{"vulnerability": "CVE-2024-4161", "sightings": [{"uuid": "c51bef21-a8d3-444e-9654-78c1567f7330", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41613", "type": "seen", "source": "https://t.me/cvedetector/3039", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41613 - Symphony CMS XSS Note Injection\", \n  \"Content\": \"CVE ID : CVE-2024-41613 \nPublished : Aug. 13, 2024, 5:15 p.m. | 43\u00a0minutes ago \nDescription : A Cross Site Scripting (XSS) vulnerability in Symphony CMS 2.7.10 allows remote attackers to inject arbitrary web script or HTML by editing note. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-13T20:27:56.000000Z"}, {"uuid": "2d4d879b-2187-4455-87ad-ab46589203d6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41617", "type": "seen", "source": "https://t.me/cvedetector/8872", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41617 - Money Manager EX WebApp Cross-Site Request Forgery (CSRF) and Remote Code Execution\", \n  \"Content\": \"CVE ID : CVE-2024-41617 \nPublished : Oct. 24, 2024, 10:15 p.m. | 36\u00a0minutes ago \nDescription : Money Manager EX WebApp (web-money-manager-ex) 1.2.2 is vulnerable to Incorrect Access Control. The `redirect_if_not_loggedin` function in `functions_security.php` fails to terminate script execution after redirecting unauthenticated users. This flaw allows an unauthenticated attacker to upload arbitrary files, potentially leading to Remote Code Execution. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-25T01:12:01.000000Z"}, {"uuid": "f74ab9b9-2a8d-498b-b575-327283a66ab6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41618", "type": "seen", "source": "https://t.me/cvedetector/8873", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41618 - Money Manager EX WebApp SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-41618 \nPublished : Oct. 24, 2024, 10:15 p.m. | 36\u00a0minutes ago \nDescription : Money Manager EX WebApp (web-money-manager-ex) 1.2.2 is vulnerable to SQL Injection in the `transaction_delete_group` function. The vulnerability is due to improper sanitization of user input in the `TrDeleteArr` parameter, which is directly incorporated into an SQL query. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-25T01:12:02.000000Z"}, {"uuid": "9b64725b-b7ed-4811-a0e6-229fb7a90dd9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41614", "type": "seen", "source": "https://t.me/cvedetector/3036", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41614 - Symphony CMS Cross Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2024-41614 \nPublished : Aug. 13, 2024, 5:15 p.m. | 43\u00a0minutes ago \nDescription : symphonycms Severity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-13T20:27:53.000000Z"}, {"uuid": "1ba7a879-edbb-408e-ba7a-c449e15f76a1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41616", "type": "seen", "source": "https://t.me/cvedetector/2619", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41616 - D-Link DIR-300 Telnet Credentials Hardcoded\", \n  \"Content\": \"CVE ID : CVE-2024-41616 \nPublished : Aug. 6, 2024, 4:15 p.m. | 36\u00a0minutes ago \nDescription : D-Link DIR-300 REVA FIRMWARE v1.06B05_WW contains hardcoded credentials in the Telnet service. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"06 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-06T19:12:31.000000Z"}, {"uuid": "ae0e6b4d-153e-42b8-97ef-991216df2ad7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41610", "type": "seen", "source": "https://t.me/cvedetector/2070", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41610 - D-Link DIR-820LW Hardcoded Telnet Credentials\", \n  \"Content\": \"CVE ID : CVE-2024-41610 \nPublished : July 30, 2024, 8:15 p.m. | 42\u00a0minutes ago \nDescription : D-Link DIR-820LW REVB FIRMWARE PATCH 2.03.B01_TC contains hardcoded credentials in the Telnet service, enabling attackers to log in remotely to the Telnet service and perform arbitrary commands. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-30T23:16:25.000000Z"}, {"uuid": "ee0dfa8b-f0f7-4b84-9dad-4dca67ed10c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41611", "type": "seen", "source": "https://t.me/cvedetector/2069", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41611 - D-Link DIR-860L Telnet Hardcoded Credentials Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-41611 \nPublished : July 30, 2024, 8:15 p.m. | 42\u00a0minutes ago \nDescription : In D-Link DIR-860L REVA FIRMWARE PATCH 1.10..B04, the Telnet service contains hardcoded credentials, enabling attackers to log in remotely to the Telnet service and perform arbitrary commands. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-30T23:16:24.000000Z"}]}