diff --git a/2019/9xxx/CVE-2019-9047.json b/2019/9xxx/CVE-2019-9047.json index 734351bd1f2..fd65cf1962b 100644 --- a/2019/9xxx/CVE-2019-9047.json +++ b/2019/9xxx/CVE-2019-9047.json @@ -2,7 +2,30 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2019-9047", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,28 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "GoRose v1.0.4 has SQL Injection when the order_by or group_by parameter can be controlled." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/huzr2018/orderby_SQLi/tree/master/gorose", + "refsource" : "MISC", + "url" : "https://github.com/huzr2018/orderby_SQLi/tree/master/gorose" } ] } diff --git a/2019/9xxx/CVE-2019-9053.json b/2019/9xxx/CVE-2019-9053.json new file mode 100644 index 00000000000..9d026348dee --- /dev/null +++ b/2019/9xxx/CVE-2019-9053.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-9053", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2019/9xxx/CVE-2019-9054.json b/2019/9xxx/CVE-2019-9054.json new file mode 100644 index 00000000000..29737de303d --- /dev/null +++ b/2019/9xxx/CVE-2019-9054.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-9054", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2019/9xxx/CVE-2019-9055.json b/2019/9xxx/CVE-2019-9055.json new file mode 100644 index 00000000000..ecd69c973fb --- /dev/null +++ b/2019/9xxx/CVE-2019-9055.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-9055", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2019/9xxx/CVE-2019-9056.json b/2019/9xxx/CVE-2019-9056.json new file mode 100644 index 00000000000..52930535899 --- /dev/null +++ b/2019/9xxx/CVE-2019-9056.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-9056", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2019/9xxx/CVE-2019-9057.json b/2019/9xxx/CVE-2019-9057.json new file mode 100644 index 00000000000..09cde52ea31 --- /dev/null +++ b/2019/9xxx/CVE-2019-9057.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-9057", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2019/9xxx/CVE-2019-9058.json b/2019/9xxx/CVE-2019-9058.json new file mode 100644 index 00000000000..2d8711f67f5 --- /dev/null +++ b/2019/9xxx/CVE-2019-9058.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-9058", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2019/9xxx/CVE-2019-9059.json b/2019/9xxx/CVE-2019-9059.json new file mode 100644 index 00000000000..b49a86666b6 --- /dev/null +++ b/2019/9xxx/CVE-2019-9059.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-9059", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2019/9xxx/CVE-2019-9060.json b/2019/9xxx/CVE-2019-9060.json new file mode 100644 index 00000000000..c6db3ba91db --- /dev/null +++ b/2019/9xxx/CVE-2019-9060.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-9060", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2019/9xxx/CVE-2019-9061.json b/2019/9xxx/CVE-2019-9061.json new file mode 100644 index 00000000000..7d31775ccd2 --- /dev/null +++ b/2019/9xxx/CVE-2019-9061.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-9061", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2019/9xxx/CVE-2019-9062.json b/2019/9xxx/CVE-2019-9062.json new file mode 100644 index 00000000000..51bebda8f4b --- /dev/null +++ b/2019/9xxx/CVE-2019-9062.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-9062", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "PHP Scripts Mall Online Food Ordering Script 1.0 has Cross-Site Request Forgery (CSRF) in my-account.php." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://hackingvila.wordpress.com/2019/02/19/php-scripts-mall-online-food-ordering-script-has-cross-site-request-forgery-csrf-php-script-mall/", + "refsource" : "MISC", + "url" : "https://hackingvila.wordpress.com/2019/02/19/php-scripts-mall-online-food-ordering-script-has-cross-site-request-forgery-csrf-php-script-mall/" + } + ] + } +} diff --git a/2019/9xxx/CVE-2019-9063.json b/2019/9xxx/CVE-2019-9063.json new file mode 100644 index 00000000000..1a56239ad79 --- /dev/null +++ b/2019/9xxx/CVE-2019-9063.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-9063", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "PHP Scripts Mall Auction website script 2.0.4 allows parameter tampering of the payment amount." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://hackingvila.wordpress.com/2019/02/21/php-scripts-mall-auction-website-script-has-parameter-tampering/", + "refsource" : "MISC", + "url" : "https://hackingvila.wordpress.com/2019/02/21/php-scripts-mall-auction-website-script-has-parameter-tampering/" + } + ] + } +} diff --git a/2019/9xxx/CVE-2019-9064.json b/2019/9xxx/CVE-2019-9064.json new file mode 100644 index 00000000000..41959e17fd3 --- /dev/null +++ b/2019/9xxx/CVE-2019-9064.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-9064", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "PHP Scripts Mall Cab Booking Script 1.0.3 allows Directory Traversal into the parent directory of a jpg or png file." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://hackingvila.wordpress.com/2019/02/18/directory-traveler-or-path-traveler-vulnerability-in-cab-booking-script-php-script-mall/", + "refsource" : "MISC", + "url" : "https://hackingvila.wordpress.com/2019/02/18/directory-traveler-or-path-traveler-vulnerability-in-cab-booking-script-php-script-mall/" + } + ] + } +} diff --git a/2019/9xxx/CVE-2019-9065.json b/2019/9xxx/CVE-2019-9065.json new file mode 100644 index 00000000000..4b2827b77af --- /dev/null +++ b/2019/9xxx/CVE-2019-9065.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-9065", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "PHP Scripts Mall Custom T-Shirt Ecommerce Script 3.1.1 allows parameter tampering of the payment amount," + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://hackingvila.wordpress.com/2019/02/21/php-scripts-mall-custom-t-shirt-ecommerce-script-has-parameter-tampering/", + "refsource" : "MISC", + "url" : "https://hackingvila.wordpress.com/2019/02/21/php-scripts-mall-custom-t-shirt-ecommerce-script-has-parameter-tampering/" + } + ] + } +} diff --git a/2019/9xxx/CVE-2019-9066.json b/2019/9xxx/CVE-2019-9066.json new file mode 100644 index 00000000000..4c3ba605115 --- /dev/null +++ b/2019/9xxx/CVE-2019-9066.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2019-9066", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "PHP Scripts Mall PHP Appointment Booking Script 3.0.3 allows HTML injection in a user profile." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://hackingvila.wordpress.com/2019/02/22/php-scripts-mall-php-appointment-booking-script-has-html-injection-via-an-edit-my-profile/", + "refsource" : "MISC", + "url" : "https://hackingvila.wordpress.com/2019/02/22/php-scripts-mall-php-appointment-booking-script-has-html-injection-via-an-edit-my-profile/" + } + ] + } +}