From 2aef27ad4580016120b77354f7ffa40b881d483f Mon Sep 17 00:00:00 2001 From: CVE Team Date: Sat, 13 Jan 2024 21:00:38 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2022/4xxx/CVE-2022-4603.json | 5 ++ 2024/0xxx/CVE-2024-0333.json | 5 ++ 2024/0xxx/CVE-2024-0503.json | 95 ++++++++++++++++++++++++++++++-- 2024/0xxx/CVE-2024-0504.json | 103 +++++++++++++++++++++++++++++++++-- 4 files changed, 200 insertions(+), 8 deletions(-) diff --git a/2022/4xxx/CVE-2022-4603.json b/2022/4xxx/CVE-2022-4603.json index 10dd9160df4..d08746dd339 100644 --- a/2022/4xxx/CVE-2022-4603.json +++ b/2022/4xxx/CVE-2022-4603.json @@ -71,6 +71,11 @@ "url": "https://vuldb.com/?id.216198", "refsource": "MISC", "name": "https://vuldb.com/?id.216198" + }, + { + "refsource": "FEDORA", + "name": "FEDORA-2024-f0f2f19820", + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/J43NP7ABHOCIWOFHWCH6ZCZOYKZH6723/" } ] } diff --git a/2024/0xxx/CVE-2024-0333.json b/2024/0xxx/CVE-2024-0333.json index 88546b1891f..d1d36c6a19d 100644 --- a/2024/0xxx/CVE-2024-0333.json +++ b/2024/0xxx/CVE-2024-0333.json @@ -68,6 +68,11 @@ "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPYCYENYQYADCOS6XG4JITUVRZ6HTE2B/", "refsource": "MISC", "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/IPYCYENYQYADCOS6XG4JITUVRZ6HTE2B/" + }, + { + "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BXC7FJIAZRY3P72XC4Z4UOW2QDA7YX7/", + "refsource": "MISC", + "name": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4BXC7FJIAZRY3P72XC4Z4UOW2QDA7YX7/" } ] } diff --git a/2024/0xxx/CVE-2024-0503.json b/2024/0xxx/CVE-2024-0503.json index 609db8074c5..4ad20ca614a 100644 --- a/2024/0xxx/CVE-2024-0503.json +++ b/2024/0xxx/CVE-2024-0503.json @@ -1,17 +1,104 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-0503", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability was found in code-projects Online FIR System 1.0. It has been classified as problematic. This affects an unknown part of the file registercomplaint.php. The manipulation of the argument Name/Address leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-250611." + }, + { + "lang": "deu", + "value": "Es wurde eine Schwachstelle in code-projects Online FIR System 1.0 ausgemacht. Sie wurde als problematisch eingestuft. Hiervon betroffen ist ein unbekannter Codeblock der Datei registercomplaint.php. Durch das Beeinflussen des Arguments Name/Address mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross Site Scripting", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "code-projects", + "product": { + "product_data": [ + { + "product_name": "Online FIR System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.250611", + "refsource": "MISC", + "name": "https://vuldb.com/?id.250611" + }, + { + "url": "https://vuldb.com/?ctiid.250611", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.250611" + }, + { + "url": "https://drive.google.com/file/d/1n9Zas-iSOfKVMN3UzPyVGgQgCmig2A5I/view?usp=sharing", + "refsource": "MISC", + "name": "https://drive.google.com/file/d/1n9Zas-iSOfKVMN3UzPyVGgQgCmig2A5I/view?usp=sharing" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "cyb3rpunk (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 3.5, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseSeverity": "LOW" + }, + { + "version": "3.0", + "baseScore": 3.5, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseSeverity": "LOW" + }, + { + "version": "2.0", + "baseScore": 4, + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N" } ] } diff --git a/2024/0xxx/CVE-2024-0504.json b/2024/0xxx/CVE-2024-0504.json index 9f5357fe0c4..86ca964f3cb 100644 --- a/2024/0xxx/CVE-2024-0504.json +++ b/2024/0xxx/CVE-2024-0504.json @@ -1,17 +1,112 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-0504", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability has been found in code-projects Simple Online Hotel Reservation System 1.0 and classified as problematic. This vulnerability affects unknown code of the file add_reserve.php of the component Make a Reservation Page. The manipulation of the argument Firstname/Lastname with the input leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-250618 is the identifier assigned to this vulnerability." + }, + { + "lang": "deu", + "value": "In code-projects Simple Online Hotel Reservation System 1.0 wurde eine problematische Schwachstelle gefunden. Dabei geht es um eine nicht genauer bekannte Funktion der Datei add_reserve.php der Komponente Make a Reservation Page. Mittels dem Manipulieren des Arguments Firstname/Lastname mit der Eingabe mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross Site Scripting", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "code-projects", + "product": { + "product_data": [ + { + "product_name": "Simple Online Hotel Reservation System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.250618", + "refsource": "MISC", + "name": "https://vuldb.com/?id.250618" + }, + { + "url": "https://vuldb.com/?ctiid.250618", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.250618" + }, + { + "url": "https://drive.google.com/file/d/1BIa4jfZ9FbW9d7O3tRdAKF3tb6b5NUB6/view?usp=sharing", + "refsource": "MISC", + "name": "https://drive.google.com/file/d/1BIa4jfZ9FbW9d7O3tRdAKF3tb6b5NUB6/view?usp=sharing" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Adarsh C" + }, + { + "lang": "en", + "value": "mallutrojan (VulDB User)" + }, + { + "lang": "en", + "value": "mallutrojan (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 3.5, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseSeverity": "LOW" + }, + { + "version": "3.0", + "baseScore": 3.5, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseSeverity": "LOW" + }, + { + "version": "2.0", + "baseScore": 4, + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N" } ] }