{"vulnerability": "CVE-2024-4180", "sightings": [{"uuid": "3bc51281-3cab-4e4a-a753-7c09899a6915", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41804", "type": "seen", "source": "https://t.me/Black4Fan/10", "content": "\u0410 \u0435\u0449\u0435 \u044f \u043d\u0430\u043b\u0443\u0442\u0430\u043b \u043f\u0430\u0447\u043a\u0443 CVE.\n\u041f\u0440\u0430\u0432\u0434\u0430 \u0447\u0430\u0441\u0442\u044c \u0438\u0437 \u043d\u0438\u0445 \u0431\u0435\u0437 \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u043d\u0438\u044f \u0430\u0432\u0442\u043e\u0440\u0430 \u00af\\_(\u30c4)_/\u00af\n\nOracle E-Business Suite\nCVE-2024-21071 RCE\nCVE-2024-21074 SQL Injection\nCVE-2024-21075 SQL Injection\nCVE-2024-21080 SQL Injection\nCVE-2024-21143 Unvalidated Forward\n\nOracle Critical Patch Update - April 2024\nOracle Critical Patch Update - July 2024\n\n\nXibo CMS\nCVE-2024-41802 SQL Injection\nCVE-2024-41803 SQL Injection\nCVE-2024-41804 SQL Injection\nCVE-2024-41944 SQL Injection\n\nXibo CMS Security Advisory\n\n\nThruk\nCVE-2024-39915 RCE\n\nThruk Security", "creation_timestamp": "2024-08-13T15:58:56.000000Z"}, {"uuid": "25e370d7-da20-4a74-b554-e0a86b5b3f93", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4180", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2024/CVE-2024-4180.yaml", "content": "", "creation_timestamp": "2025-10-31T01:37:48.000000Z"}, {"uuid": "99889f70-9ed3-4681-b224-43a8b1bd79a7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41803", "type": "seen", "source": "https://t.me/Black4Fan/10", "content": "\u0410 \u0435\u0449\u0435 \u044f \u043d\u0430\u043b\u0443\u0442\u0430\u043b \u043f\u0430\u0447\u043a\u0443 CVE.\n\u041f\u0440\u0430\u0432\u0434\u0430 \u0447\u0430\u0441\u0442\u044c \u0438\u0437 \u043d\u0438\u0445 \u0431\u0435\u0437 \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u043d\u0438\u044f \u0430\u0432\u0442\u043e\u0440\u0430 \u00af\\_(\u30c4)_/\u00af\n\nOracle E-Business Suite\nCVE-2024-21071 RCE\nCVE-2024-21074 SQL Injection\nCVE-2024-21075 SQL Injection\nCVE-2024-21080 SQL Injection\nCVE-2024-21143 Unvalidated Forward\n\nOracle Critical Patch Update - April 2024\nOracle Critical Patch Update - July 2024\n\n\nXibo CMS\nCVE-2024-41802 SQL Injection\nCVE-2024-41803 SQL Injection\nCVE-2024-41804 SQL Injection\nCVE-2024-41944 SQL Injection\n\nXibo CMS Security Advisory\n\n\nThruk\nCVE-2024-39915 RCE\n\nThruk Security", "creation_timestamp": "2024-08-13T15:58:56.000000Z"}, {"uuid": "bf22ab72-6636-4115-b51f-8b4a766b2282", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4180", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m4jernc6ak2j", "content": "", "creation_timestamp": "2025-10-31T21:02:47.916625Z"}, {"uuid": "56367015-a355-4655-af66-7e63409b82f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41802", "type": "seen", "source": "https://t.me/Black4Fan/10", "content": "\u0410 \u0435\u0449\u0435 \u044f \u043d\u0430\u043b\u0443\u0442\u0430\u043b \u043f\u0430\u0447\u043a\u0443 CVE.\n\u041f\u0440\u0430\u0432\u0434\u0430 \u0447\u0430\u0441\u0442\u044c \u0438\u0437 \u043d\u0438\u0445 \u0431\u0435\u0437 \u0443\u043f\u043e\u043c\u0438\u043d\u0430\u043d\u0438\u044f \u0430\u0432\u0442\u043e\u0440\u0430 \u00af\\_(\u30c4)_/\u00af\n\nOracle E-Business Suite\nCVE-2024-21071 RCE\nCVE-2024-21074 SQL Injection\nCVE-2024-21075 SQL Injection\nCVE-2024-21080 SQL Injection\nCVE-2024-21143 Unvalidated Forward\n\nOracle Critical Patch Update - April 2024\nOracle Critical Patch Update - July 2024\n\n\nXibo CMS\nCVE-2024-41802 SQL Injection\nCVE-2024-41803 SQL Injection\nCVE-2024-41804 SQL Injection\nCVE-2024-41944 SQL Injection\n\nXibo CMS Security Advisory\n\n\nThruk\nCVE-2024-39915 RCE\n\nThruk Security", "creation_timestamp": "2024-08-13T15:58:56.000000Z"}, {"uuid": "ff75ab17-7e8c-4e58-8ced-269a61ae45f7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41805", "type": "seen", "source": "https://t.me/cvedetector/1690", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41805 - Tracks GTD Reflected Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-41805 \nPublished : July 26, 2024, 3:15 p.m. | 34\u00a0minutes ago \nDescription : Tracks, a Getting Things Done (GTD) web application, is vulnerable to reflected cross-site scripting in versions prior to 2.7.1. Reflected cross-site scripting enables execution of malicious JavaScript in the context of a user\u2019s browser if that user clicks on a malicious link, allowing phishing attacks that could lead to credential theft. Tracks version 2.7.1 is patched. No known complete workarounds are available. