admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 02:32:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-01-07 22:00:34 +00:00
parent 62b818dc4b
commit 110afbe71f
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
5 changed files with 569 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

101
2014/125xxx/CVE-2014-125029.json
View File

@ -1,17 +1,110 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2014-125029",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability was found in ttskch PaginationServiceProvider up to 0.x. It has been declared as critical. This vulnerability affects unknown code of the file demo/index.php of the component demo. The manipulation of the argument sort/id leads to sql injection. Upgrading to version 1.0.0 is able to address this issue. The name of the patch is 619de478efce17ece1a3b913ab16e40651e1ea7b. It is recommended to upgrade the affected component. VDB-217150 is the identifier assigned to this vulnerability."
},
{
"lang": "deu",
"value": "In ttskch PaginationServiceProvider bis 0.x wurde eine Schwachstelle ausgemacht. Sie wurde als kritisch eingestuft. Es geht um eine nicht n\u00e4her bekannte Funktion der Datei demo/index.php der Komponente demo. Durch Beeinflussen des Arguments sort/id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Ein Aktualisieren auf die Version 1.0.0 vermag dieses Problem zu l\u00f6sen. Der Patch wird als 619de478efce17ece1a3b913ab16e40651e1ea7b bezeichnet. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 SQL Injection",
"cweId": "CWE-89"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "ttskch",
"product": {
"product_data": [
{
"product_name": "PaginationServiceProvider",
"version": {
"version_data": [
{
"version_value": "0.x",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.217150",
"refsource": "MISC",
"name": "https://vuldb.com/?id.217150"
},
{
"url": "https://vuldb.com/?ctiid.217150",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.217150"
},
{
"url": "https://github.com/ttskch/PaginationServiceProvider/commit/619de478efce17ece1a3b913ab16e40651e1ea7b",
"refsource": "MISC",
"name": "https://github.com/ttskch/PaginationServiceProvider/commit/619de478efce17ece1a3b913ab16e40651e1ea7b"
},
{
"url": "https://github.com/ttskch/PaginationServiceProvider/releases/tag/1.0.0",
"refsource": "MISC",
"name": "https://github.com/ttskch/PaginationServiceProvider/releases/tag/1.0.0"
}
]
},
"credits": [
{
"lang": "en",
"value": "VulDB GitHub Commit Analyzer"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 5.5,
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 5.5,
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 5.2,
"vectorString": "AV:A/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
}
]
}

205
2021/4xxx/CVE-2021-4301.json
View File

@ -1,17 +1,214 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-4301",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability was found in slackero phpwcms up to 1.9.26 and classified as critical. Affected by this issue is some unknown functionality. The manipulation of the argument $phpwcms['db_prepend'] leads to sql injection. The attack may be launched remotely. Upgrading to version 1.9.27 is able to address this issue. The name of the patch is 77dafb6a8cc1015f0777daeb5792f43beef77a9d. It is recommended to upgrade the affected component. VDB-217418 is the identifier assigned to this vulnerability."
},
{
"lang": "deu",
"value": "Eine Schwachstelle wurde in slackero phpwcms bis 1.9.26 gefunden. Sie wurde als kritisch eingestuft. Betroffen davon ist ein unbekannter Prozess. Durch die Manipulation des Arguments $phpwcms['db_prepend'] mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Ein Aktualisieren auf die Version 1.9.27 vermag dieses Problem zu l\u00f6sen. Der Patch wird als 77dafb6a8cc1015f0777daeb5792f43beef77a9d bezeichnet. Als bestm\u00f6gliche Massnahme wird das Einspielen eines Upgrades empfohlen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 SQL Injection",
"cweId": "CWE-89"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "slackero",
"product": {
"product_data": [
{
"product_name": "phpwcms",
"version": {
"version_data": [
{
"version_value": "1.9.0",
"version_affected": "="
},
{
"version_value": "1.9.1",
"version_affected": "="
},
{
"version_value": "1.9.2",
"version_affected": "="
},
{
"version_value": "1.9.3",
"version_affected": "="
},
{
"version_value": "1.9.4",
"version_affected": "="
},
{
"version_value": "1.9.5",
"version_affected": "="
},
{
"version_value": "1.9.6",
"version_affected": "="
},
{
"version_value": "1.9.7",
"version_affected": "="
},
{
"version_value": "1.9.8",
"version_affected": "="
},
{
"version_value": "1.9.9",
"version_affected": "="
},
{
"version_value": "1.9.10",
"version_affected": "="
},
{
"version_value": "1.9.11",
"version_affected": "="
},
{
"version_value": "1.9.12",
"version_affected": "="
},
{
"version_value": "1.9.13",
"version_affected": "="
},
{
"version_value": "1.9.14",
"version_affected": "="
},
{
"version_value": "1.9.15",
"version_affected": "="
},
{
"version_value": "1.9.16",
"version_affected": "="
},
{
"version_value": "1.9.17",
"version_affected": "="
},
{
"version_value": "1.9.18",
"version_affected": "="
},
{
"version_value": "1.9.19",
"version_affected": "="
},
{
"version_value": "1.9.20",
"version_affected": "="
},
{
"version_value": "1.9.21",
"version_affected": "="
},
{
"version_value": "1.9.22",
"version_affected": "="
},
{
"version_value": "1.9.23",
"version_affected": "="
},
{
"version_value": "1.9.24",
"version_affected": "="
},
{
"version_value": "1.9.25",
"version_affected": "="
},
{
"version_value": "1.9.26",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/slackero/phpwcms/releases/tag/v1.9.27",
"refsource": "MISC",
"name": "https://github.com/slackero/phpwcms/releases/tag/v1.9.27"
},
{
"url": "https://vuldb.com/?id.217418",
"refsource": "MISC",
"name": "https://vuldb.com/?id.217418"
},
{
"url": "https://vuldb.com/?ctiid.217418",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.217418"
},
{
"url": "https://github.com/slackero/phpwcms/commit/77dafb6a8cc1015f0777daeb5792f43beef77a9d",
"refsource": "MISC",
"name": "https://github.com/slackero/phpwcms/commit/77dafb6a8cc1015f0777daeb5792f43beef77a9d"
}
]
},
"credits": [
{
"lang": "en",
"value": "VulDB GitHub Commit Analyzer"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 6.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 6.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
}
]
}

