{"vulnerability": "CVE-2024-4277", "sightings": [{"uuid": "dccb2cae-448d-4061-9ee6-84c013707f42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42771", "type": "seen", "source": "https://t.me/cvedetector/3931", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42771 - Kashipara Hotel Management System Stored XSS\", \n  \"Content\": \"CVE ID : CVE-2024-42771 \nPublished : Aug. 22, 2024, 4:15 p.m. | 39\u00a0minutes ago \nDescription : A Stored Cross Site Scripting (XSS) vulnerability was found in \" /admin/edit_room_controller.php\" of the Kashipara Hotel Management System v1.0, which allows remote attackers to execute arbitrary code via \"room_name\" parameter. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-22T19:23:09.000000Z"}, {"uuid": "4d7009d6-52e1-4984-9db1-56151637ffc5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42776", "type": "seen", "source": "https://t.me/cvedetector/3940", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42776 - Kashipara Hotel Management System Unauthenticated Administrative Privilege Escalation\", \n  \"Content\": \"CVE ID : CVE-2024-42776 \nPublished : Aug. 22, 2024, 5:15 p.m. | 39\u00a0minutes ago \nDescription : Kashipara Hotel Management System v1.0 is vulnerable to Incorrect Access Control via /admin/users.php. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-22T20:13:26.000000Z"}, {"uuid": "a45151e5-9a65-4f7d-a3e5-b3be7df55329", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42774", "type": "seen", "source": "https://t.me/cvedetector/3939", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42774 - Kashipara Hotel Management System Unauthorized Data Deletion Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42774 \nPublished : Aug. 22, 2024, 5:15 p.m. | 39\u00a0minutes ago \nDescription : An Incorrect Access Control vulnerability was found in /admin/delete_room.php in Kashipara Hotel Management System v1.0, which allows an unauthenticated attacker to delete valid hotel room entries in the administrator section. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-22T20:13:26.000000Z"}, {"uuid": "0c067bb9-1c0b-4b81-bba6-2521f3b06ab7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42773", "type": "seen", "source": "https://t.me/cvedetector/3945", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42773 - Kashipara Hotel Management System Unauthenticated Room Edit Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42773 \nPublished : Aug. 22, 2024, 6:15 p.m. | 39\u00a0minutes ago \nDescription : An Incorrect Access Control vulnerability was found in /admin/edit_room_controller.php in Kashipara Hotel Management System v1.0, which allows an unauthenticated attacker to edit the valid hotel room entries in the administrator section. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-22T21:03:37.000000Z"}, {"uuid": "5ca729ea-d5f3-4a63-bbdb-49286cdd28dc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42772", "type": "seen", "source": "https://t.me/cvedetector/3942", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42772 - Kashipara Hotel Management System Unauthenticated Access Control Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42772 \nPublished : Aug. 22, 2024, 5:15 p.m. | 39\u00a0minutes ago \nDescription : An Incorrect Access Control vulnerability was found in /admin/rooms.php in Kashipara Hotel Management System v1.0, which allows an unauthenticated attacker to view valid hotel room entries in administrator section. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-22T20:13:28.000000Z"}, {"uuid": "9735e3dc-6572-41eb-81b1-87333c369417", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42775", "type": "seen", "source": "https://t.me/cvedetector/3941", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42775 - Kashipara Hotel Management System Unauthenticated Write-Access Bug\", \n  \"Content\": \"CVE ID : CVE-2024-42775 \nPublished : Aug. 22, 2024, 5:15 p.m. | 39\u00a0minutes ago \nDescription : An Incorrect Access Control vulnerability was found in /admin/add_room_controller.php in Kashipara Hotel Management System v1.0, which allows an unauthenticated attacker to add the valid hotel room entries in the administrator section via the direct URL access. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-22T20:13:27.000000Z"}, {"uuid": "28234489-4327-46bf-bf3f-ca521111547d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42770", "type": "seen", "source": "https://t.me/cvedetector/3929", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42770 - Kashipara Hotel Management System Stored XSS\", \n  \"Content\": \"CVE ID : CVE-2024-42770 \nPublished : Aug. 22, 2024, 4:15 p.m. | 39\u00a0minutes ago \nDescription : A Stored Cross Site Scripting (XSS) vulnerability was found in \"/core/signup_user.php\" of Kashipara Hotel Management System v1.0, which allows remote attackers to execute arbitrary code via the \"user_email\" parameter. \nSeverity: 4.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"22 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-22T19:23:07.000000Z"}, {"uuid": "b8c15c05-e589-454a-8c56-4dc16adfd4ea", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42779", "type": "seen", "source": "https://t.me/cvedetector/3816", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42779 - Kashipara Music Management System File Upload Remote Code Execution\", \n  \"Content\": \"CVE ID : CVE-2024-42779 \nPublished : Aug. 21, 2024, 6:15 p.m. | 23\u00a0minutes ago \nDescription : An Unrestricted file upload vulnerability was found in \"/music/ajax.php?action=save_music\" in Kashipara Music Management System v1.0. This allows attackers to execute arbitrary code via uploading a crafted PHP file. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-21T20:46:03.000000Z"}, {"uuid": "745f8cb8-2dc6-48a3-8d5f-81e831447078", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42777", "type": "seen", "source": "https://t.me/cvedetector/3819", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42777 - Kashipara Music Management System Unrestricted File Upload RCE\", \n  \"Content\": \"CVE ID : CVE-2024-42777 \nPublished : Aug. 21, 2024, 6:15 p.m. | 23\u00a0minutes ago \nDescription : An Unrestricted file upload vulnerability was found in \"/music/ajax.php?action=signup\" of Kashipara Music Management System v1.0, which allows attackers to execute arbitrary code via uploading a crafted PHP file. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-21T20:46:06.000000Z"}, {"uuid": "d4fc908d-2fb4-4d5f-b4f1-d010fb6e84fb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42778", "type": "seen", "source": "https://t.me/cvedetector/3818", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42778 - Kashipara Music Management System PHP File Upload Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42778 \nPublished : Aug. 21, 2024, 6:15 p.m. | 23\u00a0minutes ago \nDescription : An Unrestricted file upload vulnerability was found in \"/music/ajax.php?action=save_playlist\" in Kashipara Music Management System v1.0. This allows attackers to execute arbitrary code via uploading a crafted PHP file. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-21T20:46:05.000000Z"}]}