admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 18:53:08 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-08-22 15:00:51 +00:00
parent 2b2fb41525
commit 5f58be5caa
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
7 changed files with 162 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

48
2018/18xxx/CVE-2018-18572.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-18572", "ID": "CVE-2018-18572",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
}, },
"data_format": "MITRE", "data_format": "MITRE",
"data_type": "CVE", "data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the \"product\" page. Because of this filter, script files with certain PHP-related extensions (such as .phtml and .php5) didn't execute in the application. But this filter didn't prevent the '.pht' extension. Thus, remote authenticated administrators can upload '.pht' files for arbitrary PHP code execution via a /catalog/admin/categories.php?cPath=&action=new_product URI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://github.com/osCommerce/oscommerce2/issues/631",
"url": "https://github.com/osCommerce/oscommerce2/issues/631"
} }
] ]
} }

48
2018/18xxx/CVE-2018-18573.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": { "CVE_data_meta": {
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-18573", "ID": "CVE-2018-18573",
"STATE": "RESERVED" "STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
}, },
"data_format": "MITRE", "data_format": "MITRE",
"data_type": "CVE", "data_type": "CVE",
@ -11,7 +34,28 @@
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "osCommerce 2.3.4.1 has an incomplete '.htaccess' for blacklist filtering in the \"product\" page. Remote authenticated administrators can upload new '.htaccess' files (e.g., omitting .php) and subsequently achieve arbitrary PHP code execution via a /catalog/admin/categories.php?cPath=&action=new_product URI."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://github.com/osCommerce/oscommerce2/issues/631",
"url": "https://github.com/osCommerce/oscommerce2/issues/631"
} }
] ]
} }

56
2019/11xxx/CVE-2019-11013.json
View File

@ -1,17 +1,61 @@
{ {
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": { "CVE_data_meta": {
"ID": "CVE-2019-11013",
"ASSIGNER": "cve@mitre.org", "ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED" "ID": "CVE-2019-11013",
"STATE": "PUBLIC"
}, },
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": { "description": {
"description_data": [ "description_data": [
{ {
"lang": "eng", "lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." "value": "Nimble Streamer 3.0.2-2 through 3.5.4-9 has a ../ directory traversal vulnerability. Successful exploitation could allow an attacker to traverse the file system to access files or directories that are outside of the restricted directory on the remote server."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://mayaseven.com/nimble-directory-traversal-in-nimble-streamer-version-3-0-2-2-to-3-5-4-9/",
"url": "https://mayaseven.com/nimble-directory-traversal-in-nimble-streamer-version-3-0-2-2-to-3-5-4-9/"
} }
] ]
} }

5
2019/15xxx/CVE-2019-15216.json
View File

@ -81,6 +81,11 @@
"refsource": "MLIST", "refsource": "MLIST",
"name": "[oss-security] 20190822 Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2", "name": "[oss-security] 20190822 Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2",
"url": "http://www.openwall.com/lists/oss-security/2019/08/22/3" "url": "http://www.openwall.com/lists/oss-security/2019/08/22/3"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20190822 Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2",
"url": "http://www.openwall.com/lists/oss-security/2019/08/22/4"
} }
] ]
} }

5
2019/15xxx/CVE-2019-15217.json
View File

@ -81,6 +81,11 @@
"refsource": "MLIST", "refsource": "MLIST",
"name": "[oss-security] 20190822 Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2", "name": "[oss-security] 20190822 Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2",
"url": "http://www.openwall.com/lists/oss-security/2019/08/22/3" "url": "http://www.openwall.com/lists/oss-security/2019/08/22/3"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20190822 Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2",
"url": "http://www.openwall.com/lists/oss-security/2019/08/22/4"
} }
] ]
} }

5
2019/15xxx/CVE-2019-15218.json
View File

@ -81,6 +81,11 @@
"refsource": "MLIST", "refsource": "MLIST",
"name": "[oss-security] 20190822 Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2", "name": "[oss-security] 20190822 Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2",
"url": "http://www.openwall.com/lists/oss-security/2019/08/22/3" "url": "http://www.openwall.com/lists/oss-security/2019/08/22/3"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20190822 Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2",
"url": "http://www.openwall.com/lists/oss-security/2019/08/22/4"
} }
] ]
} }

5
2019/15xxx/CVE-2019-15219.json
View File

@ -81,6 +81,11 @@
"refsource": "MLIST", "refsource": "MLIST",
"name": "[oss-security] 20190822 Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2", "name": "[oss-security] 20190822 Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2",
"url": "http://www.openwall.com/lists/oss-security/2019/08/22/3" "url": "http://www.openwall.com/lists/oss-security/2019/08/22/3"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20190822 Re: Linux kernel: multiple vulnerabilities in the USB subsystem x2",
"url": "http://www.openwall.com/lists/oss-security/2019/08/22/4"
} }
] ]
} }