From 3bf63f6a9d4368b699176d8e0e51a3cd341d1bcd Mon Sep 17 00:00:00 2001 From: CVE Team Date: Sat, 21 Oct 2023 10:00:42 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2023/1xxx/CVE-2023-1451.json | 3 +-- 2023/1xxx/CVE-2023-1452.json | 8 +------- 2023/1xxx/CVE-2023-1453.json | 13 ++++++------- 2023/1xxx/CVE-2023-1454.json | 3 +-- 2023/1xxx/CVE-2023-1455.json | 7 +++---- 2023/1xxx/CVE-2023-1459.json | 3 +-- 2023/1xxx/CVE-2023-1460.json | 3 +-- 2023/1xxx/CVE-2023-1461.json | 3 +-- 2023/1xxx/CVE-2023-1464.json | 3 +-- 2023/1xxx/CVE-2023-1466.json | 3 +-- 2023/1xxx/CVE-2023-1467.json | 3 +-- 2023/1xxx/CVE-2023-1468.json | 3 +-- 2023/1xxx/CVE-2023-1474.json | 3 +-- 2023/1xxx/CVE-2023-1475.json | 3 +-- 2023/1xxx/CVE-2023-1479.json | 3 +-- 2023/1xxx/CVE-2023-1480.json | 3 +-- 2023/1xxx/CVE-2023-1481.json | 3 +-- 2023/1xxx/CVE-2023-1482.json | 13 ++++++------- 2023/1xxx/CVE-2023-1483.json | 3 +-- 2023/1xxx/CVE-2023-1484.json | 3 +-- 2023/1xxx/CVE-2023-1485.json | 3 +-- 2023/1xxx/CVE-2023-1486.json | 13 ++++++------- 2023/1xxx/CVE-2023-1487.json | 13 ++++++------- 2023/1xxx/CVE-2023-1488.json | 13 ++++++------- 2023/1xxx/CVE-2023-1489.json | 13 ++++++------- 2023/1xxx/CVE-2023-1490.json | 13 ++++++------- 2023/1xxx/CVE-2023-1491.json | 13 ++++++------- 2023/1xxx/CVE-2023-1492.json | 13 ++++++------- 2023/1xxx/CVE-2023-1493.json | 13 ++++++------- 2023/1xxx/CVE-2023-1494.json | 7 +------ 2023/1xxx/CVE-2023-1495.json | 9 ++------- 2023/1xxx/CVE-2023-1497.json | 3 +-- 2023/1xxx/CVE-2023-1498.json | 3 +-- 2023/1xxx/CVE-2023-1499.json | 3 +-- 2023/1xxx/CVE-2023-1500.json | 3 +-- 2023/1xxx/CVE-2023-1501.json | 7 +------ 2023/1xxx/CVE-2023-1502.json | 7 +++---- 2023/1xxx/CVE-2023-1503.json | 7 +++---- 2023/1xxx/CVE-2023-1504.json | 7 +++---- 2023/1xxx/CVE-2023-1505.json | 7 +++---- 2023/1xxx/CVE-2023-1506.json | 7 +++---- 2023/1xxx/CVE-2023-1507.json | 3 +-- 2023/1xxx/CVE-2023-1556.json | 3 +-- 43 files changed, 106 insertions(+), 166 deletions(-) diff --git a/2023/1xxx/CVE-2023-1451.json b/2023/1xxx/CVE-2023-1451.json index e2cbbfa3f00..3c633a96e96 100644 --- a/2023/1xxx/CVE-2023-1451.json +++ b/2023/1xxx/CVE-2023-1451.json @@ -103,8 +103,7 @@ { "version": "2.0", "baseScore": 1.7, - "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P", - "baseSeverity": "LOW" + "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P" } ] } diff --git a/2023/1xxx/CVE-2023-1452.json b/2023/1xxx/CVE-2023-1452.json index 53de1d97665..7e2b6546ff7 100644 --- a/2023/1xxx/CVE-2023-1452.json +++ b/2023/1xxx/CVE-2023-1452.json @@ -77,11 +77,6 @@ "url": "https://github.com/xxy1126/Vuln/blob/main/gpac/1.mp4", "refsource": "MISC", "name": "https://github.com/xxy1126/Vuln/blob/main/gpac/1.mp4" - }, - { - "url": "https://www.debian.org/security/2023/dsa-5411", - "refsource": "MISC", - "name": "https://www.debian.org/security/2023/dsa-5411" } ] }, @@ -108,8 +103,7 @@ { "version": "2.0", "baseScore": 4.3, - "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:L/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/1xxx/CVE-2023-1453.json b/2023/1xxx/CVE-2023-1453.json index 8c6c430dbe4..d87726c0210 100644 --- a/2023/1xxx/CVE-2023-1453.json +++ b/2023/1xxx/CVE-2023-1453.json @@ -68,15 +68,15 @@ "refsource": "MISC", "name": "https://vuldb.com/?ctiid.223298" }, - { - "url": "https://drive.google.com/file/d/1ivMk1uVAvPCCAxqiD2BW9gD1TsktQkpi/view", - "refsource": "MISC", - "name": "https://drive.google.com/file/d/1ivMk1uVAvPCCAxqiD2BW9gD1TsktQkpi/view" - }, { "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1453", "refsource": "MISC", "name": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1453" + }, + { + "url": "https://drive.google.com/file/d/1ivMk1uVAvPCCAxqiD2BW9gD1TsktQkpi/view", + "refsource": "MISC", + "name": "https://drive.google.com/file/d/1ivMk1uVAvPCCAxqiD2BW9gD1TsktQkpi/view" } ] }, @@ -103,8 +103,7 @@ { "version": "2.0", "baseScore": 3.2, - "vectorString": "AV:L/AC:L/Au:S/C:N/I:P/A:P", - "baseSeverity": "LOW" + "vectorString": "AV:L/AC:L/Au:S/C:N/I:P/A:P" } ] } diff --git a/2023/1xxx/CVE-2023-1454.json b/2023/1xxx/CVE-2023-1454.json index 6889a782dea..35c51314dea 100644 --- a/2023/1xxx/CVE-2023-1454.json +++ b/2023/1xxx/CVE-2023-1454.