diff --git a/2020/35xxx/CVE-2020-35155.json b/2020/35xxx/CVE-2020-35155.json index 5d12e6d6032..90ac65ecf1c 100644 --- a/2020/35xxx/CVE-2020-35155.json +++ b/2020/35xxx/CVE-2020-35155.json @@ -1,17 +1,17 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-35155", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@ubuntu.com", + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** CVE ID was once reserved, but never used." } ] } diff --git a/2020/35xxx/CVE-2020-35156.json b/2020/35xxx/CVE-2020-35156.json index 1bc224f87ea..c0a6b59f308 100644 --- a/2020/35xxx/CVE-2020-35156.json +++ b/2020/35xxx/CVE-2020-35156.json @@ -1,17 +1,17 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-35156", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@ubuntu.com", + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** CVE ID was once reserved, but never used." } ] } diff --git a/2020/35xxx/CVE-2020-35157.json b/2020/35xxx/CVE-2020-35157.json index 4119d62ed1d..5d46384495c 100644 --- a/2020/35xxx/CVE-2020-35157.json +++ b/2020/35xxx/CVE-2020-35157.json @@ -1,17 +1,17 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-35157", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@ubuntu.com", + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** CVE ID was once reserved, but never used." } ] } diff --git a/2020/35xxx/CVE-2020-35158.json b/2020/35xxx/CVE-2020-35158.json index 0ad6cb6823c..ee9ba06e248 100644 --- a/2020/35xxx/CVE-2020-35158.json +++ b/2020/35xxx/CVE-2020-35158.json @@ -1,17 +1,17 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-35158", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@ubuntu.com", + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** CVE ID was once reserved, but never used." } ] } diff --git a/2020/35xxx/CVE-2020-35159.json b/2020/35xxx/CVE-2020-35159.json index 85c7d040997..680e99f870b 100644 --- a/2020/35xxx/CVE-2020-35159.json +++ b/2020/35xxx/CVE-2020-35159.json @@ -1,17 +1,17 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-35159", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@ubuntu.com", + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** CVE ID was once reserved, but never used." } ] } diff --git a/2020/35xxx/CVE-2020-35160.json b/2020/35xxx/CVE-2020-35160.json index c0e1942c277..c895bd201c4 100644 --- a/2020/35xxx/CVE-2020-35160.json +++ b/2020/35xxx/CVE-2020-35160.json @@ -1,17 +1,17 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-35160", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@ubuntu.com", + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** CVE ID was once reserved, but never used." } ] } diff --git a/2020/35xxx/CVE-2020-35161.json b/2020/35xxx/CVE-2020-35161.json index 07c5d3ae156..c23d61b6a26 100644 --- a/2020/35xxx/CVE-2020-35161.json +++ b/2020/35xxx/CVE-2020-35161.json @@ -1,17 +1,17 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-35161", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@ubuntu.com", + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** CVE ID was once reserved, but never used." } ] } diff --git a/2020/35xxx/CVE-2020-35162.json b/2020/35xxx/CVE-2020-35162.json index 76d2853073d..720666d5c7e 100644 --- a/2020/35xxx/CVE-2020-35162.json +++ b/2020/35xxx/CVE-2020-35162.json @@ -1,17 +1,17 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2020-35162", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "security@ubuntu.com", + "STATE": "REJECT" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "** REJECT ** CVE ID was once reserved, but never used." } ] } diff --git a/2024/6xxx/CVE-2024-6212.json b/2024/6xxx/CVE-2024-6212.json index 2b431a8469d..680ef34a983 100644 --- a/2024/6xxx/CVE-2024-6212.json +++ b/2024/6xxx/CVE-2024-6212.json @@ -1,17 +1,117 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-6212", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability was found in SourceCodester Simple Student Attendance System 1.0 and classified as problematic. Affected by this issue is the function get_student of the file student_form.php. The manipulation of the argument id leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-269276." + }, + { + "lang": "deu", + "value": "Eine Schwachstelle wurde in SourceCodester Simple Student Attendance System 1.0 gefunden. Sie wurde als problematisch eingestuft. Es geht hierbei um die Funktion get_student der Datei student_form.php. Durch das Manipulieren des Arguments id mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-79 Cross Site Scripting", + "cweId": "CWE-79" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SourceCodester", + "product": { + "product_data": [ + { + "product_name": "Simple Student Attendance System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.269276", + "refsource": "MISC", + "name": "https://vuldb.com/?id.269276" + }, + { + "url": "https://vuldb.com/?ctiid.269276", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.269276" + }, + { + "url": "https://vuldb.com/?submit.359229", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.359229" + }, + { + "url": "https://docs.google.com/document/d/1tl9-EAxUR64Og9zS-nyUx3YtG1V32Monkvq-h39tjpw/edit?usp=sharing", + "refsource": "MISC", + "name": "https://docs.google.com/document/d/1tl9-EAxUR64Og9zS-nyUx3YtG1V32Monkvq-h39tjpw/edit?usp=sharing" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Guru Raghav Saravanan" + }, + { + "lang": "en", + "value": "R0ck3t (VulDB User)" + }, + { + "lang": "en", + "value": "R0ck3t (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 3.5, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseSeverity": "LOW" + }, + { + "version": "3.0", + "baseScore": 3.5, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "baseSeverity": "LOW" + }, + { + "version": "2.0", + "baseScore": 4, + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N" } ] } diff --git a/2024/6xxx/CVE-2024-6213.json b/2024/6xxx/CVE-2024-6213.json index f937a479f0b..cb2c5df6a4b 100644 --- a/2024/6xxx/CVE-2024-6213.json +++ b/2024/6xxx/CVE-2024-6213.json @@ -1,17 +1,109 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-6213", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability was found in SourceCodester Food Ordering Management System up to 1.0. It has been classified as critical. This affects an unknown part of the file login.php of the component Login Panel. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-269277 was assigned to this vulnerability." + }, + { + "lang": "deu", + "value": "Es wurde eine Schwachstelle in SourceCodester Food Ordering Management System bis 1.0 ausgemacht. Sie wurde als kritisch eingestuft. Es geht dabei um eine nicht klar definierte Funktion der Datei login.php der Komponente Login Panel. Durch Manipulieren des Arguments username mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 SQL Injection", + "cweId": "CWE-89" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SourceCodester", + "product": { + "product_data": [ + { + "product_name": "Food Ordering Management System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.269277", + "refsource": "MISC", + "name": "https://vuldb.com/?id.269277" + }, + { + "url": "https://vuldb.com/?ctiid.269277", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.269277" + }, + { + "url": "https://vuldb.com/?submit.359574", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.359574" + }, + { + "url": "https://github.com/jadu101/CVE/blob/main/SourceCodester_Food_Ordering_Management_System_Sqli.md", + "refsource": "MISC", + "name": "https://github.com/jadu101/CVE/blob/main/SourceCodester_Food_Ordering_Management_System_Sqli.md" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "jadu101 (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 7.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "HIGH" + }, + { + "version": "3.0", + "baseScore": 7.3, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "HIGH" + }, + { + "version": "2.0", + "baseScore": 7.5, + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P" } ] } diff --git a/2024/6xxx/CVE-2024-6214.json b/2024/6xxx/CVE-2024-6214.json index 81ad87b0b55..46af8e4f0bd 100644 --- a/2024/6xxx/CVE-2024-6214.json +++ b/2024/6xxx/CVE-2024-6214.json @@ -1,17 +1,109 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-6214", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability was found in SourceCodester Food Ordering Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file add-item.php. The manipulation of the argument price leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-269278 is the identifier assigned to this vulnerability." + }, + { + "lang": "deu", + "value": "In SourceCodester Food Ordering Management System 1.0 wurde eine Schwachstelle ausgemacht. Sie wurde als kritisch eingestuft. Dabei geht es um eine nicht genauer bekannte Funktion der Datei add-item.php. Durch das Beeinflussen des Arguments price mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 SQL Injection", + "cweId": "CWE-89" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SourceCodester", + "product": { + "product_data": [ + { + "product_name": "Food Ordering Management System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.269278", + "refsource": "MISC", + "name": "https://vuldb.com/?id.269278" + }, + { + "url": "https://vuldb.com/?ctiid.269278", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.269278" + }, + { + "url": "https://vuldb.com/?submit.359582", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.359582" + }, + { + "url": "https://github.com/jadu101/CVE/blob/main/SourceCoderster_Food_Ordering_Management_System_add_item_Sqli.md", + "refsource": "MISC", + "name": "https://github.com/jadu101/CVE/blob/main/SourceCoderster_Food_Ordering_Management_System_add_item_Sqli.md" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "jadu101 (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "3.0", + "baseScore": 6.3, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "2.0", + "baseScore": 6.5, + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2024/6xxx/CVE-2024-6215.json b/2024/6xxx/CVE-2024-6215.json index 5860583347a..6ad718049cb 100644 --- a/2024/6xxx/CVE-2024-6215.json +++ b/2024/6xxx/CVE-2024-6215.json @@ -1,17 +1,109 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-6215", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability was found in SourceCodester Food Ordering Management System up to 1.0. It has been rated as critical. This issue affects some unknown processing of the file view-ticket-admin.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-269279." + }, + { + "lang": "deu", + "value": "Eine Schwachstelle wurde in SourceCodester Food Ordering Management System bis 1.0 ausgemacht. Sie wurde als kritisch eingestuft. Hierbei geht es um eine nicht exakt ausgemachte Funktion der Datei view-ticket-admin.php. Durch Beeinflussen des Arguments id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 SQL Injection", + "cweId": "CWE-89" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SourceCodester", + "product": { + "product_data": [ + { + "product_name": "Food Ordering Management System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.269279", + "refsource": "MISC", + "name": "https://vuldb.com/?id.269279" + }, + { + "url": "https://vuldb.com/?ctiid.269279", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.269279" + }, + { + "url": "https://vuldb.com/?submit.359595", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.359595" + }, + { + "url": "https://github.com/jadu101/CVE/blob/main/SourceCodester_Food_Ordering_Management_System_view_ticket_admin_Sqli.md", + "refsource": "MISC", + "name": "https://github.com/jadu101/CVE/blob/main/SourceCodester_Food_Ordering_Management_System_view_ticket_admin_Sqli.md" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "jadu101 (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "3.0", + "baseScore": 6.3, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "2.0", + "baseScore": 6.5, + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] }