admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 18:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-02-18 19:01:11 +00:00
parent 2f713c2059
commit 2bed3fccae
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
4 changed files with 205 additions and 107 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
2021/43xxx/CVE-2021-43062.json
View File

@ -11,21 +11,21 @@
"vendor": {
"vendor_data": [
{
"vendor_name": "Fortinet",
"product": {
"product_data": [
{
"product_name": "n/a",
"product_name": "Fortinet FortiMail",
"version": {
"version_data": [
{
"version_value": "n/a"
"version_value": "FortiMail 7.0.1, 7.0.0, 6.4.5, 6.4.4, 6.4.3, 6.4.2, 6.4.1, 6.4.0, 6.2.7, 6.2.6, 6.2.5, 6.2.4, 6.2.3, 6.2.2, 6.2.1, 6.2.0, 6.0.11, 6.0.10, 6.0.9, 6.0.8, 6.0.7, 6.0.6, 6.0.5, 6.0.4, 6.0.3, 6.0.2, 6.0.1, 6.0.0"
}
]
}
}
]
},
"vendor_name": "n/a"
}
}
]
}
@ -52,7 +52,7 @@
"description": [
{
"lang": "eng",
"value": "n/a"
"value": "Execute unauthorized code or commands"
}
]
}
@ -64,6 +64,11 @@
"refsource": "CONFIRM",
"name": "https://fortiguard.com/advisory/FG-IR-21-185",
"url": "https://fortiguard.com/advisory/FG-IR-21-185"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/166055/Fortinet-Fortimail-7.0.1-Cross-Site-Scripting.html",
"url": "http://packetstormsecurity.com/files/166055/Fortinet-Fortimail-7.0.1-Cross-Site-Scripting.html"
}
]
},

56
2021/46xxx/CVE-2021-46036.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-46036",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-46036",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An arbitrary file upload vulnerability in the component /ms/file/uploadTemplate.do of MCMS v5.2.4 allows attackers to execute arbitrary code."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://lycshub.github.io/2021/12/28/MCMS-vulnerabilities/",
"refsource": "MISC",
"name": "https://lycshub.github.io/2021/12/28/MCMS-vulnerabilities/"
}
]
}

56
2021/46xxx/CVE-2021-46037.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-46037",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-46037",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "MCMS v5.2.4 was discovered to contain an arbitrary file deletion vulnerability via the component /template/unzip.do."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://lycshub.github.io/2021/12/28/MCMS-vulnerabilities/",
"refsource": "MISC",
"name": "https://lycshub.github.io/2021/12/28/MCMS-vulnerabilities/"
}
]
}

185
2022/0xxx/CVE-2022-0633.json
View File

@ -1,97 +1,102 @@
{
"CVE_data_meta": {
"ID": "CVE-2022-0633",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "UpdraftPlus Free < 1.22.3 & Premium < 2.22.3 - Subscriber+ Backup Download"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "UpdraftPlus",
"product": {
"product_data": [
{
"product_name": "UpdraftPlus WordPress Backup Plugin (Free)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.22.3",
"version_value": "1.22.3"
"CVE_data_meta": {
"ID": "CVE-2022-0633",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "UpdraftPlus Free < 1.22.3 & Premium < 2.22.3 - Subscriber+ Backup Download"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "UpdraftPlus",
"product": {
"product_data": [
{
"product_name": "UpdraftPlus WordPress Backup Plugin (Free)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.22.3",
"version_value": "1.22.3"
}
]
}
},
{
"product_name": "UpdraftPlus WordPress Backup Plugin (Premium)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.22.3",
"version_value": "2.22.3"
}
]
}
}
]
}
]
}
},
{
"product_name": "UpdraftPlus WordPress Backup Plugin (Premium)",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.22.3",
"version_value": "2.22.3"
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The UpdraftPlus WordPress plugin Free before 1.22.3 and Premium before 2.22.3 do not properly validate a user has the required privileges to access a backup's nonce identifier, which may allow any users with an account on the site (such as subscriber) to download the most recent site & database backup."
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/d257c28f-3c7e-422b-a5c2-e618ed3c0bf3",
"name": "https://wpscan.com/vulnerability/d257c28f-3c7e-422b-a5c2-e618ed3c0bf3"
},
{
"refsource": "CONFIRM",
"url": "https://updraftplus.com/updraftplus-security-release-1-22-3-2-22-3/",
"name": "https://updraftplus.com/updraftplus-security-release-1-22-3-2-22-3/"
},
{
"refsource": "MISC",
"url": "https://jetpack.com/2022/02/17/severe-vulnerability-fixed-in-updraftplus-1-22-3/",
"name": "https://jetpack.com/2022/02/17/severe-vulnerability-fixed-in-updraftplus-1-22-3/"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-863 Incorrect Authorization",
"lang": "eng"
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The UpdraftPlus WordPress plugin Free before 1.22.3 and Premium before 2.22.3 do not properly validate a user has the required privileges to access a backup's nonce identifier, which may allow any users with an account on the site (such as subscriber) to download the most recent site & database backup."
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Marc Montpas"
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"url": "https://wpscan.com/vulnerability/d257c28f-3c7e-422b-a5c2-e618ed3c0bf3",
"name": "https://wpscan.com/vulnerability/d257c28f-3c7e-422b-a5c2-e618ed3c0bf3"
},
{
"refsource": "CONFIRM",
"url": "https://updraftplus.com/updraftplus-security-release-1-22-3-2-22-3/",
"name": "https://updraftplus.com/updraftplus-security-release-1-22-3-2-22-3/"
},
{
"refsource": "MISC",
"url": "https://jetpack.com/2022/02/17/severe-vulnerability-fixed-in-updraftplus-1-22-3/",
"name": "https://jetpack.com/2022/02/17/severe-vulnerability-fixed-in-updraftplus-1-22-3/"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/166059/WordPress-UpdraftPlus-1.22.2-Backup-Disclosure.html",
"url": "http://packetstormsecurity.com/files/166059/WordPress-UpdraftPlus-1.22.2-Backup-Disclosure.html"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-863 Incorrect Authorization",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "Marc Montpas"
}
],
"source": {
"discovery": "EXTERNAL"
}
],
"source": {
"discovery": "EXTERNAL"
}
}
}