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/1xxx/CVE-2023-1455.json b/2023/1xxx/CVE-2023-1455.json index f9b651ee045..2382d833459 100644 --- a/2023/1xxx/CVE-2023-1455.json +++ b/2023/1xxx/CVE-2023-1455.json @@ -11,11 +11,11 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability classified as critical was found in SourceCodester Online Pizza Ordering System 1.0. This vulnerability affects unknown code of the file admin/ajax.php?action=login2 of the component Login Page. The manipulation of the argument email with the input abc%40qq.com' AND (SELECT 9110 FROM (SELECT(SLEEP(5)))XSlc) AND 'jFNl'='jFNl leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223300." + "value": "A vulnerability classified as critical was found in SourceCodester Online Pizza Ordering System 1.0. This vulnerability affects unknown code of the file admin/ajax.php?action=login2 of the component Login Page. The manipulation of the argument email with the input abc%40qq.com' AND (SELECT 9110 FROM (SELECT(SLEEP(5)))XSlc) AND 'jFNl'='jFNl leads to sql injection. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223300." }, { "lang": "deu", - "value": "In SourceCodester Online Pizza Ordering System 1.0 wurde eine Schwachstelle entdeckt. Sie wurde als kritisch eingestuft. Es geht um eine nicht n\u00e4her bekannte Funktion der Datei admin/ajax.php?action=login2 der Komponente Login Page. Dank der Manipulation des Arguments email mit der Eingabe abc%40qq.com' AND (SELECT 9110 FROM (SELECT(SLEEP(5)))XSlc) AND 'jFNl'='jFNl mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + "value": "In SourceCodester Online Pizza Ordering System 1.0 wurde eine Schwachstelle entdeckt. Sie wurde als kritisch eingestuft. Es geht um eine nicht n\u00e4her bekannte Funktion der Datei admin/ajax.php?action=login2 der Komponente Login Page. Dank der Manipulation des Arguments email mit der Eingabe abc%40qq.com' AND (SELECT 9110 FROM (SELECT(SLEEP(5)))XSlc) AND 'jFNl'='jFNl mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Das Ausnutzen gilt als schwierig. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." } ] }, @@ -93,8 +93,7 @@ { "version": "2.0", "baseScore": 5.1, - "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P" } ] } diff --git a/2023/1xxx/CVE-2023-1459.json b/2023/1xxx/CVE-2023-1459.json index a09bb8bf6fb..3cc1977ff06 100644 --- a/2023/1xxx/CVE-2023-1459.json +++ b/2023/1xxx/CVE-2023-1459.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/1xxx/CVE-2023-1460.json b/2023/1xxx/CVE-2023-1460.json index afbc56e41df..88aa8d48bb9 100644 --- a/2023/1xxx/CVE-2023-1460.json +++ b/2023/1xxx/CVE-2023-1460.json @@ -93,8 +93,7 @@ { "version": "2.0", "baseScore": 6.4, - "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P" } ] } diff --git a/2023/1xxx/CVE-2023-1461.json b/2023/1xxx/CVE-2023-1461.json index 60cebed6d15..b2d2e334b5e 100644 --- a/2023/1xxx/CVE-2023-1461.json +++ b/2023/1xxx/CVE-2023-1461.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/1xxx/CVE-2023-1464.json b/2023/1xxx/CVE-2023-1464.json index 51cedeaa201..39ba332c9d5 100644 --- a/2023/1xxx/CVE-2023-1464.json +++ b/2023/1xxx/CVE-2023-1464.json @@ -93,8 +93,7 @@ { "version": "2.0", "baseScore": 7.5, - "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", - "baseSeverity": "HIGH" + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ] } diff --git a/2023/1xxx/CVE-2023-1466.json b/2023/1xxx/CVE-2023-1466.json index 30f7b77d3db..2a4a984f009 100644 --- a/2023/1xxx/CVE-2023-1466.json +++ b/2023/1xxx/CVE-2023-1466.json @@ -93,8 +93,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/1xxx/CVE-2023-1467.json b/2023/1xxx/CVE-2023-1467.json index cbbb22df49e..b02083e736f 100644 --- a/2023/1xxx/CVE-2023-1467.json +++ b/2023/1xxx/CVE-2023-1467.json @@ -93,8 +93,7 @@ { "version": "2.0", "baseScore": 6.4, - "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P" } ] } diff --git a/2023/1xxx/CVE-2023-1468.json b/2023/1xxx/CVE-2023-1468.json index 6a3132afbb0..870acf73879 100644 --- a/2023/1xxx/CVE-2023-1468.json +++ b/2023/1xxx/CVE-2023-1468.json @@ -93,8 +93,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/1xxx/CVE-2023-1474.json b/2023/1xxx/CVE-2023-1474.json index a2d4787f7e5..1fa6f1d8832 100644 --- a/2023/1xxx/CVE-2023-1474.json +++ b/2023/1xxx/CVE-2023-1474.