From 0f5a9602363c4b9d3a4c7fb3ec938562f37ba62f Mon Sep 17 00:00:00 2001 From: CVE Team Date: Sun, 17 Feb 2019 19:11:27 -0500 Subject: [PATCH] - Synchronized data. --- 2019/8xxx/CVE-2019-8423.json | 67 ++++++++++++++++++++++++++++++++++++ 2019/8xxx/CVE-2019-8424.json | 67 ++++++++++++++++++++++++++++++++++++ 2019/8xxx/CVE-2019-8425.json | 67 ++++++++++++++++++++++++++++++++++++ 2019/8xxx/CVE-2019-8426.json | 67 ++++++++++++++++++++++++++++++++++++ 2019/8xxx/CVE-2019-8427.json | 62 +++++++++++++++++++++++++++++++++ 2019/8xxx/CVE-2019-8428.json | 67 ++++++++++++++++++++++++++++++++++++ 2019/8xxx/CVE-2019-8429.json | 67 ++++++++++++++++++++++++++++++++++++ 2019/8xxx/CVE-2019-8430.json | 18 ++++++++++ 2019/8xxx/CVE-2019-8431.json | 18 ++++++++++ 2019/8xxx/CVE-2019-8432.json | 62 +++++++++++++++++++++++++++++++++ 2019/8xxx/CVE-2019-8433.json | 62 +++++++++++++++++++++++++++++++++ 2019/8xxx/CVE-2019-8434.json | 62 +++++++++++++++++++++++++++++++++ 2019/8xxx/CVE-2019-8435.json | 62 +++++++++++++++++++++++++++++++++ 2019/8xxx/CVE-2019-8436.json | 62 +++++++++++++++++++++++++++++++++ 14 files changed, 810 insertions(+) create mode 100644 2019/8xxx/CVE-2019-8423.json create mode 100644 2019/8xxx/CVE-2019-8424.json create mode 100644 2019/8xxx/CVE-2019-8425.json create mode 100644 2019/8xxx/CVE-2019-8426.json create mode 100644 2019/8xxx/CVE-2019-8427.json create mode 100644 2019/8xxx/CVE-2019-8428.json create mode 100644 2019/8xxx/CVE-2019-8429.json create mode 100644 2019/8xxx/CVE-2019-8430.json create mode 100644 2019/8xxx/CVE-2019-8431.json create mode 100644 2019/8xxx/CVE-2019-8432.json create mode 100644 2019/8xxx/CVE-2019-8433.json create mode 100644 2019/8xxx/CVE-2019-8434.json create mode 100644 2019/8xxx/CVE-2019-8435.json create mode 100644 2019/8xxx/CVE-2019-8436.json diff --git a/2019/8xxx/CVE-2019-8423.json b/2019/8xxx/CVE-2019-8423.json new file mode 100644 index 00000000000..dfa5cee96e5 --- /dev/null +++ b/2019/8xxx/CVE-2019-8423.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-8423", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "ZoneMinder through 1.32.3 has SQL Injection via the skins/classic/views/events.php filter[Query][terms][0][cnj] parameter." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/LoRexxar/CVE_Request/tree/master/zoneminder%20vul%20before%20v1.32.3#skinsclassicviewseventsphp-line-44-sql-injection", + "refsource" : "MISC", + "url" : "https://github.com/LoRexxar/CVE_Request/tree/master/zoneminder%20vul%20before%20v1.32.3#skinsclassicviewseventsphp-line-44-sql-injection" + }, + { + "name" : "https://www.seebug.org/vuldb/ssvid-97761", + "refsource" : "MISC", + "url" : "https://www.seebug.org/vuldb/ssvid-97761" + } + ] + } +} diff --git a/2019/8xxx/CVE-2019-8424.json b/2019/8xxx/CVE-2019-8424.json new file mode 100644 index 00000000000..eb24ee2caac --- /dev/null +++ b/2019/8xxx/CVE-2019-8424.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-8424", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php sort parameter." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/LoRexxar/CVE_Request/tree/master/zoneminder%20vul%20before%20v1.32.3#ajaxstatusphp-line-276-orderby-sql-injection", + "refsource" : "MISC", + "url" : "https://github.com/LoRexxar/CVE_Request/tree/master/zoneminder%20vul%20before%20v1.32.3#ajaxstatusphp-line-276-orderby-sql-injection" + }, + { + "name" : "https://www.seebug.org/vuldb/ssvid-97763", + "refsource" : "MISC", + "url" : "https://www.seebug.org/vuldb/ssvid-97763" + } + ] + } +} diff --git a/2019/8xxx/CVE-2019-8425.json b/2019/8xxx/CVE-2019-8425.json new file mode 100644 index 00000000000..83aabf92f65 --- /dev/null +++ b/2019/8xxx/CVE-2019-8425.