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-26T18:02:02.000000Z"}, {"uuid": "f330b76f-7bbf-424f-92c5-96c85b5e87b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4180", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7952", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-4180\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Events Calendar WordPress plugin before 6.4.0.1 does not properly sanitize user-submitted content when rendering some views via AJAX.\n\ud83d\udccf Published: 2024-06-04T06:00:02.616Z\n\ud83d\udccf Modified: 2025-03-18T18:41:26.666Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/b2a92316-e404-4a5e-8426-f88df6e87550/", "creation_timestamp": "2025-03-18T19:02:41.000000Z"}, {"uuid": "fddc2828-f412-4500-aa4d-afd6c7401576", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41806", "type": "seen", "source": "https://t.me/cvedetector/1631", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41806 - Open edX Platform: AWS S3 Public Bucket Exposure (Information Disclosure)\", \n  \"Content\": \"CVE ID : CVE-2024-41806 \nPublished : July 25, 2024, 3:15 p.m. | 1\u00a0hour, 53\u00a0minutes ago \nDescription : The Open edX Platform is a learning management platform. Instructors can upload csv files containing learner information to create cohorts in the instructor dashboard. These files are uploaded using the django default storage. With certain storage backends, uploads may become publicly available when the uploader uses versions master, palm, olive, nutmeg, maple, lilac, koa, or juniper. The patch in commit cb729a3ced0404736dfa0ae768526c82b608657b ensures that cohorts data uploaded to AWS S3 buckets is written with a private ACL. Beyond patching, deployers should also ensure that existing cohorts uploads have a private ACL, or that other precautions are taken to avoid public access. \nSeverity: 5.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-25T19:25:32.000000Z"}, {"uuid": "f4352615-b872-4f96-8f5d-fcc4a7057661", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41808", "type": "seen", "source": "https://t.me/cvedetector/1644", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41808 - OpenObserve Cross-Site Scripting (XSS) and Account Takeover Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-41808 \nPublished : July 25, 2024, 8:15 p.m. | 28\u00a0minutes ago \nDescription : The OpenObserve open-source observability platform provides the ability to filter logs in a dashboard by the values uploaded in a given log. However, all versions of the platform through 0.9.1 do not sanitize user input in the filter selection menu, which may result in complete account takeover. It has been noted that the front-end uses `DOMPurify` or Vue templating to escape cross-site scripting (XSS) extensively, however certain areas of the front end lack this XSS protection. When combining the missing protection with the insecure authentication handling that the front-end uses, a malicious user may be able to take over any victim's account provided they meet the exploitation steps. As of time of publication, no patched version is available. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-25T22:46:16.000000Z"}, {"uuid": "387e41cf-f644-485c-9f8a-54aa6cccb187", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41803", "type": "seen", "source": "https://t.me/cvedetector/2044", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41803 - Xibo CMS SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-41803 \nPublished : July 30, 2024, 4:15 p.m. | 42\u00a0minutes ago \nDescription : Xibo is a content management system (CMS). An SQL injection vulnerability was discovered in the API routes inside the CMS responsible for Filtering DataSets. This allows an authenticated user to to obtain arbitrary data from the Xibo database by injecting specially crafted values in to the API for viewing DataSet data. Users should upgrade to version 3.3.12 or 4.0.14 which fix this issue. \nSeverity: 4.9 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-30T19:05:23.000000Z"}, {"uuid": "baa7fb67-29a6-4504-9a2e-838eb087415b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41809", "type": "seen", "source": "https://t.me/cvedetector/1653", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41809 - OpenObserve Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-41809 \nPublished : July 25, 2024, 9:15 p.m. | 18\u00a0minutes ago \nDescription : OpenObserve is an open-source observability platform. Starting in version 0.4.4 and prior to version 0.10.0, OpenObserve contains a cross-site scripting vulnerability in line 32 of `openobserve/web/src/views/MemberSubscription.vue`. Version 0.10.0 sanitizes incoming html. \nSeverity: 7.