"-Synchronized-Data."

2025-06-08 05:58:08 +00:00 · 2023-03-29 07:00:35 +00:00 · 2023-03-29 07:00:35 +00:00 · 3f3750ee75
commit 3f3750ee75
parent afb649a6d0
3 changed files with 100 additions and 10 deletions
--- a/2022/27xxx/CVE-2022-27597.json
+++ b/2022/27xxx/CVE-2022-27597.json
@ -54,7 +54,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "A vulnerability have been reported to affect multiple QNAP operating systems. If exploited, the vulnerability allow remote authenticated users to get secret values.\nThe vulnerabilities affect the following QNAP operating systems:\nQTS, QuTS hero, QuTScloud, QVP (QVR Pro appliances)\nWe have already fixed the vulnerabilities in the following operating system versions:\nQTS 5.0.1.2346 build 20230322 and later\nQuTS hero h5.0.1.2348 build 20230324 and later\n"
+                "value": "A vulnerability have been reported to affect multiple QNAP operating systems. If exploited, the vulnerability allow remote authenticated users to get secret values. The vulnerabilities affect the following QNAP operating systems: QTS, QuTS hero, QuTScloud, QVP (QVR Pro appliances) We have already fixed the vulnerabilities in the following operating system versions: QTS 5.0.1.2346 build 20230322 and later QuTS hero h5.0.1.2348 build 20230324 and later"
            }
        ]
    },
@ -108,8 +108,9 @@
    "references": {
        "reference_data": [
            {
-                "refsource": "CONFIRM",
-                "url": "https://www.qnap.com/en/security-advisory/qsa-23-06"
+                "refsource": "MISC",
+                "url": "https://www.qnap.com/en/security-advisory/qsa-23-06",
+                "name": "https://www.qnap.com/en/security-advisory/qsa-23-06"
            }
        ]
    },
--- a/2022/27xxx/CVE-2022-27598.json
+++ b/2022/27xxx/CVE-2022-27598.json
@ -54,7 +54,7 @@
        "description_data": [
            {
                "lang": "eng",
-                "value": "A vulnerability have been reported to affect multiple QNAP operating systems. If exploited, the vulnerability allow remote authenticated users to get secret values.\nThe vulnerabilities affect the following QNAP operating systems:\nQTS, QuTS hero, QuTScloud, QVP (QVR Pro appliances)\nWe have already fixed the vulnerabilities in the following operating system versions:\nQTS 5.0.1.2346 build 20230322 and later\nQuTS hero h5.0.1.2348 build 20230324 and later\n"
+                "value": "A vulnerability have been reported to affect multiple QNAP operating systems. If exploited, the vulnerability allow remote authenticated users to get secret values. The vulnerabilities affect the following QNAP operating systems: QTS, QuTS hero, QuTScloud, QVP (QVR Pro appliances) We have already fixed the vulnerabilities in the following operating system versions: QTS 5.0.1.2346 build 20230322 and later QuTS hero h5.0.1.2348 build 20230324 and later"
            }
        ]
    },
@ -92,8 +92,9 @@
    "references": {
        "reference_data": [
            {
-                "refsource": "CONFIRM",
-                "url": "https://www.qnap.com/en/security-advisory/"
+                "refsource": "MISC",
+                "url": "https://www.qnap.com/en/security-advisory/",
+                "name": "https://www.qnap.com/en/security-advisory/"
            }
        ]
    },
--- a/2023/1xxx/CVE-2023-1686.json
+++ b/2023/1xxx/CVE-2023-1686.json
@ -1,17 +1,105 @@
 {
+    "data_version": "4.0",
    "data_type": "CVE",
    "data_format": "MITRE",
-    "data_version": "4.0",
    "CVE_data_meta": {
        "ID": "CVE-2023-1686",
-        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ASSIGNER": "cna@vuldb.com",
+        "STATE": "PUBLIC"
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "A vulnerability was found in SourceCodester Young Entrepreneur E-Negosyo System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file bsenordering/admin/category/index.php of the component GET Parameter Handler. The manipulation of the argument view with the input <script>alert(233)</script> leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-224243."
+            },
+            {
+                "lang": "deu",
+                "value": "Eine Schwachstelle wurde in SourceCodester Young Entrepreneur E-Negosyo System 1.0 ausgemacht. Sie wurde als problematisch eingestuft. Betroffen davon ist ein unbekannter Prozess der Datei bsenordering/admin/category/index.php der Komponente GET Parameter Handler. Durch Manipulieren des Arguments view mit der Eingabe <script>alert(233)</script> mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "CWE-79 Cross Site Scripting",
+                        "cweId": "CWE-79"
+                    }
+                ]
+            }
+        ]
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "SourceCodester",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "Young Entrepreneur E-Negosyo System",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_affected": "=",
+                                            "version_value": "1.0"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://vuldb.com/?id.224243",
+                "refsource": "MISC",
+                "name": "https://vuldb.com/?id.224243"
+            },
+            {
+                "url": "https://vuldb.com/?ctiid.224243",
+                "refsource": "MISC",
+                "name": "https://vuldb.com/?ctiid.224243"
+            },
+            {
+                "url": "https://github.com/Apeng96/bug_report/blob/main/XSS-1.md",
+                "refsource": "MISC",
+                "name": "https://github.com/Apeng96/bug_report/blob/main/XSS-1.md"
+            }
+        ]
+    },
+    "credits": [
+        {
+            "lang": "en",
+            "value": "aroc (VulDB User)"
+        }
+    ],
+    "impact": {
+        "cvss": [
+            {
+                "version": "3.1",
+                "baseScore": 3.5,
+                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
+                "baseSeverity": "LOW"
+            },
+            {
+                "version": "3.0",
+                "baseScore": 3.5,
+                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
+                "baseSeverity": "LOW"
+            },
+            {
+                "version": "2.0",
+                "baseScore": 4,
+                "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
+                "baseSeverity": "MEDIUM"
            }
        ]
    }