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-8425", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "includes/database.php in ZoneMinder before 1.32.3 has XSS in the construction of SQL-ERR messages." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/LoRexxar/CVE_Request/tree/master/zoneminder%20vul%20before%20v1.32.3#sql-query-error-reflected-xss", + "refsource" : "MISC", + "url" : "https://github.com/LoRexxar/CVE_Request/tree/master/zoneminder%20vul%20before%20v1.32.3#sql-query-error-reflected-xss" + }, + { + "name" : "https://www.seebug.org/vuldb/ssvid-97764", + "refsource" : "MISC", + "url" : "https://www.seebug.org/vuldb/ssvid-97764" + } + ] + } +} diff --git a/2019/8xxx/CVE-2019-8426.json b/2019/8xxx/CVE-2019-8426.json new file mode 100644 index 00000000000..9021541161e --- /dev/null +++ b/2019/8xxx/CVE-2019-8426.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-8426", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "skins/classic/views/controlcap.php in ZoneMinder before 1.32.3 has XSS via the newControl array, as demonstrated by the newControl[MinTiltRange] parameter." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/LoRexxar/CVE_Request/tree/master/zoneminder%20vul%20before%20v1.32.3#skinsclassicviewscontrolcapphp-reflected-xss", + "refsource" : "MISC", + "url" : "https://github.com/LoRexxar/CVE_Request/tree/master/zoneminder%20vul%20before%20v1.32.3#skinsclassicviewscontrolcapphp-reflected-xss" + }, + { + "name" : "https://www.seebug.org/vuldb/ssvid-97766", + "refsource" : "MISC", + "url" : "https://www.seebug.org/vuldb/ssvid-97766" + } + ] + } +} diff --git a/2019/8xxx/CVE-2019-8427.json b/2019/8xxx/CVE-2019-8427.json new file mode 100644 index 00000000000..75e0c0b0399 --- /dev/null +++ b/2019/8xxx/CVE-2019-8427.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-8427", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "daemonControl in includes/functions.php in ZoneMinder before 1.32.3 allows command injection via shell metacharacters." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/LoRexxar/CVE_Request/tree/master/zoneminder%20vul%20before%20v1.32.3#includesfunctionsphp-daemoncontrol-command-injection", + "refsource" : "MISC", + "url" : "https://github.com/LoRexxar/CVE_Request/tree/master/zoneminder%20vul%20before%20v1.32.3#includesfunctionsphp-daemoncontrol-command-injection" + } + ] + } +} diff --git a/2019/8xxx/CVE-2019-8428.json b/2019/8xxx/CVE-2019-8428.json new file mode 100644 index 00000000000..7892796151c --- /dev/null +++ b/2019/8xxx/CVE-2019-8428.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-8428", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "ZoneMinder before 1.32.3 has SQL Injection via the skins/classic/views/control.php groupSql parameter, as demonstrated by a newGroup[MonitorIds][] value." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/LoRexxar/CVE_Request/tree/master/zoneminder%20vul%20before%20v1.32.3#skinsclassicviewscontrolphp-line-35-second-order-sqli", + "refsource" : "MISC", + "url" : "https://github.com/LoRexxar/CVE_Request/tree/master/zoneminder%20vul%20before%20v1.32.3#skinsclassicviewscontrolphp-line-35-second-order-sqli" + }, + { + "name" : "https://www.seebug.org/vuldb/ssvid-97765", + "refsource" : "MISC", + "url" : "https://www.seebug.org/vuldb/ssvid-97765" + } + ] + } +} diff --git a/2019/8xxx/CVE-2019-8429.json b/2019/8xxx/CVE-2019-8429.json new file mode 100644 index 00000000000..c0041060ba4 --- /dev/null +++ b/2019/8xxx/CVE-2019-8429.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-8429", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "ZoneMinder before 1.32.3 has SQL Injection via the ajax/status.php filter[Query][terms][0][cnj] parameter." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/LoRexxar/CVE_Request/tree/master/zoneminder%20vul%20before%20v1.32.3#ajaxstatusphp-line-393-sql-injection", + "refsource" : "MISC", + "url" : "https://github.com/LoRexxar/CVE_Request/tree/master/zoneminder%20vul%20before%20v1.32.3#ajaxstatusphp-line-393-sql-injection" + }, + { + "name" : "https://www.seebug.org/vuldb/ssvid-97762", + "refsource" : "MISC", + "url" : "https://www.seebug.org/vuldb/ssvid-97762" + } + ] + } +} diff --git a/2019/8xxx/CVE-2019-8430.json b/2019/8xxx/CVE-2019-8430.json new file mode 100644 index 00000000000..adc0a9b0f87 --- /dev/null +++ b/2019/8xxx/CVE-2019-8430.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-8430", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2019/8xxx/CVE-2019-8431.json b/2019/8xxx/CVE-2019-8431.json new file mode 100644 index 00000000000..939109d9ff5 --- /dev/null +++ b/2019/8xxx/CVE-2019-8431.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-8431", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2019/8xxx/CVE-2019-8432.json b/2019/8xxx/CVE-2019-8432.json new file mode 100644 index 00000000000..66a0de4098a --- /dev/null +++ b/2019/8xxx/CVE-2019-8432.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-8432", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "In CmsEasy 7.0, there is XSS via the ckplayer.php url parameter." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/fakerrr/CmsEasy_7.0/issues/1", + "refsource" : "MISC", + "url" : "https://github.com/fakerrr/CmsEasy_7.0/issues/1" + } + ] + } +} diff --git a/2019/8xxx/CVE-2019-8433.json b/2019/8xxx/CVE-2019-8433.json new file mode 100644 index 00000000000..9227fc18360 --- /dev/null +++ b/2019/8xxx/CVE-2019-8433.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-8433", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "JTBC(PHP) 3.0.1.8 allows Arbitrary File Upload via the console/#/console/file/manage.php?type=list URI, as demonstrated by a .php file." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/jetiben/jtbc/issues/6", + "refsource" : "MISC", + "url" : "https://github.com/jetiben/jtbc/issues/6" + } + ] + } +} diff --git a/2019/8xxx/CVE-2019-8434.json b/2019/8xxx/CVE-2019-8434.json new file mode 100644 index 00000000000..cf7cb54ed1b --- /dev/null +++ b/2019/8xxx/CVE-2019-8434.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-8434", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "In CmsEasy 7.0, there is XSS via the ckplayer.php autoplay parameter." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/fakerrr/CmsEasy_7.0/issues/2", + "refsource" : "MISC", + "url" : "https://github.com/fakerrr/CmsEasy_7.0/issues/2" + } + ] + } +} diff --git a/2019/8xxx/CVE-2019-8435.json b/2019/8xxx/CVE-2019-8435.json new file mode 100644 index 00000000000..fa718c302e4 --- /dev/null +++ b/2019/8xxx/CVE-2019-8435.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-8435", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "admin/default.php in PHPMyWind v5.5 has XSS via an HTTP Host header." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/gaozhifeng/PHPMyWind/issues/3", + "refsource" : "MISC", + "url" : "https://github.com/gaozhifeng/PHPMyWind/issues/3" + } + ] + } +} diff --git a/2019/8xxx/CVE-2019-8436.json b/2019/8xxx/CVE-2019-8436.json new file mode 100644 index 00000000000..0a6e7abb106 --- /dev/null +++ b/2019/8xxx/CVE-2019-8436.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-8436", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "imcat 4.5 has Stored XSS via the root/run/adm.php fm[instop][note] parameter." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/peacexie/imcat/issues/1", + "refsource" : "MISC", + "url" : "https://github.com/peacexie/imcat/issues/1" + } + ] + } +}