admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-02-08 16:01:06 +00:00
parent 25fd700c15
commit 43f5468d52
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
2 changed files with 142 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

93
2011/3xxx/CVE-2011-3642.json
View File

@ -2,7 +2,7 @@
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-3642", "ID": "CVE-2011-3642",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"data_format": "MITRE", "data_format": "MITRE",
"data_type": "CVE", "data_type": "CVE",
@ -11,7 +11,96 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Cross-site scripting (XSS) vulnerability in Flowplayer Flash 3.2.7 through 3.2.16, as used in the News system (news) extension for TYPO3 and Mahara, allows remote attackers to inject arbitrary web script or HTML via the plugin configuration directive in a reference to an external domain plugin."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://web.appsec.ws/FlashExploitDatabase.php",
"url": "http://web.appsec.ws/FlashExploitDatabase.php"
},
{
"refsource": "MISC",
"name": "http://appsec.ws/Presentations/FlashFlooding.pdf",
"url": "http://appsec.ws/Presentations/FlashFlooding.pdf"
},
{
"refsource": "MISC",
"name": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-009",
"url": "http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2014-009"
},
{
"refsource": "MISC",
"name": "https://code.google.com/p/flowplayer-core/issues/detail?id=441",
"url": "https://code.google.com/p/flowplayer-core/issues/detail?id=441"
},
{
"refsource": "MISC",
"name": "https://mahara.org/interaction/forum/topic.php?id=5237",
"url": "https://mahara.org/interaction/forum/topic.php?id=5237"
},
{
"refsource": "MISC",
"name": "http://secunia.com/advisories/52074",
"url": "http://secunia.com/advisories/52074"
},
{
"refsource": "MISC",
"name": "http://secunia.com/advisories/54206",
"url": "http://secunia.com/advisories/54206"
},
{
"refsource": "MISC",
"name": "http://secunia.com/advisories/58854",
"url": "http://secunia.com/advisories/58854"
},
{
"refsource": "MISC",
"name": "https://www.securityfocus.com/bid/48651",
"url": "https://www.securityfocus.com/bid/48651"
},
{
"refsource": "MISC",
"name": "https://bugs.launchpad.net/mahara/+bug/1103748",
"url": "https://bugs.launchpad.net/mahara/+bug/1103748"
} }
] ]
} }

53
2014/2xxx/CVE-2014-2225.json
View File

@ -2,7 +2,7 @@
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID": "CVE-2014-2225", "ID": "CVE-2014-2225",
"STATE": "RESERVED" "STATE": "PUBLIC"
}, },
"data_format": "MITRE", "data_format": "MITRE",
"data_type": "CVE", "data_type": "CVE",
@ -11,7 +11,56 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Multiple cross-site request forgery (CSRF) vulnerabilities in Ubiquiti Networks UniFi Controller before 3.2.1 allow remote attackers to hijack the authentication of administrators for requests that (1) create a new admin user via a request to api/add/admin; (2) have unspecified impact via a request to api/add/wlanconf; change the guest (3) password, (4) authentication method, or (5) restricted subnets via a request to api/set/setting/guest_access; (6) block, (7) unblock, or (8) reconnect users by MAC address via a request to api/cmd/stamgr; change the syslog (9) server or (10) port via a request to api/set/setting/rsyslogd; (11) have unspecified impact via a request to api/set/setting/smtp; change the syslog (12) server, (13) port, or (14) authentication settings via a request to api/cmd/cfgmgr; or (15) change the Unifi Controller name via a request to api/set/setting/identity."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "http://sethsec.blogspot.com/2014/07/cve-2014-2225.html",
"url": "http://sethsec.blogspot.com/2014/07/cve-2014-2225.html"
},
{
"refsource": "MISC",
"name": "http://seclists.org/fulldisclosure/2014/Jul/126",
"url": "http://seclists.org/fulldisclosure/2014/Jul/126"
} }
] ]
} }