diff --git a/2023/44xxx/CVE-2023-44327.json b/2023/44xxx/CVE-2023-44327.json index 535b073a2e2..eb68284a151 100644 --- a/2023/44xxx/CVE-2023-44327.json +++ b/2023/44xxx/CVE-2023-44327.json @@ -81,19 +81,19 @@ "attackVector": "LOCAL", "availabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", - "baseScore": 3.3, - "baseSeverity": "LOW", - "confidentialityImpact": "LOW", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", - "environmentalScore": 3.3, - "environmentalSeverity": "LOW", + "environmentalScore": 5.5, + "environmentalSeverity": "MEDIUM", "exploitCodeMaturity": "NOT_DEFINED", "integrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "LOW", "modifiedAttackVector": "LOCAL", "modifiedAvailabilityImpact": "NONE", - "modifiedConfidentialityImpact": "LOW", + "modifiedConfidentialityImpact": "HIGH", "modifiedIntegrityImpact": "NONE", "modifiedPrivilegesRequired": "NONE", "modifiedScope": "NOT_DEFINED", @@ -102,10 +102,10 @@ "remediationLevel": "NOT_DEFINED", "reportConfidence": "NOT_DEFINED", "scope": "UNCHANGED", - "temporalScore": 3.3, - "temporalSeverity": "LOW", + "temporalScore": 5.5, + "temporalSeverity": "MEDIUM", "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" } ] diff --git a/2023/44xxx/CVE-2023-44328.json b/2023/44xxx/CVE-2023-44328.json index 3af1642a234..2e79613ea66 100644 --- a/2023/44xxx/CVE-2023-44328.json +++ b/2023/44xxx/CVE-2023-44328.json @@ -81,19 +81,19 @@ "attackVector": "LOCAL", "availabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", - "baseScore": 3.3, - "baseSeverity": "LOW", - "confidentialityImpact": "LOW", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", - "environmentalScore": 3.3, - "environmentalSeverity": "LOW", + "environmentalScore": 5.5, + "environmentalSeverity": "MEDIUM", "exploitCodeMaturity": "NOT_DEFINED", "integrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "LOW", "modifiedAttackVector": "LOCAL", "modifiedAvailabilityImpact": "NONE", - "modifiedConfidentialityImpact": "LOW", + "modifiedConfidentialityImpact": "HIGH", "modifiedIntegrityImpact": "NONE", "modifiedPrivilegesRequired": "NONE", "modifiedScope": "NOT_DEFINED", @@ -102,10 +102,10 @@ "remediationLevel": "NOT_DEFINED", "reportConfidence": "NOT_DEFINED", "scope": "UNCHANGED", - "temporalScore": 3.3, - "temporalSeverity": "LOW", + "temporalScore": 5.5, + "temporalSeverity": "MEDIUM", "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" } ] diff --git a/2023/44xxx/CVE-2023-44329.json b/2023/44xxx/CVE-2023-44329.json index 850c97c3771..00fbe163561 100644 --- a/2023/44xxx/CVE-2023-44329.json +++ b/2023/44xxx/CVE-2023-44329.json @@ -81,19 +81,19 @@ "attackVector": "LOCAL", "availabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", - "baseScore": 3.3, - "baseSeverity": "LOW", - "confidentialityImpact": "LOW", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", - "environmentalScore": 3.3, - "environmentalSeverity": "LOW", + "environmentalScore": 5.5, + "environmentalSeverity": "MEDIUM", "exploitCodeMaturity": "NOT_DEFINED", "integrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "LOW", "modifiedAttackVector": "LOCAL", "modifiedAvailabilityImpact": "NONE", - "modifiedConfidentialityImpact": "LOW", + "modifiedConfidentialityImpact": "HIGH", "modifiedIntegrityImpact": "NONE", "modifiedPrivilegesRequired": "NONE", "modifiedScope": "NOT_DEFINED", @@ -102,10 +102,10 @@ "remediationLevel": "NOT_DEFINED", "reportConfidence": "NOT_DEFINED", "scope": "UNCHANGED", - "temporalScore": 3.3, - "temporalSeverity": "LOW", + "temporalScore": 5.5, + "temporalSeverity": "MEDIUM", "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" } ] diff --git a/2023/44xxx/CVE-2023-44340.json b/2023/44xxx/CVE-2023-44340.json index ecfe4d3ab86..5809db984f2 100644 --- a/2023/44xxx/CVE-2023-44340.json +++ b/2023/44xxx/CVE-2023-44340.json @@ -81,19 +81,19 @@ "attackVector": "LOCAL", "availabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", - "baseScore": 