{"vulnerability": "cve-2024-5084", "sightings": [{"uuid": "a583adf2-61ed-4712-833b-7a516c3c681d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50841", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113481595438416240", "content": "", "creation_timestamp": "2024-11-14T13:42:07.819514Z"}, {"uuid": "7a0a134f-0501-48b3-9a80-81ef163f76ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50842", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113481595452309688", "content": "", "creation_timestamp": "2024-11-14T13:42:08.012517Z"}, {"uuid": "71a0e1e9-8e22-4402-b7cb-8afdd9021ad2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50843", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113481595467254205", "content": "", "creation_timestamp": "2024-11-14T13:42:08.329158Z"}, {"uuid": "89d27be4-9313-48be-af26-2c8336581f8d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50849", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113505821918325381", "content": "", "creation_timestamp": "2024-11-18T20:23:14.500806Z"}, {"uuid": "205bff72-ed4d-450e-b816-3c5c42e6c262", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5084", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-06T03:13:46.000000Z"}, {"uuid": "5d0ec895-60a5-4191-bce2-308fc7eb8597", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5084", "type": "seen", "source": "MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd", "content": "", "creation_timestamp": "2025-02-23T04:11:05.000000Z"}, {"uuid": "c23826f4-6e49-4b9d-a241-af50c2615392", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5084", "type": "seen", "source": "MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7", "content": "", "creation_timestamp": "2025-10-23T21:13:04.000000Z"}, {"uuid": "97840a8f-7c2f-4e90-9052-f8241c1b27a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50848", "type": "seen", "source": "MISP/1c5c38d6-3401-41ac-be0e-4cf361fa6f51", "content": "", "creation_timestamp": "2025-09-25T00:36:28.000000Z"}, {"uuid": "313d1e26-35cd-4157-b30e-d6448a3b697f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50849", "type": "seen", "source": "MISP/1c5c38d6-3401-41ac-be0e-4cf361fa6f51", "content": "", "creation_timestamp": "2025-09-25T00:36:28.000000Z"}, {"uuid": "e72beeb2-a9fe-4883-af7d-53f6ab9731c1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5084", "type": "seen", "source": "https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/wp_hash_form_rce.rb", "content": "", "creation_timestamp": "2024-06-05T08:42:42.000000Z"}, {"uuid": "ac237999-d685-4f1f-8e5a-7cfd51f9ea06", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5084", "type": "seen", "source": "https://bsky.app/profile/concisecyber.bsky.social/post/3m7arw5kerj2t", "content": "", "creation_timestamp": "2025-12-05T15:19:21.202199Z"}, {"uuid": "065c30d7-c218-488b-8113-27525fd6db37", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5084", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/7843", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2024\n\u63cf\u8ff0\uff1aPoC Exploit for CVE-2024-5084\nURL\uff1ahttps://github.com/WOOOOONG/CVE-2024-5084\n\n\u6807\u7b7e\uff1a#CVE-2024", "creation_timestamp": "2024-07-03T04:29:30.000000Z"}, {"uuid": "3018a992-60e6-4ff4-9842-0366feb96c92", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50849", "type": "seen", "source": "https://t.me/cvedetector/11385", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50849 - WordServer CSSScripting Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-50849 \nPublished : Nov. 18, 2024, 9:15 p.m. | 37\u00a0minutes ago \nDescription : Cross-Site Scripting (XSS) in the \"Rules\" functionality in WordServer 11.8.2 allows a remote authenticated attacker to execute arbitrary code. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-18T23:14:30.000000Z"}, {"uuid": "bffa6893-a155-457a-944a-09520c9e97cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50848", "type": "seen", "source": "https://t.me/cvedetector/11384", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50848 - WorldServer XXE Injection Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-50848 \nPublished : Nov. 18, 2024, 9:15 p.m. | 37\u00a0minutes ago \nDescription : An XML External Entity (XXE) vulnerability in the Import object and Translation Memory import functionalities of WorldServer v11.8.2 to access sensitive information and execute arbitrary commands via supplying a crafted .tmx file. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"18 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-18T23:14:30.000000Z"}, {"uuid": "fdbd2638-98df-4be7-8471-574f33f05204", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50842", "type": "seen", "source": "https://t.me/cvedetector/10956", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50842 - KASHIPARA E-learning Management System Project Stored XSS\", \n  \"Content\": \"CVE ID : CVE-2024-50842 \nPublished : Nov. 14, 2024, 2:15 p.m. | 28\u00a0minutes ago \nDescription : A Stored Cross-Site Scripting (XSS) vulnerability was found in /lms/admin/school_year.php of KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the school_year parameter in a POST HTTP request. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-14T15:49:25.000000Z"}, {"uuid": "e2e4cb7e-24bf-4ab0-b57f-c02589dae488", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50841", "type": "seen", "source": "https://t.me/cvedetector/10955", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50841 - KASHIPARA E-learning Management System Stored XSS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-50841 \nPublished : Nov. 14, 2024, 2:15 p.m. | 28\u00a0minutes ago \nDescription : A Stored Cross-Site Scripting (XSS) vulnerability was found in /lms/admin/calendar_of_events.php in KASHIPARA E-learning Management System pProject 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the date_start, date_end, and title parameters in a POST HTTP request. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-14T15:49:25.000000Z"}, {"uuid": "5bb2d1a2-a60e-42cb-a33e-1ba5762518c3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50840", "type": "seen", "source": "https://t.me/cvedetector/10954", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50840 - KASHIPARA E-learning Management System Stored XSS\", \n  \"Content\": \"CVE ID : CVE-2024-50840 \nPublished : Nov. 14, 2024, 2:15 p.m. | 28\u00a0minutes ago \nDescription : A Stored Cross-Site Scripting (XSS) vulnerability was found in /lms/admin/class.php in KASHIPARA E-learning Management System Project 1.0. This vulnerability allows remote attackers to execute arbitrary scripts via the class_name parameter in a POST HTTP request. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-14T15:49:24.000000Z"}, {"uuid": "f2c829de-fe14-49f5-8d84-b9d9e7ec0c2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-50843", "type": "seen", "source": "https://t.me/cvedetector/10950", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-50843 - PHPGurukul Directory Traversal Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-50843 \nPublished : Nov. 14, 2024, 2:15 p.m. | 28\u00a0minutes ago \nDescription : A Directory listing issue was found in PHPGurukul User Registration & Login and User Management System 3.2, which allows remote attackers attacker to access sensitive files and directories via /loginsystem/assets. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-14T15:49:18.000000Z"}, {"uuid": "3d68a365-0be5-4ff0-bab2-aaa922b7920a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-5084", "type": "seen", "source": "https://t.me/codeb0ss/1447", "content": "{VIP} CVE-2024-5084 - WP_HashForm < Remote Code Execution (RCE)\n\nNew unauthenticated vulnerable in WordPress hash form - Drag & from builder plugin, To upload File/Webshell & Execute the commands, \n\nType: RCE\n\nThis Completely Free and For VIP Users.\n\nTo Get VIP\n@uncodeboss", "creation_timestamp": "2024-09-17T21:29:50.000000Z"}]}