admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-30 18:04:30 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-08-09 11:00:58 +00:00
parent e6444d9a26
commit 13826056b5
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
7 changed files with 394 additions and 317 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

180
2021/24xxx/CVE-2021-24500.json
View File

@ -1,96 +1,96 @@
{
"CVE_data_meta": {
"ID": "CVE-2021-24500",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Workreap theme < 2.2.2 - Multiple CSRF + IDOR Vulnerabilities"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Workreap",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.2.2",
"version_value": "2.2.2"
"CVE_data_meta": {
"ID": "CVE-2021-24500",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Workreap theme < 2.2.2 - Multiple CSRF + IDOR Vulnerabilities"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Workreap",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.2.2",
"version_value": "2.2.2"
}
]
}
}
]
}
]
}
}
]
}
}
]
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Several AJAX actions available in the Workreap WordPress theme before 2.2.2 lacked CSRF protections, as well as allowing insecure direct object references that were not validated. This allows an attacker to trick a logged in user to submit a POST request to the vulnerable site, potentially modifying or deleting arbitrary objects on the target site."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://jetpack.com/2021/07/07/multiple-vulnerabilities-in-workreap-theme/",
"name": "https://jetpack.com/2021/07/07/multiple-vulnerabilities-in-workreap-theme/"
},
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/0c4b5ecc-54d0-45ec-9f92-b2ca3cadbe56",
"name": "https://wpscan.com/vulnerability/0c4b5ecc-54d0-45ec-9f92-b2ca3cadbe56"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-283 Unverified Ownership",
"lang": "eng"
}
]
},
{
"description": [
{
"value": "CWE-284 Improper Access Control",
"lang": "eng"
}
]
},
{
"description": [
{
"value": "CWE-862 Missing Authorization",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Harald Eilertsen (Jetpack)"
}
],
"source": {
"discovery": "UNKNOWN"
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Several AJAX actions available in the Workreap WordPress theme before 2.2.2 lacked CSRF protections, as well as allowing insecure direct object references that were not validated. This allows an attacker to trick a logged in user to submit a POST request to the vulnerable site, potentially modifying or deleting arbitrary objects on the target site."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/0c4b5ecc-54d0-45ec-9f92-b2ca3cadbe56",
"name": "https://wpscan.com/vulnerability/0c4b5ecc-54d0-45ec-9f92-b2ca3cadbe56"
},
{
"refsource": "MISC",
"url": "https://jetpack.com/2021/07/07/multiple-vulnerabilities-in-workreap-theme/",
"name": "https://jetpack.com/2021/07/07/multiple-vulnerabilities-in-workreap-theme/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-283 Unverified Ownership",
"lang": "eng"
}
]
},
{
"description": [
{
"value": "CWE-284 Improper Access Control",
"lang": "eng"
}
]
},
{
"description": [
{
"value": "CWE-862 Missing Authorization",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Harald Eilertsen (Jetpack)"
}
],
"source": {
"discovery": "UNKNOWN"
}
}
}

