{"vulnerability": "CVE-2024-1267", "sightings": [{"uuid": "e84aeb4c-5903-44ca-a5dd-c09da6527968", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12677", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldqv7hruto2s", "content": "", "creation_timestamp": "2024-12-20T17:15:25.394906Z"}, {"uuid": "1cdf83d2-2045-4372-ae54-dfe99b29e25b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12678", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldpcwibgf52z", "content": "", "creation_timestamp": "2024-12-20T02:15:37.647890Z"}, {"uuid": "ee5ec356-6002-4f37-8320-53db40b2a41e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12677", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-24-1721/", "content": "", "creation_timestamp": "2024-12-20T05:00:00.000000Z"}, {"uuid": "8018b686-f454-42c5-91f3-2bd25fd47d22", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12672", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113681515099631420", "content": "", "creation_timestamp": "2024-12-19T21:04:19.763399Z"}, {"uuid": "b7c222c5-4731-464d-b382-061ce561d237", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12671", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-24-1702/", "content": "", "creation_timestamp": "2024-12-19T05:00:00.000000Z"}, {"uuid": "3bd0a55a-8737-4eec-a5ef-b8f2367eb92b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12670", "type": "seen", "source": "http://www.zerodayinitiative.com/advisories/ZDI-24-1701/", "content": "", "creation_timestamp": "2024-12-19T05:00:00.000000Z"}, {"uuid": "eb5aa883-a7b8-4df2-8407-b7b1a1c261a3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12677", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-354-03", "content": "", "creation_timestamp": "2024-12-19T11:00:00.000000Z"}, {"uuid": "365201ae-3fd5-485f-8fb9-d1fa4311f90a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12672", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3ldos5vx2y323", "content": "", "creation_timestamp": "2024-12-19T21:15:34.085078Z"}, {"uuid": "eb24ef7f-6af3-4a90-8b13-3e8311f842bd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12677", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113686169757160018", "content": "", "creation_timestamp": "2024-12-20T16:48:04.324701Z"}, {"uuid": "e1b443e1-452b-4b48-920f-e0bf4e1e5af4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12678", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113682658072893365", "content": "", "creation_timestamp": "2024-12-20T01:55:00.078606Z"}, {"uuid": "e7da9d64-8778-4eec-bee0-bc6eb426568e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12673", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113992836082663405", "content": "", "creation_timestamp": "2025-02-12T20:37:20.926904Z"}, {"uuid": "63e4c6fa-cda3-4372-a5c0-0ea01254a600", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12673", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lhzgfao4wj24", "content": "", "creation_timestamp": "2025-02-13T00:25:03.552476Z"}, {"uuid": "181303e9-881a-4d54-a0a1-cdda90ec1abd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12677", "type": "seen", "source": "https://t.me/cvedetector/13450", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12677 - Delta Electronics DTM Soft Remote Code Execution\", \n  \"Content\": \"CVE ID : CVE-2024-12677 \nPublished : Dec. 20, 2024, 5:15 p.m. | 42\u00a0minutes ago \nDescription : Delta Electronics DTM Soft deserializes objects, which could allow an attacker to execute arbitrary code. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-20T19:15:39.000000Z"}, {"uuid": "2fbe28be-a9f6-4f59-b334-a6a1ad9b3f71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1267", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/13259", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-1267\n\ud83d\udd25 CVSS Score: 3.5 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N)\n\ud83d\udd39 Description: A vulnerability, which was classified as problematic, has been found in CodeAstro Restaurant POS System 1.0. Affected by this issue is some unknown functionality of the file create_account.php. The manipulation of the argument Full Name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-253010 is the identifier assigned to this vulnerability.