From 4f8ba5a55e92db46b76712410b15c18c53997379 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Thu, 27 Aug 2020 14:01:26 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2020/23xxx/CVE-2020-23972.json | 56 +++++++++++++++++++++++++++---- 2020/23xxx/CVE-2020-23973.json | 56 +++++++++++++++++++++++++++---- 2020/23xxx/CVE-2020-23974.json | 61 ++++++++++++++++++++++++++++++---- 2020/23xxx/CVE-2020-23975.json | 61 ++++++++++++++++++++++++++++++---- 2020/23xxx/CVE-2020-23976.json | 61 ++++++++++++++++++++++++++++++---- 2020/23xxx/CVE-2020-23977.json | 56 +++++++++++++++++++++++++++---- 2020/23xxx/CVE-2020-23978.json | 61 ++++++++++++++++++++++++++++++---- 7 files changed, 370 insertions(+), 42 deletions(-) diff --git a/2020/23xxx/CVE-2020-23972.json b/2020/23xxx/CVE-2020-23972.json index a27927753e5..4f640f771db 100644 --- a/2020/23xxx/CVE-2020-23972.json +++ b/2020/23xxx/CVE-2020-23972.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-23972", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-23972", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "In Joomla Component GMapFP Version J3.5 and J3.5free, an attacker can access the upload function without authenticating to the application and can also upload files which due to issues of unrestricted file uploads which can be bypassed by changing the content-type and name file too double extensions." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://raw.githubusercontent.com/me4yoursecurity/Reports/master/README.md", + "refsource": "MISC", + "name": "https://raw.githubusercontent.com/me4yoursecurity/Reports/master/README.md" } ] } diff --git a/2020/23xxx/CVE-2020-23973.json b/2020/23xxx/CVE-2020-23973.json index 777c3561566..d11902df5ad 100644 --- a/2020/23xxx/CVE-2020-23973.json +++ b/2020/23xxx/CVE-2020-23973.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-23973", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-23973", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "KandNconcepts Club CMS 1.1 and 1.2 has SQL Injection via the 'team.php,player.php,club.php' id parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://packetstormsecurity.com/files/157049/KandNconcepts-Club-CMS-1.1-1.2-Cross-Site-Scripting-SQL-Injection.html", + "refsource": "MISC", + "name": "https://packetstormsecurity.com/files/157049/KandNconcepts-Club-CMS-1.1-1.2-Cross-Site-Scripting-SQL-Injection.html" } ] } diff --git a/2020/23xxx/CVE-2020-23974.json b/2020/23xxx/CVE-2020-23974.json index f675eccda38..224b5e67ee0 100644 --- a/2020/23xxx/CVE-2020-23974.json +++ b/2020/23xxx/CVE-2020-23974.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-23974", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-23974", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Create-Project Manager 1.07 has Multi Persistent Cross-site Scripting and HTML injection in via Online chat, Social feed,Message(title-tag), Add new client (all-tags)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://packetstormsecurity.com/files/157599/Create-Project-Manager-1.07-Cross-Site-Scripting-HTML-Injection.html", + "refsource": "MISC", + "name": "https://packetstormsecurity.com/files/157599/Create-Project-Manager-1.07-Cross-Site-Scripting-HTML-Injection.html" + }, + { + "url": "https://cxsecurity.com/issue/WLB-2020050071", + "refsource": "MISC", + "name": "https://cxsecurity.com/issue/WLB-2020050071" } ] } diff --git a/2020/23xxx/CVE-2020-23975.json b/2020/23xxx/CVE-2020-23975.json index b8c5521da3c..184900975d9 100644 --- a/2020/23xxx/CVE-2020-23975.json +++ b/2020/23xxx/CVE-2020-23975.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-23975", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-23975", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Webexcels Ecommerce CMS 2.x, 2017, 2018, 2019, 2020 has cross site scripting via the 'search.php' id parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://packetstormsecurity.com/files/156948/Webexcels-Ecommerce-CMS-2.x-SQL-Injection-Cross-Site-Scripting.html", + "refsource": "MISC", + "name": "https://packetstormsecurity.com/files/156948/Webexcels-Ecommerce-CMS-2.x-SQL-Injection-Cross-Site-Scripting.html" + }, + { + "url": "https://cxsecurity.com/issue/WLB-2020030174", + "refsource": "MISC", + "name": "https://cxsecurity.com/issue/WLB-2020030174" } ] } diff --git a/2020/23xxx/CVE-2020-23976.json b/2020/23xxx/CVE-2020-23976.json index db87edfefb3..c9f039d1195 100644 --- a/2020/23xxx/CVE-2020-23976.json +++ b/2020/23xxx/CVE-2020-23976.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-23976", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-23976", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Webexcels Ecommerce CMS 2.x, 2017, 2018, 2019, 2020 has SQL Injection via the 'content.php' id parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://packetstormsecurity.com/files/156948/Webexcels-Ecommerce-CMS-2.x-SQL-Injection-Cross-Site-Scripting.html", + "refsource": "MISC", + "name": "https://packetstormsecurity.com/files/156948/Webexcels-Ecommerce-CMS-2.x-SQL-Injection-Cross-Site-Scripting.html" + }, + { + "url": "https://cxsecurity.com/issue/WLB-2020030174", + "refsource": "MISC", + "name": "https://cxsecurity.com/issue/WLB-2020030174" } ] } diff --git a/2020/23xxx/CVE-2020-23977.json b/2020/23xxx/CVE-2020-23977.json index 21ec623bcb4..67b518972ec 100644 --- a/2020/23xxx/CVE-2020-23977.json +++ b/2020/23xxx/CVE-2020-23977.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-23977", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-23977", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "KandNconcepts Club CMS 1.1 and 1.2 has cross site scripting via the 'team.php,player.php,club.php' id parameter." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://packetstormsecurity.com/files/157049/KandNconcepts-Club-CMS-1.1-1.2-Cross-Site-Scripting-SQL-Injection.html", + "refsource": "MISC", + "name": "https://packetstormsecurity.com/files/157049/KandNconcepts-Club-CMS-1.1-1.2-Cross-Site-Scripting-SQL-Injection.html" } ] } diff --git a/2020/23xxx/CVE-2020-23978.json b/2020/23xxx/CVE-2020-23978.json index 1f50496f4d6..0524e67136b 100644 --- a/2020/23xxx/CVE-2020-23978.json +++ b/2020/23xxx/CVE-2020-23978.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2020-23978", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2020-23978", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "SQL injection can occur in Soluzione Globale Ecommerce CMS v1 via the parameter \" offerta.php\"" + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://packetstormsecurity.com/files/156939/Soluzione-Globale-Ecommerce-CMS-1-SQL-Injection.html", + "refsource": "MISC", + "name": "https://packetstormsecurity.com/files/156939/Soluzione-Globale-Ecommerce-CMS-1-SQL-Injection.html" + }, + { + "url": "https://cxsecurity.com/issue/WLB-2020030150", + "refsource": "MISC", + "name": "https://cxsecurity.com/issue/WLB-2020030150" } ] }