3.3, - "baseSeverity": "LOW", - "confidentialityImpact": "LOW", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", - "environmentalScore": 3.3, - "environmentalSeverity": "LOW", + "environmentalScore": 5.5, + "environmentalSeverity": "MEDIUM", "exploitCodeMaturity": "NOT_DEFINED", "integrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "LOW", "modifiedAttackVector": "LOCAL", "modifiedAvailabilityImpact": "NONE", - "modifiedConfidentialityImpact": "LOW", + "modifiedConfidentialityImpact": "HIGH", "modifiedIntegrityImpact": "NONE", "modifiedPrivilegesRequired": "NONE", "modifiedScope": "NOT_DEFINED", @@ -102,10 +102,10 @@ "remediationLevel": "NOT_DEFINED", "reportConfidence": "NOT_DEFINED", "scope": "UNCHANGED", - "temporalScore": 3.3, - "temporalSeverity": "LOW", + "temporalScore": 5.5, + "temporalSeverity": "MEDIUM", "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" } ] diff --git a/2023/44xxx/CVE-2023-44348.json b/2023/44xxx/CVE-2023-44348.json index 2fca99b8f5c..da4a542a9e6 100644 --- a/2023/44xxx/CVE-2023-44348.json +++ b/2023/44xxx/CVE-2023-44348.json @@ -81,19 +81,19 @@ "attackVector": "LOCAL", "availabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", - "baseScore": 3.3, - "baseSeverity": "LOW", - "confidentialityImpact": "LOW", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", - "environmentalScore": 3.3, - "environmentalSeverity": "LOW", + "environmentalScore": 5.5, + "environmentalSeverity": "MEDIUM", "exploitCodeMaturity": "NOT_DEFINED", "integrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "LOW", "modifiedAttackVector": "LOCAL", "modifiedAvailabilityImpact": "NONE", - "modifiedConfidentialityImpact": "LOW", + "modifiedConfidentialityImpact": "HIGH", "modifiedIntegrityImpact": "NONE", "modifiedPrivilegesRequired": "NONE", "modifiedScope": "NOT_DEFINED", @@ -102,10 +102,10 @@ "remediationLevel": "NOT_DEFINED", "reportConfidence": "NOT_DEFINED", "scope": "UNCHANGED", - "temporalScore": 3.3, - "temporalSeverity": "LOW", + "temporalScore": 5.5, + "temporalSeverity": "MEDIUM", "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" } ] diff --git a/2023/44xxx/CVE-2023-44356.json b/2023/44xxx/CVE-2023-44356.json index b0449d6a240..5c0853d7656 100644 --- a/2023/44xxx/CVE-2023-44356.json +++ b/2023/44xxx/CVE-2023-44356.json @@ -81,19 +81,19 @@ "attackVector": "LOCAL", "availabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", - "baseScore": 3.3, - "baseSeverity": "LOW", - "confidentialityImpact": "LOW", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", - "environmentalScore": 3.3, - "environmentalSeverity": "LOW", + "environmentalScore": 5.5, + "environmentalSeverity": "MEDIUM", "exploitCodeMaturity": "NOT_DEFINED", "integrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "LOW", "modifiedAttackVector": "LOCAL", "modifiedAvailabilityImpact": "NONE", - "modifiedConfidentialityImpact": "LOW", + "modifiedConfidentialityImpact": "HIGH", "modifiedIntegrityImpact": "NONE", "modifiedPrivilegesRequired": "NONE", "modifiedScope": "NOT_DEFINED", @@ -102,10 +102,10 @@ "remediationLevel": "NOT_DEFINED", "reportConfidence": "NOT_DEFINED", "scope": "UNCHANGED", - "temporalScore": 3.3, - "temporalSeverity": "LOW", + "temporalScore": 5.5, + "temporalSeverity": "MEDIUM", "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" } ] diff --git a/2023/44xxx/CVE-2023-44357.json b/2023/44xxx/CVE-2023-44357.json index 71b5cad2ed7..8f70642f32c 100644 --- a/2023/44xxx/CVE-2023-44357.json +++ b/2023/44xxx/CVE-2023-44357.json @@ -81,19 +81,19 @@ "attackVector": "LOCAL", "availabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", - "baseScore": 3.3, - "baseSeverity": "LOW", - "confidentialityImpact": "LOW", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", - "environmentalScore": 3.3, - "environmentalSeverity": "LOW", + "environmentalScore": 