{"vulnerability": "CVE-2024-2541", "sightings": [{"uuid": "3d3b77a2-1b11-4990-95a7-993e0e1c930d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25413", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8857", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-25413\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: A XSLT Server Side injection vulnerability in the Import Jobs function of FireBear Improved Import And Export v3.8.6 allows attackers to execute arbitrary commands via a crafted XSLT file.\n\ud83d\udccf Published: 2024-02-16T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-26T14:06:49.563Z\n\ud83d\udd17 References:\n1. https://github.com/capture0x/Magento-ver.-2.4.6\n2. https://packetstormsecurity.com/files/175801/FireBear-Improved-Import-And-Export-3.8.6-XSLT-Server-Side-Injection.html", "creation_timestamp": "2025-03-26T14:25:26.000000Z"}, {"uuid": "6baac283-0de5-49b7-8d96-5758345f379b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25412", "type": "seen", "source": "https://t.me/cvedetector/6572", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-25412 - Flatpress XSS Flaw\", \n  \"Content\": \"CVE ID : CVE-2024-25412 \nPublished : Sept. 27, 2024, 6:15 p.m. | 34\u00a0minutes ago \nDescription : A cross-site scripting (XSS) vulnerability in Flatpress v1.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the email field. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-27T20:55:22.000000Z"}, {"uuid": "8c640f9c-6965-4ffc-bed9-75a262addc0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25411", "type": "seen", "source": "https://t.me/cvedetector/6571", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-25411 - Flatpress XSS\", \n  \"Content\": \"CVE ID : CVE-2024-25411 \nPublished : Sept. 27, 2024, 6:15 p.m. | 34\u00a0minutes ago \nDescription : A cross-site scripting (XSS) vulnerability in Flatpress v1.3 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username parameter in setup.php. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-27T20:55:21.000000Z"}, {"uuid": "4132aa52-b0df-48ca-a587-4e756f8b2d57", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25415", "type": "seen", "source": "https://t.me/arpsyndicate/4545", "content": "#ExploitObserverAlert\n\nCVE-2024-25415\n\nDESCRIPTION: Exploit Observer has 7 entries in 3 file formats related to CVE-2024-25415. A remote code execution (RCE) vulnerability in /admin/define_language.php of CE Phoenix v1.0.8.20 allows attackers to execute arbitrary PHP code via injecting a crafted payload into the file english.php.\n\nFIRST-EPSS: 0.000450000\nARPS-EXPLOITABILITY: 0.6035537", "creation_timestamp": "2024-04-12T06:52:54.000000Z"}, {"uuid": "59665531-a7d3-495b-be66-8c6574afc91d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-2541", "type": "seen", "source": "https://t.me/cvedetector/4396", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-2541 - Wordpress Popup Builder Sensitive Information Exposure\", \n  \"Content\": \"CVE ID : CVE-2024-2541 \nPublished : Aug. 29, 2024, 1:15 p.m. | 43\u00a0minutes ago \nDescription : The Popup Builder plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.3.3 via the Subscribers Import feature. This makes it possible for unauthenticated attackers to extract sensitive data after an administrator has imported subscribers via a CSV file. This data may include the first name, last name, e-mail address, and potentially other personally identifiable information of subscribers. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-29T16:13:07.000000Z"}, {"uuid": "94c99830-9e10-4aaf-9451-753857e5350a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25419", "type": "seen", "source": "https://t.me/ctinow/198752", "content": "https://ift.tt/964Qmrl\nCVE-2024-25419 | flusity CMS 2.33 update_menu.php cross-site request forgery", "creation_timestamp": "2024-03-03T14:46:41.000000Z"}, {"uuid": "dc8f0707-73a7-4e8f-bd6f-d955835fbc7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25414", "type": "seen", "source": "https://t.me/ctinow/203154", "content": "https://ift.tt/OJGk5We\nCVE-2024-25414 | CSZ CMS 1.3.0 ZIP File /admin/upgrade unrestricted upload (ID 175889)", "creation_timestamp": "2024-03-08T08:56:39.000000Z"}, {"uuid": "4806daf9-3a2a-44c3-935c-6ca5eedec930", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25413", "type": "seen", "source": "https://t.me/ctinow/203153", "content": "https://ift.tt/v7UBYdp\nCVE-2024-25413 | FireBear Improved Import and Export 3.8.6 XSLT injection (ID 175801)", "creation_timestamp": "2024-03-08T08:56:38.000000Z"}, {"uuid": "9c7f24ac-f6d6-48f5-b400-7c97bb2358e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25415", "type": "seen", "source": "https://t.me/ctinow/203152", "content": "https://ift.tt/8kjo6LF\nCVE-2024-25415 | CE Phoenix 1.0.8.20 define_language.php injection (ID 175913)", "creation_timestamp": "2024-03-08T08:56:37.000000Z"}, {"uuid": "286a91ea-bc2b-4fd7-b4be-751fba1bb440", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25418", "type": "seen", "source": "https://t.me/ctinow/198751", "content": "https://ift.tt/Pl0hf8O\nCVE-2024-25418 | flusity CMS 2.33 delete_menu.php cross-site request forgery", "creation_timestamp": "2024-03-03T14:46:40.000000Z"}, {"uuid": "79995796-afcb-4f69-ab6a-c3d2ddd050ac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25417", "type": "seen", "source": "https://t.me/ctinow/198736", "content": "https://ift.tt/ugY5FO0\nCVE-2024-25417 | flusity CMS 2.33 add_translation.php cross-site request forgery", "creation_timestamp": "2024-03-03T14:16:55.000000Z"}, {"uuid": "fc89df96-8998-4b93-89d8-617de4ce7c37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25419", "type": "seen", "source": "https://t.me/ctinow/183557", "content": "https://ift.tt/mCikt2w\nCVE-2024-25419 Exploit", "creation_timestamp": "2024-02-13T02:16:42.000000Z"}, {"uuid": "cf73468f-ea56-46b6-9fd2-cb2711a34310", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25415", "type": "seen", "source": "https://t.me/ctinow/186095", "content": "https://ift.tt/ftNXE0Z\nCVE-2024-25415", "creation_timestamp": "2024-02-16T03:22:05.000000Z"}, {"uuid": "033fb2de-a522-4e23-8721-b2072dce1358", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25414", "type": "seen", "source": "https://t.me/ctinow/186094", "content": "https://ift.tt/GyKt25P\nCVE-2024-25414", "creation_timestamp": "2024-02-16T03:22:04.000000Z"}, {"uuid": "52ef7945-cd75-4003-b21e-acb9b8bb00e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25413", "type": "seen", "source": "https://t.me/ctinow/186093", "content": "https://ift.tt/8Tx9sji\nCVE-2024-25413", "creation_timestamp": "2024-02-16T03:22:03.000000Z"}, {"uuid": "bfc3aa5e-c178-4092-92b8-dd090635e059", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25417", "type": "seen", "source": "https://t.me/ctinow/183555", "content": "https://ift.tt/pJNPXt9\nCVE-2024-25417 Exploit", "creation_timestamp": "2024-02-13T02:16:40.000000Z"}, {"uuid": "c61d4d2a-2823-4ed0-903b-0aeaae624d68", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25418", "type": "seen", "source": "https://t.me/ctinow/183554", "content": "https://ift.tt/lorMyLX\nCVE-2024-25418 Exploit", "creation_timestamp": "2024-02-13T02:16:39.000000Z"}, {"uuid": "f03cbb57-550e-46be-9447-03ed00d298fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25419", "type": "seen", "source": "https://t.me/ctinow/182856", "content": "https://ift.tt/eXYFBLx\nCVE-2024-25419", "creation_timestamp": "2024-02-11T22:21:38.000000Z"}, {"uuid": "ba9d4d84-46a7-420a-8928-2d6a37049b06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25418", "type": "seen", "source": "https://t.me/ctinow/182855", "content": "https://ift.tt/l8hQEIS\nCVE-2024-25418", "creation_timestamp": "2024-02-11T22:21:37.000000Z"}, {"uuid": "7840794d-ac30-4894-a9e8-b3d0cabe3972", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-25417", "type": "seen", "source": "https://t.me/ctinow/182854", "content": "https://ift.tt/ClymFoI\nCVE-2024-25417", "creation_timestamp": "2024-02-11T22:21:36.000000Z"}]}