{"vulnerability": "CVE-2024-4275", "sightings": [{"uuid": "4f6939b0-5ffc-40c8-a26a-4061f43b9960", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42758", "type": "seen", "source": "https://t.me/cvedetector/3355", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42758 - \"Dokuwiki Indexmenu Plugin Stored XSS\"\", \n  \"Content\": \"CVE ID : CVE-2024-42758 \nPublished : Aug. 16, 2024, 6:15 p.m. | 37\u00a0minutes ago \nDescription : A Cross-site Scripting (XSS) vulnerability exists in version v2024-01-05 of the indexmenu plugin when is used and enabled in Dokuwiki (Open Source Wiki Engine). A malicious attacker can input XSS payloads for example when creating or editing existing page, to trigger the XSS on Dokuwiki, which is then stored in .txt file (due to nature of how Dokuwiki is designed), which presents stored XSS. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-16T21:14:49.000000Z"}, {"uuid": "754fee78-2739-47a9-b24d-a2354421cfe8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42758", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/8269", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aCVE-2024-42758 - Dokuwiki (indexmenu plugin) - XSS Vulnerability\nURL\uff1ahttps://github.com/1s1ldur/CVE-2024-42758\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-08-15T14:02:27.000000Z"}, {"uuid": "cfdd24e4-50f3-4f50-9506-e5dfff35cae3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42757", "type": "seen", "source": "https://t.me/cvedetector/3275", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42757 - Asus RT-N15U Command Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42757 \nPublished : Aug. 15, 2024, 7:15 p.m. | 25\u00a0minutes ago \nDescription : Command injection vulnerability in Asus RT-N15U 3.0.0.4.376_3754 allows a remote attacker to execute arbitrary code via the netstat function page. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-15T21:49:33.000000Z"}, {"uuid": "1be9f08c-a8ee-423c-bb50-d64f8f8397e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42759", "type": "seen", "source": "https://t.me/cvedetector/5125", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42759 - Ellevo Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42759 \nPublished : Sept. 9, 2024, 7:15 p.m. | 40\u00a0minutes ago \nDescription : An issue in Ellevo v.6.2.0.38160 allows a remote attacker to escalate privileges via the /api/usuario/cadastrodesuplente endpoint. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-09T22:20:23.000000Z"}, {"uuid": "e80c7f71-7c5b-41df-b25d-3143e7b076fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42756", "type": "seen", "source": "https://t.me/cvedetector/4010", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42756 - Netgear DGN1000WW Remote Arbitrary Code Execution\", \n  \"Content\": \"CVE ID : CVE-2024-42756 \nPublished : Aug. 23, 2024, 4:15 p.m. | 26\u00a0minutes ago \nDescription : An issue in Netgear DGN1000WW v.1.1.00.45 allows a remote attacker to execute arbitrary code via the Diagnostics page \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-23T18:48:31.000000Z"}, {"uuid": "7971502d-af8c-41e8-b1a3-5a29d9d502cf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42758", "type": "published-proof-of-concept", "source": "https://t.me/CNArsenal/3009", "content": "https://github.com/1s1ldur/CVE-2024-42758\n\nCVE-2024-42758 - Dokuwiki (indexmenu plugin) - XSS Vulnerability\n#github #poc", "creation_timestamp": "2024-08-16T09:11:14.000000Z"}, {"uuid": "201ddfff-e66d-4cb4-98b3-4f1ab4a59882", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42758", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/11001", "content": "#exploit\n1. CVE-2024-42758:\nDokuwiki (indexmenu plugin) XSS\nhttps://github.com/1s1ldur/CVE-2024-42758\n\n2. CVE-2024-36877:\nSMM Memory Corruption in MSI firmware\nhttps://jjensn.com/at-home-in-your-firmware", "creation_timestamp": "2024-08-18T18:04:23.000000Z"}]}