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/1xxx/CVE-2023-1475.json b/2023/1xxx/CVE-2023-1475.json index df2dabd932f..bc97d4ef1e3 100644 --- a/2023/1xxx/CVE-2023-1475.json +++ b/2023/1xxx/CVE-2023-1475.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/1xxx/CVE-2023-1479.json b/2023/1xxx/CVE-2023-1479.json index 80f3bbe2c2e..5b85e97bf16 100644 --- a/2023/1xxx/CVE-2023-1479.json +++ b/2023/1xxx/CVE-2023-1479.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/1xxx/CVE-2023-1480.json b/2023/1xxx/CVE-2023-1480.json index 87a3b95dbd2..0590d0da165 100644 --- a/2023/1xxx/CVE-2023-1480.json +++ b/2023/1xxx/CVE-2023-1480.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/1xxx/CVE-2023-1481.json b/2023/1xxx/CVE-2023-1481.json index c87d0f96821..f592cbf2816 100644 --- a/2023/1xxx/CVE-2023-1481.json +++ b/2023/1xxx/CVE-2023-1481.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 4, - "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N" } ] } diff --git a/2023/1xxx/CVE-2023-1482.json b/2023/1xxx/CVE-2023-1482.json index fb09dcb7666..07b50881aaa 100644 --- a/2023/1xxx/CVE-2023-1482.json +++ b/2023/1xxx/CVE-2023-1482.json @@ -58,11 +58,6 @@ }, "references": { "reference_data": [ - { - "url": "https://gitee.com/Hk_Cms/HkCms/issues/I6J7ZD", - "refsource": "MISC", - "name": "https://gitee.com/Hk_Cms/HkCms/issues/I6J7ZD" - }, { "url": "https://vuldb.com/?id.223365", "refsource": "MISC", @@ -72,6 +67,11 @@ "url": "https://vuldb.com/?ctiid.223365", "refsource": "MISC", "name": "https://vuldb.com/?ctiid.223365" + }, + { + "url": "https://gitee.com/Hk_Cms/HkCms/issues/I6J7ZD", + "refsource": "MISC", + "name": "https://gitee.com/Hk_Cms/HkCms/issues/I6J7ZD" } ] }, @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 5.8, - "vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P" } ] } diff --git a/2023/1xxx/CVE-2023-1483.json b/2023/1xxx/CVE-2023-1483.json index 5adc420a963..ab1b0e93504 100644 --- a/2023/1xxx/CVE-2023-1483.json +++ b/2023/1xxx/CVE-2023-1483.json @@ -106,8 +106,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/1xxx/CVE-2023-1484.json b/2023/1xxx/CVE-2023-1484.json index 6ee75c588d8..da9995c5b35 100644 --- a/2023/1xxx/CVE-2023-1484.json +++ b/2023/1xxx/CVE-2023-1484.json @@ -110,8 +110,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/1xxx/CVE-2023-1485.json b/2023/1xxx/CVE-2023-1485.json index 382b17f3336..0abdad9f4fb 100644 --- a/2023/1xxx/CVE-2023-1485.json +++ b/2023/1xxx/CVE-2023-1485.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 4, - "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N" } ] } diff --git a/2023/1xxx/CVE-2023-1486.json b/2023/1xxx/CVE-2023-1486.json index 624a3117c19..c8d4df86f48 100644 --- a/2023/1xxx/CVE-2023-1486.json +++ b/2023/1xxx/CVE-2023-1486.json @@ -68,15 +68,15 @@ "refsource": "MISC", "name": "https://vuldb.com/?ctiid.223372" }, - { - "url": "https://drive.google.com/file/d/1Ziu1Ut_-01mDpjdj2Z8rfiU7gtUd_WVU/view", - "refsource": "MISC", - "name": "https://drive.google.com/file/d/1Ziu1Ut_-01mDpjdj2Z8rfiU7gtUd_WVU/view" - }, { "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1486", "refsource": "MISC", "name": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1486" + }, + { + "url": "https://drive.google.com/file/d/1Ziu1Ut_-01mDpjdj2Z8rfiU7gtUd_WVU/view", + "refsource": "MISC", + "name": "https://drive.google.com/file/d/1Ziu1Ut_-01mDpjdj2Z8rfiU7gtUd_WVU/view" } ] }, @@ -103,8 +103,7 @@ { "version": "2.0", "baseScore": 3.2, - "vectorString": "AV:L/AC:L/Au:S/C:N/I:P/A:P", - "baseSeverity": "LOW" + "vectorString": "AV:L/AC:L/Au:S/C:N/I:P/A:P" } ] } diff --git a/2023/1xxx/CVE-2023-1487.json b/2023/1xxx/CVE-2023-1487.json index 53142cfd74e..177c402ea48 100644 --- a/2023/1xxx/CVE-2023-1487.json +++ b/2023/1xxx/CVE-2023-1487.json @@ -68,15 +68,15 @@ "refsource": "MISC", "name": "https://vuldb.com/?ctiid.223373" }, - { - "url": "https://drive.google.com/file/d/1zk_ErtD34TBnQu8VGTUZKQpGGVDaUR1y/view", - "refsource": "MISC", - "name": "https://drive.google.com/file/d/1zk_ErtD34TBnQu8VGTUZKQpGGVDaUR1y/view" - }, { "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1487", "refsource": "MISC", "name": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1487" + }, + { + "url": "https://drive.google.com/file/d/1zk_ErtD34TBnQu8VGTUZKQpGGVDaUR1y/view", + "refsource": "MISC", + "name": "https://drive.google.com/file/d/1zk_ErtD34TBnQu8VGTUZKQpGGVDaUR1y/view" } ] }, @@ -103,8 +103,7 @@ { "version": "2.0", "baseScore": 4.6, - "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C", - "baseSeverity": "MEDIUM" + "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C" } ] } diff --git a/2023/1xxx/CVE-2023-1488.json b/2023/1xxx/CVE-2023-1488.json index 490842a3a4c..d5af6451826 100644 --- a/2023/1xxx/CVE-2023-1488.json +++ b/2023/1xxx/CVE-2023-1488.json @@ -68,15 +68,15 @@ "refsource": "MISC", "name": "https://vuldb.com/?ctiid.223374" }, - { - "url": "https://drive.google.com/file/d/1X4qH-BIww5jIdoYfg9WKvX5088cpMRHY/view", - "refsource": "MISC", - "name": "https://drive.google.com/file/d/1X4qH-BIww5jIdoYfg9WKvX5088cpMRHY/view" - }, { "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1488", "refsource": "MISC", "name": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1488" + }, + { + "url": "https://drive.google.com/file/d/1X4qH-BIww5jIdoYfg9WKvX5088cpMRHY/view", + "refsource": "MISC", + "name": "https://drive.google.com/file/d/1X4qH-BIww5jIdoYfg9WKvX5088cpMRHY/view" } ] }, @@ -103,8 +103,7 @@ { "version": "2.0", "baseScore": 1.7, - "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P", - "baseSeverity": "LOW" + "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:P" } ] } diff --git a/2023/1xxx/CVE-2023-1489.json b/2023/1xxx/CVE-2023-1489.json index a6b15bfed22..c514e6b821c 100644 --- a/2023/1xxx/CVE-2023-1489.json +++ b/2023/1xxx/CVE-2023-1489.json @@ -68,15 +68,15 @@ "refsource": "MISC", "name": "https://vuldb.com/?ctiid.223375" }, - { - "url": "https://drive.google.com/file/d/15k4sO3qRWDORWjU2QyOVoT_DumX6LrWu/view", - "refsource": "MISC", - "name": "https://drive.google.com/file/d/15k4sO3qRWDORWjU2QyOVoT_DumX6LrWu/view" - }, { "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1489", "refsource": "MISC", "name": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1489" + }, + { + "url": "https://drive.google.com/file/d/15k4sO3qRWDORWjU2QyOVoT_DumX6LrWu/view", + "refsource": "MISC", + "name": "https://drive.google.com/file/d/15k4sO3qRWDORWjU2QyOVoT_DumX6LrWu/view" } ] }, @@ -103,8 +103,7 @@ { "version": "2.0", "baseScore": 6.8, - "vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C", - "baseSeverity": "MEDIUM" + "vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C" } ] } diff --git a/2023/1xxx/CVE-2023-1490.json b/2023/1xxx/CVE-2023-1490.json index 4588cf9bb64..0b873bfe218 100644 --- a/2023/1xxx/CVE-2023-1490.json +++ b/2023/1xxx/CVE-2023-1490.json @@ -68,15 +68,15 @@ "refsource": "MISC", "name": "https://vuldb.com/?ctiid.223376" }, - { - "url": "https://drive.google.com/file/d/1PmzG42vFkqpwfgTG0KACzyH8oA7OddWG/view", - "refsource": "MISC", - "name": "https://drive.google.com/file/d/1PmzG42vFkqpwfgTG0KACzyH8oA7OddWG/view" - }, { "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1490", "refsource": "MISC", "name": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1490" + }, + { + "url": "https://drive.google.com/file/d/1PmzG42vFkqpwfgTG0KACzyH8oA7OddWG/view", + "refsource": "MISC", + "name": "https://drive.google.com/file/d/1PmzG42vFkqpwfgTG0KACzyH8oA7OddWG/view" } ] }, @@ -103,8 +103,7 @@ { "version": "2.0", "baseScore": 3.2, - "vectorString": "AV:L/AC:L/Au:S/C:N/I:P/A:P", - "baseSeverity": "LOW" + "vectorString": "AV:L/AC:L/Au:S/C:N/I:P/A:P" } ] } diff --git a/2023/1xxx/CVE-2023-1491.json b/2023/1xxx/CVE-2023-1491.json index 6d797f56bc8..245e2e706e2 100644 --- a/2023/1xxx/CVE-2023-1491.json +++ b/2023/1xxx/CVE-2023-1491.json @@ -68,15 +68,15 @@ "refsource": "MISC", "name": "https://vuldb.com/?ctiid.223377" }, - { - "url": "https://drive.google.com/file/d/1-h-6ijBvucNU-dYglWW5n4l2ys-MDAF9/view", - "refsource": "MISC", - "name": "https://drive.google.com/file/d/1-h-6ijBvucNU-dYglWW5n4l2ys-MDAF9/view" - }, { "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1491", "refsource": "MISC", "name": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1491" + }, + { + "url": "https://drive.google.com/file/d/1-h-6ijBvucNU-dYglWW5n4l2ys-MDAF9/view", + "refsource": "MISC", + "name": "https://drive.google.com/file/d/1-h-6ijBvucNU-dYglWW5n4l2ys-MDAF9/view" } ] }, @@ -103,8 +103,7 @@ { "version": "2.0", "baseScore": 3.2, - "vectorString": "AV:L/AC:L/Au:S/C:N/I:P/A:P", - "baseSeverity": "LOW" + "vectorString": "AV:L/AC:L/Au:S/C:N/I:P/A:P" } ] } diff --git a/2023/1xxx/CVE-2023-1492.json b/2023/1xxx/CVE-2023-1492.json index 621561a24ca..56251f03915 100644 --- a/2023/1xxx/CVE-2023-1492.json +++ b/2023/1xxx/CVE-2023-1492.json @@ -68,15 +68,15 @@ "refsource": "MISC", "name": "https://vuldb.com/?ctiid.223378" }, - { - "url": "https://drive.google.com/file/d/1G_Szy4kCrZU-whGbVcxpdE1yKf5Vxqq3/view", - "refsource": "MISC", - "name": "https://drive.google.com/file/d/1G_Szy4kCrZU-whGbVcxpdE1yKf5Vxqq3/view" - }, { "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1492", "refsource": "MISC", "name": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1492" + }, + { + "url": "https://drive.google.com/file/d/1G_Szy4kCrZU-whGbVcxpdE1yKf5Vxqq3/view", + "refsource": "MISC", + "name": "https://drive.google.com/file/d/1G_Szy4kCrZU-whGbVcxpdE1yKf5Vxqq3/view" } ] }, @@ -103,8 +103,7 @@ { "version": "2.0", "baseScore": 4.6, - "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C", - "baseSeverity": "MEDIUM" + "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C" } ] } diff --git a/2023/1xxx/CVE-2023-1493.json b/2023/1xxx/CVE-2023-1493.json index 263b920cb02..ca21397c325 100644 --- a/2023/1xxx/CVE-2023-1493.json +++ b/2023/1xxx/CVE-2023-1493.json @@ -68,15 +68,15 @@ "refsource": "MISC", "name": "https://vuldb.com/?ctiid.223379" }, - { - "url": "https://drive.google.com/file/d/109wWkX5FbYrKKqQBXBC1_uLyi02Y7sqF/view", - "refsource": "MISC", - "name": "https://drive.google.com/file/d/109wWkX5FbYrKKqQBXBC1_uLyi02Y7sqF/view" - }, { "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1493", "refsource": "MISC", "name": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1493" + }, + { + "url": "https://drive.google.com/file/d/109wWkX5FbYrKKqQBXBC1_uLyi02Y7sqF/view", + "refsource": "MISC", + "name": "https://drive.google.com/file/d/109wWkX5FbYrKKqQBXBC1_uLyi02Y7sqF/view" } ] }, @@ -103,8 +103,7 @@ { "version": "2.0", "baseScore": 4.6, - "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C", - "baseSeverity": "MEDIUM" + "vectorString": "AV:L/AC:L/Au:S/C:N/I:N/A:C" } ] } diff --git a/2023/1xxx/CVE-2023-1494.json b/2023/1xxx/CVE-2023-1494.json index 9eede6f9f14..b36bbb2fe8b 100644 --- a/2023/1xxx/CVE-2023-1494.json +++ b/2023/1xxx/CVE-2023-1494.json @@ -79,10 +79,6 @@ { "lang": "en", "value": "xiaocuilog (VulDB User)" - }, - { - "lang": "en", - "value": "xiaocuilogVulDB Gitee Analyzer" } ], "impact": { @@ -102,8 +98,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/1xxx/CVE-2023-1495.json b/2023/1xxx/CVE-2023-1495.json index 0e78e9d4a72..94a769e9259 100644 --- a/2023/1xxx/CVE-2023-1495.json +++ b/2023/1xxx/CVE-2023-1495.json @@ -11,7 +11,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability classified as critical was found in Rebuild up to 3.2.3. Affected by this vulnerability is the function queryListOfConfig of the file /admin/robot/approval/list. The manipulation of the argument q leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The name of the patch is c9474f84e5f376dd2ade2078e3039961a9425da7. It is recommended to apply a patch to fix this issue. The identifier VDB-223381 was assigned to this vulnerability." + "value": "A vulnerability classified as critical was found in Rebuild up to 3.2.3. Affected by this vulnerability is the function queryListOfConfig of the file /admin/robot/approval/list. The manipulation of the argument q leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of the patch is c9474f84e5f376dd2ade2078e3039961a9425da7. It is recommended to apply a patch to fix this issue. The identifier VDB-223381 was assigned to this vulnerability." }, { "lang": "deu", @@ -96,10 +96,6 @@ { "lang": "en", "value": "Mechoy (VulDB User)" - }, - { - "lang": "en", - "value": "MechoyVulDB GitHub Commit Analyzer" } ], "impact": { @@ -119,8 +115,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/1xxx/CVE-2023-1497.json b/2023/1xxx/CVE-2023-1497.json index c0d79b8d79d..6692070700a 100644 --- a/2023/1xxx/CVE-2023-1497.json +++ b/2023/1xxx/CVE-2023-1497.