{"vulnerability": "cve-2024-4961", "sightings": [{"uuid": "04fbb92d-f817-45d0-bb28-8e26670ccdfb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49611", "type": "seen", "source": "https://t.me/cvedetector/8390", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49611 - Paxman Product Website Showcase File Upload Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49611 \nPublished : Oct. 20, 2024, 8:15 a.m. | 20\u00a0minutes ago \nDescription : Unrestricted Upload of File with Dangerous Type vulnerability in Paxman Product Website Showcase allows Upload a Web Shell to a Web Server.This issue affects Product Website Showcase: from n/a through 1.0. \nSeverity: 10.0 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-20T10:43:59.000000Z"}, {"uuid": "9b932b35-c133-4dd7-9f12-f8b5eddb96de", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49618", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mikwsnvcgz2v", "content": "", "creation_timestamp": "2026-04-03T05:00:18.057803Z"}, {"uuid": "60dc881f-9c29-4f50-a49a-84c2e3ce2dc9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49613", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mil25wow2y2q", "content": "", "creation_timestamp": "2026-04-03T06:00:14.842626Z"}, {"uuid": "850fd86c-c93b-476a-9a15-18dae0e3af6d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49615", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mil3bk2kbv2r", "content": "", "creation_timestamp": "2026-04-03T06:20:09.099318Z"}, {"uuid": "9caa0039-9ec9-40e5-9f31-5082f94fa350", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49616", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mil4fcdadc2v", "content": "", "creation_timestamp": "2026-04-03T06:40:09.204349Z"}, {"uuid": "53eb0bc7-7ec7-4e4c-bac8-444fbc2a53e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49615", "type": "seen", "source": "https://t.me/cvedetector/8424", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49615 - SafetyForms CSRF Blind SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49615 \nPublished : Oct. 20, 2024, 10:15 a.m. | 41\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in Henrique Rodrigues SafetyForms allows Blind SQL Injection.This issue affects SafetyForms: from n/a through 1.0.0. \nSeverity: 8.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-20T13:14:54.000000Z"}, {"uuid": "4a590719-0e68-4a51-b93a-e9731d09de3a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49610", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mii6j7wvat2f", "content": "", "creation_timestamp": "2026-04-02T02:40:09.029241Z"}, {"uuid": "9c199939-192e-4d49-ad34-8b705b5e3d3b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49611", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3miigdq7qpi27", "content": "", "creation_timestamp": "2026-04-02T05:00:15.089861Z"}, {"uuid": "d0181b60-9d89-461a-8784-d1005e77a771", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49614", "type": "seen", "source": "https://bsky.app/profile/cyberhub.blog/post/3mitgeypskm2c", "content": "", "creation_timestamp": "2026-04-06T14:00:14.290518Z"}, {"uuid": "9fcf8581-c831-4a18-a0dc-4f71aa6aad33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49616", "type": "seen", "source": "https://t.me/cvedetector/8425", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49616 - Nyasro SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49616 \nPublished : Oct. 20, 2024, 10:15 a.m. | 41\u00a0minutes ago \nDescription : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Nyasro Rate Own Post allows Blind SQL Injection.This issue affects Rate Own Post: from n/a through 1.0. \nSeverity: 8.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-20T13:14:55.000000Z"}, {"uuid": "63eb6f84-8d72-4b87-876e-611a4f887a03", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49618", "type": "seen", "source": "https://t.me/cvedetector/8418", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49618 - MyTweetLinks SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-49618 \nPublished : Oct. 20, 2024, 10:15 a.m. | 41\u00a0minutes ago \nDescription : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Jordan Lyall MyTweetLinks allows Blind SQL Injection.This issue affects MyTweetLinks: from n/a through 1.1.1. \nSeverity: 8.