"-Synchronized-Data."

2025-07-29 05:56:59 +00:00 · 2023-05-24 10:00:35 +00:00 · 2023-05-24 10:00:35 +00:00 · 4179eef531
commit 4179eef531
parent 8b862c8a31
4 changed files with 252 additions and 0 deletions
--- a/2023/2xxx/CVE-2023-2862.json
+++ b/2023/2xxx/CVE-2023-2862.json
@ -0,0 +1,110 @@
+{
+    "data_version": "4.0",
+    "data_type": "CVE",
+    "data_format": "MITRE",
+    "CVE_data_meta": {
+        "ID": "CVE-2023-2862",
+        "ASSIGNER": "cna@vuldb.com",
+        "STATE": "PUBLIC"
+    },
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "A vulnerability, which was classified as problematic, was found in SiteServer CMS up to 7.2.1. Affected is an unknown function of the file /api/stl/actions/search. The manipulation of the argument ajaxDivId leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. VDB-229818 is the identifier assigned to this vulnerability."
+            },
+            {
+                "lang": "deu",
+                "value": "Es wurde eine Schwachstelle in SiteServer CMS bis 7.2.1 gefunden. Sie wurde als problematisch eingestuft. Dabei betrifft es einen unbekannter Codeteil der Datei /api/stl/actions/search. Mittels Manipulieren des Arguments ajaxDivId mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung. Als bestm\u00f6gliche Massnahme wird Patching empfohlen."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "CWE-79 Cross Site Scripting",
+                        "cweId": "CWE-79"
+                    }
+                ]
+            }
+        ]
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "SiteServer",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "CMS",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_affected": "=",
+                                            "version_value": "7.2.0"
+                                        },
+                                        {
+                                            "version_affected": "=",
+                                            "version_value": "7.2.1"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://vuldb.com/?id.229818",
+                "refsource": "MISC",
+                "name": "https://vuldb.com/?id.229818"
+            },
+            {
+                "url": "https://vuldb.com/?ctiid.229818",
+                "refsource": "MISC",
+                "name": "https://vuldb.com/?ctiid.229818"
+            },
+            {
+                "url": "https://gitee.com/siteserver/cms/issues/I71WJ4",
+                "refsource": "MISC",
+                "name": "https://gitee.com/siteserver/cms/issues/I71WJ4"
+            }
+        ]
+    },
+    "credits": [
+        {
+            "lang": "en",
+            "value": "VulDB Gitee Analyzer"
+        }
+    ],
+    "impact": {
+        "cvss": [
+            {
+                "version": "3.1",
+                "baseScore": 3.5,
+                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
+                "baseSeverity": "LOW"
+            },
+            {
+                "version": "3.0",
+                "baseScore": 3.5,
+                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
+                "baseSeverity": "LOW"
+            },
+            {
+                "version": "2.0",
+                "baseScore": 4,
+                "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
+                "baseSeverity": "MEDIUM"
+            }
+        ]
+    }
+}
--- a/2023/2xxx/CVE-2023-2863.json
+++ b/2023/2xxx/CVE-2023-2863.json
@ -0,0 +1,106 @@
+{
+    "data_version": "4.0",
+    "data_type": "CVE",
+    "data_format": "MITRE",
+    "CVE_data_meta": {
+        "ID": "CVE-2023-2863",
+        "ASSIGNER": "cna@vuldb.com",
+        "STATE": "PUBLIC"
+    },
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "A vulnerability has been found in Simple Design Daily Journal 1.012.GP.B on Android and classified as problematic. Affected by this vulnerability is an unknown functionality of the component SQLite Database. The manipulation leads to cleartext storage in a file or on disk. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-229819."
+            },
+            {
+                "lang": "deu",
+                "value": "In Simple Design Daily Journal 1.012.GP.B f\u00fcr Android wurde eine Schwachstelle gefunden. Sie wurde als problematisch eingestuft. Hierbei betrifft es unbekannten Programmcode der Komponente SQLite Database. Durch das Manipulieren mit unbekannten Daten kann eine cleartext storage in a file or on disk-Schwachstelle ausgenutzt werden. Der Angriff muss lokal angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "CWE-313 Cleartext Storage in a File or on Disk",
+                        "cweId": "CWE-313"
+                    }
+                ]
+            }
+        ]
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "Simple Design",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "Daily Journal",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_affected": "=",
+                                            "version_value": "1.012.GP.B"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://vuldb.com/?id.229819",
+                "refsource": "MISC",
+                "name": "https://vuldb.com/?id.229819"
+            },
+            {
+                "url": "https://vuldb.com/?ctiid.229819",
+                "refsource": "MISC",
+                "name": "https://vuldb.com/?ctiid.229819"
+            },
+            {
+                "url": "https://www.youtube.com/watch?v=V0u9C5RVSic",
+                "refsource": "MISC",
+                "name": "https://www.youtube.com/watch?v=V0u9C5RVSic"
+            }
+        ]
+    },
+    "credits": [
+        {
+            "lang": "en",
+            "value": "Gab3 (VulDB User)"
+        }
+    ],
+    "impact": {
+        "cvss": [
+            {
+                "version": "3.1",
+                "baseScore": 2.3,
+                "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
+                "baseSeverity": "LOW"
+            },
+            {
+                "version": "3.0",
+                "baseScore": 2.3,
+                "vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N",
+                "baseSeverity": "LOW"
+            },
+            {
+                "version": "2.0",
+                "baseScore": 1.4,
+                "vectorString": "AV:L/AC:L/Au:M/C:P/I:N/A:N",
+                "baseSeverity": "LOW"
+            }
+        ]
+    }
+}
--- a/2023/2xxx/CVE-2023-2864.json
+++ b/2023/2xxx/CVE-2023-2864.json
@ -0,0 +1,18 @@
+{
+    "data_type": "CVE",
+    "data_format": "MITRE",
+    "data_version": "4.0",
+    "CVE_data_meta": {
+        "ID": "CVE-2023-2864",
+        "ASSIGNER": "cve@mitre.org",
+        "STATE": "RESERVED"
+    },
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+            }
+        ]
+    }
+}
--- a/2023/2xxx/CVE-2023-2865.json
+++ b/2023/2xxx/CVE-2023-2865.json
@ -0,0 +1,18 @@
+{
+    "data_type": "CVE",
+    "data_format": "MITRE",
+    "data_version": "4.0",
+    "CVE_data_meta": {
+        "ID": "CVE-2023-2865",
+        "ASSIGNER": "cve@mitre.org",
+        "STATE": "RESERVED"
+    },
+    "description": {
+        "description_data": [
+            {
+                "lang": "eng",
+                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+            }
+        ]
+    }
+}