admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 02:32:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2025-02-11 04:00:37 +00:00
parent 6c19f04d03
commit 792ceb0baf
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
5 changed files with 590 additions and 20 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

174
2025/1xxx/CVE-2025-1143.json
View File

@ -1,17 +1,183 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-1143",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@cert.org.tw",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Certain models of routers from Billion Electric has hard-coded embedded linux credentials, allowing attackers to log in through the SSH service using these credentials and obtain root privilege of the system."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-798 Use of Hard-coded Credentials",
"cweId": "CWE-798"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Billion Electric",
"product": {
"product_data": [
{
"product_name": "M100",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.04.1.159.*",
"version_value": "1.04.1.592.10"
},
{
"version_affected": "<",
"version_name": "1.04.1.613.*",
"version_value": "1.04.1.613.14"
},
{
"version_affected": "<",
"version_name": "1.04.1.*",
"version_value": "1.04.1.676"
}
]
}
},
{
"product_name": "M150",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.04.1.592.*",
"version_value": "1.04.1.592.10"
},
{
"version_affected": "<",
"version_name": "1.04.1.613.*",
"version_value": "1.04.1.613.14"
},
{
"version_affected": "<",
"version_name": "1.04.1.*",
"version_value": "1.04.1.676"
}
]
}
},
{
"product_name": "M120N",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.04.1.592.*",
"version_value": "1.04.1.592.10"
},
{
"version_affected": "<",
"version_name": "1.04.1.613.*",
"version_value": "1.04.1.613.14"
},
{
"version_affected": "<",
"version_name": "1.04.1.*",
"version_value": "1.04.1.676"
}
]
}
},
{
"product_name": "M500",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "1.04.1.592.*",
"version_value": "1.04.1.592.10"
},
{
"version_affected": "<",
"version_name": "1.04.1.613.*",
"version_value": "1.04.1.613.14"
},
{
"version_affected": "<",
"version_name": "1.04.1.*",
"version_value": "1.04.1.676"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.twcert.org.tw/tw/cp-132-8413-ec9a5-1.html",
"refsource": "MISC",
"name": "https://www.twcert.org.tw/tw/cp-132-8413-ec9a5-1.html"
},
{
"url": "https://www.twcert.org.tw/en/cp-139-8414-096ce-2.html",
"refsource": "MISC",
"name": "https://www.twcert.org.tw/en/cp-139-8414-096ce-2.html"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"advisory": "TVN-202502001",
"discovery": "EXTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "For firmware version 1.04.1.592.x, please update to 1.04.1.592.10 or later.<br>For firmware version 1.04.1.613.x, please update to 1.04.1.613.14 or later.<br>For all other firmware version 1.04.1.x, please update to 1.04.1.676 or later.<br>"
}
],
"value": "For firmware version 1.04.1.592.x, please update to 1.04.1.592.10 or later.\nFor firmware version 1.04.1.613.x, please update to 1.04.1.613.14 or later.\nFor all other firmware version 1.04.1.x, please update to 1.04.1.676 or later."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

97
2025/1xxx/CVE-2025-1144.json
View File

@ -1,17 +1,106 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-1144",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@cert.org.tw",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "School Affairs System from Quanxun has an Exposure of Sensitive Information, allowing unauthenticated attackers to view specific pages and obtain database information as well as plaintext administrator credentials."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-497 Exposure of Sensitive System Information to an Unauthorized Control Sphere",
"cweId": "CWE-497"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Quanxun",
"product": {
"product_data": [
{
"product_name": "School Affairs System",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.twcert.org.tw/tw/cp-132-8415-853e0-1.html",
"refsource": "MISC",
"name": "https://www.twcert.org.tw/tw/cp-132-8415-853e0-1.html"
},
{
"url": "https://www.twcert.org.tw/en/cp-139-8416-b6cba-2.html",
"refsource": "MISC",
"name": "https://www.twcert.org.tw/en/cp-139-8416-b6cba-2.html"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"advisory": "TVN202502002",
"discovery": "EXTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Please contact the vendor for updates.<br>"
}
],
"value": "Please contact the vendor for updates."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