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-20T13:14:47.000000Z"}, {"uuid": "e2139fa1-1b23-4f39-b519-e4789bec0d7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49617", "type": "seen", "source": "https://t.me/cvedetector/8416", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49617 - Bhaskar Dhote Back Link Tracker CSRF-Based Blind SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49617 \nPublished : Oct. 20, 2024, 10:15 a.m. | 41\u00a0minutes ago \nDescription : Cross-Site Request Forgery (CSRF) vulnerability in Bhaskar Dhote Back Link Tracker allows Blind SQL Injection.This issue affects Back Link Tracker: from n/a through 1.0.0. \nSeverity: 8.2 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-20T13:14:45.000000Z"}, {"uuid": "f967af18-d515-49f4-bfc5-7c4a657eef7d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49614", "type": "seen", "source": "https://t.me/cvedetector/8423", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49614 - SermonAudio SQL Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-49614 \nPublished : Oct. 20, 2024, 10:15 a.m. | 41\u00a0minutes ago \nDescription : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Dan Alexander SermonAudio Widgets allows SQL Injection.This issue affects SermonAudio Widgets: from n/a through 1.9.3. \nSeverity: 8.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-20T13:14:53.000000Z"}, {"uuid": "a51af0ca-dcd6-48d7-935d-81ac7ea6b01a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49613", "type": "seen", "source": "https://t.me/cvedetector/8422", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49613 - Lodel Geraldo SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-49613 \nPublished : Oct. 20, 2024, 10:15 a.m. | 41\u00a0minutes ago \nDescription : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Lodel Geraldo Simple Code Insert Shortcode allows SQL Injection.This issue affects Simple Code Insert Shortcode: from n/a through 1.0. \nSeverity: 8.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-20T13:14:53.000000Z"}, {"uuid": "14c1f8b2-f189-446c-bcd4-4dcb6177274d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49612", "type": "seen", "source": "https://t.me/cvedetector/8421", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49612 - Infotuts SW Contact Form SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-49612 \nPublished : Oct. 20, 2024, 10:15 a.m. | 41\u00a0minutes ago \nDescription : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Infotuts SW Contact Form allows Blind SQL Injection.This issue affects SW Contact Form: from n/a through 1.0. \nSeverity: 8.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-20T13:14:52.000000Z"}, {"uuid": "f06b86ab-c949-44f5-bde3-15478c858855", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49619", "type": "seen", "source": "https://t.me/cvedetector/8419", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49619 - Acespritech Solutions Pvt. Ltd. Social Link Groups SQL Injection\", \n  \"Content\": \"CVE ID : CVE-2024-49619 \nPublished : Oct. 20, 2024, 10:15 a.m. | 41\u00a0minutes ago \nDescription : Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Acespritech Solutions Pvt. Ltd. Social Link Groups allows Blind SQL Injection.This issue affects Social Link Groups: from n/a through 1.1.0. \nSeverity: 8.5 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-20T13:14:47.000000Z"}, {"uuid": "07750baf-0846-4a44-85dd-86fe9741772f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49610", "type": "seen", "source": "https://t.me/cvedetector/8402", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-49610 - Jack Zhu Photokit Remote File Inclusion\", \n  \"Content\": \"CVE ID : CVE-2024-49610 \nPublished : Oct. 20, 2024, 9:15 a.m. | 43\u00a0minutes ago \nDescription : Unrestricted Upload of File with Dangerous Type vulnerability in Jack Zhu allows Upload a Web Shell to a Web Server.This issue affects photokit: from n/a through 1.0. \nSeverity: 10.0 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"20 Oct 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-10-20T12:24:20.000000Z"}, {"uuid": "36b77a35-1483-4573-88ec-67c9d89770b1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-49611", "type": "seen", "source": "https://bsky.app/profile/hugovalters.bsky.social/post/3mmz4smqdlu2h", "content": "CVE-2024-49611 - Critical arbitrary file upload in Paxman Product Website Showcase. CVSS 10. Allows web shell upload. No patch available. Disable plugin immediately. #CVE #infosec #WordPress\n\nhttps://www.valtersit.com/cve/CVE-2024-49611/", "creation_timestamp": "2026-05-29T18:05:38.945994Z"}]}