\n\ud83d\udccf Published: 2024-02-07T01:00:08.559Z\n\ud83d\udccf Modified: 2025-04-24T15:58:53.648Z\n\ud83d\udd17 References:\n1. https://vuldb.com/?id.253010\n2. https://vuldb.com/?ctiid.253010\n3. https://drive.google.com/drive/folders/18N_20KuGPjrBbvOMSfbvBIc1sMKyycH3?usp=sharing", "creation_timestamp": "2025-04-24T16:06:38.000000Z"}, {"uuid": "7d7ef0cb-3229-4495-8223-7ecf32c84d12", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12679", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/17066", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-12679\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: The Prisna GWT  WordPress plugin before 1.4.14 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).\n\ud83d\udccf Published: 2025-05-15T20:06:53.369Z\n\ud83d\udccf Modified: 2025-05-20T19:32:51.031Z\n\ud83d\udd17 References:\n1. https://wpscan.com/vulnerability/7ca1438f-4269-4e34-be4a-766276a9f016/", "creation_timestamp": "2025-05-20T19:43:08.000000Z"}, {"uuid": "c6680040-7b44-48fc-b8da-b9f17180dcfe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12678", "type": "seen", "source": "https://t.me/cvedetector/13395", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12678 - Nomad Privilege Escalation Through Unredacted Tokens\", \n  \"Content\": \"CVE ID : CVE-2024-12678 \nPublished : Dec. 20, 2024, 2:15 a.m. | 40\u00a0minutes ago \nDescription : Nomad Community and Nomad Enterprise (\"Nomad\") allocations are vulnerable to privilege escalation within a namespace through unredacted workload identity tokens. This vulnerability, identified as CVE-2024-12678, is fixed in Nomad Community Edition 1.9.4 and Nomad Enterprise 1.9.4, 1.8.8, and 1.7.16. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-20T04:12:03.000000Z"}, {"uuid": "f8c7c6dc-f99d-4a04-ad89-abfebb88ab86", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12672", "type": "seen", "source": "https://t.me/cvedetector/13378", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12672 - \"Rockwell Automation Arena Write-What-You-Please Memory Corruption Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-12672 \nPublished : Dec. 19, 2024, 9:15 p.m. | 40\u00a0minutes ago \nDescription : A third-party vulnerability exists in the Rockwell Automation\u00a0Arena\u00ae\u00a0that could allow a threat actor to write beyond the boundaries of allocated memory in a DOE file. If exploited, a threat actor could leverage this vulnerability to execute arbitrary code. To exploit this vulnerability, a legitimate user must execute the malicious code crafted by the threat actor. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"19 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-19T23:11:04.000000Z"}, {"uuid": "e3f28f98-764c-4c66-bb33-606993f1209b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12670", "type": "seen", "source": "https://t.me/cvedetector/13101", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12670 - Autodesk Navisworks Heap-based Overflow Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12670 \nPublished : Dec. 17, 2024, 4:15 p.m. | 19\u00a0minutes ago \nDescription : A maliciously crafted DWF file, when parsed through Autodesk Navisworks, can be used to cause a Heap-based Overflow vulnerability. A malicious actor can leverage this vulnerability to cause a crash, read sensitive data, or execute arbitrary code in the context of the current process. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-17T17:36:46.000000Z"}, {"uuid": "1dcf229c-4abf-48d5-a49e-0a2646f13eac", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-12671", "type": "seen", "source": "https://t.me/cvedetector/13100", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-12671 - Autodesk Navisworks Out-of-Bounds Write Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-12671 \nPublished : Dec. 17, 2024, 4:15 p.m. | 19\u00a0minutes ago \nDescription : A maliciously crafted DWFX file, when parsed through Autodesk Navisworks, can force an Out-of-Bounds Write vulnerability. A malicious actor can leverage this vulnerability to cause a crash, cause data corruption, or execute arbitrary code in the context of the current process. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-17T17:36:45.000000Z"}, {"uuid": "560dec97-54e0-4c3f-8678-95bf9528dee4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1267", "type": "seen", "source": "https://t.me/ctinow/197436", "content": "https://ift.tt/4xCLiOQ\nCVE-2024-1267 | CodeAstro Restaurant POS System 1.0 create_account.php Full Name cross site scripting", "creation_timestamp": "2024-03-01T09:41:40.000000Z"}, {"uuid": "d72378ae-56d6-4c1d-bff7-aa982d1e2e0e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-1267", "type": "seen", "source": "https://t.me/ctinow/180476", "content": "https://ift.tt/urvyX5x\nCVE-2024-1267", "creation_timestamp": "2024-02-07T02:32:04.000000Z"}]}