From 596c9fa85cb674ee58fe032b19d17e80bf6d8032 Mon Sep 17 00:00:00 2001
From: CVE Team <cve-request@mitre.org>
Date: Wed, 12 Sep 2018 19:05:24 -0400
Subject: [PATCH] - Synchronized data.

---
 2018/16xxx/CVE-2018-16977.json | 62 ++++++++++++++++++++++++++++++++++
 2018/16xxx/CVE-2018-16978.json | 62 ++++++++++++++++++++++++++++++++++
 2018/16xxx/CVE-2018-16979.json | 62 ++++++++++++++++++++++++++++++++++
 2018/16xxx/CVE-2018-16980.json | 62 ++++++++++++++++++++++++++++++++++
 2018/16xxx/CVE-2018-16981.json | 62 ++++++++++++++++++++++++++++++++++
 5 files changed, 310 insertions(+)
 create mode 100644 2018/16xxx/CVE-2018-16977.json
 create mode 100644 2018/16xxx/CVE-2018-16978.json
 create mode 100644 2018/16xxx/CVE-2018-16979.json
 create mode 100644 2018/16xxx/CVE-2018-16980.json
 create mode 100644 2018/16xxx/CVE-2018-16981.json

diff --git a/2018/16xxx/CVE-2018-16977.json b/2018/16xxx/CVE-2018-16977.json
new file mode 100644
index 00000000000..3a665e0ff75
--- /dev/null
+++ b/2018/16xxx/CVE-2018-16977.json
@@ -0,0 +1,62 @@
+{
+   "CVE_data_meta" : {
+      "ASSIGNER" : "cve@mitre.org",
+      "ID" : "CVE-2018-16977",
+      "STATE" : "PUBLIC"
+   },
+   "affects" : {
+      "vendor" : {
+         "vendor_data" : [
+            {
+               "product" : {
+                  "product_data" : [
+                     {
+                        "product_name" : "n/a",
+                        "version" : {
+                           "version_data" : [
+                              {
+                                 "version_value" : "n/a"
+                              }
+                           ]
+                        }
+                     }
+                  ]
+               },
+               "vendor_name" : "n/a"
+            }
+         ]
+      }
+   },
+   "data_format" : "MITRE",
+   "data_type" : "CVE",
+   "data_version" : "4.0",
+   "description" : {
+      "description_data" : [
+         {
+            "lang" : "eng",
+            "value" : "Monstra CMS V3.0.4 has an information leakage risk (e.g., PATH, DOCUMENT_ROOT, and SERVER_ADMIN) in libraries/Gelato/ErrorHandler/Resources/Views/Errors/exception.php."
+         }
+      ]
+   },
+   "problemtype" : {
+      "problemtype_data" : [
+         {
+            "description" : [
+               {
+                  "lang" : "eng",
+                  "value" : "n/a"
+               }
+            ]
+         }
+      ]
+   },
+   "references" : {
+      "reference_data" : [
+         {
+            "name" : "https://github.com/howchen/howchen/issues/4",
+            "refsource" : "MISC",
+            "url" : "https://github.com/howchen/howchen/issues/4"
+         }
+      ]
+   }
+}
diff --git a/2018/16xxx/CVE-2018-16978.json b/2018/16xxx/CVE-2018-16978.json
new file mode 100644
index 00000000000..4a0b7df793b
--- /dev/null
+++ b/2018/16xxx/CVE-2018-16978.json
@@ -0,0 +1,62 @@
+{
+   "CVE_data_meta" : {
+      "ASSIGNER" : "cve@mitre.org",
+      "ID" : "CVE-2018-16978",
+      "STATE" : "PUBLIC"
+   },
+   "affects" : {
+      "vendor" : {
+         "vendor_data" : [
+            {
+               "product" : {
+                  "product_data" : [
+                     {
+                        "product_name" : "n/a",
+                        "version" : {
+                           "version_data" : [
+                              {
+                                 "version_value" : "n/a"
+                              }
+                           ]
+                        }
+                     }
+                  ]
+               },
+               "vendor_name" : "n/a"
+            }
+         ]
+      }
+   },
+   "data_format" : "MITRE",
+   "data_type" : "CVE",
+   "data_version" : "4.0",
+   "description" : {
+      "description_data" : [
+         {
+            "lang" : "eng",
+            "value" : "Monstra CMS V3.0.4 has XSS when ones tries to register an account with a crafted password parameter to users/registration, a different vulnerability than CVE-2018-11473."