160
2021/24xxx/CVE-2021-24501.json
View File

@ -1,88 +1,88 @@
{
"CVE_data_meta": {
"ID": "CVE-2021-24501",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Workreap theme < 2.2.2 - Missing Authorization Checks in Ajax Actions"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Workreap",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.2.2",
"version_value": "2.2.2"
"CVE_data_meta": {
"ID": "CVE-2021-24501",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Workreap theme < 2.2.2 - Missing Authorization Checks in Ajax Actions"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Workreap",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.2.2",
"version_value": "2.2.2"
}
]
}
}
]
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Workreap WordPress theme before 2.2.2 had several AJAX actions missing authorization checks to verify that a user was authorized to perform critical operations such as modifying or deleting objects. This allowed a logged in user to modify or delete objects belonging to other users on the site."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/66e4aaf4-5ef7-4da8-a45c-e24f449c363e",
"name": "https://wpscan.com/vulnerability/66e4aaf4-5ef7-4da8-a45c-e24f449c363e"
},
{
"refsource": "MISC",
"url": "https://jetpack.com/2021/07/07/multiple-vulnerabilities-in-workreap-theme/",
"name": "https://jetpack.com/2021/07/07/multiple-vulnerabilities-in-workreap-theme/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-283 Unverified Ownership",
"lang": "eng"
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Workreap WordPress theme before 2.2.2 had several AJAX actions missing authorization checks to verify that a user was authorized to perform critical operations such as modifying or deleting objects. This allowed a logged in user to modify or delete objects belonging to other users on the site."
}
]
},
{
"description": [
{
"value": "CWE-862 Missing Authorization",
"lang": "eng"
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://jetpack.com/2021/07/07/multiple-vulnerabilities-in-workreap-theme/",
"name": "https://jetpack.com/2021/07/07/multiple-vulnerabilities-in-workreap-theme/"
},
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/66e4aaf4-5ef7-4da8-a45c-e24f449c363e",
"name": "https://wpscan.com/vulnerability/66e4aaf4-5ef7-4da8-a45c-e24f449c363e"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Harald Eilertsen (Jetpack)"
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-283 Unverified Ownership",
"lang": "eng"
}
]
},
{
"description": [
{
"value": "CWE-862 Missing Authorization",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Harald Eilertsen (Jetpack)"
}
],
"source": {
"discovery": "UNKNOWN"
}
],
"source": {
"discovery": "UNKNOWN"
}
}
}

146
2021/24xxx/CVE-2021-24520.json
View File

@ -1,80 +1,80 @@
{
"CVE_data_meta": {
"ID": "CVE-2021-24520",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Stock in & out <= 1.0.4 - Authenticated SQL Injection"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Stock in & out",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "1.0.4",
"version_value": "1.0.4"
"CVE_data_meta": {
"ID": "CVE-2021-24520",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Stock in & out <= 1.0.4 - Authenticated SQL Injection"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "Stock in & out",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "1.0.4",
"version_value": "1.0.4"
}
]
}
}
]
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Stock in & out WordPress plugin through 1.0.4 lacks proper sanitization before passing variables to an SQL request, making it vulnerable to SQL Injection attacks. Users with a role of contributor or higher can exploit this vulnerability."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/f903aadd-17af-4ddf-8635-abb3338ac815",
"name": "https://wpscan.com/vulnerability/f903aadd-17af-4ddf-8635-abb3338ac815"
},
{
"refsource": "MISC",
"url": "https://github.com/pang0lin/CVEproject/blob/main/wordpress_Stock-in-and-out_sqli.md",
"name": "https://github.com/pang0lin/CVEproject/blob/main/wordpress_Stock-in-and-out_sqli.md"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-89 SQL Injection",
"lang": "eng"
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Stock in & out WordPress plugin through 1.0.4 lacks proper sanitization before passing variables to an SQL request, making it vulnerable to SQL Injection attacks. Users with a role of contributor or higher can exploit this vulnerability."
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "pang0lin"
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://github.com/pang0lin/CVEproject/blob/main/wordpress_Stock-in-and-out_sqli.md",
"name": "https://github.com/pang0lin/CVEproject/blob/main/wordpress_Stock-in-and-out_sqli.md"
},
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/f903aadd-17af-4ddf-8635-abb3338ac815",
"name": "https://wpscan.com/vulnerability/f903aadd-17af-4ddf-8635-abb3338ac815"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-89 SQL Injection",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "pang0lin"
}
],
"source": {
"discovery": "UNKNOWN"
}
],
"source": {
"discovery": "UNKNOWN"
}
}
}

