{"vulnerability": "cve-2024-1123", "sightings": [{"uuid": "e5ae6d1d-1c4d-4569-a76c-03fee1fbc770", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11237", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113486862928862557", "content": "", "creation_timestamp": "2024-11-15T12:01:43.263313Z"}, {"uuid": "9ca9da3d-fbc6-4768-a55d-b93c22e6e43b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11239", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113487222735176676", "content": "", "creation_timestamp": "2024-11-15T13:33:13.500976Z"}, {"uuid": "acb5a12b-6436-48cb-a107-fddff226fa09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11231", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113532027843549158", "content": "", "creation_timestamp": "2024-11-23T11:27:45.662936Z"}, {"uuid": "640bef43-4234-4727-a77f-d70f9757ddb9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11233", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113535421553290812", "content": "", "creation_timestamp": "2024-11-24T01:50:49.095452Z"}, {"uuid": "edd88443-ae1a-41b5-9305-cb6f7bbc0b50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11236", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/113536885286714905", "content": "", "creation_timestamp": "2024-11-24T08:03:03.767734Z"}, {"uuid": "fe3e3030-f119-4e36-ab00-ea7a6e296248", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11230", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113700268905676956", "content": "", "creation_timestamp": "2024-12-23T04:33:40.081222Z"}, {"uuid": "08c5d7f5-dfd7-499c-bed4-190f4f9bfe22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11230", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldx6escxdn2z", "content": "", "creation_timestamp": "2024-12-23T05:15:26.292580Z"}, {"uuid": "e9de1d33-1532-4b9a-8395-8005fc0c1f40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11235", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/114162482090787141", "content": "", "creation_timestamp": "2025-03-14T19:40:33.551765Z"}, {"uuid": "0404a7d1-7ea7-4b01-9d2e-9dca0a5c5ea3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11235", "type": "seen", "source": "https://bsky.app/profile/buherator.bsky.social/post/3lkea5pding2d", "content": "", "creation_timestamp": "2025-03-14T18:23:02.022812Z"}, {"uuid": "0b43fe48-dac3-4688-a312-12ad8f94aee1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11235", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114281067875557615", "content": "", "creation_timestamp": "2025-04-04T18:18:29.461606Z"}, {"uuid": "c8e4d935-8805-4645-84c1-1b68d4913b7a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11235", "type": "seen", "source": "https://infosec.exchange/users/cR0w/statuses/114281067875557615", "content": "", "creation_timestamp": "2025-04-04T18:18:29.464089Z"}, {"uuid": "5cf3ddeb-d7f8-41c0-9039-962ece7441f0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11235", "type": "seen", "source": "https://bsky.app/profile/cyberalerts.bsky.social/post/3llz2vq5va42p", "content": "", "creation_timestamp": "2025-04-04T18:40:11.874474Z"}, {"uuid": "191986bb-3139-4212-9e6d-2525d21d0f70", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11235", "type": "seen", "source": "https://bsky.app/profile/cerb.ai/post/3lme5hlwzfh2z", "content": "", "creation_timestamp": "2025-04-09T04:25:16.807287Z"}, {"uuid": "32991ed5-ae93-4bcb-b13d-08b2a1cddf19", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11238", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-06-02)", "content": "", "creation_timestamp": "2025-06-02T00:00:00.000000Z"}, {"uuid": "c7c7be6d-8cc6-47db-8b61-9f255ff3efcd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11238", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lowe3u23k52k", "content": "", "creation_timestamp": "2025-05-11T21:02:17.732258Z"}, {"uuid": "685e4a4a-9039-43b9-8871-7cd462a28438", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11237", "type": "seen", "source": "https://bsky.app/profile/nimblenerd.social/post/3lp2lb2enry2s", "content": "", "creation_timestamp": "2025-05-13T13:21:07.235820Z"}, {"uuid": "fcab61aa-cc59-4fc2-b5af-0c98d902befe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11237", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3lp5vio7vcs2w", "content": "", "creation_timestamp": "2025-05-14T21:02:24.008455