fixed CVE-2018-1000157

2025-05-08 03:27:03 +00:00 · 2018-04-13 12:45:56 -06:00 · 2018-04-13 12:45:56 -06:00 · 01d1ef8325
commit 01d1ef8325
parent 454eb250e2
1 changed files with 18 additions and 1 deletions
--- a/2018/1000xxx/CVE-2018-1000157.json
+++ b/2018/1000xxx/CVE-2018-1000157.json
@ -1 +1,18 @@
-{     "CVE_data_meta": {         "ASSIGNER": "kurt@seifried.org",         "DATE_ASSIGNED": "2018-04-06T14:09:26.580591",         "DATE_REQUESTED": "2018-03-19T21:00:34",         "ID": "CVE-2018-1000157",         "REQUESTER": "me@zixian.org"     },     "affects": {         "vendor": {             "vendor_data": [                 {                     "product": {                         "product_data": [                             {                                 "product_name": "MiniCMS",                                 "version": {                                     "version_data": [                                         {                                             "version_value": "1.1"                                         }                                     ]                                 }                             }                         ]                     },                     "vendor_name": "minicms"                 }             ]         }     },     "data_format": "MITRE",     "data_type": "CVE",     "data_version": "4.0",     "description": {         "description_data": [             {                 "lang": "eng",                 "value": "MiniCMS version 1.1 contains a Cross site Request Forgery (CSRF) vulnerability in /minicms/mc-admin/conf.php that can result in a change of the administrator account password. This attack appears to be exploitable by a crafted web page, if the administrator is logged in, and opens the specially crafted html file it will trigger a request which triggers the CSRF. This vulnerability appears to have been fixed in 1.1."             }         ]     },     "problemtype": {         "problemtype_data": [             {                 "description": [                     {                         "lang": "eng",                         "value": "Cross site Request Forgery (CSRF)"                     }                 ]             }         ]     },     "references": {         "reference_data": [             {                 "url": "https://github.com/idada/MiniCMS/issues/14"             }         ]     } } 
+{
+   "CVE_data_meta" : {
+      "ASSIGNER" : "cve@mitre.org",
+      "ID" : "CVE-2018-1000157",
+      "STATE" : "REJECT"
+   },
+   "data_format" : "MITRE",
+   "data_type" : "CVE",
+   "data_version" : "4.0",
+   "description" : {
+      "description_data" : [
+         {
+            "lang" : "eng",
+            "value" : "** REJECT **  DO NOT USE THIS CANDIDATE NUMBER.  ConsultIDs: CVE-2018-9092.  Reason: This candidate is a reservation duplicate of CVE-2018-9092.  Notes: All CVE users should reference CVE-2018-9092 instead of this candidate.  All references and descriptions in this candidate have been removed to prevent accidental usage."
+         }
+      ]
+   }
+}