diff --git a/2018/18xxx/CVE-2018-18619.json b/2018/18xxx/CVE-2018-18619.json index 407442a38fd..6869313b203 100644 --- a/2018/18xxx/CVE-2018-18619.json +++ b/2018/18xxx/CVE-2018-18619.json @@ -2,7 +2,30 @@ "CVE_data_meta" : { "ASSIGNER" : "cve@mitre.org", "ID" : "CVE-2018-18619", - "STATE" : "RESERVED" + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } }, "data_format" : "MITRE", "data_type" : "CVE", @@ -11,7 +34,38 @@ "description_data" : [ { "lang" : "eng", - "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value" : "internal/advanced_comment_system/admin.php in Advanced Comment System 1.0 is prone to an SQL injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query, allowing remote attackers to execute the sqli attack via a URL in the \"page\" parameter. NOTE: The product is discontinued." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "45853", + "refsource" : "EXPLOIT-DB", + "url" : "https://www.exploit-db.com/exploits/45853/" + }, + { + "name" : "20181109 [CVE-2018-18619] SQL injection in Advanced comment system v1.0", + "refsource" : "FULLDISC", + "url" : "http://seclists.org/fulldisclosure/2018/Nov/30" + }, + { + "name" : "http://packetstormsecurity.com/files/150261/Advanced-Comment-System-1.0-SQL-Injection.html", + "refsource" : "MISC", + "url" : "http://packetstormsecurity.com/files/150261/Advanced-Comment-System-1.0-SQL-Injection.html" } ] } diff --git a/2018/19xxx/CVE-2018-19120.json b/2018/19xxx/CVE-2018-19120.json index 83da435b6cf..993d4aa45db 100644 --- a/2018/19xxx/CVE-2018-19120.json +++ b/2018/19xxx/CVE-2018-19120.json @@ -56,6 +56,11 @@ "name" : "https://bugzilla.redhat.com/show_bug.cgi?id=1649420", "refsource" : "MISC", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1649420" + }, + { + "name" : "FEDORA-2018-2e64407bef", + "refsource" : "FEDORA", + "url" : "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CWRCGXLPJHM4OFD66BINH2FIMYHRCRKF/" } ] } diff --git a/2018/19xxx/CVE-2018-19749.json b/2018/19xxx/CVE-2018-19749.json new file mode 100644 index 00000000000..2e0c41d5453 --- /dev/null +++ b/2018/19xxx/CVE-2018-19749.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-19749", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "DomainMOD through 4.11.01 has XSS via the assets/add/account-owner.php Owner name field." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/domainmod/domainmod/issues/81", + "refsource" : "MISC", + "url" : "https://github.com/domainmod/domainmod/issues/81" + } + ] + } +} diff --git a/2018/19xxx/CVE-2018-19750.json b/2018/19xxx/CVE-2018-19750.json new file mode 100644 index 00000000000..5d41b4bea02 --- /dev/null +++ b/2018/19xxx/CVE-2018-19750.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-19750", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "DomainMOD through 4.11.01 has XSS via the admin/domain-fields/ notes field in an Add Custom Field action for Custom Domain Fields." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/domainmod/domainmod/issues/82", + "refsource" : "MISC", + "url" : "https://github.com/domainmod/domainmod/issues/82" + } + ] + } +} diff --git a/2018/19xxx/CVE-2018-19751.json b/2018/19xxx/CVE-2018-19751.json new file mode 100644 index 00000000000..a541b367ac3 --- /dev/null +++ b/2018/19xxx/CVE-2018-19751.