From 162d887dd40dcaf9a976da2dab54c1366d858ee6 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 31 Aug 2021 14:00:59 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2020/19xxx/CVE-2020-19046.json | 56 ++++++++++++++++++++++++++++++---- 2020/19xxx/CVE-2020-19047.json | 56 ++++++++++++++++++++++++++++++---- 2020/19xxx/CVE-2020-19048.json | 56 ++++++++++++++++++++++++++++++---- 2020/19xxx/CVE-2020-19049.json | 56 ++++++++++++++++++++++++++++++---- 2021/21xxx/CVE-2021-21677.json | 3 +- 2021/21xxx/CVE-2021-21678.json | 3 +- 2021/21xxx/CVE-2021-21679.json | 3 +- 2021/21xxx/CVE-2021-21680.json | 3 +- 2021/21xxx/CVE-2021-21681.json | 3 +- 2021/3xxx/CVE-2021-3754.json | 18 +++++++++++ 10 files changed, 228 insertions(+), 29 deletions(-) create mode 100644 2021/3xxx/CVE-2021-3754.json diff --git a/2020/19xxx/CVE-2020-19046.json b/2020/19xxx/CVE-2020-19046.json index ee837159799..db127f4ffaa 100644 --- a/2020/19xxx/CVE-2020-19046.json +++ b/2020/19xxx/CVE-2020-19046.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-19046", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-19046", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross Site Scripting (XSS) in S-CMS v1.0 allows remote attackers to execute arbitrary code via the component '/admin/tpl.php?page='." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/Aoyanm/audit/issues/1", + "refsource": "MISC", + "name": "https://github.com/Aoyanm/audit/issues/1" } ] } diff --git a/2020/19xxx/CVE-2020-19047.json b/2020/19xxx/CVE-2020-19047.json index e87308ffdf7..30109166cf5 100644 --- a/2020/19xxx/CVE-2020-19047.json +++ b/2020/19xxx/CVE-2020-19047.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-19047", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-19047", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross Site Request Forgey (CSRF) in iWebShop v5.3 allows remote atatckers to execute arbitrary code via malicious POST request to the component '/index.php?controller=system&action=admin_edit_act'." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/Aoyanm/audit/issues/2", + "refsource": "MISC", + "name": "https://github.com/Aoyanm/audit/issues/2" } ] } diff --git a/2020/19xxx/CVE-2020-19048.json b/2020/19xxx/CVE-2020-19048.json index 6e82fb53744..7c548908869 100644 --- a/2020/19xxx/CVE-2020-19048.json +++ b/2020/19xxx/CVE-2020-19048.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-19048", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-19048", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross Site Scripting (XSS) in MyBB v1.8.20 allows remote attackers to inject arbitrary web script or HTML via the \"Title\" field found in the \"Add New Forum\" page by doing an authenticated POST HTTP request to '/Upload/admin/index.php?module=forum-management&action=add'." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/joelister/bug/issues/1", + "refsource": "MISC", + "name": "https://github.com/joelister/bug/issues/1" } ] } diff --git a/2020/19xxx/CVE-2020-19049.json b/2020/19xxx/CVE-2020-19049.json index 21dea67a109..6b2156da9b0 100644 --- a/2020/19xxx/CVE-2020-19049.json +++ b/2020/19xxx/CVE-2020-19049.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-19049", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-19049", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Cross Site Scripting (XSS) in MyBB v1.8.20 allows remote attackers to inject arbitrary web script or HTML via the \"Description\" field found in the \"Add New Forum\" page by doing an authenticated POST HTTP request to '/Upload/admin/index.php?module=forum-management&action=add'." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/joelister/bug/issues/2", + "refsource": "MISC", + "name": "https://github.com/joelister/bug/issues/2" } ] } diff --git a/2021/21xxx/CVE-2021-21677.json b/2021/21xxx/CVE-2021-21677.json index 634a459a353..d48b4a955fd 100644 --- a/2021/21xxx/CVE-2021-21677.json +++ b/2021/21xxx/CVE-2021-21677.json @@ -1,7 +1,8 @@ { "CVE_data_meta": { "ID": "CVE-2021-21677", - "ASSIGNER": "jenkinsci-cert@googlegroups.com" + "ASSIGNER": "jenkinsci-cert@googlegroups.com", + "STATE": "PUBLIC" }, "affects": { "vendor": { diff --git a/2021/21xxx/CVE-2021-21678.json b/2021/21xxx/CVE-2021-21678.json index aaf60ff7376..bb52a27cfb3 100644 --- a/2021/21xxx/CVE-2021-21678.json +++ b/2021/21xxx/CVE-2021-21678.json @@ -1,7 +1,8 @@ { "CVE_data_meta": { "ID": "CVE-2021-21678", - "ASSIGNER": "jenkinsci-cert@googlegroups.com" + "ASSIGNER": "jenkinsci-cert@googlegroups.com", + "STATE": "PUBLIC" }, "affects": { "vendor": { diff --git a/2021/21xxx/CVE-2021-21679.json b/2021/21xxx/CVE-2021-21679.json index 355223ac0a0..7d7af7169f9 100644 --- a/2021/21xxx/CVE-2021-21679.json +++ b/2021/21xxx/CVE-2021-21679.json @@ -1,7 +1,8 @@ { "CVE_data_meta": { "ID": "CVE-2021-21679", - "ASSIGNER": "jenkinsci-cert@googlegroups.com" + "ASSIGNER": "jenkinsci-cert@googlegroups.com", + "STATE": "PUBLIC" }, "affects": { "vendor": { diff --git a/2021/21xxx/CVE-2021-21680.json b/2021/21xxx/CVE-2021-21680.json index aca96a26f27..cd1354b2778 100644 --- a/2021/21xxx/CVE-2021-21680.json +++ b/2021/21xxx/CVE-2021-21680.json @@ -1,7 +1,8 @@ { "CVE_data_meta": { "ID": "CVE-2021-21680", - "ASSIGNER": "jenkinsci-cert@googlegroups.com" + "ASSIGNER": "jenkinsci-cert@googlegroups.com", + "STATE": "PUBLIC" }, "affects": { "vendor": { diff --git a/2021/21xxx/CVE-2021-21681.json b/2021/21xxx/CVE-2021-21681.json index 128db5a9549..10ab87f12be 100644 --- a/2021/21xxx/CVE-2021-21681.json +++ b/2021/21xxx/CVE-2021-21681.json @@ -1,7 +1,8 @@ { "CVE_data_meta": { "ID": "CVE-2021-21681", - "ASSIGNER": "jenkinsci-cert@googlegroups.com" + "ASSIGNER": "jenkinsci-cert@googlegroups.com", + "STATE": "PUBLIC" }, "affects": { "vendor": { diff --git a/2021/3xxx/CVE-2021-3754.json b/2021/3xxx/CVE-2021-3754.json new file mode 100644 index 00000000000..63db6fd3a0c --- /dev/null +++ b/2021/3xxx/CVE-2021-3754.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2021-3754", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file