctiid.290208\n5. https://vuldb.com/?id.290208\n6. https://vuldb.com/?submit.46916", "creation_timestamp": "2025-01-05T09:36:41.000000Z"}, {"uuid": "8cbfde4e-05c4-4482-94f4-904906e31bc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1313", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/127", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: GHSA-vr63-2695-ppff\n\ud83d\udd17 Aliases: CVE-2024-13137\n\ud83d\udd39 Details: A vulnerability was found in wangl1989 mysiteforme 1.0. It has been classified as problematic. This affects the function RestResponse of the file src/main/java/com/mysiteforme/admin/controller/system/SiteController. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udd22 Severity: CVSS_V3: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N, CVSS_V4: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\n\ud83d\uddd3\ufe0f Modified: 2025-01-05T12:30:30Z\n\ud83d\uddd3\ufe0f Published: 2025-01-05T12:30:30Z\n\ud83c\udff7\ufe0f CWE IDs: CWE-79\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-1313\n2. https://github.com/wangl1989/mysiteforme/issues/54\n3. https://github.com/wangl1989/mysiteforme/issues/54#issue-256532\n4. https://vuldb.com/?ctiid.290211\n5. https://vuldb.com/?id.290211\n6. https://vuldb.com/?submit.46843", "creation_timestamp": "2025-01-05T12:39:32.000000Z"}, {"uuid": "c1ed0a70-0c8b-4bcc-89a4-1b143f4470ff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13137", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/127", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: GHSA-vr63-2695-ppff\n\ud83d\udd17 Aliases: CVE-2024-13137\n\ud83d\udd39 Details: A vulnerability was found in wangl1989 mysiteforme 1.0. It has been classified as problematic. This affects the function RestResponse of the file src/main/java/com/mysiteforme/admin/controller/system/SiteController. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udd22 Severity: CVSS_V3: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N, CVSS_V4: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\n\ud83d\uddd3\ufe0f Modified: 2025-01-05T12:30:30Z\n\ud83d\uddd3\ufe0f Published: 2025-01-05T12:30:30Z\n\ud83c\udff7\ufe0f CWE IDs: CWE-79\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-1313\n2. https://github.com/wangl1989/mysiteforme/issues/54\n3. https://github.com/wangl1989/mysiteforme/issues/54#issue-256532\n4. https://vuldb.com/?ctiid.290211\n5. https://vuldb.com/?id.290211\n6. https://vuldb.com/?submit.46843", "creation_timestamp": "2025-01-05T12:39:32.000000Z"}, {"uuid": "fc84b348-327f-4ece-b3aa-7805157a7c15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13135", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/124", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: GHSA-9hmm-3g3p-p327\n\ud83d\udd17 Aliases: CVE-2024-13135\n\ud83d\udd39 Details: A vulnerability has been found in Emlog Pro 2.4.3 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/twitter.php of the component Subpage Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udd22 Severity: CVSS_V3: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N, CVSS_V4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\n\ud83d\uddd3\ufe0f Modified: 2025-01-05T09:30:42Z\n\ud83d\uddd3\ufe0f Published: 2025-01-05T09:30:42Z\n\ud83c\udff7\ufe0f CWE IDs: CWE-79\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-13135\n2. https://github.com/emlog/emlog/issues/311\n3. https://github.com/emlog/emlog/issues/311#issue-255404584\n4. https://vuldb.com/?ctiid.290209\n5. https://vuldb.com/?id.290209\n6. https://vuldb.com/?submit.46929", "creation_timestamp": "2025-01-05T09:36:34.000000Z"}, {"uuid": "dc0009b0-e6ae-4484-ba65-80d259d71180", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13136", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/123", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: GHSA-9v62-r8m2-76m8\n\ud83d\udd17 Aliases: CVE-2024-13136\n\ud83d\udd39 Details: A vulnerability was found in wangl1989 mysiteforme 1.0 and classified as critical. Affected by this issue is the function rememberMeManager of the file src/main/java/com/mysiteforme/admin/config/ShiroConfig.java. The manipulation leads to deserialization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udd22 Severity: CVSS_V3: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L, CVSS_V4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\n\ud83d\uddd3\ufe0f Modified: 2025-01-05T09:30:42Z\n\ud83d\uddd3\ufe0f Published: 2025-01-05T09:30:42Z\n\ud83c\udff7\ufe0f CWE IDs: CWE-20\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-13136\n2. https://github.com/wangl1989/mysiteforme/issues/52\n3. https://github.com/wangl1989/mysiteforme/issues/52#issue-25682365\n4. https://vuldb.com/?ctiid.290210\n5. https://vuldb.com/?id.290210\n6. https://vuldb.com/?submit.468391", "creation_timestamp": "2025-01-05T09:36:28.000000Z"}, {"uuid": "e219bd41-238f-4e85-a14e-7d050ccccb87", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13138", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/126", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: GHSA-wq4v-g552-cgfg\n\ud83d\udd17 Aliases: CVE-2024-13138\n\ud83d\udd39 Details: A vulnerability was found in wangl1989 mysiteforme 1.0. It has been declared as critical. This vulnerability affects the function upload of the file src/main/java/com/mysiteform/admin/service/ipl/LocalUploadServiceImpl. The manipulation of the argument test leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udd22 Severity: CVSS_V3: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L, CVSS_V4: CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\n\ud83d\uddd3\ufe0f Modified: 2025-01-05T12:30:30Z\n\ud83d\uddd3\ufe0f Published: 2025-01-05T12:30:30Z\n\ud83c\udff7\ufe0f CWE IDs: CWE-284\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-13138\n2. https://github.com/wangl1989/mysiteforme/issues/55\n3. https://github.com/wangl1989/mysiteforme/issues/55#issue-25868654\n4. https://vuldb.com/?ctiid.290212\n5. https://vuldb.com/?id.290212\n6. https://vuldb.com/?submit.468511", "creation_timestamp": "2025-01-05T12:39:26.000000Z"}, {"uuid": "9b637cfe-939b-4d14-9002-ae2e869cbcf5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13139", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/129", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: GHSA-7whx-v52v-gg25\n\ud83d\udd17 Aliases: CVE-2024-13139\n\ud83d\udd39 Details: A vulnerability was found in wangl1989 mysiteforme 1.0. It has been rated as critical. This issue affects the function doContent of the file src/main/java/com/mysiteform/admin/controller/system/FileController. The manipulation of the argument content leads to server-side request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udd22 Severity: CVSS_V3: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L, CVSS_V4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\n\ud83d\uddd3\ufe0f Modified: 2025-01-05T12:30:30Z\n\ud83d\uddd3\ufe0f Published: 2025-01-05T12:30:30Z\n\ud83c\udff7\ufe0f CWE IDs: CWE-918\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-13139\n2. https://github.com/wangl1989/mysiteforme/issues/56\n3. https://github.com/wangl1989/mysiteforme/issues/56#issue-2586365\n4. https://vuldb.com/?ctiid.290213\n5. https://vuldb.com/?id.290213\n6. https://vuldb.com/?submit.468513", "creation_timestamp": "2025-01-05T12:39:43.000000Z"}, {"uuid": "8cdc0d0e-4775-4da0-b8d5-e943266b38a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13135", "type": "seen", "source": "https://t.me/cvedetector/14298", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13135 - Emlog Pro Cross Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13135 \nPublished : Jan. 5, 2025, 9:15 a.m. | 28\u00a0minutes ago \nDescription : A vulnerability has been found in Emlog Pro 2.4.3 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/twitter.php of the component Subpage Handler. The manipulation leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 3.5 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-05T10:49:37.000000Z"}, {"uuid": "5b3ecf59-1cbd-433f-8a4b-c1e86c79d88f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13131", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/118", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: GHSA-cqgx-q2fg-hwxm\n\ud83d\udd17 Aliases: CVE-2024-13131\n\ud83d\udd39 Details: A vulnerability classified as problematic has been found in Dahua IPC-HFW1200S, IPC-HFW2300R-Z, IPC-HFW5220E-Z and IPC-HDW1200S up to 20241222. This affects an unknown part of the file /web_caps/webCapsConfig of the component Web Interface. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.