admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-05 10:18:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-02-03 15:01:20 +00:00
parent ee00015890
commit 2458320c90
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
11 changed files with 493 additions and 22 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
2013/2xxx/CVE-2013-2621.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-2621",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Open Redirection Vulnerability in the redir.php script in Telaen before 1.3.1 allows remote attackers to redirect victims to arbitrary websites via a crafted URL."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "BID",
"name": "60290",
"url": "http://www.securityfocus.com/bid/60290"
},
{
"refsource": "XF",
"name": "84683",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84683"
},
{
"refsource": "MISC",
"name": "https://www.isecauditors.com/advisories-2013#2013-009",
"url": "https://www.isecauditors.com/advisories-2013#2013-009"
}
]
}

53
2013/2xxx/CVE-2013-2622.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-2622",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site Scripting (XSS) in UebiMiau 2.7.11 and earlier allows remote attackers to inject arbitrary web script or HTML via the \"selected_theme\" parameter in error.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "XF",
"name": "87807",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/87807"
},
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/123557/Uebimiau-2.7.11-Cross-Site-Scripting-Open-Redirection.html",
"url": "https://packetstormsecurity.com/files/123557/Uebimiau-2.7.11-Cross-Site-Scripting-Open-Redirection.html"
}
]
}

58
2013/2xxx/CVE-2013-2623.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-2623",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site Scripting (XSS) in Telaen before 1.3.1 allows remote attackers to inject arbitrary web script or HTML via the \"f_email\" parameter in index.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "BID",
"name": "60288",
"url": "http://www.securityfocus.com/bid/60288"
},
{
"refsource": "MISC",
"name": "https://www.isecauditors.com/advisories-2013#2013-009",
"url": "https://www.isecauditors.com/advisories-2013#2013-009"
},
{
"refsource": "XF",
"name": "84684",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84684"
}
]
}

53
2013/2xxx/CVE-2013-2624.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-2624",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Telean before 1.3.1 contains a full path disclosure vulnerability which could allow remote attackers to obtain sensitive information through a specially crafted URL request."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.isecauditors.com/advisories-2013#2013-009",
"url": "https://www.isecauditors.com/advisories-2013#2013-009"
},
{
"refsource": "XF",
"name": "84685",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/84685"
}
]
}

53
2013/2xxx/CVE-2013-2631.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2013-2631",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "TinyWebGallery (TWG) 1.8.9 and earlier contains a full path disclosure vulnerability which allows remote attackers to obtain sensitive information through the parameters \"twg_browserx\" and \"twg_browsery\" in the page image.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.isecauditors.com/advisories-2013#2013-012",
"url": "https://www.isecauditors.com/advisories-2013#2013-012"
},
{
"refsource": "MISC",
"name": "https://packetstormsecurity.com/files/121128/TinyWebGallery-1.8.9-Path-Disclosure.html",
"url": "https://packetstormsecurity.com/files/121128/TinyWebGallery-1.8.9-Path-Disclosure.html"
}
]
}

77
2019/19xxx/CVE-2019-19119.json Normal file
View File

@ -0,0 +1,77 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19119",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "An issue was discovered in PRTG 7.x through 19.4.53. Due to insufficient access control on local registry keys for the Core Server Service, a non-administrative user on the local machine is able to access administrative credentials."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://blog.paessler.com",
"refsource": "MISC",
"name": "https://blog.paessler.com"
},
{
"refsource": "MISC",
"name": "https://blog.paessler.com/prtg-release-19.4.54-includes-2-brand-new-sensors-for-disk-and-storage",
"url": "https://blog.paessler.com/prtg-release-19.4.54-includes-2-brand-new-sensors-for-disk-and-storage"
},
{
"refsource": "MISC",
"name": "https://www.paessler.com/prtg/history/preview",
"url": "https://www.paessler.com/prtg/history/preview"
},
{
"refsource": "MISC",
"name": "https://www.ptsecurity.com/ww-en/about/news/positive-technologies-helps-in-eliminating-vulnerability-in-software-for-monitoring-visualizing-and-controlling-conditions-of-it-infrastructure/",
"url": "https://www.ptsecurity.com/ww-en/about/news/positive-technologies-helps-in-eliminating-vulnerability-in-software-for-monitoring-visualizing-and-controlling-conditions-of-it-infrastructure/"
}
]
}
}

5
2020/7xxx/CVE-2020-7471.json
View File

@ -76,6 +76,11 @@
"refsource": "MLIST",
"name": "[oss-security] 20200203 Django 3.0.3, 2.2.10 and 1.11.28: CVE-2020-7471: Potential SQL injection via ``StringAgg(delimiter)``",
"url": "http://www.openwall.com/lists/oss-security/2020/02/03/1"
},
{
"refsource": "CONFIRM",
"name": "https://github.com/django/django/commit/eb31d845323618d688ad429479c6dda973056136",
"url": "https://github.com/django/django/commit/eb31d845323618d688ad429479c6dda973056136"
}
]
}

61
2020/7xxx/CVE-2020-7993.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-7993",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-7993",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Prototype 1.6.0.1 allows remote authenticated users to forge ticket creation (on behalf of other user accounts) via a modified email ID field."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/prototypejs/prototype/blob/master/CHANGELOG",
"refsource": "MISC",
"name": "https://github.com/prototypejs/prototype/blob/master/CHANGELOG"
},
{
"refsource": "MISC",
"name": "https://medium.com/@vbharad/improper-access-control-vulnerability-in-prototype-1-6-0-1-framework-379cc3a05079",
"url": "https://medium.com/@vbharad/improper-access-control-vulnerability-in-prototype-1-6-0-1-framework-379cc3a05079"
}
]
}

61
2020/8xxx/CVE-2020-8510.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8510",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-8510",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in phpABook 0.9 Intermediate. On the login page, if one sets a userInfo cookie with the value of admin+1+en (user+perms+lang), one can login as any user without a password."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://sourceforge.net/p/phpabook/news/",
"refsource": "MISC",
"name": "https://sourceforge.net/p/phpabook/news/"
},
{
"refsource": "MISC",
"name": "https://0xem.ma/cve/2020/01/31/CVE-2020-8510.html",
"url": "https://0xem.ma/cve/2020/01/31/CVE-2020-8510.html"
}
]
}

18
2020/8xxx/CVE-2020-8539.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8539",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2020/8xxx/CVE-2020-8540.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-8540",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}