From 29698c1a0bcb505950bd615401c2e2b3fcd9002d Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 21 Feb 2018 15:05:08 -0500 Subject: [PATCH] - Synchronized data. --- 2018/7xxx/CVE-2018-7260.json | 3 ++ 2018/7xxx/CVE-2018-7296.json | 18 +++++++++++ 2018/7xxx/CVE-2018-7297.json | 18 +++++++++++ 2018/7xxx/CVE-2018-7298.json | 18 +++++++++++ 2018/7xxx/CVE-2018-7299.json | 18 +++++++++++ 2018/7xxx/CVE-2018-7300.json | 18 +++++++++++ 2018/7xxx/CVE-2018-7301.json | 18 +++++++++++ 2018/7xxx/CVE-2018-7302.json | 60 ++++++++++++++++++++++++++++++++++++ 2018/7xxx/CVE-2018-7303.json | 60 ++++++++++++++++++++++++++++++++++++ 2018/7xxx/CVE-2018-7304.json | 60 ++++++++++++++++++++++++++++++++++++ 2018/7xxx/CVE-2018-7305.json | 60 ++++++++++++++++++++++++++++++++++++ 2018/7xxx/CVE-2018-7306.json | 18 +++++++++++ 12 files changed, 369 insertions(+) create mode 100644 2018/7xxx/CVE-2018-7296.json create mode 100644 2018/7xxx/CVE-2018-7297.json create mode 100644 2018/7xxx/CVE-2018-7298.json create mode 100644 2018/7xxx/CVE-2018-7299.json create mode 100644 2018/7xxx/CVE-2018-7300.json create mode 100644 2018/7xxx/CVE-2018-7301.json create mode 100644 2018/7xxx/CVE-2018-7302.json create mode 100644 2018/7xxx/CVE-2018-7303.json create mode 100644 2018/7xxx/CVE-2018-7304.json create mode 100644 2018/7xxx/CVE-2018-7305.json create mode 100644 2018/7xxx/CVE-2018-7306.json diff --git a/2018/7xxx/CVE-2018-7260.json b/2018/7xxx/CVE-2018-7260.json index 35d19cc027a..880edadcba6 100644 --- a/2018/7xxx/CVE-2018-7260.json +++ b/2018/7xxx/CVE-2018-7260.json @@ -57,6 +57,9 @@ }, { "url" : "https://www.phpmyadmin.net/security/PMASA-2018-1/" + }, + { + "url" : "https://udiniya.wordpress.com/2018/02/21/a-tale-of-stealing-session-cookie-in-phpmyadmin/" } ] } diff --git a/2018/7xxx/CVE-2018-7296.json b/2018/7xxx/CVE-2018-7296.json new file mode 100644 index 00000000000..b3352bde767 --- /dev/null +++ b/2018/7xxx/CVE-2018-7296.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-7296", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/7xxx/CVE-2018-7297.json b/2018/7xxx/CVE-2018-7297.json new file mode 100644 index 00000000000..3320691b667 --- /dev/null +++ b/2018/7xxx/CVE-2018-7297.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-7297", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/7xxx/CVE-2018-7298.json b/2018/7xxx/CVE-2018-7298.json new file mode 100644 index 00000000000..e2a96b59f6e --- /dev/null +++ b/2018/7xxx/CVE-2018-7298.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-7298", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/7xxx/CVE-2018-7299.json b/2018/7xxx/CVE-2018-7299.json new file mode 100644 index 00000000000..58aff839335 --- /dev/null +++ b/2018/7xxx/CVE-2018-7299.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-7299", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/7xxx/CVE-2018-7300.json b/2018/7xxx/CVE-2018-7300.json new file mode 100644 index 00000000000..cbf9384ea41 --- /dev/null +++ b/2018/7xxx/CVE-2018-7300.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-7300", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/7xxx/CVE-2018-7301.json b/2018/7xxx/CVE-2018-7301.json new file mode 100644 index 00000000000..ad26e01009e --- /dev/null +++ b/2018/7xxx/CVE-2018-7301.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-7301", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/7xxx/CVE-2018-7302.json b/2018/7xxx/CVE-2018-7302.json new file mode 100644 index 00000000000..4dcbf1cafdd --- /dev/null +++ b/2018/7xxx/CVE-2018-7302.json @@ -0,0 +1,60 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-7302", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "Tiki 17.1 allows upload of a .PNG file that actually has SVG content, leading to XSS." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://websecnerd.blogspot.in/2018/01/tiki-wiki-cms-groupware-17.html" + } + ] + } +} diff --git a/2018/7xxx/CVE-2018-7303.json b/2018/7xxx/CVE-2018-7303.json new file mode 100644 index 00000000000..58d9386f2f0 --- /dev/null +++ b/2018/7xxx/CVE-2018-7303.json @@ -0,0 +1,60 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-7303", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "The Calendar component in Tiki 17.1 allows HTML injection." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://websecnerd.blogspot.in/2018/01/tiki-wiki-cms-groupware-17.html" + } + ] + } +} diff --git a/2018/7xxx/CVE-2018-7304.json b/2018/7xxx/CVE-2018-7304.json new file mode 100644 index 00000000000..c133e035c62 --- /dev/null +++ b/2018/7xxx/CVE-2018-7304.json @@ -0,0 +1,60 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-7304", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "Tiki 17.1 does not validate user input for special characters; consequently, a CSV Injection attack can open a CMD.EXE or Calculator window on the victim machine to perform malicious activity, as demonstrated by an \"=cmd|' /C calc'!A0\" payload during User Creation." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://websecnerd.blogspot.in/2018/01/tiki-wiki-cms-groupware-17.html" + } + ] + } +} diff --git a/2018/7xxx/CVE-2018-7305.json b/2018/7xxx/CVE-2018-7305.json new file mode 100644 index 00000000000..c3df6598491 --- /dev/null +++ b/2018/7xxx/CVE-2018-7305.json @@ -0,0 +1,60 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-7305", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "MyBB 1.8.14 is not checking for a valid CSRF token, leading to arbitrary deletion of user accounts." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "url" : "https://websecnerd.blogspot.in/2018/02/mybb-forum-1_21.html" + } + ] + } +} diff --git a/2018/7xxx/CVE-2018-7306.json b/2018/7xxx/CVE-2018-7306.json new file mode 100644 index 00000000000..f364bedc47e --- /dev/null +++ b/2018/7xxx/CVE-2018-7306.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-7306", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +}