{"vulnerability": "cve-2024-4960", "sightings": [{"uuid": "1ddebb7b-0717-465e-92b0-cd37f7e517cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49600", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/113623844910702758", "content": "", "creation_timestamp": "2024-12-09T16:38:02.760087Z"}, {"uuid": "776e6cdf-b739-43a7-a739-6ba030eddda8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49603", "type": "seen", "source": "https://t.me/cvedetector/12406", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49603 - Dell PowerScale OneFS Incorrect Specified Argument Information Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49603 \nPublished : Dec. 9, 2024, 3:15 p.m. | 42\u00a0minutes ago \nDescription : Dell PowerScale OneFS Versions 8.2.2.x through 9.9.0.x contain an incorrect specified argument vulnerability. A remote low privileged legitimate user could potentially exploit this vulnerability, leading to information disclosure. \nSeverity: 4.3 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-09T17:12:39.000000Z"}, {"uuid": "1fe59fb8-de3e-4968-b0a0-28d247bc37ed", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49608", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3milby4v7gj2r", "content": "", "creation_timestamp": "2026-04-03T08:20:09.415977Z"}, {"uuid": "b25a26da-c2a7-4a83-9b05-a6c401ca5b05", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49609", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mit7ogcmsd23", "content": "", "creation_timestamp": "2026-04-06T12:00:14.405422Z"}, {"uuid": "4a176ad9-190c-4313-bd90-962512f9c38a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49601", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/9255", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-49601\n\ud83d\udd25 CVSS Score: 7.3 (cvssV3_1, Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)\n\ud83d\udd39 Description: Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Command execution.\n\ud83d\udccf Published: 2025-03-28T01:52:23.226Z\n\ud83d\udccf Modified: 2025-03-28T01:52:23.226Z\n\ud83d\udd17 References:\n1. https://www.dell.com/support/kbdoc/en-us/000300090/dsa-2025-116-security-update-for-dell-unity-dell-unityvsa-and-dell-unity-xt-security-update-for-multiple-vulnerabilities", "creation_timestamp": "2025-03-28T02:28:09.000000Z"}, {"uuid": "83885139-79e5-4180-8366-f2179a65e67b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49604", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3miif7sbita2r", "content": "", "creation_timestamp": "2026-04-02T04:40:08.856607Z"}, {"uuid": "213f5284-7aaf-4a17-a588-651158a5f7a5", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49601", "type": "seen", "source": "https://t.me/cvedetector/21368", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49601 - Dell Unity OS Command Injection\", \n  \"Content\": \"CVE ID : CVE-2024-49601 \nPublished : March 28, 2025, 3:15 a.m. | 51\u00a0minutes ago \nDescription : Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') vulnerability. An unauthenticated attacker with remote access could potentially exploit this vulnerability, leading to Command execution. \nSeverity: 7.3 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"28 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-28T05:12:19.000000Z"}, {"uuid": "918c614e-b69f-40e8-ac72-53d93aa197ae", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49600", "type": "seen", "source": "https://t.me/cvedetector/12404", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49600 - Dell Power Manager Elevation of Privileges Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49600 \nPublished : Dec. 9, 2024, 3:15 p.m. | 42\u00a0minutes ago \nDescription : Dell Power Manager (DPM), versions prior to 3.17, contain an improper access control vulnerability. A low privileged attacker with local access could potentially exploit this vulnerability, leading to Code execution and Elevation of Privileges. \nSeverity: 7.