Z"}, {"uuid": "a020c89e-a9a7-4e34-a1da-ffffcc8bfb43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11238", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-06-01)", "content": "", "creation_timestamp": "2025-06-01T00:00:00.000000Z"}, {"uuid": "834d72cc-cb1f-4c86-938c-3f62cca4ef63", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11238", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2025-09-12)", "content": "", "creation_timestamp": "2025-09-12T00:00:00.000000Z"}, {"uuid": "f1409bb2-f67c-4289-b405-1893bdadc9c5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11238", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3m4jermz2aa2e", "content": "", "creation_timestamp": "2025-10-31T21:02:46.122139Z"}, {"uuid": "ab197fab-6af1-4f3b-b734-50a771e42c38", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11238", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2025-11-12)", "content": "", "creation_timestamp": "2025-11-12T00:00:00.000000Z"}, {"uuid": "dedfd2a4-635c-431d-b124-c7204c8caf0f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11238", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-03-09)", "content": "", "creation_timestamp": "2026-03-09T00:00:00.000000Z"}, {"uuid": "78d44604-27ff-4175-9590-43b62fa5d989", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11238", "type": "exploited", "source": "The Shadowserver (honeypot/exploited-vulnerabilities) - (2026-02-16)", "content": "", "creation_timestamp": "2026-02-16T00:00:00.000000Z"}, {"uuid": "85e96951-13db-4e0a-91fc-ba06327b214b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11238", "type": "seen", "source": "The Shadowserver (honeypot/common-vulnerabilities) - (2026-04-04)", "content": "", "creation_timestamp": "2026-04-04T00:00:00.000000Z"}, {"uuid": "500fe6c2-8ba2-4883-9b16-f57642085e59", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11230", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/3410", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-11230\n\ud83d\udd25 CVSS Score: 6.2 (CVSS_V3)\n\ud83d\udd39 Description: The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018size\u2019 parameter in all versions up to, and including, 1.6.46 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.\n\ud83d\udccf Published: 2024-12-23T06:30:45Z\n\ud83d\udccf Modified: 2025-01-29T21:31:24Z\n\ud83d\udd17 References:\n1. https://nvd.nist.gov/vuln/detail/CVE-2024-11230\n2. https://plugins.trac.wordpress.org/browser/header-footer-elementor/tags/1.6.46/inc/widgets-manager/widgets/class-page-title.php#L516\n3. https://plugins.trac.wordpress.org/changeset/3194764\n4. https://www.wordfence.com/threat-intel/vulnerabilities/id/0d82c866-5b35-414e-bd72-30530930d5d8?source=cve", "creation_timestamp": "2025-01-29T22:11:00.000000Z"}, {"uuid": "ff6867b8-6e8d-45c7-9da8-62bc0f53f82b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11235", "type": "seen", "source": "https://t.me/cvedetector/22168", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11235 - Apache PHP Use-After-Free Remote Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-11235 \nPublished : April 4, 2025, 6:15 p.m. | 1\u00a0hour, 46\u00a0minutes ago \nDescription : In PHP versions 8.3.* before 8.3.19 and 8.4.* before 8.4.5, a code sequence involving __set handler or ??=\u00a0\u00a0operator and exceptions can lead to a use-after-free vulnerability. If the third party can control the memory layout leading to this, for example by supplying specially crafted inputs to the script, it could lead to remote code execution. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-04T22:12:42.000000Z"}, {"uuid": "01ac1229-2704-4e93-a0fa-c121b48ff289", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11230", "type": "seen", "source": "https://t.me/cvedetector/13531", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11230 - Elementor Header & Footer Builder Stored Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-11230 \nPublished : Dec. 23, 2024, 5:15 a.m. | 19\u00a0minutes ago \nDescription : The Elementor Header & Footer Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the \u2018size\u2019 parameter in all versions up to, and including, 1.6.46 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. \nSeverity: 6.