{"vulnerability": "CVE-2024-4276", "sightings": [{"uuid": "e5b41295-467e-4c0f-8275-cbc6a44b370c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4276", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lhult7wcjm2c", "content": "", "creation_timestamp": "2025-02-11T02:18:56.028075Z"}, {"uuid": "4d55c943-b481-4000-b6ec-4fd1ea46fb38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42761", "type": "seen", "source": "https://t.me/cvedetector/3961", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42761 - Kashipara Bus Ticket Reservation System Stored XSS\", \n  \"Content\": \"CVE ID : CVE-2024-42761 \nPublished : Aug. 22, 2024, 9:15 p.m. | 18\u00a0minutes ago \nDescription : A Stored Cross Site Scripting (XSS) vulnerability was found in \"/admin_schedule.php\" in Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via scheduleDurationPHP parameter. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-22T23:34:17.000000Z"}, {"uuid": "b28385a2-0419-4d08-b712-9773cb002e65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42760", "type": "seen", "source": "https://t.me/cvedetector/5409", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42760 - Ellevo SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-42760 \nPublished : Sept. 11, 2024, 7:15 p.m. | 38\u00a0minutes ago \nDescription : SQL Injection vulnerability in Ellevo v.6.2.0.38160 allows a remote attacker to obtain sensitive information via the /api/mob/instrucao/conta/destinatarios component. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"11 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-11T22:03:29.000000Z"}, {"uuid": "9ad70d9a-7093-450d-8cf5-4a5e1ec9d835", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42766", "type": "seen", "source": "https://t.me/cvedetector/3995", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42766 - \"Kashipara Bus Ticket Reservation System Authentication Bypass\"\", \n  \"Content\": \"CVE ID : CVE-2024-42766 \nPublished : Aug. 23, 2024, 3:15 p.m. | 34\u00a0minutes ago \nDescription : Kashipara Bus Ticket Reservation System v1.0 0 is vulnerable to Incorrect Access Control via /deleteTicket.php. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-23T17:58:05.000000Z"}, {"uuid": "ea552d0a-c6ca-422f-b4a5-1352efd5b225", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42764", "type": "seen", "source": "https://t.me/cvedetector/4002", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42764 - Kashipara Bus Ticket Reservation System CSRF afectation\", \n  \"Content\": \"CVE ID : CVE-2024-42764 \nPublished : Aug. 23, 2024, 3:15 p.m. | 34\u00a0minutes ago \nDescription : Kashipara Bus Ticket Reservation System v1.0 is vulnerable to Cross Site Request Forgery (CSRF) via /deleteTicket.php. \nSeverity: 9.4 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-23T17:58:14.000000Z"}, {"uuid": "e8842646-1518-4c16-9a38-3035480c2fc6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42767", "type": "seen", "source": "https://t.me/cvedetector/3946", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42767 - Kashipara Hotel Management System File Upload Remote Code Execution\", \n  \"Content\": \"CVE ID : CVE-2024-42767 \nPublished : Aug. 22, 2024, 6:15 p.m. | 39\u00a0minutes ago \nDescription : Kashipara Hotel Management System v1.0 is vulnerable to Unrestricted File Upload RCE via /admin/add_room_controller.php. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-22T21:03:38.000000Z"}, {"uuid": "5ff2e0d4-e5b0-4f1b-a259-a65f14ac4902", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42765", "type": "seen", "source": "https://t.me/cvedetector/3999", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42765 - Kashipara Bus Ticket Reservation System SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42765 \nPublished : Aug. 23, 2024, 3:15 p.m. | 34\u00a0minutes ago \nDescription : A SQL injection vulnerability in \"/login.php\" of the Kashipara Bus Ticket Reservation System v1.0 allows remote attackers to execute arbitrary SQL commands and bypass Login via the \"email\" or \"password\" Login page parameters. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-23T17:58:11.000000Z"}, {"uuid": "d0feee26-a6ac-4758-a12f-1381923975da", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42768", "type": "seen", "source": "https://t.me/cvedetector/3943", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42768 - Kashipara Hotel Management System CSRF Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42768 \nPublished : Aug. 22, 2024, 5:15 p.m. | 39\u00a0minutes ago \nDescription : A Cross-Site Request Forgery (CSRF) vulnerability was found in Kashipara Hotel Management System v1.0 via /admin/delete_room.php. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-22T20:13:29.000000Z"}, {"uuid": "09e1f98b-c4bd-4e1c-8153-76f95f13d5e4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42762", "type": "seen", "source": "https://t.me/cvedetector/3960", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42762 - A Stored Cross Site Scripting (XSS) vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42762 \nPublished : Aug. 22, 2024, 9:15 p.m. | 18\u00a0minutes ago \nDescription : A Stored Cross Site Scripting (XSS) vulnerability was found in \"/history.php\" in Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via the Name, Phone, and Email parameter fields. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-22T23:34:13.000000Z"}, {"uuid": "ad235203-9681-4735-8b55-54df2bb8d4b4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42763", "type": "seen", "source": "https://t.me/cvedetector/3957", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42763 - Kashipara Bus Ticket Reservation System Reflected XSS\", \n  \"Content\": \"CVE ID : CVE-2024-42763 \nPublished : Aug. 22, 2024, 9:15 p.m. | 18\u00a0minutes ago \nDescription : A Reflected Cross Site Scripting (XSS) vulnerability was found in the \"/schedule.php\" page of the Kashipara Bus Ticket Reservation System v1.0, which allows remote attackers to execute arbitrary code via the \"bookingdate\" parameter. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-22T23:34:11.000000Z"}, {"uuid": "b120aa50-1f94-4bcf-a7b2-39b68d9f7673", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42769", "type": "seen", "source": "https://t.me/cvedetector/3932", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42769 - Kashipara Hotel Management System Reflected Cross Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2024-42769 \nPublished : Aug. 22, 2024, 4:15 p.m. | 39\u00a0minutes ago \nDescription : A Reflected Cross Site Scripting (XSS) vulnerability was found in \"/core/signup_user.php \" of Kashipara Hotel Management System v1.0, which allows remote attackers to execute arbitrary code via \"user_fname\" and \"user_lname\" parameters. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-22T19:23:10.000000Z"}]}