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/1xxx/CVE-2023-1498.json b/2023/1xxx/CVE-2023-1498.json index 22267b1f0af..1ff56539068 100644 --- a/2023/1xxx/CVE-2023-1498.json +++ b/2023/1xxx/CVE-2023-1498.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/1xxx/CVE-2023-1499.json b/2023/1xxx/CVE-2023-1499.json index 65e725e715b..aab9206e7f0 100644 --- a/2023/1xxx/CVE-2023-1499.json +++ b/2023/1xxx/CVE-2023-1499.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/1xxx/CVE-2023-1500.json b/2023/1xxx/CVE-2023-1500.json index 0d7f31e5892..c6bf55ba4d6 100644 --- a/2023/1xxx/CVE-2023-1500.json +++ b/2023/1xxx/CVE-2023-1500.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 4, - "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N" } ] } diff --git a/2023/1xxx/CVE-2023-1501.json b/2023/1xxx/CVE-2023-1501.json index 174c4eb2508..7d55096c996 100644 --- a/2023/1xxx/CVE-2023-1501.json +++ b/2023/1xxx/CVE-2023-1501.json @@ -79,10 +79,6 @@ { "lang": "en", "value": "xieqiang (VulDB User)" - }, - { - "lang": "en", - "value": "xieqiangVulDB Gitee Analyzer" } ], "impact": { @@ -102,8 +98,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/1xxx/CVE-2023-1502.json b/2023/1xxx/CVE-2023-1502.json index f0a112f392b..b08b46b3a23 100644 --- a/2023/1xxx/CVE-2023-1502.json +++ b/2023/1xxx/CVE-2023-1502.json @@ -11,11 +11,11 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability was found in SourceCodester Alphaware Simple E-Commerce System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file function/edit_customer.php. The manipulation of the argument firstname/mi/lastname with the input a' RLIKE SLEEP(5) AND 'dAbu'='dAbu leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-223406 is the identifier assigned to this vulnerability." + "value": "A vulnerability was found in SourceCodester Alphaware Simple E-Commerce System 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file function/edit_customer.php. The manipulation of the argument firstname/mi/lastname with the input a' RLIKE SLEEP(5) AND 'dAbu'='dAbu leads to sql injection. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. VDB-223406 is the identifier assigned to this vulnerability." }, { "lang": "deu", - "value": "Eine kritische Schwachstelle wurde in SourceCodester Alphaware Simple E-Commerce System 1.0 ausgemacht. Es geht hierbei um eine nicht n\u00e4her spezifizierte Funktion der Datei function/edit_customer.php. Durch das Manipulieren des Arguments firstname/mi/lastname mit der Eingabe a' RLIKE SLEEP(5) AND 'dAbu'='dAbu mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + "value": "Eine kritische Schwachstelle wurde in SourceCodester Alphaware Simple E-Commerce System 1.0 ausgemacht. Es geht hierbei um eine nicht n\u00e4her spezifizierte Funktion der Datei function/edit_customer.php. Durch das Manipulieren des Arguments firstname/mi/lastname mit der Eingabe a' RLIKE SLEEP(5) AND 'dAbu'='dAbu mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Sie ist schwierig ausnutzbar. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." } ] }, @@ -93,8 +93,7 @@ { "version": "2.0", "baseScore": 5.1, - "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P" } ] } diff --git a/2023/1xxx/CVE-2023-1503.json b/2023/1xxx/CVE-2023-1503.json index 66e21c8b4a8..19ed56cdcf6 100644 --- a/2023/1xxx/CVE-2023-1503.json +++ b/2023/1xxx/CVE-2023-1503.json @@ -11,11 +11,11 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability classified as critical has been found in SourceCodester Alphaware Simple E-Commerce System 1.0. This affects an unknown part of the file admin/admin_index.php. The manipulation of the argument username/password with the input admin' AND (SELECT 8062 FROM (SELECT(SLEEP(5)))meUD)-- hLiX leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-223407." + "value": "A vulnerability classified as critical has been found in SourceCodester Alphaware Simple E-Commerce System 1.0. This affects an unknown part of the file admin/admin_index.php. The manipulation of the argument username/password with the input admin' AND (SELECT 8062 FROM (SELECT(SLEEP(5)))meUD)-- hLiX leads to sql injection. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-223407." }, { "lang": "deu", - "value": "Es wurde eine Schwachstelle in SourceCodester Alphaware Simple E-Commerce System 1.0 entdeckt. Sie wurde als kritisch eingestuft. Es geht dabei um eine nicht klar definierte Funktion der Datei admin/admin_index.php. Durch Manipulieren des Arguments username/password mit der Eingabe admin' AND (SELECT 8062 FROM (SELECT(SLEEP(5)))meUD)-- hLiX mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + "value": "Es wurde eine Schwachstelle in SourceCodester Alphaware Simple E-Commerce System 1.0 entdeckt. Sie wurde als kritisch eingestuft. Es geht dabei um eine nicht klar definierte Funktion der Datei admin/admin_index.php. Durch Manipulieren des Arguments username/password mit der Eingabe admin' AND (SELECT 8062 FROM (SELECT(SLEEP(5)))meUD)-- hLiX mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Sie ist schwierig auszunutzen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." } ] }, @@ -93,8 +93,7 @@ { "version": "2.0", "baseScore": 5.1, - "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P" } ] } diff --git a/2023/1xxx/CVE-2023-1504.json b/2023/1xxx/CVE-2023-1504.json index 87476b47a92..57a5b9fa8c1 100644 --- a/2023/1xxx/CVE-2023-1504.json +++ b/2023/1xxx/CVE-2023-1504.json @@ -11,11 +11,11 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability classified as critical was found in SourceCodester Alphaware Simple E-Commerce System 1.0. This vulnerability affects unknown code. The manipulation of the argument email/password with the input test1%40test.com ' AND (SELECT 6077 FROM (SELECT(SLEEP(5)))dltn) AND 'PhRa'='PhRa leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223408." + "value": "A vulnerability classified as critical was found in SourceCodester Alphaware Simple E-Commerce System 1.0. This vulnerability affects unknown code. The manipulation of the argument email/password with the input test1%40test.com ' AND (SELECT 6077 FROM (SELECT(SLEEP(5)))dltn) AND 'PhRa'='PhRa leads to sql injection. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-223408." }, { "lang": "deu", - "value": "In SourceCodester Alphaware Simple E-Commerce System 1.0 wurde eine Schwachstelle entdeckt. Sie wurde als kritisch eingestuft. Dabei geht es um eine nicht genauer bekannte Funktion. Durch das Beeinflussen des Arguments email/password mit der Eingabe test1%40test.com ' AND (SELECT 6077 FROM (SELECT(SLEEP(5)))dltn) AND 'PhRa'='PhRa mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + "value": "In SourceCodester Alphaware Simple E-Commerce System 1.0 wurde eine Schwachstelle entdeckt. Sie wurde als kritisch eingestuft. Dabei geht es um eine nicht genauer bekannte Funktion. Durch das Beeinflussen des Arguments email/password mit der Eingabe test1%40test.com ' AND (SELECT 6077 FROM (SELECT(SLEEP(5)))dltn) AND 'PhRa'='PhRa mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Das Ausnutzen gilt als schwierig. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." } ] }, @@ -93,8 +93,7 @@ { "version": "2.0", "baseScore": 5.1, - "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P" } ] } diff --git a/2023/1xxx/CVE-2023-1505.json b/2023/1xxx/CVE-2023-1505.json index fbb1263e092..cd8981367da 100644 --- a/2023/1xxx/CVE-2023-1505.json +++ b/2023/1xxx/CVE-2023-1505.json @@ -11,11 +11,11 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability, which was classified as critical, has been found in SourceCodester E-Commerce System 1.0. This issue affects some unknown processing of the file /ecommerce/admin/settings/setDiscount.php. The manipulation of the argument id with the input 201737 AND (SELECT 8973 FROM (SELECT(SLEEP(5)))OoAD) leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-223409 was assigned to this vulnerability." + "value": "A vulnerability, which was classified as critical, has been found in SourceCodester E-Commerce System 1.0. This issue affects some unknown processing of the file /ecommerce/admin/settings/setDiscount.php. The manipulation of the argument id with the input 201737 AND (SELECT 8973 FROM (SELECT(SLEEP(5)))OoAD) leads to sql injection. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The identifier VDB-223409 was assigned to this vulnerability." }, { "lang": "deu", - "value": "Eine Schwachstelle wurde in SourceCodester E-Commerce System 1.0 entdeckt. Sie wurde als kritisch eingestuft. Hierbei geht es um eine nicht exakt ausgemachte Funktion der Datei /ecommerce/admin/settings/setDiscount.php. Durch Beeinflussen des Arguments id mit der Eingabe 201737 AND (SELECT 8973 FROM (SELECT(SLEEP(5)))OoAD) mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + "value": "Eine Schwachstelle wurde in SourceCodester E-Commerce System 1.0 entdeckt. Sie wurde als kritisch eingestuft. Hierbei geht es um eine nicht exakt ausgemachte Funktion der Datei /ecommerce/admin/settings/setDiscount.php. Durch Beeinflussen des Arguments id mit der Eingabe 201737 AND (SELECT 8973 FROM (SELECT(SLEEP(5)))OoAD) mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Die Ausnutzbarkeit gilt als schwierig. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." } ] }, @@ -93,8 +93,7 @@ { "version": "2.0", "baseScore": 4.6, - "vectorString": "AV:N/AC:H/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:H/Au:S/C:P/I:P/A:P" } ] } diff --git a/2023/1xxx/CVE-2023-1506.json b/2023/1xxx/CVE-2023-1506.json index bb08a554549..b598e49aaa8 100644 --- a/2023/1xxx/CVE-2023-1506.json +++ b/2023/1xxx/CVE-2023-1506.json @@ -11,11 +11,11 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability, which was classified as critical, was found in SourceCodester E-Commerce System 1.0. Affected is an unknown function of the file login.php. The manipulation of the argument U_USERNAME leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-223410 is the identifier assigned to this vulnerability." + "value": "A vulnerability, which was classified as critical, was found in SourceCodester E-Commerce System 1.0. Affected is an unknown function of the file login.php. The manipulation of the argument U_USERNAME leads to sql injection. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. VDB-223410 is the identifier assigned to this vulnerability." }, { "lang": "deu", - "value": "Es wurde eine Schwachstelle in SourceCodester E-Commerce System 1.0 gefunden. Sie wurde als kritisch eingestuft. Es betrifft eine unbekannte Funktion der Datei login.php. Dank der Manipulation des Arguments U_USERNAME mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + "value": "Es wurde eine Schwachstelle in SourceCodester E-Commerce System 1.0 gefunden. Sie wurde als kritisch eingestuft. Es betrifft eine unbekannte Funktion der Datei login.php. Dank der Manipulation des Arguments U_USERNAME mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Die Komplexit\u00e4t eines Angriffs ist eher hoch. Sie gilt als schwierig auszunutzen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." } ] }, @@ -93,8 +93,7 @@ { "version": "2.0", "baseScore": 5.1, - "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P" } ] } diff --git a/2023/1xxx/CVE-2023-1507.json b/2023/1xxx/CVE-2023-1507.json index 0cddff58286..2579bddf892 100644 --- a/2023/1xxx/CVE-2023-1507.json +++ b/2023/1xxx/CVE-2023-1507.json @@ -93,8 +93,7 @@ { "version": "2.0", "baseScore": 4, - "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N" } ] } diff --git a/2023/1xxx/CVE-2023-1556.json b/2023/1xxx/CVE-2023-1556.json index f67fd9d87cf..25dd2d707ca 100644 --- a/2023/1xxx/CVE-2023-1556.json +++ b/2023/1xxx/CVE-2023-1556.json @@ -98,8 +98,7 @@ { "version": "2.0", "baseScore": 6.5, - "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", - "baseSeverity": "MEDIUM" + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] }