{"vulnerability": "cve-2024-4598", "sightings": [{"uuid": "3e7e0a9a-51bf-4bd7-9c49-e4472d2db0ba", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45985", "type": "seen", "source": "https://t.me/cvedetector/6451", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45985 - Blood Bank and Donation Management System Cross-Site Scripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45985 \nPublished : Sept. 26, 2024, 6:15 p.m. | 43\u00a0minutes ago \nDescription : A Cross Site Scripting (XSS) vulnerability in update_contact.php of Blood Bank and Donation Management System v1.0 allows an attacker to inject malicious scripts via the name parameter of the update_contact.php \nSeverity: 4.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-26T21:21:21.000000Z"}, {"uuid": "c3e4ed81-71ad-4f5f-a66a-faa83a0efb9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45982", "type": "seen", "source": "https://t.me/cvedetector/6429", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45982 - Apache ScheduleR Host Header Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45982 \nPublished : Sept. 26, 2024, 5:15 p.m. | 22\u00a0minutes ago \nDescription : A host header injection vulnerability in scheduleR v0.0.18 allows attackers to obtain the password reset token via user interaction with a crafted password reset link. This allows attackers to arbitrarily reset other users' passwords and compromise their accounts. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-26T19:40:31.000000Z"}, {"uuid": "fe131739-9b6e-42a1-84dc-f6d2f97d19ce", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45981", "type": "seen", "source": "https://t.me/cvedetector/6427", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45981 - BookReviewLibrary Host Header Injection\", \n  \"Content\": \"CVE ID : CVE-2024-45981 \nPublished : Sept. 26, 2024, 5:15 p.m. | 22\u00a0minutes ago \nDescription : A host header injection vulnerability in BookReviewLibrary 1.0 allows attackers to obtain the password reset token via user interaction with a crafted password reset link. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-26T19:40:30.000000Z"}, {"uuid": "2259824b-3afa-4679-aeb4-b1d2a25ba450", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45984", "type": "seen", "source": "https://t.me/cvedetector/6449", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45984 - Blood Bank And Donation Management System XSS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45984 \nPublished : Sept. 26, 2024, 6:15 p.m. | 43\u00a0minutes ago \nDescription : A Cross Site Scripting (XSS) vulnerability in add_donor.php of Blood Bank And Donation Management System 1.0 allows an attacker to inject malicious scripts that will be executed when the Donor List is viewed. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-26T21:21:16.000000Z"}, {"uuid": "e993ff1a-44b0-41b9-a912-4464e00c7237", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45980", "type": "seen", "source": "https://t.me/cvedetector/6435", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45980 - MEANStore Host Header Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-45980 \nPublished : Sept. 26, 2024, 5:15 p.m. | 22\u00a0minutes ago \nDescription : A host header injection vulnerability in MEANStore 1.0 allows attackers to obtain the password reset token via user interaction with a crafted password reset link. This allows attackers to arbitrarily reset other users' passwords and compromise their accounts. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-26T19:40:41.000000Z"}, {"uuid": "257b62c0-642f-4780-9e1d-ff1b0b9649b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45983", "type": "seen", "source": "https://t.me/cvedetector/6424", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45983 - Apache Hospital Management System CSRF\", \n  \"Content\": \"CVE ID : CVE-2024-45983 \nPublished : Sept. 26, 2024, 4:15 p.m. | 32\u00a0minutes ago \nDescription : A Cross-Site Request Forgery (CSRF) vulnerability exists in kishan0725's Hospital Management System version 6.3.5. The vulnerability allows an attacker to craft a malicious HTML form that submits a request to delete a doctor record. By enticing an authenticated admin user to visit the specially crafted web page, the attacker can leverage the victim's browser to make unauthorized requests to the vulnerable endpoint, effectively allowing the attacker to perform actions on behalf of the admin without their consent. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-26T18:50:12.000000Z"}, {"uuid": "19f23615-7475-4316-9a61-6037f3cfbe5a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45989", "type": "seen", "source": "https://t.me/cvedetector/6453", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45989 - Monica AI Assistant Information Disclosure, Image Injection\", \n  \"Content\": \"CVE ID : CVE-2024-45989 \nPublished : Sept. 26, 2024, 6:15 p.m. | 43\u00a0minutes ago \nDescription : Monica AI Assistant desktop application v2.3.0 is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor. A prompt injection allows an attacker to modify chatbot answer with an unloaded image that exfiltrates the user's sensitive chat data of the current session to a malicious third-party or attacker-controlled server. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-26T21:21:23.000000Z"}, {"uuid": "a1d1f968-c3c2-4248-ac0e-c3b44257149a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45987", "type": "seen", "source": "https://t.me/cvedetector/6452", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45987 - Projectworld Online Voting System CSRF Insiduous Vote Manipulation\", \n  \"Content\": \"CVE ID : CVE-2024-45987 \nPublished : Sept. 26, 2024, 6:15 p.m. | 43\u00a0minutes ago \nDescription : Projectworld Online Voting System Version 1.0 is vulnerable to Cross Site Request Forgery (CSRF) via voter.php. This vulnerability allows an attacker to craft a malicious link that, when clicked by an authenticated user, automatically submits a vote for a specified party without the user's consent or knowledge. The attack leverages the user's active session to perform the unauthorized action, compromising the integrity of the voting process. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-26T21:21:22.000000Z"}, {"uuid": "3839d3fc-36dd-4c2a-9440-ad25481859dd", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-45986", "type": "seen", "source": "https://t.me/cvedetector/6461", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-45986 - Projectworld Online Voting System Stored XSS\", \n  \"Content\": \"CVE ID : CVE-2024-45986 \nPublished : Sept. 26, 2024, 9:15 p.m. | 36\u00a0minutes ago \nDescription : A stored Cross-Site Scripting (XSS) vulnerability was identified in Projectworld Online Voting System 1.0 that occurs when an account is registered with a malicious javascript payload. The payload is stored and subsequently executed in the voter.php and profile.php pages whenever the account information is accessed. \nSeverity: 5.4 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"26 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-26T23:51:54.000000Z"}]}