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-19751", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "DomainMOD through 4.11.01 has XSS via the admin/ssl-fields/add.php notes field for Custom SSL Fields." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/domainmod/domainmod/issues/83", + "refsource" : "MISC", + "url" : "https://github.com/domainmod/domainmod/issues/83" + } + ] + } +} diff --git a/2018/19xxx/CVE-2018-19752.json b/2018/19xxx/CVE-2018-19752.json new file mode 100644 index 00000000000..1776a3d6a26 --- /dev/null +++ b/2018/19xxx/CVE-2018-19752.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-19752", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "DomainMOD through 4.11.01 has XSS via the assets/add/registrar.php notes field for the Registrar." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/domainmod/domainmod/issues/84", + "refsource" : "MISC", + "url" : "https://github.com/domainmod/domainmod/issues/84" + } + ] + } +} diff --git a/2018/8xxx/CVE-2018-8784.json b/2018/8xxx/CVE-2018-8784.json index ea76c3c507f..bd90e7fb45e 100644 --- a/2018/8xxx/CVE-2018-8784.json +++ b/2018/8xxx/CVE-2018-8784.json @@ -54,6 +54,8 @@ "references" : { "reference_data" : [ { + "name" : "https://github.com/FreeRDP/FreeRDP/commit/17c363a5162fd4dc77b1df54e48d7bd9bf6b3be7", + "refsource" : "CONFIRM", "url" : "https://github.com/FreeRDP/FreeRDP/commit/17c363a5162fd4dc77b1df54e48d7bd9bf6b3be7" } ] diff --git a/2018/8xxx/CVE-2018-8785.json b/2018/8xxx/CVE-2018-8785.json index 998779b7bb8..2c31c2d5cba 100644 --- a/2018/8xxx/CVE-2018-8785.json +++ b/2018/8xxx/CVE-2018-8785.json @@ -54,6 +54,8 @@ "references" : { "reference_data" : [ { + "name" : "https://github.com/FreeRDP/FreeRDP/commit/602f4a2e14b41703b5f431de3154cd46a5750a2d", + "refsource" : "CONFIRM", "url" : "https://github.com/FreeRDP/FreeRDP/commit/602f4a2e14b41703b5f431de3154cd46a5750a2d" } ] diff --git a/2018/8xxx/CVE-2018-8786.json b/2018/8xxx/CVE-2018-8786.json index dbe014384da..1d76eee76e1 100644 --- a/2018/8xxx/CVE-2018-8786.json +++ b/2018/8xxx/CVE-2018-8786.json @@ -54,6 +54,8 @@ "references" : { "reference_data" : [ { + "name" : "https://github.com/FreeRDP/FreeRDP/commit/445a5a42c500ceb80f8fa7f2c11f3682538033f3", + "refsource" : "CONFIRM", "url" : "https://github.com/FreeRDP/FreeRDP/commit/445a5a42c500ceb80f8fa7f2c11f3682538033f3" } ] diff --git a/2018/8xxx/CVE-2018-8787.json b/2018/8xxx/CVE-2018-8787.json index 255f879fc54..5a2140383f8 100644 --- a/2018/8xxx/CVE-2018-8787.json +++ b/2018/8xxx/CVE-2018-8787.json @@ -54,6 +54,8 @@ "references" : { "reference_data" : [ { + "name" : "https://github.com/FreeRDP/FreeRDP/commit/09b9d4f1994a674c4ec85b4947aa656eda1aed8a", + "refsource" : "CONFIRM", "url" : "https://github.com/FreeRDP/FreeRDP/commit/09b9d4f1994a674c4ec85b4947aa656eda1aed8a" } ] diff --git a/2018/8xxx/CVE-2018-8788.json b/2018/8xxx/CVE-2018-8788.json index bdda2a0f348..7ffae7771eb 100644 --- a/2018/8xxx/CVE-2018-8788.json +++ b/2018/8xxx/CVE-2018-8788.json @@ -54,6 +54,8 @@ "references" : { "reference_data" : [ { + "name" : "https://github.com/FreeRDP/FreeRDP/commit/d1112c279bd1a327e8e4d0b5f371458bf2579659", + "refsource" : "CONFIRM", "url" : "https://github.com/FreeRDP/FreeRDP/commit/d1112c279bd1a327e8e4d0b5f371458bf2579659" } ]