admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-12-20 04:01:07 +00:00
parent 85189c494b
commit 082e9117b1
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
4 changed files with 15 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
2021/44xxx/CVE-2021-44159.json
View File

@ -38,7 +38,7 @@
"description_data": [
{
"lang": "eng",
"value": "4MOSAn GCB Doctors file upload function has improper user privilege control. A remote attacker can upload arbitrary files including webshell files without authentication and execute arbitrary code in order to perform arbitrary system operations or deny of service attack."
"value": "4MOSAn GCB Doctor\u2019s file upload function has improper user privilege control. A remote attacker can upload arbitrary files including webshell files without authentication and execute arbitrary code in order to perform arbitrary system operations or deny of service attack."
}
]
},
@ -76,8 +76,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.twcert.org.tw/tw/cp-132-5395-eee40-1.html"
"refsource": "MISC",
"url": "https://www.twcert.org.tw/tw/cp-132-5395-eee40-1.html",
"name": "https://www.twcert.org.tw/tw/cp-132-5395-eee40-1.html"
}
]
},

7
2021/44xxx/CVE-2021-44162.json
View File

@ -38,7 +38,7 @@
"description_data": [
{
"lang": "eng",
"value": "Chain Sea ai chatbot systems specific file download function has path traversal vulnerability. The function has improper filtering of special characters in URL parameters, which allows a remote attacker to download arbitrary system files without authentication."
"value": "Chain Sea ai chatbot system\u2019s specific file download function has path traversal vulnerability. The function has improper filtering of special characters in URL parameters, which allows a remote attacker to download arbitrary system files without authentication."
}
]
},
@ -76,8 +76,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.twcert.org.tw/tw/cp-132-5397-b1f40-1.html"
"refsource": "MISC",
"url": "https://www.twcert.org.tw/tw/cp-132-5397-b1f40-1.html",
"name": "https://www.twcert.org.tw/tw/cp-132-5397-b1f40-1.html"
}
]
},

5
2021/44xxx/CVE-2021-44163.json
View File

@ -76,8 +76,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.twcert.org.tw/tw/cp-132-5399-03b81-1.html"
"refsource": "MISC",
"url": "https://www.twcert.org.tw/tw/cp-132-5399-03b81-1.html",
"name": "https://www.twcert.org.tw/tw/cp-132-5399-03b81-1.html"
}
]
},

7
2021/44xxx/CVE-2021-44164.json
View File

@ -38,7 +38,7 @@
"description_data": [
{
"lang": "eng",
"value": "Chain Sea ai chatbot systems file upload function has insufficient filtering for special characters in URLs, which allows a remote attacker to by-pass file type validation, upload malicious script and execute arbitrary code without authentication, in order to take control of the system or terminate service."
"value": "Chain Sea ai chatbot system\u2019s file upload function has insufficient filtering for special characters in URLs, which allows a remote attacker to by-pass file type validation, upload malicious script and execute arbitrary code without authentication, in order to take control of the system or terminate service."
}
]
},
@ -76,8 +76,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://www.twcert.org.tw/tw/cp-132-5400-c31d1-1.html"
"refsource": "MISC",
"url": "https://www.twcert.org.tw/tw/cp-132-5400-c31d1-1.html",
"name": "https://www.twcert.org.tw/tw/cp-132-5400-c31d1-1.html"
}
]
},