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-09T17:12:38.000000Z"}, {"uuid": "9d77ab4a-9cb5-4b0b-a3a8-3dc8d5adb100", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49607", "type": "seen", "source": "https://t.me/cvedetector/8409", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49607 - Redwan Hilali WP Dropbox Dropins Unrestricted File Upload Remote Code Execution\", \n  \"Content\": \"CVE ID : CVE-2024-49607 \nPublished : Oct. 20, 2024, 9:15 a.m. | 43\u00a0minutes ago \nDescription : Unrestricted Upload of File with Dangerous Type vulnerability in Redwan Hilali WP Dropbox Dropins allows Upload a Web Shell to a Web Server.This issue affects WP Dropbox Dropins: from n/a through 1.0. \nSeverity: 10.0 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-20T12:24:28.000000Z"}, {"uuid": "1e12bdbc-b194-44b3-b7f2-549b15234215", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49602", "type": "seen", "source": "https://t.me/cvedetector/12405", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49602 - Dell PowerScale OneFS Improper Resource Unlocking Denial of Service Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49602 \nPublished : Dec. 9, 2024, 3:15 p.m. | 42\u00a0minutes ago \nDescription : Dell PowerScale OneFS Versions 8.2.2.x through 9.8.0.x contain an improper resource unlocking vulnerability. A remote low privileged attacker could potentially exploit this vulnerability, leading to denial of service. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Dec 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-12-09T17:12:39.000000Z"}, {"uuid": "b6af9775-714f-41c2-b8a5-cc375de62f6f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49609", "type": "seen", "source": "https://t.me/cvedetector/8427", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49609 - Brandon White Author Discussion SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-49609 \nPublished : Oct. 20, 2024, 10:15 a.m. | 41\u00a0minutes ago \nDescription : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Brandon White Author Discussion allows Blind SQL Injection.This issue affects Author Discussion: from n/a through 0.2.2. \nSeverity: 8.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-20T13:14:59.000000Z"}, {"uuid": "99296fc9-ccc1-4366-8c46-5599024f53bf", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49605", "type": "seen", "source": "https://t.me/cvedetector/8426", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49605 - AVChat Video Chat CSRF Stored XSS\", \n  \"Content\": \"CVE ID : CVE-2024-49605 \nPublished : Oct. 20, 2024, 10:15 a.m. | 41\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in Avchat.Net AVChat Video Chat allows Stored XSS.This issue affects AVChat Video Chat: from n/a through 2.2. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-20T13:14:59.000000Z"}, {"uuid": "bdbd004d-91fe-4a71-9c5d-78fe636d76a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49608", "type": "seen", "source": "https://t.me/cvedetector/8410", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49608 - GERRYWORKS Post by Mail Privilege Escalation Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49608 \nPublished : Oct. 20, 2024, 9:15 a.m. | 43\u00a0minutes ago \nDescription : : Incorrect Privilege Assignment vulnerability in Gerry Ntabuhashe GERRYWORKS Post by Mail allows Privilege Escalation.This issue affects GERRYWORKS Post by Mail: from n/a through 1.0. \nSeverity: 8.8 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-20T12:24:32.000000Z"}, {"uuid": "7607ea85-f92f-46b3-8cfb-0d8c47546c15", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49606", "type": "seen", "source": "https://t.me/cvedetector/8389", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49606 - Dotsquares Google Map Locations Reflected Cross-site Scripting (XSS) Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49606 \nPublished : Oct. 20, 2024, 8:15 a.m. | 21\u00a0minutes ago \nDescription : Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Dotsquares Google Map Locations allows Reflected XSS.This issue affects Google Map Locations: from n/a through 1.0. \nSeverity: 7.1 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-20T10:43:58.000000Z"}, {"uuid": "0606e535-76f1-4f08-8fdc-a336de192ee8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49604", "type": "seen", "source": "https://t.me/cvedetector/8388", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49604 - Najeeb Ahmad Simple User Registration Authentication Bypass\", \n  \"Content\": \"CVE ID : CVE-2024-49604 \nPublished : Oct. 20, 2024, 8:15 a.m. | 21\u00a0minutes ago \nDescription : Authentication Bypass Using an Alternate Path or Channel vulnerability in Najeeb Ahmad Simple User Registration allows Authentication Bypass.This issue affects Simple User Registration: from n/a through 5.5. \nSeverity: 9.8 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-20T10:43:57.000000Z"}]}