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-25T23:36:32.000000Z"}, {"uuid": "fa32bde1-4926-4b35-8233-eab529fa2327", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41800", "type": "seen", "source": "https://t.me/cvedetector/1635", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41800 - Craft CMS TOTP Token Reuse Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-41800 \nPublished : July 25, 2024, 5:15 p.m. | 56\u00a0minutes ago \nDescription : Craft is a content management system (CMS). Craft CMS 5 allows reuse of TOTP tokens multiple times within the validity period. An attacker is able to re-submit a valid TOTP token to establish an authenticated session. This requires that the attacker has knowledge of the victim's credentials. This has been patched in Craft 5.2.3. \nSeverity: 4.8 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-25T20:15:43.000000Z"}, {"uuid": "c06caf6f-b19a-4fba-b264-c049b8fae781", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41801", "type": "seen", "source": "https://t.me/cvedetector/1634", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41801 - OpenProject Host Header Redirection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-41801 \nPublished : July 25, 2024, 5:15 p.m. | 56\u00a0minutes ago \nDescription : OpenProject is open source project management software. Prior to version 14.3.0, using a forged HOST header in the default configuration of packaged installations and using the \"Login required\" setting, an attacker could redirect to a remote host to initiate a phishing attack against an OpenProject user's account. This vulnerability affects default packaged installation of OpenProject without any additional configuration or modules on Apache (such as mod_security, manually setting a host name, having a fallthrough VirtualHost). It might also affect other installations that did not take care to fix the HOST/X-Forwarded-Host headers. Version 14.3.0 includes stronger protections for the hostname from within the application using the HostAuthorization middleware of Rails to reject any requests with a host name that does not match the configured one. Also, all generated links by the application are now ensured to use the built-in hostname. Users who aren't able to upgrade immediately may use mod_security for Apache2 or manually fix the Host and X-Forwarded-Host headers in their proxying application before reaching the application server of OpenProject. Alternatively, they can manually apply the patch to opt-in to host header protections in previous versions of OpenProject. \nSeverity: 4.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-25T20:15:42.000000Z"}, {"uuid": "9b9fc65d-b6e6-4bf5-b99f-5841e930c82e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41804", "type": "seen", "source": "https://t.me/cvedetector/2043", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41804 - Xibo CMS SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-41804 \nPublished : July 30, 2024, 4:15 p.m. | 42\u00a0minutes ago \nDescription : Xibo is a content management system (CMS). An SQL injection vulnerability was discovered in the API route inside the CMS responsible for Adding/Editing DataSet Column Formulas. This allows an authenticated user to to obtain and modify arbitrary data from the Xibo database by injecting specially crafted values in to the `formula` parameter. Users should upgrade to version 3.3.12 or 4.0.14 which fix this issue. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-30T19:05:19.000000Z"}, {"uuid": "4c05a212-fc0a-4c55-9c5c-bd32a051bafa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-41802", "type": "seen", "source": "https://t.me/cvedetector/2045", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-41802 - Xibo Content Management System SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-41802 \nPublished : July 30, 2024, 4:15 p.m. | 42\u00a0minutes ago \nDescription : Xibo is a content management system (CMS). An SQL injection vulnerability was discovered in the API routes inside the CMS responsible for Filtering DataSets. This allows an authenticated user to to obtain and modify arbitrary data from the Xibo database by injecting specially crafted values in to the APIs for importing JSON and importing a Layout containing DataSet data.  \nUsers should upgrade to version 3.3.12 or 4.0.14 which fix this issue \nSeverity: 8.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"30 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-30T19:05:24.000000Z"}]}