{"vulnerability": "cve-2024-4636", "sightings": [{"uuid": "30a03631-c33a-427a-996b-6309d9d6ab51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46362", "type": "seen", "source": "https://t.me/cvedetector/5810", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46362 - FrogCMS CSRF Web Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-46362 \nPublished : Sept. 17, 2024, 1:15 p.m. | 18\u00a0minutes ago \nDescription : FrogCMS V0.9.5 was discovered to contain a Cross-Site Request Forgery (CSRF) vulnerability via /admin/?/plugin/file_manager/create_directory \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"17 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-17T15:36:32.000000Z"}, {"uuid": "726a5b9d-a4d3-44fc-95c4-ef0f3fcc6130", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46367", "type": "seen", "source": "https://t.me/cvedetector/6560", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46367 - Webkul Krayin CRM Stored Cross-Site Scripting (XSS)\", \n  \"Content\": \"CVE ID : CVE-2024-46367 \nPublished : Sept. 27, 2024, 5:15 p.m. | 43\u00a0minutes ago \nDescription : A Stored Cross-Site Scripting (XSS) vulnerability in Webkul Krayin CRM 1.3.0 allows remote attackers to inject arbitrary JavaScript code by submitting a malicious payload within the username field. This can lead to privilege escalation when the payload is executed, granting the attacker elevated permissions within the CRM system. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-27T20:04:56.000000Z"}, {"uuid": "acafc19a-922d-4e9a-a040-37a2022b6a30", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-46366", "type": "seen", "source": "https://t.me/cvedetector/6559", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-46366 - Webkul Krayin CRM Client-Side Template Injection\", \n  \"Content\": \"CVE ID : CVE-2024-46366 \nPublished : Sept. 27, 2024, 5:15 p.m. | 43\u00a0minutes ago \nDescription : A Client-side Template Injection (CSTI) vulnerability in Webkul Krayin CRM 1.3.0 allows remote attackers to execute arbitrary client-side template code by injecting a malicious payload during the lead creation process. This can lead to privilege escalation when the payload is executed, granting the attacker elevated permissions within the CRM system. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"27 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-27T20:04:56.000000Z"}]}