{"vulnerability": "cve-2024-3061", "sightings": [{"uuid": "91b12d4d-93f8-411f-9e49-211850ea1600", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-30614", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/9204", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-30614\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: An issue in Ametys CMS v4.5.0 and before allows attackers to obtain sensitive information via exposed resources to the error scope.\n\ud83d\udccf Published: 2024-04-12T00:00:00.000Z\n\ud83d\udccf Modified: 2025-03-27T20:09:35.782Z\n\ud83d\udd17 References:\n1. https://github.com/Lucky-lm/CVE-2024-30614/issues/1", "creation_timestamp": "2025-03-27T20:27:22.000000Z"}, {"uuid": "dda017a6-eecf-407e-8224-14e7cfb4bd0c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-30617", "type": "seen", "source": "https://t.me/cvedetector/9781", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-30617 - Chamilo LMS CSRF Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-30617 \nPublished : Nov. 4, 2024, 7:15 p.m. | 38\u00a0minutes ago \nDescription : A Cross-Site Request Forgery (CSRF) vulnerability in Chamilo LMS 1.11.26 \"/main/social/home.php,\" allows attackers to initiate a request that posts a fake post onto the user's social wall without their consent or knowledge. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-04T21:08:10.000000Z"}, {"uuid": "2f01321a-d2f5-492f-9b53-79e99e1cd0dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-30616", "type": "seen", "source": "https://t.me/cvedetector/9780", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-30616 - Chamilo LMS Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-30616 \nPublished : Nov. 4, 2024, 7:15 p.m. | 38\u00a0minutes ago \nDescription : Chamilo LMS 1.11.26 is vulnerable to Incorrect Access Control via main/auth/profile. Non-admin users can manipulate sensitive profiles information, posing a significant risk to data integrity. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-04T21:08:09.000000Z"}, {"uuid": "4dd3c191-aa48-4df5-9d35-d9edc7d82aca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-30619", "type": "seen", "source": "https://t.me/cvedetector/9783", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-30619 - Chamilo LMS Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-30619 \nPublished : Nov. 4, 2024, 7:15 p.m. | 38\u00a0minutes ago \nDescription : Chamilo LMS Version 1.11.26 is vulnerable to Incorrect Access Control. A non-authenticated attacker can request the number of messages and the number of online users via \"/main/inc/ajax/message.ajax.php?a=get_count_message\" AND \"/main/inc/ajax/online.ajax.php?a=get_users_online.\" \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-04T21:08:12.000000Z"}, {"uuid": "146c2816-9ecf-416f-a2ea-955d3aa9c8e5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-30618", "type": "seen", "source": "https://t.me/cvedetector/9782", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-30618 - Chamilo LMS Stored Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-30618 \nPublished : Nov. 4, 2024, 7:15 p.m. | 38\u00a0minutes ago \nDescription : A Stored Cross-Site Scripting (XSS) Vulnerability in Chamilo LMS 1.11.26 allows a remote attacker to execute arbitrary JavaScript in a web browser by including a malicious payload in the 'content' parameter of 'group_topics.php'. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"04 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-04T21:08:11.000000Z"}]}