\n\ud83d\udd22 Severity: CVSS_V3: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N, CVSS_V4: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\n\ud83d\uddd3\ufe0f Modified: 2025-01-05T03:30:29Z\n\ud83d\uddd3\ufe0f Published: 2025-01-05T03:30:29Z\n\ud83c\udff7\ufe0f CWE IDs: CWE-200\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-13131\n2. https://netsecfish.notion.site/IntelBras-IP-Camera-Information-isclosure-15e6b683e6c80a89f89daf59daa9ea8?pvs=3\n3. https://vuldb.com/?ctiid.290205\n4. https://vuldb.com/?id.290205\n5. https://vuldb.com/?submit.464258", "creation_timestamp": "2025-01-05T03:36:04.000000Z"}, {"uuid": "66db01ee-2fe6-4db5-b519-903b4079dd1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13130", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/117", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: GHSA-fq22-566f-cfhj\n\ud83d\udd17 Aliases: CVE-2024-13130\n\ud83d\udd39 Details: A vulnerability was found in Dahua IPC-HFW1200S, IPC-HFW2300R-Z, IPC-HFW5220E-Z and IPC-HDW1200S up to 20241222. It has been rated as problematic. Affected by this issue is some unknown functionality of the file ../mtd/Config/Sha1Account1 of the component Web Interface. The manipulation leads to path traversal: '../filedir'. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.\n\ud83d\udd22 Severity: CVSS_V3: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N, CVSS_V4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\n\ud83d\uddd3\ufe0f Modified: 2025-01-05T03:30:29Z\n\ud83d\uddd3\ufe0f Published: 2025-01-05T03:30:29Z\n\ud83c\udff7\ufe0f CWE IDs: CWE-23\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-13130\n2. https://netsecfish.notion.site/Path-Traversal-Vulnerability-in-IntelBras-IP-Cameras-mtd-Config-Sha1Account1-and-mtd-Confi-15e6b683e6c80809442ee3425f53b?pvs=4\n3. https://vuldb.com/?ctiid.290204\n4. https://vuldb.com/?id.290204\n5. https://vuldb.com/?submit.464260", "creation_timestamp": "2025-01-05T03:35:57.000000Z"}, {"uuid": "ac0f9e8a-d68b-439b-a475-d9afc78d9728", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13133", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/121", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: GHSA-c37c-p2gq-c2g7\n\ud83d\udd17 Aliases: CVE-2024-13133\n\ud83d\udd39 Details: A vulnerability, which was classified as critical, has been found in ZeroWdd studentmanager 1.0. This issue affects the function addStudent/editStudent of the file src/main/Java/com/wdd/studentmanager/controller/StudentController. java. The manipulation of the argument file leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udd22 Severity: CVSS_V3: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L, CVSS_V4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\n\ud83d\uddd3\ufe0f Modified: 2025-01-05T06:30:29Z\n\ud83d\uddd3\ufe0f Published: 2025-01-05T06:30:29Z\n\ud83c\udff7\ufe0f CWE IDs: CWE-284\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-13133\n2. https://github.com/ZeroWdd/studentmanager/issues/16\n3. https://github.com/ZeroWdd/studentmanager/issues/16#issue-2553409\n4. https://vuldb.com/?ctiid.29020\n5. https://vuldb.com/?id.29020", "creation_timestamp": "2025-01-05T06:38:45.000000Z"}, {"uuid": "ce7cbcb9-eb6c-4eaa-8eb5-675c787e57ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13132", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/120", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: GHSA-j98j-8r2w-j3gq\n\ud83d\udd17 Aliases: CVE-2024-13132\n\ud83d\udd39 Details: A vulnerability classified as problematic was found in Emlog Pro up to 2.4.3. This vulnerability affects unknown code of the file /admin/article.php of the component Subpage Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udd22 Severity: CVSS_V3: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N, CVSS_V4: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\n\ud83d\uddd3\ufe0f Modified: 2025-01-05T06:30:29Z\n\ud83d\uddd3\ufe0f Published: 2025-01-05T06:30:29Z\n\ud83c\udff7\ufe0f CWE IDs: CWE-79\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-13132\n2. https://github.com/emlog/emlog/issues/309\n3. https://github.com/emlog/emlog/issues/309#issue-25531359\n4. https://vuldb.com/?ctiid.290206\n5. https://vuldb.com/?id.290206\n6. https://vuldb.com/?submit.46912", "creation_timestamp": "2025-01-05T06:38:39.000000Z"}, {"uuid": "0d056cb0-78c8-4803-bd3f-21a9adf50574", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13130", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1134", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13130\n\ud83d\udd39 Description: A vulnerability was found in Dahua IPC-HFW1200S, IPC-HFW2300R-Z, IPC-HFW5220E-Z and IPC-HDW1200S up to 20241222. It has been rated as problematic. Affected by this issue is some unknown functionality of the file ../mtd/Config/Sha1Account1 of the component Web Interface. The manipulation leads to path traversal: '../filedir'. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-01-05T01:00:12.751Z\n\ud83d\udccf Modified: 2025-01-10T13:16:54.363Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.290204\n2. https://vuldb.com/?ctiid.290204\n3. https://vuldb.com/?submit.464260\n4. https://netsecfish.notion.site/Path-Traversal-Vulnerability-in-IntelBras-IP-Cameras-mtd-Config-Sha1Account1-and-mtd-Confi-15e6b683e67c80809442ee3425f753b7?pvs=4", "creation_timestamp": "2025-01-10T14:05:45.000000Z"}, {"uuid": "91d242ff-56ce-4736-9891-625696f6f306", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13131", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/1133", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13131\n\ud83d\udd39 Description: A vulnerability classified as problematic has been found in Dahua IPC-HFW1200S, IPC-HFW2300R-Z, IPC-HFW5220E-Z and IPC-HDW1200S up to 20241222. This affects an unknown part of the file /web_caps/webCapsConfig of the component Web Interface. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-01-05T03:00:14.594Z\n\ud83d\udccf Modified: 2025-01-10T13:16:56.472Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.290205\n2. https://vuldb.com/?ctiid.290205\n3. https://vuldb.com/?submit.464258\n4. https://netsecfish.notion.site/IntelBras-IP-Camera-Information-Disclosure-15e6b683e67c80a89f89daf59daa9ea8?pvs=73", "creation_timestamp": "2025-01-10T14:05:39.000000Z"}, {"uuid": "2316f465-6c85-4dfc-a64b-8bd4d7d36640", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13130", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/10847", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-13130\n\ud83d\udd25 CVSS Score: 5.3 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N)\n\ud83d\udd39 Description: A vulnerability was found in Dahua IPC-HFW1200S, IPC-HFW2300R-Z, IPC-HFW5220E-Z and IPC-HDW1200S up to 20241222. It has been rated as problematic. Affected by this issue is some unknown functionality of the file ../mtd/Config/Sha1Account1 of the component Web Interface. The manipulation leads to path traversal: '../filedir'. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.\n\ud83d\udccf Published: 2025-01-05T01:00:12.751Z\n\ud83d\udccf Modified: 2025-04-08T04:19:53.063Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.290204\n2. https://vuldb.com/?ctiid.290204\n3. https://vuldb.com/?submit.464260\n4. https://netsecfish.notion.site/Path-Traversal-Vulnerability-in-IntelBras-IP-Cameras-mtd-Config-Sha1Account1-and-mtd-Confi-15e6b683e67c80809442ee3425f753b7?pvs=4", "creation_timestamp": "2025-04-08T04:46:37.000000Z"}, {"uuid": "1a1d9941-18c8-4468-b7d4-58e62ad669e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13136", "type": "seen", "source": "https://t.me/cvedetector/14297", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13136 - Wangl1989 Mysiteforme Remote Deserialization Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13136 \nPublished : Jan. 5, 2025, 9:15 a.m. | 28\u00a0minutes ago \nDescription : A vulnerability was found in wangl1989 mysiteforme 1.0 and classified as critical. Affected by this issue is the function rememberMeManager of the file src/main/java/com/mysiteforme/admin/config/ShiroConfig.java. The manipulation leads to deserialization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-05T10:49:37.000000Z"}, {"uuid": "c0fece4b-5c93-4097-9409-c7f61a57b202", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13134", "type": "seen", "source": "https://t.me/cvedetector/14296", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13134 - ZeroWdd Studentmanager Unrestricted File Upload Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13134 \nPublished : Jan. 5, 2025, 8:15 a.m. | 38\u00a0minutes ago \nDescription : A vulnerability, which was classified as critical, was found in ZeroWdd studentmanager 1.0. Affected is the function addTeacher/editTeacher of the file src/main/Java/com/wdd/studentmanager/controller/TeacherController. java. The manipulation of the argument file leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-05T09:59:25.000000Z"}, {"uuid": "2153a5ca-9253-4293-8245-88627ef46f37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13139", "type": "seen", "source": "https://t.me/cvedetector/14300", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13139 - Wangl1989 Mysiteforme SSRF Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13139 \nPublished : Jan. 5, 2025, 11:15 a.m. | 43\u00a0minutes ago \nDescription : A vulnerability was found in wangl1989 mysiteforme 1.0. It has been rated as critical. This issue affects the function doContent of the file src/main/java/com/mysiteform/admin/controller/system/FileController. The manipulation of the argument content leads to server-side