{"vulnerability": "cve-2024-4278", "sightings": [{"uuid": "9c454e59-af93-4ccb-9b69-781dcf2c2c31", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42786", "type": "seen", "source": "https://t.me/cvedetector/3817", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42786 - Kashipara Music Management System SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42786 \nPublished : Aug. 21, 2024, 6:15 p.m. | 23\u00a0minutes ago \nDescription : A SQL injection vulnerability in \"/music/view_user.php\" in Kashipara Music Management System v1.0 allows an attacker to execute arbitrary SQL commands via the \"id\" parameter of View User Profile Page. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-21T20:46:04.000000Z"}, {"uuid": "b9d207fc-a376-4d71-a245-53694d2acb20", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-4278", "type": "seen", "source": "https://t.me/cvedetector/6386", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-4278 - GitLab EE Information Disclosure: Credential Exposure Through Dependency Proxy Setting\", \n  \"Content\": \"CVE ID : CVE-2024-4278 \nPublished : Sept. 26, 2024, 7:15 a.m. | 15\u00a0minutes ago \nDescription : An information disclosure issue has been discovered in GitLab EE affecting all versions starting from 16.5 prior to 17.2.8, from 17.3 prior to 17.3.4, and from 17.4 prior to 17.4.1. A maintainer could obtain a Dependency Proxy password by editing a certain Dependency Proxy setting. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-26T09:36:39.000000Z"}, {"uuid": "304a76f8-c92a-4425-a919-89826c84077e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42785", "type": "seen", "source": "https://t.me/cvedetector/3812", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42785 - Kashipara Music Management System SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42785 \nPublished : Aug. 21, 2024, 6:15 p.m. | 23\u00a0minutes ago \nDescription : A SQL injection vulnerability in /music/index.php?page=view_playlist in Kashipara Music Management System v1.0 allows an attacker to execute arbitrary SQL commands via the \"id\" parameter. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-21T20:45:57.000000Z"}, {"uuid": "3cc3da65-49c2-408d-ad05-caedb48ca160", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42782", "type": "seen", "source": "https://t.me/cvedetector/3811", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42782 - Kashipara Music Management System SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-42782 \nPublished : Aug. 21, 2024, 6:15 p.m. | 23\u00a0minutes ago \nDescription : A SQL injection vulnerability in \"/music/ajax.php?action=find_music\" in Kashipara Music Management System v1.0 allows an attacker to execute arbitrary SQL commands via the \"search\" parameter. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-21T20:45:56.000000Z"}, {"uuid": "dcfe0497-3a96-4372-9fb1-dc3e74be57fa", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42780", "type": "seen", "source": "https://t.me/cvedetector/3810", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42780 - Kashipara Music Management System PHP File Upload Remote Code Execution\", \n  \"Content\": \"CVE ID : CVE-2024-42780 \nPublished : Aug. 21, 2024, 6:15 p.m. | 23\u00a0minutes ago \nDescription : An Unrestricted file upload vulnerability was found in \"/music/ajax.php?action=save_genre\" in Kashipara Music Management System v1.0. This allows attackers to execute arbitrary code via uploading a crafted PHP file. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-21T20:45:55.000000Z"}, {"uuid": "57f765c5-0fe6-4bb1-9354-cb424f1e5453", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42787", "type": "seen", "source": "https://t.me/cvedetector/4165", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42787 - Kashipara Music Management System Stored XSS\", \n  \"Content\": \"CVE ID : CVE-2024-42787 \nPublished : Aug. 26, 2024, 3:15 p.m. | 36\u00a0minutes ago \nDescription : A Stored Cross Site Scripting (XSS) vulnerability was found in \"/music/ajax.php?action=save_playlist\" in Kashipara Music Management System v1.0. This vulnerability allows remote attackers to execute arbitrary code via \"title\" &amp; \"description\" parameter fields. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-26T17:59:17.000000Z"}, {"uuid": "172afa0a-ff54-445d-8741-6bfa03d70745", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42781", "type": "seen", "source": "https://t.me/cvedetector/3815", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42781 - Kashipara Music Management System SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42781 \nPublished : Aug. 21, 2024, 6:15 p.m. | 23\u00a0minutes ago \nDescription : A SQL injection vulnerability in \"/music/ajax.php?action=login\" of Kashipara Music Management System v1.0 allows remote attackers to execute arbitrary SQL commands and bypass Login via the email parameter. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-21T20:46:03.000000Z"}, {"uuid": "a328378b-24c8-4c13-aa10-1d0a3db97655", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42784", "type": "seen", "source": "https://t.me/cvedetector/3814", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42784 - Kashipara Music Management System SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42784 \nPublished : Aug. 21, 2024, 6:15 p.m. | 23\u00a0minutes ago \nDescription : A SQL injection vulnerability in \"/music/controller.php?page=view_music\" in Kashipara Music Management System v1.0 allows an attacker to execute arbitrary SQL commands via the \"id\" parameter. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-21T20:45:59.000000Z"}, {"uuid": "19ecdd5b-4d70-42e6-ba24-3f9d20821861", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42783", "type": "seen", "source": "https://t.me/cvedetector/3813", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42783 - Kashipara Music Management System SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42783 \nPublished : Aug. 21, 2024, 6:15 p.m. | 23\u00a0minutes ago \nDescription : Kashipara Music Management System v1.0 is vulnerable to SQL Injection via /music/manage_playlist_items.php. An attacker can execute arbitrary SQL commands via the \"pid\" parameter. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-21T20:45:58.000000Z"}, {"uuid": "98395573-1f46-45ea-b745-f89e29c9e099", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42788", "type": "seen", "source": "https://t.me/cvedetector/4178", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42788 - Kashipara Music Management System Stored Cross Site Scripting (XSS) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-42788 \nPublished : Aug. 26, 2024, 4:15 p.m. | 27\u00a0minutes ago \nDescription : A Stored Cross Site Scripting (XSS) vulnerability was found in \"/music/ajax.php?action=save_music\" in Kashipara Music Management System v1.0. This vulnerability allows remote attackers to execute arbitrary code via \"title\" &amp; \"artist\" parameter fields. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-26T18:49:41.000000Z"}, {"uuid": "d041a454-f1f4-4b50-800c-1c3230879dcb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-42789", "type": "seen", "source": "https://t.me/cvedetector/4163", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-42789 - Kashipara Music Management System Reflected XSS\", \n  \"Content\": \"CVE ID : CVE-2024-42789 \nPublished : Aug. 26, 2024, 3:15 p.m. | 36\u00a0minutes ago \nDescription : A Reflected Cross Site Scripting (XSS) vulnerability was found in \"/music/controller.php?page=test\" in Kashipara Music Management System v1.0. This vulnerability allows remote attackers to execute arbitrary code via the \"page\" parameter. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-26T17:59:15.000000Z"}]}