diff --git a/2020/20xxx/CVE-2020-20093.json b/2020/20xxx/CVE-2020-20093.json index 286fe2f5b9e..1ce17987a43 100644 --- a/2020/20xxx/CVE-2020-20093.json +++ b/2020/20xxx/CVE-2020-20093.json @@ -56,6 +56,11 @@ "url": "https://github.com/zadewg/RIUS", "refsource": "MISC", "name": "https://github.com/zadewg/RIUS" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/166448/RTLO-Injection-URI-Spoofing.html", + "url": "http://packetstormsecurity.com/files/166448/RTLO-Injection-URI-Spoofing.html" } ] } diff --git a/2020/20xxx/CVE-2020-20094.json b/2020/20xxx/CVE-2020-20094.json index 8abcca8ddfd..4cbac779345 100644 --- a/2020/20xxx/CVE-2020-20094.json +++ b/2020/20xxx/CVE-2020-20094.json @@ -56,6 +56,11 @@ "url": "https://github.com/zadewg/RIUS", "refsource": "MISC", "name": "https://github.com/zadewg/RIUS" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/166448/RTLO-Injection-URI-Spoofing.html", + "url": "http://packetstormsecurity.com/files/166448/RTLO-Injection-URI-Spoofing.html" } ] } diff --git a/2020/20xxx/CVE-2020-20095.json b/2020/20xxx/CVE-2020-20095.json index 191a33feb87..8e0afd680c0 100644 --- a/2020/20xxx/CVE-2020-20095.json +++ b/2020/20xxx/CVE-2020-20095.json @@ -56,6 +56,11 @@ "url": "https://github.com/zadewg/RIUS", "refsource": "MISC", "name": "https://github.com/zadewg/RIUS" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/166448/RTLO-Injection-URI-Spoofing.html", + "url": "http://packetstormsecurity.com/files/166448/RTLO-Injection-URI-Spoofing.html" } ] } diff --git a/2020/20xxx/CVE-2020-20096.json b/2020/20xxx/CVE-2020-20096.json index cbced9ada4b..cb5ef08221c 100644 --- a/2020/20xxx/CVE-2020-20096.json +++ b/2020/20xxx/CVE-2020-20096.json @@ -56,6 +56,11 @@ "url": "https://github.com/zadewg/RIUS", "refsource": "MISC", "name": "https://github.com/zadewg/RIUS" + }, + { + "refsource": "MISC", + "name": "http://packetstormsecurity.com/files/166448/RTLO-Injection-URI-Spoofing.html", + "url": "http://packetstormsecurity.com/files/166448/RTLO-Injection-URI-Spoofing.html" } ] } diff --git a/2021/43xxx/CVE-2021-43091.json b/2021/43xxx/CVE-2021-43091.json index f3e125ef5bd..62b7277d55b 100644 --- a/2021/43xxx/CVE-2021-43091.json +++ b/2021/43xxx/CVE-2021-43091.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-43091", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-43091", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An SQL Injection vlnerability exits in Yeswiki doryphore 20211012 via the email parameter in the registration form." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://huntr.dev/bounties/07f245a7-ee9f-4b55-a0cc-13d5cb1be6e0/", + "refsource": "MISC", + "name": "https://huntr.dev/bounties/07f245a7-ee9f-4b55-a0cc-13d5cb1be6e0/" + }, + { + "url": "https://github.com/yeswiki/yeswiki/commit/c9785f9a92744c3475f9676a0d8f95de24750094", + "refsource": "MISC", + "name": "https://github.com/yeswiki/yeswiki/commit/c9785f9a92744c3475f9676a0d8f95de24750094" } ] } diff --git a/2022/1xxx/CVE-2022-1096.json b/2022/1xxx/CVE-2022-1096.json new file mode 100644 index 00000000000..fac21fc5b0d --- /dev/null +++ b/2022/1xxx/CVE-2022-1096.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1096", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/1xxx/CVE-2022-1097.json b/2022/1xxx/CVE-2022-1097.json new file mode 100644 index 00000000000..235ec9f67a1 --- /dev/null +++ b/2022/1xxx/CVE-2022-1097.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-1097", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/25xxx/CVE-2022-25577.json b/2022/25xxx/CVE-2022-25577.json index 46653e8d6bd..aaa6014db50 100644 --- a/2022/25xxx/CVE-2022-25577.json +++ b/2022/25xxx/CVE-2022-25577.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-25577", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-25577", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "ALF-BanCO v8.2.5 and below was discovered to use a hardcoded password to encrypt the SQLite database containing the user's data. Attackers who are able to gain remote or local access to the system are able to read and modify the data." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/ph0nkybit/proof-of-concepts/tree/main/Use_Of_Hardcoded_Password_In_ALF-BanCO_8.2.x", + "refsource": "MISC", + "name": "https://github.com/ph0nkybit/proof-of-concepts/tree/main/Use_Of_Hardcoded_Password_In_ALF-BanCO_8.2.x" } ] } diff --git a/2022/25xxx/CVE-2022-25582.json b/2022/25xxx/CVE-2022-25582.json index 1567a963bc1..ed2ec6648a6 100644 --- a/2022/25xxx/CVE-2022-25582.json +++ b/2022/25xxx/CVE-2022-25582.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-25582", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-25582", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A stored cross-site scripting (XSS) vulnerability in the Column module of ClassCMS v2.5 and below allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Add Articles field." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/k0xx11/Vulscve/blob/master/classcms2.5-xss.md", + "url": "https://github.com/k0xx11/Vulscve/blob/master/classcms2.5-xss.md" } ] } diff --git a/2022/26xxx/CVE-2022-26263.json b/2022/26xxx/CVE-2022-26263.json index 1596cccf248..0fb3c50cde6 100644 --- a/2022/26xxx/CVE-2022-26263.json +++ b/2022/26xxx/CVE-2022-26263.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-26263", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-26263", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Yonyou u8 v13.0 was discovered to contain a DOM-based cross-site scripting (XSS) vulnerability via the component /u8sl/WebHelp." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://yonyou.com", + "refsource": "MISC", + "name": "http://yonyou.com" + }, + { + "url": "https://github.com/k0xx11/Vulscve/blob/master/yonyouu8-xss.md", + "refsource": "MISC", + "name": "https://github.com/k0xx11/Vulscve/blob/master/yonyouu8-xss.md" + }, + { + "url": "https://www.yonyou.com/", + "refsource": "MISC", + "name": "https://www.yonyou.com/" } ] }