136
2021/24xxx/CVE-2021-24522.json
View File

@ -1,75 +1,75 @@
{
"CVE_data_meta": {
"ID": "CVE-2021-24522",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "ProfilePress < 3.1.11 - Unauthenticated Cross-Site Scripting (XSS) in tabbed login/register widget"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "User Registration, User Profile, Login & Membership ProfilePress (Formerly WP User Avatar)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3.1.11",
"version_value": "3.1.11"
"CVE_data_meta": {
"ID": "CVE-2021-24522",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "ProfilePress < 3.1.11 - Unauthenticated Cross-Site Scripting (XSS) in tabbed login/register widget"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Unknown",
"product": {
"product_data": [
{
"product_name": "User Registration, User Profile, Login & Membership \u2013 ProfilePress (Formerly WP User Avatar)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "3.1.11",
"version_value": "3.1.11"
}
]
}
}
]
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The User Registration, User Profile, Login & Membership ProfilePress (Formerly WP User Avatar) WordPress plugin before 3.1.11's widget for tabbed login/register was not properly escaped and could be used in an XSS attack which could lead to wp-admin access. Further, the plugin in several places assigned $_POST as $_GET which meant that in some cases this could be replicated with just $_GET parameters and no need for $_POST values."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/25b51add-197c-4aff-b1a8-b92fb11d8697",
"name": "https://wpscan.com/vulnerability/25b51add-197c-4aff-b1a8-b92fb11d8697"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The User Registration, User Profile, Login & Membership \u2013 ProfilePress (Formerly WP User Avatar) WordPress plugin before 3.1.11's widget for tabbed login/register was not properly escaped and could be used in an XSS attack which could lead to wp-admin access. Further, the plugin in several places assigned $_POST as $_GET which meant that in some cases this could be replicated with just $_GET parameters and no need for $_POST values."
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Stiofan"
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/25b51add-197c-4aff-b1a8-b92fb11d8697",
"name": "https://wpscan.com/vulnerability/25b51add-197c-4aff-b1a8-b92fb11d8697"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-79 Cross-site Scripting (XSS)",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Stiofan"
}
],
"source": {
"discovery": "UNKNOWN"
}
],
"source": {
"discovery": "UNKNOWN"
}
}
}

10
2021/26xxx/CVE-2021-26291.json
View File

@ -203,6 +203,16 @@
"refsource": "MLIST",
"name": "[karaf-issues] 20210720 [jira] [Commented] (KARAF-7224) Impact of CVE-2021-26291 on Karaf",
"url": "https://lists.apache.org/thread.html/r96cc126d3ee9aa42af9d3bb4baa94828b0a5f656584a50dcc594125f@%3Cissues.karaf.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[druid-commits] 20210809 [GitHub] [druid] abhishekagarwal87 opened a new pull request #11562: suppress CVE-2021-26291 on kafka-clients",
"url": "https://lists.apache.org/thread.html/ra9d984eccfd2ae7726671e025f0296bf03786e5cdf872138110ac29b@%3Ccommits.druid.apache.org%3E"
},
{
"refsource": "MLIST",
"name": "[kafka-jira] 20210809 [jira] [Commented] (KAFKA-12820) Upgrade maven-artifact dependency to resolve CVE-2021-26291",
"url": "https://lists.apache.org/thread.html/r0d083314aa3934dd4b6e6970d1f6ee50f6eaa9d867deb2cd96788478@%3Cjira.kafka.apache.org%3E"
}
]
},

61
2021/38xxx/CVE-2021-38290.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-38290",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-38290",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A host header attack vulnerability exists in FUEL CMS 1.5.0 through fuel/modules/fuel/config/fuel_constants.php and fuel/modules/fuel/libraries/Asset.php. An attacker can use a man in the middle attack such as phishing."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/daylightstudio/FUEL-CMS/issues/580",
"refsource": "MISC",
"name": "https://github.com/daylightstudio/FUEL-CMS/issues/580"
},
{
"url": "https://github.com/daylightstudio/FUEL-CMS/commit/8a0d88ad6869623c90e24b3b2ea33352049d39a7",
"refsource": "MISC",
"name": "https://github.com/daylightstudio/FUEL-CMS/commit/8a0d88ad6869623c90e24b3b2ea33352049d39a7"
}
]
}

18
2021/38xxx/CVE-2021-38295.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-38295",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}