From 12b2ac5d91b075c30f5c73fe57c38cec17ffdef7 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Sun, 25 Aug 2024 06:00:36 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2024/1xxx/CVE-2024-1430.json | 12 ++++- 2024/8xxx/CVE-2024-8145.json | 100 +++++++++++++++++++++++++++++++++-- 2 files changed, 107 insertions(+), 5 deletions(-) diff --git a/2024/1xxx/CVE-2024-1430.json b/2024/1xxx/CVE-2024-1430.json index 315e8152b9a..8dd434a1f43 100644 --- a/2024/1xxx/CVE-2024-1430.json +++ b/2024/1xxx/CVE-2024-1430.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been found in Netgear R7000 1.0.11.136_10.2.120 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /currentsetting.htm of the component Web Management Interface. The manipulation leads to information disclosure. The exploit has been disclosed to the public and may be used. The identifier VDB-253381 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + "value": "A vulnerability has been found in Netgear R7000 1.0.11.136_10.2.120 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /currentsetting.htm of the component Web Management Interface. The manipulation leads to information disclosure. The exploit has been disclosed to the public and may be used. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." }, { "lang": "deu", @@ -68,10 +68,20 @@ "refsource": "MISC", "name": "https://vuldb.com/?ctiid.253381" }, + { + "url": "https://vuldb.com/?submit.276025", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.276025" + }, { "url": "https://github.com/leetsun/Hints/tree/main/R7000/1", "refsource": "MISC", "name": "https://github.com/leetsun/Hints/tree/main/R7000/1" + }, + { + "url": "https://www.netgear.com/", + "refsource": "MISC", + "name": "https://www.netgear.com/" } ] }, diff --git a/2024/8xxx/CVE-2024-8145.json b/2024/8xxx/CVE-2024-8145.json index a949add3039..4633669c5df 100644 --- a/2024/8xxx/CVE-2024-8145.json +++ b/2024/8xxx/CVE-2024-8145.json @@ -1,17 +1,109 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-8145", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability, which was classified as problematic, has been found in ClassCMS 4.8. Affected by this issue is some unknown functionality of the file /index.php/admin of the component Article Handler. The manipulation of the argument Title leads to basic cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "deu", + "value": "Eine problematische Schwachstelle wurde in ClassCMS 4.8 entdeckt. Es geht hierbei um eine nicht n\u00e4her spezifizierte Funktion der Datei /index.php/admin der Komponente Article Handler. Dank der Manipulation des Arguments Title mit unbekannten Daten kann eine basic cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-80 Basic Cross Site Scripting", + "cweId": "CWE-80" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "n/a", + "product": { + "product_data": [ + { + "product_name": "ClassCMS", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "4.8" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.275726", + "refsource": "MISC", + "name": "https://vuldb.com/?id.275726" + }, + { + "url": "https://vuldb.com/?ctiid.275726", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.275726" + }, + { + "url": "https://vuldb.com/?submit.397219", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.397219" + }, + { + "url": "https://github.com/acmglz/bug2_report/blob/main/classcms_url_jump.md", + "refsource": "MISC", + "name": "https://github.com/acmglz/bug2_report/blob/main/classcms_url_jump.md" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "acmglz (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 2.4, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N", + "baseSeverity": "LOW" + }, + { + "version": "3.0", + "baseScore": 2.4, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N", + "baseSeverity": "LOW" + }, + { + "version": "2.0", + "baseScore": 3.3, + "vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N" } ] }