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-23T06:37:54.000000Z"}, {"uuid": "9abc3922-e464-4a6b-875b-260d24aa1a2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11239", "type": "seen", "source": "https://t.me/cvedetector/11078", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11239 - Landray EKP Remote Path Traversal Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-11239 \nPublished : Nov. 15, 2024, 2:15 p.m. | 30\u00a0minutes ago \nDescription : A vulnerability has been found in Landray EKP up to 16.0 and classified as critical. This vulnerability affects the function deleteFile of the file /sys/common/import.do?method=deleteFile of the component API Interface. The manipulation of the argument folder leads to path traversal. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-15T15:46:25.000000Z"}, {"uuid": "44655df9-8eb2-4983-a8fd-a126bf6c7096", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11238", "type": "seen", "source": "https://t.me/cvedetector/11076", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11238 - Landray EKP Remote Path Traversal Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-11238 \nPublished : Nov. 15, 2024, 1:15 p.m. | 39\u00a0minutes ago \nDescription : A vulnerability, which was classified as critical, was found in Landray EKP up to 16.0. This affects the function delPreviewFile of the file /sys/ui/sys_ui_component/sysUiComponent.do?method=delPreviewFile. The manipulation of the argument directoryPath leads to path traversal. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-15T14:56:13.000000Z"}, {"uuid": "8d3e4abb-18d7-489c-9e42-82b6dc89c5f2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11237", "type": "seen", "source": "https://t.me/cvedetector/11075", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-11237 - \"TP-Link DHCP DISCOVER Packet Parser Stack-Based Buffer Overflow Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-11237 \nPublished : Nov. 15, 2024, 12:15 p.m. | 38\u00a0minutes ago \nDescription : A vulnerability, which was classified as critical, has been found in TP-Link VN020 F3v(T) TT_V6.2.1021. Affected by this issue is some unknown functionality of the component DHCP DISCOVER Packet Parser. The manipulation of the argument hostname leads to stack-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 7.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"15 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-15T14:06:04.000000Z"}, {"uuid": "b46f6dcd-6e8a-4fe0-a514-b2a05ef79860", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11230", "type": "seen", "source": "Telegram/G9oQ8iWPrK2HshdE9efn05sTRX793Y0DkyVyxKc2E2P-R-Cn", "content": "", "creation_timestamp": "2025-01-30T02:17:48.000000Z"}, {"uuid": "644d0332-2ab1-43c1-b6bb-97f75de3ff22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11234", "type": "published-proof-of-concept", "source": "https://t.me/Leak_DBMS/1523", "content": "\ud83d\udee1PHP\nAffected versions\n< 8.1.31\n< 8.2.26\n< 8.3.14\nConfiguring a proxy in a stream context might allow for CRLF injection in URIs (CVE-2024-11234)\n\ud83d\udca5https://github.com/php/php-src/security/advisories/GHSA-c5f2-jwm7-mmq2\n\ud83d\udd16@Leak_DBMS", "creation_timestamp": "2024-11-26T21:49:35.000000Z"}, {"uuid": "0351f2d8-5642-455b-a843-2da2136a4726", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1123", "type": "seen", "source": "https://t.me/ctinow/203818", "content": "https://ift.tt/rafXhCJ\nCVE-2024-1123", "creation_timestamp": "2024-03-09T08:26:50.000000Z"}, {"uuid": "3113bb39-55ad-4f29-b110-16d26a9a45bb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1123", "type": "seen", "source": "https://t.me/ctinow/203812", "content": "https://ift.tt/rafXhCJ\nCVE-2024-1123", "creation_timestamp": "2024-03-09T08:26:42.000000Z"}, {"uuid": "2a2ded6b-4eb6-4baf-a0a7-e7e1536577ab", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11238", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/0b5ffc29-7db3-4fff-98a7-33fe581e72a5", "content": "", "creation_timestamp": "2026-06-19T12:46:12.996446Z"}, {"uuid": "1d8d103d-59db-47a0-adda-b66f99fbd4f6", "vulnerability_lookup_origin": "caeb2787-0d58-4236-9039-7c86c3e566f3", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-11238", "type": "exploited", "source": "https://vulnerability.circl.lu/known-exploited-vulnerabilities-catalog/893f37ee-a2fe-4840-91ea-0700fb8e64a3", "content": "", "creation_timestamp": "2026-06-23T14:03:59.758450Z"}]}