From 1ac04ddbfcf479a4bf98cb4c6a8ee952c6f439d3 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 6 Mar 2025 11:00:32 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2024/13xxx/CVE-2024-13902.json | 104 +++++++++++++++++++++++++++++++-- 2025/27xxx/CVE-2025-27757.json | 18 ++++++ 2025/27xxx/CVE-2025-27758.json | 18 ++++++ 2025/2xxx/CVE-2025-2044.json | 18 ++++++ 4 files changed, 154 insertions(+), 4 deletions(-) create mode 100644 2025/27xxx/CVE-2025-27757.json create mode 100644 2025/27xxx/CVE-2025-27758.json create mode 100644 2025/2xxx/CVE-2025-2044.json diff --git a/2024/13xxx/CVE-2024-13902.json b/2024/13xxx/CVE-2024-13902.json index 4e7fc79732a..61a2ae99af8 100644 --- a/2024/13xxx/CVE-2024-13902.json +++ b/2024/13xxx/CVE-2024-13902.json @@ -1,17 +1,113 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-13902", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability, which was classified as problematic, was found in huang-yk student-manage 1.0. This affects an unknown part of the component Edit a Student Information Page. The manipulation of the argument Class leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "deu", + "value": "Es wurde eine problematische Schwachstelle in huang-yk student-manage 1.0 gefunden. Es betrifft eine unbekannte Funktion der Komponente Edit a Student Information Page. Durch die Manipulation des Arguments Class mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Cross Site Scripting", + "cweId": "CWE-79" + } + ] + }, + { + "description": [ + { + "lang": "eng", + "value": "Code Injection", + "cweId": "CWE-94" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "huang-yk", + "product": { + "product_data": [ + { + "product_name": "student-manage", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.298785", + "refsource": "MISC", + "name": "https://vuldb.com/?id.298785" + }, + { + "url": "https://vuldb.com/?ctiid.298785", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.298785" + }, + { + "url": "https://gitee.com/huang-yk/student-manage/issues/I9UXC4", + "refsource": "MISC", + "name": "https://gitee.com/huang-yk/student-manage/issues/I9UXC4" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "VulDB Gitee Analyzer" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 2.4, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N", + "baseSeverity": "LOW" + }, + { + "version": "3.0", + "baseScore": 2.4, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N", + "baseSeverity": "LOW" + }, + { + "version": "2.0", + "baseScore": 3.3, + "vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N" } ] } diff --git a/2025/27xxx/CVE-2025-27757.json b/2025/27xxx/CVE-2025-27757.json new file mode 100644 index 00000000000..9b3cf55babc --- /dev/null +++ b/2025/27xxx/CVE-2025-27757.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-27757", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/27xxx/CVE-2025-27758.json b/2025/27xxx/CVE-2025-27758.json new file mode 100644 index 00000000000..d9508d7cd74 --- /dev/null +++ b/2025/27xxx/CVE-2025-27758.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-27758", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2025/2xxx/CVE-2025-2044.json b/2025/2xxx/CVE-2025-2044.json new file mode 100644 index 00000000000..912e7717a1b --- /dev/null +++ b/2025/2xxx/CVE-2025-2044.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2025-2044", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file