request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-05T13:20:04.000000Z"}, {"uuid": "1477e326-8349-4f1d-890a-446566e6ed83", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13138", "type": "seen", "source": "https://t.me/cvedetector/14301", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13138 - Wangl1989 MySiteForMe Unrestricted File Upload Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13138 \nPublished : Jan. 5, 2025, 11:15 a.m. | 43\u00a0minutes ago \nDescription : A vulnerability was found in wangl1989 mysiteforme 1.0. It has been declared as critical. This vulnerability affects the function upload of the file src/main/java/com/mysiteform/admin/service/ipl/LocalUploadServiceImpl. The manipulation of the argument test leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 4.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-05T13:20:04.000000Z"}, {"uuid": "a0d259de-98a8-4859-9d34-ad026f1f14ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13137", "type": "seen", "source": "https://t.me/cvedetector/14299", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13137 - Wangl1989 MySiteforme Cross Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13137 \nPublished : Jan. 5, 2025, 10:15 a.m. | 21\u00a0minutes ago \nDescription : A vulnerability was found in wangl1989 mysiteforme 1.0. It has been classified as problematic. This affects the function RestResponse of the file src/main/java/com/mysiteforme/admin/controller/system/SiteController. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 2.4 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-05T11:39:48.000000Z"}, {"uuid": "0874f905-5bd2-4585-a0a8-a5737cb3e6d2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13132", "type": "seen", "source": "https://t.me/cvedetector/14294", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13132 - Emlog Pro Cross-Site Scripting Vulnerability in Subpage Handler\", \n  \"Content\": \"CVE ID : CVE-2024-13132 \nPublished : Jan. 5, 2025, 5:15 a.m. | 15\u00a0minutes ago \nDescription : A vulnerability classified as problematic was found in Emlog Pro up to 2.4.3. This vulnerability affects unknown code of the file /admin/article.php of the component Subpage Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 3.5 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-05T06:38:44.000000Z"}, {"uuid": "f791abb0-f88b-4826-a815-d5bcacee7f43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13133", "type": "seen", "source": "https://t.me/cvedetector/14293", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13133 - ZeroWdd Studentmanager Unrestricted File Upload Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13133 \nPublished : Jan. 5, 2025, 5:15 a.m. | 15\u00a0minutes ago \nDescription : A vulnerability, which was classified as critical, has been found in ZeroWdd studentmanager 1.0. This issue affects the function addStudent/editStudent of the file src/main/Java/com/wdd/studentmanager/controller/StudentController. java. The manipulation of the argument file leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-05T06:38:43.000000Z"}, {"uuid": "ff607cca-56f8-4077-9fe4-93710f0cd00a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13131", "type": "seen", "source": "https://t.me/cvedetector/14292", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13131 - Dahua Web Interface Information Disclosure vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13131 \nPublished : Jan. 5, 2025, 3:15 a.m. | 34\u00a0minutes ago \nDescription : A vulnerability classified as problematic has been found in Dahua IPC-HFW1200S, IPC-HFW2300R-Z, IPC-HFW5220E-Z and IPC-HDW1200S up to 20241222. This affects an unknown part of the file /web_caps/webCapsConfig of the component Web Interface. The manipulation leads to information disclosure. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-05T04:58:22.000000Z"}, {"uuid": "fef25955-d3f3-40cb-8186-856085af07be", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-13130", "type": "seen", "source": "https://t.me/cvedetector/14291", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-13130 - Dahua Web Interface Remote Path Traversal Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-13130 \nPublished : Jan. 5, 2025, 1:15 a.m. | 43\u00a0minutes ago \nDescription : A vulnerability was found in Dahua IPC-HFW1200S, IPC-HFW2300R-Z, IPC-HFW5220E-Z and IPC-HDW1200S up to 20241222. It has been rated as problematic. Affected by this issue is some unknown functionality of the file ../mtd/Config/Sha1Account1 of the component Web Interface. The manipulation leads to path traversal: '../filedir'. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-05T03:18:01.000000Z"}]}