diff --git a/2014/5xxx/CVE-2014-5329.json b/2014/5xxx/CVE-2014-5329.json index f9a36197b14..b4959d9f8b0 100644 --- a/2014/5xxx/CVE-2014-5329.json +++ b/2014/5xxx/CVE-2014-5329.json @@ -1,17 +1,84 @@ { - "CVE_data_meta": { - "ASSIGNER": "cve@mitre.org", - "ID": "CVE-2014-5329", - "STATE": "RESERVED" - }, - "data_format": "MITRE", - "data_type": "CVE", "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", + "CVE_data_meta": { + "ID": "CVE-2014-5329", + "ASSIGNER": "vultures@jpcert.or.jp", + "STATE": "PUBLIC" + }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "GIGAPOD file servers (Appliance model and Software model) provide two web interfaces, 80/tcp and 443/tcp for user operation, and 8001/tcp for administrative operation.\r\n8001/tcp is served by a version of Apache HTTP server containing a flaw in handling HTTP requests (CVE-2011-3192), which may lead to a denial-of-service (DoS) condition." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "Denial-of-service (DoS)" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "TripodWorks CO.,LTD.", + "product": { + "product_data": [ + { + "product_name": "GIGAPOD OFFICEHARD Appliance model", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "versions 3.04.03 and earlier" + } + ] + } + }, + { + "product_name": "GIGAPOD 2010 / GIGAPOD 3 Appliance model", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "versions 3.01.02 and earlier" + } + ] + } + }, + { + "product_name": "GIGAPOD 2010 / GIGAPOD 3 Software model", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "versions 3.01.02 and earlier" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://jvn.jp/en/jp/JVN23809730/", + "refsource": "MISC", + "name": "https://jvn.jp/en/jp/JVN23809730/" } ] } diff --git a/2021/27xxx/CVE-2021-27715.json b/2021/27xxx/CVE-2021-27715.json index 146ece1ea78..94e7f03dd3e 100644 --- a/2021/27xxx/CVE-2021-27715.json +++ b/2021/27xxx/CVE-2021-27715.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2021-27715", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2021-27715", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in MoFi Network MOFI4500-4GXeLTE-V2 3.5.6-xnet-5052 allows attackers to bypass the authentication and execute arbitrary code via crafted HTTP request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "http://mofi.com", + "refsource": "MISC", + "name": "http://mofi.com" + }, + { + "refsource": "MISC", + "name": "https://www.nagarro.com/services/security/mofi-cve-security-advisory", + "url": "https://www.nagarro.com/services/security/mofi-cve-security-advisory" } ] } diff --git a/2023/35xxx/CVE-2023-35785.json b/2023/35xxx/CVE-2023-35785.json index 006f3b8fb2b..7a70ba6c49e 100644 --- a/2023/35xxx/CVE-2023-35785.json +++ b/2023/35xxx/CVE-2023-35785.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "Zoho ManageEngine ADManager Plus through 7186 is vulnerable to 2FA bypass." + "value": "Zoho ManageEngine Active Directory 360 versions 4315 and below, ADAudit Plus 7202 and below, ADManager Plus 7200 and below, Asset Explorer 7002 and below, Cloud Security Plus 4161 and below, Data Security Plus 6110 and below, Eventlog Analyzer 12301 and below, Exchange Reporter Plus 5709 and below, Log360 5315 and below, Log360 UEBA 4045 and below, M365 Manager Plus 4529 and below, M365 Security Plus 4529 and below, Recovery Manager Plus 6061 and below, ServiceDesk Plus 14302 and below, ServiceDesk Plus MSP 14300 and below, SharePoint Manager Plus 4402 and below and Support Center Plus 14300 and below are vulnerable to the authentication bypass vulnerability via a few authenticators." } ] }, diff --git a/2023/37xxx/CVE-2023-37367.json b/2023/37xxx/CVE-2023-37367.json index 16ddb1e32c6..8af12288a4b 100644 --- a/2023/37xxx/CVE-2023-37367.json +++ b/2023/37xxx/CVE-2023-37367.json @@ -1,18 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-37367", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-37367", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor, and Modem (Exynos 9820, Exynos 980, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. In the NAS Task, an improperly implemented security check for standard can disallow desired services for a while via consecutive NAS messages." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/", + "refsource": "MISC", + "name": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "NETWORK", + "availabilityImpact": "LOW", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AC:L/AV:N/A:L/C:N/I:N/PR:N/S:U/UI:N", + "version": "3.1" + } } } \ No newline at end of file diff --git a/2023/37xxx/CVE-2023-37368.json b/2023/37xxx/CVE-2023-37368.json index 2d7e15264fb..877b1e8a1b0 100644 --- a/2023/37xxx/CVE-2023-37368.json +++ b/2023/37xxx/CVE-2023-37368.json @@ -1,18 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-37368", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-37368", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor, and Modem (Exynos Mobile Processor, Automotive Processor, and Modem - Exynos 9810, Exynos 9610, Exynos 9820, Exynos 980, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123). In the Shannon MM Task, Missing validation of a NULL pointer can cause abnormal termination via a malformed NR MM packet." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/", + "refsource": "MISC", + "name": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "HIGH", + "attackVector": "NETWORK", + "availabilityImpact": "HIGH", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "NONE", + "scope": "UNCHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.1/AC:H/AV:N/A:H/C:N/I:N/PR:N/S:U/UI:N", + "version": "3.1" + } } } \ No newline at end of file diff --git a/2023/37xxx/CVE-2023-37377.json b/2023/37xxx/CVE-2023-37377.json index b985da0c0e1..5ae3ba29338 100644 --- a/2023/37xxx/CVE-2023-37377.json +++ b/2023/37xxx/CVE-2023-37377.json @@ -1,18 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-37377", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-37377", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Samsung Exynos Mobile Processor and Wearable Processor (Exynos 980, Exynos 850, Exynos 2100, and Exynos W920). Improper handling of length parameter inconsistency can cause incorrect packet filtering." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/", + "refsource": "MISC", + "name": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "LOW", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AC:L/AV:L/A:L/C:N/I:N/PR:H/S:U/UI:R", + "version": "3.1" + } } } \ No newline at end of file diff --git a/2023/37xxx/CVE-2023-37759.json b/2023/37xxx/CVE-2023-37759.json index 54b1b558eee..f68ea3f1940 100644 --- a/2023/37xxx/CVE-2023-37759.json +++ b/2023/37xxx/CVE-2023-37759.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-37759", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-37759", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Incorrect access control in the User Registration page of Crypto Currency Tracker (CCT) before v9.5 allows unauthenticated attackers to register as an Admin account via a crafted POST request." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://codecanyon.net/item/crypto-currency-tracker-prices-charts-news-icos-info-and-more/21588008", + "refsource": "MISC", + "name": "https://codecanyon.net/item/crypto-currency-tracker-prices-charts-news-icos-info-and-more/21588008" + }, + { + "url": "https://tregix.com/", + "refsource": "MISC", + "name": "https://tregix.com/" + }, + { + "refsource": "MISC", + "name": "https://packetstormsecurity.com/files/174240/Crypto-Currency-Tracker-CCT-9.5-Add-Administrator.html", + "url": "https://packetstormsecurity.com/files/174240/Crypto-Currency-Tracker-CCT-9.5-Add-Administrator.html" } ] } diff --git a/2023/39xxx/CVE-2023-39620.json b/2023/39xxx/CVE-2023-39620.json index 94243b13ea0..055b849c8e8 100644 --- a/2023/39xxx/CVE-2023-39620.json +++ b/2023/39xxx/CVE-2023-39620.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-39620", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-39620", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An Issue in Buffalo America, Inc. TeraStation NAS TS5410R v.5.00 thru v.0.07 allows a remote attacker to obtain sensitive information via the guest account function." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/bcross520/bcross520.github.io/wiki/Buffalo-Terastation-NAS-Disabled-guest-built%E2%80%90in-account-allows-for-SMB%5CRPC-device-enumeration.", + "refsource": "MISC", + "name": "https://github.com/bcross520/bcross520.github.io/wiki/Buffalo-Terastation-NAS-Disabled-guest-built%E2%80%90in-account-allows-for-SMB%5CRPC-device-enumeration." } ] } diff --git a/2023/40xxx/CVE-2023-40353.json b/2023/40xxx/CVE-2023-40353.json index 2c9b56959bc..7deda7a3a92 100644 --- a/2023/40xxx/CVE-2023-40353.json +++ b/2023/40xxx/CVE-2023-40353.json @@ -1,18 +1,76 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-40353", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-40353", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue was discovered in Exynos Mobile Processor 980 and 2100. An integer overflow at a buffer index can prevent the execution of requested services via a crafted application." } ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/", + "refsource": "MISC", + "name": "https://semiconductor.samsung.com/support/quality-support/product-security-updates/" + } + ] + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "LOW", + "confidentialityImpact": "NONE", + "integrityImpact": "NONE", + "privilegesRequired": "HIGH", + "scope": "UNCHANGED", + "userInteraction": "REQUIRED", + "vectorString": "CVSS:3.1/AC:L/AV:L/A:L/C:N/I:N/PR:H/S:U/UI:R", + "version": "3.1" + } } } \ No newline at end of file diff --git a/2023/40xxx/CVE-2023-40953.json b/2023/40xxx/CVE-2023-40953.json index 02478ca0454..da53bf38daf 100644 --- a/2023/40xxx/CVE-2023-40953.json +++ b/2023/40xxx/CVE-2023-40953.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-40953", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-40953", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "icms 7.0.16 is vulnerable to Cross Site Request Forgery (CSRF)." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://www.icmsdev.com/", + "refsource": "MISC", + "name": "https://www.icmsdev.com/" + }, + { + "refsource": "MISC", + "name": "https://gist.github.com/ChubbyZ/e1e5c1858c389334dcf581a19c741308", + "url": "https://gist.github.com/ChubbyZ/e1e5c1858c389334dcf581a19c741308" } ] } diff --git a/2023/41xxx/CVE-2023-41594.json b/2023/41xxx/CVE-2023-41594.json index e0f5fd6605a..bca0837d984 100644 --- a/2023/41xxx/CVE-2023-41594.json +++ b/2023/41xxx/CVE-2023-41594.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-41594", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-41594", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Dairy Farm Shop Management System Using PHP and MySQL v1.1 was discovered to contain multiple SQL injection vulnerabilities in the Login function via the Username and Password parameters." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portswigger.net/web-security/sql-injection", + "refsource": "MISC", + "name": "https://portswigger.net/web-security/sql-injection" + }, + { + "url": "https://www.acunetix.com/vulnerabilities/web/sql-injection/", + "refsource": "MISC", + "name": "https://www.acunetix.com/vulnerabilities/web/sql-injection/" + }, + { + "refsource": "MISC", + "name": "https://github.com/MATRIXDEVIL/CVE/blob/main/CVE-2023-41594", + "url": "https://github.com/MATRIXDEVIL/CVE/blob/main/CVE-2023-41594" } ] } diff --git a/2023/41xxx/CVE-2023-41615.json b/2023/41xxx/CVE-2023-41615.json index c277660bd74..35dc6bd51a5 100644 --- a/2023/41xxx/CVE-2023-41615.json +++ b/2023/41xxx/CVE-2023-41615.json @@ -1,17 +1,71 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-41615", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-41615", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Zoo Management System v1.0 was discovered to contain multiple SQL injection vulnerabilities in the Admin sign-in page via the username and password fields." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://portswigger.net/web-security/sql-injection", + "refsource": "MISC", + "name": "https://portswigger.net/web-security/sql-injection" + }, + { + "url": "https://phpgurukul.com/student-management-system-using-php-and-mysql/", + "refsource": "MISC", + "name": "https://phpgurukul.com/student-management-system-using-php-and-mysql/" + }, + { + "refsource": "MISC", + "name": "https://medium.com/@guravtushar231/sql-injection-in-login-field-a9073780f7e8", + "url": "https://medium.com/@guravtushar231/sql-injection-in-login-field-a9073780f7e8" } ] } diff --git a/2023/42xxx/CVE-2023-42138.json b/2023/42xxx/CVE-2023-42138.json new file mode 100644 index 00000000000..bdb29897a12 --- /dev/null +++ b/2023/42xxx/CVE-2023-42138.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-42138", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file