+         }
+      ]
+   },
+   "problemtype" : {
+      "problemtype_data" : [
+         {
+            "description" : [
+               {
+                  "lang" : "eng",
+                  "value" : "n/a"
+               }
+            ]
+         }
+      ]
+   },
+   "references" : {
+      "reference_data" : [
+         {
+            "name" : "https://github.com/howchen/howchen/issues/4",
+            "refsource" : "MISC",
+            "url" : "https://github.com/howchen/howchen/issues/4"
+         }
+      ]
+   }
+}
diff --git a/2018/16xxx/CVE-2018-16979.json b/2018/16xxx/CVE-2018-16979.json
new file mode 100644
index 00000000000..40f2cccb509
--- /dev/null
+++ b/2018/16xxx/CVE-2018-16979.json
@@ -0,0 +1,62 @@
+{
+   "CVE_data_meta" : {
+      "ASSIGNER" : "cve@mitre.org",
+      "ID" : "CVE-2018-16979",
+      "STATE" : "PUBLIC"
+   },
+   "affects" : {
+      "vendor" : {
+         "vendor_data" : [
+            {
+               "product" : {
+                  "product_data" : [
+                     {
+                        "product_name" : "n/a",
+                        "version" : {
+                           "version_data" : [
+                              {
+                                 "version_value" : "n/a"
+                              }
+                           ]
+                        }
+                     }
+                  ]
+               },
+               "vendor_name" : "n/a"
+            }
+         ]
+      }
+   },
+   "data_format" : "MITRE",
+   "data_type" : "CVE",
+   "data_version" : "4.0",
+   "description" : {
+      "description_data" : [
+         {
+            "lang" : "eng",
+            "value" : "Monstra CMS V3.0.4 allows HTTP header injection in the plugins/captcha/crypt/cryptographp.php cfg parameter, a related issue to CVE-2012-2943."
+         }
+      ]
+   },
+   "problemtype" : {
+      "problemtype_data" : [
+         {
+            "description" : [
+               {
+                  "lang" : "eng",
+                  "value" : "n/a"
+               }
+            ]
+         }
+      ]
+   },
+   "references" : {
+      "reference_data" : [
+         {
+            "name" : "https://github.com/howchen/howchen/issues/4",
+            "refsource" : "MISC",
+            "url" : "https://github.com/howchen/howchen/issues/4"
+         }
+      ]
+   }
+}
diff --git a/2018/16xxx/CVE-2018-16980.json b/2018/16xxx/CVE-2018-16980.json
new file mode 100644
index 00000000000..c3c86a14dd7
--- /dev/null
+++ b/2018/16xxx/CVE-2018-16980.json
@@ -0,0 +1,62 @@
+{
+   "CVE_data_meta" : {
+      "ASSIGNER" : "cve@mitre.org",
+      "ID" : "CVE-2018-16980",
+      "STATE" : "PUBLIC"
+   },
+   "affects" : {
+      "vendor" : {
+         "vendor_data" : [
+            {
+               "product" : {
+                  "product_data" : [
+                     {
+                        "product_name" : "n/a",
+                        "version" : {
+                           "version_data" : [
+                              {
+                                 "version_value" : "n/a"
+                              }
+                           ]
+                        }
+                     }
+                  ]
+               },
+               "vendor_name" : "n/a"
+            }
+         ]
+      }
+   },
+   "data_format" : "MITRE",
+   "data_type" : "CVE",
+   "data_version" : "4.0",
+   "description" : {
+      "description_data" : [
+         {
+            "lang" : "eng",
+            "value" : "dotCMS V5.0.1 has XSS in the /html/portlet/ext/contentlet/image_tools/index.jsp fieldName and inode parameters."
+         }
+      ]
+   },
+   "problemtype" : {
+      "problemtype_data" : [
+         {
+            "description" : [
+               {
+                  "lang" : "eng",
+                  "value" : "n/a"
+               }
+            ]
+         }
+      ]
+   },
+   "references" : {
+      "reference_data" : [
+         {
+            "name" : "https://github.com/dotCMS/core/issues/15274",
+            "refsource" : "MISC",
+            "url" : "https://github.com/dotCMS/core/issues/15274"
+         }
+      ]
+   }
+}
diff --git a/2018/16xxx/CVE-2018-16981.json b/2018/16xxx/CVE-2018-16981.json
new file mode 100644
index 00000000000..75c26a60502
--- /dev/null
+++ b/2018/16xxx/CVE-2018-16981.json
@@ -0,0 +1,62 @@
+{
+   "CVE_data_meta" : {
+      "ASSIGNER" : "cve@mitre.org",
+      "ID" : "CVE-2018-16981",
+      "STATE" : "PUBLIC"
+   },
+   "affects" : {
+      "vendor" : {
+         "vendor_data" : [
+            {
+               "product" : {
+                  "product_data" : [
+                     {
+                        "product_name" : "n/a",
+                        "version" : {
+                           "version_data" : [
+                              {
+                                 "version_value" : "n/a"
+                              }
+                           ]
+                        }
+                     }
+                  ]
+               },
+               "vendor_name" : "n/a"
+            }
+         ]
+      }
+   },
+   "data_format" : "MITRE",
+   "data_type" : "CVE",
+   "data_version" : "4.0",
+   "description" : {
+      "description_data" : [
+         {
+            "lang" : "eng",
+            "value" : "stb stb_image.h 2.19, as used in catimg, Emscripten, and other products, has a heap-based buffer overflow in the stbi__out_gif_code function."
+         }
+      ]
+   },
+   "problemtype" : {
+      "problemtype_data" : [
+         {
+            "description" : [
+               {
+                  "lang" : "eng",
+                  "value" : "n/a"
+               }
+            ]
+         }
+      ]
+   },
+   "references" : {
+      "reference_data" : [
+         {
+            "name" : "https://github.com/nothings/stb/issues/656",
+            "refsource" : "MISC",
+            "url" : "https://github.com/nothings/stb/issues/656"
+         }
+      ]
+   }
+}