{"vulnerability": "CVE-2024-1223", "sightings": [{"uuid": "f72ed51d-3d64-4dfa-9478-c143c24cd2a0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12231", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113601083833671259", "content": "", "creation_timestamp": "2024-12-05T16:09:36.017479Z"}, {"uuid": "3b28a5fd-d08b-4e6d-8e3d-c1e84c3bdd9b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12232", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113601083848167280", "content": "", "creation_timestamp": "2024-12-05T16:09:36.263088Z"}, {"uuid": "1e0d201a-8b1e-4032-8695-5b742796da2a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12233", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113601182484335124", "content": "", "creation_timestamp": "2024-12-05T16:34:41.276511Z"}, {"uuid": "e763378e-0e76-4ebc-a1df-190841db4f65", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12234", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113601319911708874", "content": "", "creation_timestamp": "2024-12-05T17:09:38.407807Z"}, {"uuid": "c46241f5-ae76-49b5-b84b-f194ff9b2c74", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12235", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113601431917341690", "content": "", "creation_timestamp": "2024-12-05T17:38:07.862961Z"}, {"uuid": "dbe2bf95-761d-4998-a010-e2a46780a0d9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12230", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113600710829480734", "content": "", "creation_timestamp": "2024-12-05T14:34:44.612576Z"}, {"uuid": "e911dbaa-e255-49d1-95e2-3998b3bfb39c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12236", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113629164313708186", "content": "", "creation_timestamp": "2024-12-10T15:10:50.118738Z"}, {"uuid": "afe56e3a-a9d6-4025-95b1-dfa27069215b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12239", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113665755575744452", "content": "", "creation_timestamp": "2024-12-17T02:16:28.510381Z"}, {"uuid": "fb45acee-c48a-4228-a0c6-c1f620688c80", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12238", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113734444255228215", "content": "", "creation_timestamp": "2024-12-29T05:24:54.668953Z"}, {"uuid": "ce19974b-a559-4ef0-a284-75cba527a372", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12238", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3legejfwid325", "content": "", "creation_timestamp": "2024-12-29T06:15:19.610695Z"}, {"uuid": "48297c1a-27d6-4032-be86-eeb0fa5de0e0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12237", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113766784501508927", "content": "", "creation_timestamp": "2025-01-03T22:29:29.148339Z"}, {"uuid": "6d990593-bf05-433f-bb80-c221e199745a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12238", "type": "seen", "source": "https://t.me/cvedetector/13854", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12238 - Ninja Forms WordPress Unauthorized Shortcode Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12238 \nPublished : Dec. 29, 2024, 6:15 a.m. | 42\u00a0minutes ago \nDescription : The The Ninja Forms \u2013 The Contact Form Builder That Grows With You plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 3.8.22. This is due to the software allowing users to execute an action that does not properly validate a value before running do_shortcode. This makes it possible for authenticated attackers, with Subscriber-level access and above, to execute arbitrary shortcodes. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-29T08:10:37.000000Z"}, {"uuid": "1ce85699-8405-44b7-aaed-6c9bdc9e5bbb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12237", "type": "seen", "source": "https://t.me/cvedetector/14251", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12237 - WordPress Photo Gallery Slideshow & Masonry Tiled Gallery SSRF Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12237 \nPublished : Jan. 3, 2025, 11:15 p.m. | 40\u00a0minutes ago \nDescription : The Photo Gallery Slideshow & Masonry Tiled Gallery plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 1.0.15 via the rjg_get_youtube_info_justified_gallery_callback function. This makes it possible for authenticated attackers, with Subscriber-level access and above, to make web requests to arbitrary locations originating from the web application and can be used to retrieve limited information from internal services. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-04T01:23:01.000000Z"}, {"uuid": "5746150e-cae4-46d3-bfb2-f5e32c48cd26", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12239", "type": "seen", "source": "https://t.me/cvedetector/13063", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12239 - \"Beaver Builder PowerPack Lite Cross-Site Scripting\"\", \n  \"Content\": \"CVE ID : CVE-2024-12239 \nPublished : Dec. 17, 2024, 3:15 a.m. | 37\u00a0minutes ago \nDescription : The PowerPack Lite for Beaver Builder plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the navigate parameter in all versions up to, and including, 1.3.0.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick an administrative user into performing an action such as clicking on a link. \nSeverity: 6.1 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-17T05:04:48.000000Z"}, {"uuid": "d644849c-16e9-46f3-8fd4-9d3642d64eab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12236", "type": "seen", "source": "https://t.me/cvedetector/12514", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12236 - \"Google Cloud Vertex Gemini API VPC-SC File URI Exfiltration\"\", \n  \"Content\": \"CVE ID : CVE-2024-12236 \nPublished : Dec. 10, 2024, 3:15 p.m. | 42\u00a0minutes ago \nDescription : A security issue exists in Vertex Gemini API for customers using VPC-SC. By utilizing a custom crafted file URI for image input, data exfiltration is possible due to requests being routed outside the VPC-SC security perimeter, circumventing the intended security restrictions of VPC-SC.  \n  \nNo further fix actions are needed. Google Cloud Platform implemented a fix to return an error message when a media file URL is specified in the fileUri parameter and VPC Service Controls is enabled. Other use cases are unaffected. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"10 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-10T17:28:33.000000Z"}, {"uuid": "a3a48f61-276c-4e87-b57e-de02d289a64b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12231", "type": "seen", "source": "https://t.me/cvedetector/12121", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12231 - A vulnerability, which was classified as critical,\", \n  \"Content\": \"CVE ID : CVE-2024-12231 \nPublished : Dec. 5, 2024, 4:15 p.m. | 35\u00a0minutes ago \nDescription : A vulnerability, which was classified as critical, was found in CodeZips Project Management System 1.0. This affects an unknown part of the file /index.php. The manipulation of the argument email leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-05T17:52:23.000000Z"}, {"uuid": "5d6e1358-aeb4-4bd4-99d3-5b5b11ddab50", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1223", "type": "seen", "source": "https://t.me/ctinow/207430", "content": "https://ift.tt/37kW1CF\nCVE-2024-1223", "creation_timestamp": "2024-03-14T04:26:44.000000Z"}, {"uuid": "642c0ac9-004b-4c44-a1f5-627ea987fe8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12235", "type": "seen", "source": "https://t.me/cvedetector/12131", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12235 - A vulnerability was found in Shenzhen Dashi Tongzh\", \n  \"Content\": \"CVE ID : CVE-2024-12235 \nPublished : Dec. 5, 2024, 6:15 p.m. | 38\u00a0minutes ago \nDescription : A vulnerability was found in Shenzhen Dashi Tongzhou Information Technology AgileBPM up to 1.0.0. It has been declared as critical. Affected by this vulnerability is the function doFilter of the file \\agile-bpm-basic-master\\ab-auth\\ab-auth-spring-security-oauth2\\src\\main\\java\\com\\dstz\\auth\\filter\\AuthorizationTokenCheckFilter.java. The manipulation leads to improper access controls. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 6.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-05T20:22:53.000000Z"}, {"uuid": "f8455865-fbef-4bd0-8aa1-bd46d6bc5c48", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12234", "type": "seen", "source": "https://t.me/cvedetector/12127", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12234 - A vulnerability was found in 1000 Projects Beauty\", \n  \"Content\": \"CVE ID : CVE-2024-12234 \nPublished : Dec. 5, 2024, 5:15 p.m. | 58\u00a0minutes ago \nDescription : A vulnerability was found in 1000 Projects Beauty Parlour Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /admin/edit-customer-detailed.php. The manipulation of the argument name leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-05T19:32:43.000000Z"}, {"uuid": "afc7242e-3c07-4865-a80e-43ecc51a2a5d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12233", "type": "seen", "source": "https://t.me/cvedetector/12126", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12233 - A vulnerability was found in code-projects Online\", \n  \"Content\": \"CVE ID : CVE-2024-12233 \nPublished : Dec. 5, 2024, 5:15 p.m. | 58\u00a0minutes ago \nDescription : A vulnerability was found in code-projects Online Notice Board up to 1.0 and classified as critical. This issue affects some unknown processing of the file /registration.php of the component Profile Picture Handler. The manipulation of the argument img leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-05T19:32:43.000000Z"}, {"uuid": "9c3a13e2-f437-4e1c-b017-cf235b2002e9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12232", "type": "seen", "source": "https://t.me/cvedetector/12116", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12232 - A vulnerability has been found in code-projects Si\", \n  \"Content\": \"CVE ID : CVE-2024-12232 \nPublished : Dec. 5, 2024, 4:15 p.m. | 35\u00a0minutes ago \nDescription : A vulnerability has been found in code-projects Simple CRUD Functionality 1.0 and classified as problematic. This vulnerability affects unknown code of the file /index.php. The manipulation of the argument newtitle/newdescr leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 3.5 | LOW \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-05T17:52:16.000000Z"}, {"uuid": "2574c5aa-5dd9-4c6a-ba41-5dde5154075d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12230", "type": "seen", "source": "https://t.me/cvedetector/12108", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12230 - A vulnerability, which was classified as critical,\", \n  \"Content\": \"CVE ID : CVE-2024-12230 \nPublished : Dec. 5, 2024, 3:15 p.m. | 40\u00a0minutes ago \nDescription : A vulnerability, which was classified as critical, has been found in PHPGurukul Complaint Management System 1.0. Affected by this issue is some unknown functionality of the file /admin/subcategory.php. The manipulation of the argument category leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"05 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-05T17:02:04.000000Z"}, {"uuid": "656871c0-fbbe-43c7-9cd7-90bec62f5bd1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1223", "type": "seen", "source": "https://t.me/ctinow/207419", "content": "https://ift.tt/37kW1CF\nCVE-2024-1223", "creation_timestamp": "2024-03-14T04:21:49.000000Z"}]}