admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2018/16xxx/CVE-2018-16604.json

62 lines
1.8 KiB
JSON
Raw Normal View History

- Synchronized data.
2018-09-06 12:05:08 -04:00
{
"-Synchronized-Data."
2019-03-17 22:40:03 +00:00
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-16604",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
- Synchronized data.
2018-09-06 12:05:08 -04:00
{
"-Synchronized-Data."
2019-03-17 22:40:03 +00:00
"lang": "eng",
"value": "An issue was discovered in Nibbleblog v4.0.5. With an admin's username and password, an attacker can execute arbitrary PHP code by changing the username because the username is surrounded by double quotes (e.g., \"${phpinfo()}\")."
- Synchronized data.
2018-09-06 12:05:08 -04:00
}
"-Synchronized-Data."
2019-03-17 22:40:03 +00:00
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/dignajar/nibbleblog/issues/131",
"refsource": "MISC",
"url": "https://github.com/dignajar/nibbleblog/issues/131"
}
]
}
}
Reference in New Issue Copy Permalink