103
2025/1xxx/CVE-2025-1145.json
View File

@ -1,17 +1,112 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-1145",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cve@cert.org.tw",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "NetVision Information ISOinsight has a Reflected Cross-site Scripting vulnerability, allowing unauthenticated remote attackers to execute arbitrary JavaScript code in the user's browser through phishing techniques."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "NetVision Information",
"product": {
"product_data": [
{
"product_name": "ISOinsight",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "2.9.0.*",
"version_value": "2.9.0.241231"
},
{
"version_affected": "<",
"version_name": "3.0.0.*",
"version_value": "3.0.0.241231"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.twcert.org.tw/tw/cp-132-8417-ea1ea-1.html",
"refsource": "MISC",
"name": "https://www.twcert.org.tw/tw/cp-132-8417-ea1ea-1.html"
},
{
"url": "https://www.twcert.org.tw/en/cp-139-8418-40958-2.html",
"refsource": "MISC",
"name": "https://www.twcert.org.tw/en/cp-139-8418-40958-2.html"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"advisory": "TVN-202502003",
"discovery": "EXTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "For v2.9.0.x, please update to version 2.9.0.241231 or later.<br>For v3.0.0.x, please update to version 3.0.0.241231 or later.<br>"
}
],
"value": "For v2.9.0.x, please update to version 2.9.0.241231 or later.\nFor v3.0.0.x, please update to version 3.0.0.241231 or later."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
}
]
}

118
2025/1xxx/CVE-2025-1170.json
View File

@ -1,17 +1,127 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-1170",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability classified as problematic has been found in code-projects Real Estate Property Management System 1.0. Affected is an unknown function of the file /Admin/Category.php. The manipulation of the argument Desc leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "deu",
"value": "Es wurde eine problematische Schwachstelle in code-projects Real Estate Property Management System 1.0 entdeckt. Betroffen hiervon ist ein unbekannter Ablauf der Datei /Admin/Category.php. Durch Beeinflussen des Arguments Desc mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross Site Scripting",
"cweId": "CWE-79"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Code Injection",
"cweId": "CWE-94"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "code-projects",
"product": {
"product_data": [
{
"product_name": "Real Estate Property Management System",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.295074",
"refsource": "MISC",
"name": "https://vuldb.com/?id.295074"
},
{
"url": "https://vuldb.com/?ctiid.295074",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.295074"
},
{
"url": "https://vuldb.com/?submit.494829",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.494829"
},
{
"url": "https://github.com/J0hnFFFF/j0hn_upload_five/blob/main/web2.pdf",
"refsource": "MISC",
"name": "https://github.com/J0hnFFFF/j0hn_upload_five/blob/main/web2.pdf"
},
{
"url": "https://code-projects.org/",
"refsource": "MISC",
"name": "https://code-projects.org/"
}
]
},
"credits": [
{
"lang": "en",
"value": "j0hn.FFFFF (VulDB User)"
},
{
"lang": "en",
"value": "Resyul (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 3.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "LOW"
},
{
"version": "3.0",
"baseScore": 3.5,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "LOW"
},
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"
}
]
}

118
2025/1xxx/CVE-2025-1171.json
View File

@ -1,17 +1,127 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2025-1171",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability classified as problematic was found in code-projects Real Estate Property Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /Admin/CustomerReport.php. The manipulation of the argument Address leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
},
{
"lang": "deu",
"value": "In code-projects Real Estate Property Management System 1.0 wurde eine problematische Schwachstelle entdeckt. Es geht um eine nicht n\u00e4her bekannte Funktion der Datei /Admin/CustomerReport.php. Dank der Manipulation des Arguments Address mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross Site Scripting",
"cweId": "CWE-79"
}
]
},
{
"description": [
{
"lang": "eng",
"value": "Code Injection",
"cweId": "CWE-94"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "code-projects",
"product": {
"product_data": [
{
"product_name": "Real Estate Property Management System",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "1.0"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.295075",
"refsource": "MISC",
"name": "https://vuldb.com/?id.295075"
},
{
"url": "https://vuldb.com/?ctiid.295075",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.295075"
},
{
"url": "https://vuldb.com/?submit.494830",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.494830"
},
{
"url": "https://github.com/J0hnFFFF/j0hn_upload_six/blob/main/web3.pdf",
"refsource": "MISC",
"name": "https://github.com/J0hnFFFF/j0hn_upload_six/blob/main/web3.pdf"
},
{
"url": "https://code-projects.org/",
"refsource": "MISC",
"name": "https://code-projects.org/"
}
]
},
"credits": [
{
"lang": "en",
"value": "j0hn.FFFFF (VulDB User)"
},
{
"lang": "en",
"value": "j0hn.FFFFF (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 3.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "LOW"
},
{
"version": "3.0",
"baseScore": 3.5,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "LOW"
},
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N"
}
]
}