{"vulnerability": "CVE-2024-4660", "sightings": [{"uuid": "d7ebf7ed-f11b-478b-b021-8d1539e55617", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46601", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113787873583041789", "content": "", "creation_timestamp": "2025-01-07T15:52:41.467762Z"}, {"uuid": "8b99fb67-8969-49d6-8e08-f5c3b33777f9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46602", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113787873598057958", "content": "", "creation_timestamp": "2025-01-07T15:52:41.808159Z"}, {"uuid": "8ab71be4-7b34-4a2a-9421-f64acdbe4374", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46603", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113787873611697876", "content": "", "creation_timestamp": "2025-01-07T15:52:42.083587Z"}, {"uuid": "6bc47eb6-5a69-4793-a195-be343bcb87c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46603", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf62cbcrig2f", "content": "", "creation_timestamp": "2025-01-07T16:16:16.191641Z"}, {"uuid": "5c589285-fca7-47e0-9d42-0583b80d7bc3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46601", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf62c3kkzq2m", "content": "", "creation_timestamp": "2025-01-07T16:16:09.942468Z"}, {"uuid": "7591bfb0-7610-4013-b921-7e40d9d6cacb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46602", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lf62c6k2lo22", "content": "", "creation_timestamp": "2025-01-07T16:16:13.082492Z"}, {"uuid": "f7a2f78a-6465-4f43-82f0-9e2369bce0e8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46603", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/574", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-46603\n\ud83d\udd39 Description: An XML External Entity (XXE) vulnerability in Elspec Engineering G5 Digital Fault Recorder Firmware v1.2.1.12 allows attackers to cause a Denial of Service (DoS) via a crafted XML payload.\n\ud83d\udccf Published: 2025-01-07T00:00:00\n\ud83d\udccf Modified: 2025-01-07T21:03:59.371Z\n\ud83d\udd17 References:\n1. http://elspec.com\n2. http://g5.com\n3. https://www.elspec-ltd.com/support/security-advisories/", "creation_timestamp": "2025-01-07T21:38:29.000000Z"}, {"uuid": "9fb60691-79d9-4ee5-ae5f-913b894b55c4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46601", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/970", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-46601\n\ud83d\udd39 Description: Elspec Engineering G5 Digital Fault Recorder Firmware v1.2.1.12 was discovered to contain a buffer overflow.\n\ud83d\udccf Published: 2025-01-07T00:00:00\n\ud83d\udccf Modified: 2025-01-09T15:46:13.364764Z\n\ud83d\udd17 References:\n1. https://www.elspec-ltd.com/support/security-advisories/", "creation_timestamp": "2025-01-09T16:18:19.000000Z"}, {"uuid": "6edf3aac-9b45-4f0d-a44c-298718419578", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46602", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/969", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-46602\n\ud83d\udd39 Description: An issue was discovered in Elspec G5 digital fault recorder version 1.2.1.12 and earlier. An XML External Entity (XXE) vulnerability may allow an attacker to cause a Denial of Service (DoS) via a crafted XML payload.\n\ud83d\udccf Published: 2025-01-07T00:00:00\n\ud83d\udccf Modified: 2025-01-09T15:46:52.022769Z\n\ud83d\udd17 References:\n1. https://www.elspec-ltd.com/support/security-advisories.", "creation_timestamp": "2025-01-09T16:18:10.000000Z"}, {"uuid": "5f49c432-e8b5-4479-9622-1b7ec3a59368", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46600", "type": "seen", "source": "https://t.me/cvedetector/6330", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46600 - Dingfanzu CMS CSRF Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-46600 \nPublished : Sept. 25, 2024, 4:15 p.m. | 44\u00a0minutes ago \nDescription : dingfanzu CMS 1.0 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/doAdminAction.php?act=delCate&id=31 \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-25T19:21:34.000000Z"}, {"uuid": "e31710c3-8cb0-4b27-bddb-e62a8ebb3d42", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46606", "type": "seen", "source": "https://t.me/cvedetector/8097", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46606 - Piwigo Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-46606 \nPublished : Oct. 16, 2024, 5:15 p.m. | 26\u00a0minutes ago \nDescription : A cross-site scripting (XSS) vulnerability in the component /admin.php?page=photo of Piwigo v14.5.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Description field. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-16T19:44:08.000000Z"}, {"uuid": "91bd8792-77d1-4d6b-9d9c-e30ad6fa9e74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46605", "type": "seen", "source": "https://t.me/cvedetector/8096", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46605 - Piwigo Cross-Site Scripting (XSS) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-46605 \nPublished : Oct. 16, 2024, 5:15 p.m. | 26\u00a0minutes ago \nDescription : A cross-site scripting (XSS) vulnerability in the component /admin.php?page=album of Piwigo v14.5.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Description field. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"16 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-16T19:44:07.000000Z"}, {"uuid": "a164125b-ce0c-45a1-b09a-091d6ab1a78d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4660", "type": "seen", "source": "https://t.me/cvedetector/5504", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-4660 - \"GitLab EE Information Disclosure Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-4660 \nPublished : Sept. 12, 2024, 5:15 p.m. | 32\u00a0minutes ago \nDescription : An issue has been discovered in GitLab EE affecting all versions starting from 11.2 before 17.1.7, all versions starting from 17.2 before 17.2.5, all versions starting from 17.3 before 17.3.2. It was possible for a guest to read the source code of a private project by using group templates. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"12 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-12T19:48:10.000000Z"}]}