91
2022/1xxx/CVE-2022-1101.json
View File

@ -1,17 +1,100 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-1101",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability was found in SourceCodester Royale Event Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /royal_event/userregister.php. The manipulation leads to improper authentication. The attack may be initiated remotely. The identifier VDB-195785 was assigned to this vulnerability."
},
{
"lang": "deu",
"value": "Eine Schwachstelle wurde in SourceCodester Royale Event Management System 1.0 ausgemacht. Sie wurde als kritisch eingestuft. Davon betroffen ist unbekannter Code der Datei /royal_event/userregister.php. Durch das Manipulieren mit unbekannten Daten kann eine improper authentication-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-287 Improper Authentication",
"cweId": "CWE-287"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "SourceCodester",
"product": {
"product_data": [
{
"product_name": "Royale Event Management System",
"version": {
"version_data": [
{
"version_value": "1.0",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.195785",
"refsource": "MISC",
"name": "https://vuldb.com/?id.195785"
},
{
"url": "https://vuldb.com/?ctiid.195785",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.195785"
}
]
},
"credits": [
{
"lang": "en",
"value": "mrempy (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 7.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "HIGH"
},
{
"version": "3.0",
"baseScore": 7.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "HIGH"
},
{
"version": "2.0",
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseSeverity": "HIGH"
}
]
}

96
2022/1xxx/CVE-2022-1102.json
View File

@ -1,17 +1,105 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-1102",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability classified as problematic has been found in SourceCodester Royale Event Management System 1.0. Affected is an unknown function of the file /royal_event/companyprofile.php. The manipulation of the argument companyname/regno/companyaddress/companyemail leads to cross site scripting. It is possible to launch the attack remotely. VDB-195786 is the identifier assigned to this vulnerability."
},
{
"lang": "deu",
"value": "Es wurde eine problematische Schwachstelle in SourceCodester Royale Event Management System 1.0 entdeckt. Hiervon betroffen ist ein unbekannter Codeblock der Datei /royal_event/companyprofile.php. Durch Manipulieren des Arguments companyname/regno/companyaddress/companyemail mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross Site Scripting",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "SourceCodester",
"product": {
"product_data": [
{
"product_name": "Royale Event Management System",
"version": {
"version_data": [
{
"version_value": "1.0",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.195786",
"refsource": "MISC",
"name": "https://vuldb.com/?id.195786"
},
{
"url": "https://vuldb.com/?ctiid.195786",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.195786"
},
{
"url": "https://www.sourcecodester.com/php/15238/event-management-system-project-php-source-code.html?",
"refsource": "MISC",
"name": "https://www.sourcecodester.com/php/15238/event-management-system-project-php-source-code.html?"
}
]
},
"credits": [
{
"lang": "en",
"value": "mrempy (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 4.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 4.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
}
]
}

96
2022/2xxx/CVE-2022-2666.json
View File

@ -1,17 +1,105 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-2666",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability has been found in SourceCodester Loan Management System and classified as critical. This vulnerability affects unknown code of the file login.php. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-205618 is the identifier assigned to this vulnerability."
},
{
"lang": "deu",
"value": "In SourceCodester Loan Management System wurde eine kritische Schwachstelle gefunden. Dabei geht es um eine nicht genauer bekannte Funktion der Datei login.php. Mittels Manipulieren des Arguments username mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 SQL Injection",
"cweId": "CWE-89"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "SourceCodester",
"product": {
"product_data": [
{
"product_name": "Loan Management System",
"version": {
"version_data": [
{
"version_value": "n/a",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://github.com/cxaqhq/Loan-Management-System-Sqlinjection",
"refsource": "MISC",
"name": "https://github.com/cxaqhq/Loan-Management-System-Sqlinjection"
},
{
"url": "https://vuldb.com/?id.205618",
"refsource": "MISC",
"name": "https://vuldb.com/?id.205618"
},
{
"url": "https://vuldb.com/?ctiid.205618",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.205618"
}
]
},
"credits": [
{
"lang": "en",
"value": "cxaqhq (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 6.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 6.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
}
]
}