mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-08-04 08:44:25 +00:00
"-Synchronized-Data."
This commit is contained in:
CVE Team
parent
f7cd29d0a5
commit
63920ffe20
@ -49,7 +49,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability was found in KB Affiliate Referral Script 1.0. It has been classified as critical. This affects an unknown part of the file \/index.php. The manipulation of the argument username\/password with the input 'or''=' leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
|
||||
"value": "A vulnerability was found in KB Affiliate Referral Script 1.0. It has been classified as critical. This affects an unknown part of the file /index.php. The manipulation of the argument username/password with the input 'or''=' leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -58,16 +58,20 @@
|
||||
"cvss": {
|
||||
"version": "3.1",
|
||||
"baseScore": "7.3",
|
||||
"vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:L\/I:L\/A:L"
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https:\/\/www.exploit-db.com\/exploits\/41166\/"
|
||||
"url": "https://www.exploit-db.com/exploits/41166/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.exploit-db.com/exploits/41166/"
|
||||
},
|
||||
{
|
||||
"url": "https:\/\/vuldb.com\/?id.96621"
|
||||
"url": "https://vuldb.com/?id.96621",
|
||||
"refsource": "MISC",
|
||||
"name": "https://vuldb.com/?id.96621"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -49,7 +49,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability was found in KB Login Authentication Script 1.1 and classified as critical. Affected by this issue is some unknown functionality. The manipulation of the argument username\/password with the input 'or''=' leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
|
||||
"value": "A vulnerability was found in KB Login Authentication Script 1.1 and classified as critical. Affected by this issue is some unknown functionality. The manipulation of the argument username/password with the input 'or''=' leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -58,16 +58,20 @@
|
||||
"cvss": {
|
||||
"version": "3.1",
|
||||
"baseScore": "7.3",
|
||||
"vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:L\/I:L\/A:L"
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https:\/\/www.exploit-db.com\/exploits\/41167\/"
|
||||
"url": "https://www.exploit-db.com/exploits/41167/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.exploit-db.com/exploits/41167/"
|
||||
},
|
||||
{
|
||||
"url": "https:\/\/vuldb.com\/?id.96620"
|
||||
"url": "https://vuldb.com/?id.96620",
|
||||
"refsource": "MISC",
|
||||
"name": "https://vuldb.com/?id.96620"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -49,7 +49,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "A vulnerability has been found in KB Messages PHP Script 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument username\/password with the input 'or''=' leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
|
||||
"value": "A vulnerability has been found in KB Messages PHP Script 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation of the argument username/password with the input 'or''=' leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
|
||||
}
|
||||
]
|
||||
},
|
||||
@ -58,16 +58,20 @@
|
||||
"cvss": {
|
||||
"version": "3.1",
|
||||
"baseScore": "7.3",
|
||||
"vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:L\/I:L\/A:L"
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
|
||||
}
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https:\/\/www.exploit-db.com\/exploits\/41168\/"
|
||||
"url": "https://www.exploit-db.com/exploits/41168/",
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.exploit-db.com/exploits/41168/"
|
||||
},
|
||||
{
|
||||
"url": "https:\/\/vuldb.com\/?id.96619"
|
||||
"url": "https://vuldb.com/?id.96619",
|
||||
"refsource": "MISC",
|
||||
"name": "https://vuldb.com/?id.96619"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -108,6 +108,11 @@
|
||||
"refsource": "MISC",
|
||||
"name": "http://packetstormsecurity.com/files/167032/Apache-CouchDB-3.2.1-Remote-Code-Execution.html",
|
||||
"url": "http://packetstormsecurity.com/files/167032/Apache-CouchDB-3.2.1-Remote-Code-Execution.html"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://medium.com/@_sadshade/couchdb-erlang-and-cookies-rce-on-default-settings-b1e9173a4bcd",
|
||||
"url": "https://medium.com/@_sadshade/couchdb-erlang-and-cookies-rce-on-default-settings-b1e9173a4bcd"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -34,7 +34,7 @@
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The TikTok application before 23.8.4 for Android allows account takeover. A crafted URL (unvalidated deeplink) can force the com.zhiliaoapp.musically WebView to load an arbitrary website. This may allow an attacker to leverage an attached JavaScript interface for the takeover with one click."
|
||||
"value": "The TikTok application before 27.7.3 for Android allows account takeover. A crafted URL (unvalidated deeplink) can force the com.zhiliaoapp.musically WebView to load an arbitrary website. This may allow an attacker to leverage an attached JavaScript interface for the takeover with one click."
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -1,17 +1,66 @@
|
||||
{
|
||||
"data_type": "CVE",
|
||||
"data_format": "MITRE",
|
||||
"data_version": "4.0",
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2022-28888",
|
||||
"ASSIGNER": "cve@mitre.org",
|
||||
"STATE": "RESERVED"
|
||||
"ID": "CVE-2022-28888",
|
||||
"STATE": "PUBLIC"
|
||||
},
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "n/a",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
},
|
||||
"vendor_name": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
|
||||
"value": "Spryker Commerce OS 1.4.2 allows Remote Command Execution."
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "n/a"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"url": "https://schutzwerk.com",
|
||||
"refsource": "MISC",
|
||||
"name": "https://schutzwerk.com"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "https://www.schutzwerk.com/en/43/advisories/schutzwerk-sa-2022-003/",
|
||||
"url": "https://www.schutzwerk.com/en/43/advisories/schutzwerk-sa-2022-003/"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -108,6 +108,11 @@
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20220712 Re: Xen Security Advisory 407 v1 (CVE-2022-23816,CVE-2022-23825,CVE-2022-29900) - Retbleed - arbitrary speculative code execution with return instructions",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2022/07/12/5"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20220713 Re: Xen Security Advisory 407 v1 (CVE-2022-23816,CVE-2022-23825,CVE-2022-29900) - Retbleed - arbitrary speculative code execution with return instructions",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2022/07/13/1"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
@ -107,6 +107,11 @@
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20220712 Re: Xen Security Advisory 407 v1 (CVE-2022-23816,CVE-2022-23825,CVE-2022-29900) - Retbleed - arbitrary speculative code execution with return instructions",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2022/07/12/5"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[oss-security] 20220713 Re: Xen Security Advisory 407 v1 (CVE-2022-23816,CVE-2022-23825,CVE-2022-29900) - Retbleed - arbitrary speculative code execution with return instructions",
|
||||
"url": "http://www.openwall.com/lists/oss-security/2022/07/13/1"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user