5.5, + "environmentalSeverity": "MEDIUM", "exploitCodeMaturity": "NOT_DEFINED", "integrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "LOW", "modifiedAttackVector": "LOCAL", "modifiedAvailabilityImpact": "NONE", - "modifiedConfidentialityImpact": "LOW", + "modifiedConfidentialityImpact": "HIGH", "modifiedIntegrityImpact": "NONE", "modifiedPrivilegesRequired": "NONE", "modifiedScope": "NOT_DEFINED", @@ -102,10 +102,10 @@ "remediationLevel": "NOT_DEFINED", "reportConfidence": "NOT_DEFINED", "scope": "UNCHANGED", - "temporalScore": 3.3, - "temporalSeverity": "LOW", + "temporalScore": 5.5, + "temporalSeverity": "MEDIUM", "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" } ] diff --git a/2023/44xxx/CVE-2023-44358.json b/2023/44xxx/CVE-2023-44358.json index 607f1462873..ebff9981996 100644 --- a/2023/44xxx/CVE-2023-44358.json +++ b/2023/44xxx/CVE-2023-44358.json @@ -81,19 +81,19 @@ "attackVector": "LOCAL", "availabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", - "baseScore": 3.3, - "baseSeverity": "LOW", - "confidentialityImpact": "LOW", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", - "environmentalScore": 3.3, - "environmentalSeverity": "LOW", + "environmentalScore": 5.5, + "environmentalSeverity": "MEDIUM", "exploitCodeMaturity": "NOT_DEFINED", "integrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "LOW", "modifiedAttackVector": "LOCAL", "modifiedAvailabilityImpact": "NONE", - "modifiedConfidentialityImpact": "LOW", + "modifiedConfidentialityImpact": "HIGH", "modifiedIntegrityImpact": "NONE", "modifiedPrivilegesRequired": "NONE", "modifiedScope": "NOT_DEFINED", @@ -102,10 +102,10 @@ "remediationLevel": "NOT_DEFINED", "reportConfidence": "NOT_DEFINED", "scope": "UNCHANGED", - "temporalScore": 3.3, - "temporalSeverity": "LOW", + "temporalScore": 5.5, + "temporalSeverity": "MEDIUM", "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" } ] diff --git a/2023/44xxx/CVE-2023-44360.json b/2023/44xxx/CVE-2023-44360.json index e9faf842ca7..8801321fe62 100644 --- a/2023/44xxx/CVE-2023-44360.json +++ b/2023/44xxx/CVE-2023-44360.json @@ -81,19 +81,19 @@ "attackVector": "LOCAL", "availabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", - "baseScore": 3.3, - "baseSeverity": "LOW", - "confidentialityImpact": "LOW", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", - "environmentalScore": 3.3, - "environmentalSeverity": "LOW", + "environmentalScore": 5.5, + "environmentalSeverity": "MEDIUM", "exploitCodeMaturity": "NOT_DEFINED", "integrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "LOW", "modifiedAttackVector": "LOCAL", "modifiedAvailabilityImpact": "NONE", - "modifiedConfidentialityImpact": "LOW", + "modifiedConfidentialityImpact": "HIGH", "modifiedIntegrityImpact": "NONE", "modifiedPrivilegesRequired": "NONE", "modifiedScope": "NOT_DEFINED", @@ -102,10 +102,10 @@ "remediationLevel": "NOT_DEFINED", "reportConfidence": "NOT_DEFINED", "scope": "UNCHANGED", - "temporalScore": 3.3, - "temporalSeverity": "LOW", + "temporalScore": 5.5, + "temporalSeverity": "MEDIUM", "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" } ] diff --git a/2023/47xxx/CVE-2023-47044.json b/2023/47xxx/CVE-2023-47044.json index 44d9c8b47f6..c0d99ba0aad 100644 --- a/2023/47xxx/CVE-2023-47044.json +++ b/2023/47xxx/CVE-2023-47044.json @@ -81,19 +81,19 @@ "attackVector": "LOCAL", "availabilityImpact": "NONE", "availabilityRequirement": "NOT_DEFINED", - "baseScore": 3.3, - "baseSeverity": "LOW", - "confidentialityImpact": "LOW", + "baseScore": 5.5, + "baseSeverity": "MEDIUM", + "confidentialityImpact": "HIGH", "confidentialityRequirement": "NOT_DEFINED", - "environmentalScore": 3.3, - "environmentalSeverity": "LOW", + "environmentalScore": 5.5, + "environmentalSeverity": "MEDIUM", "exploitCodeMaturity": "NOT_DEFINED", "integrityImpact": "NONE", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "LOW", "modifiedAttackVector": "LOCAL", "modifiedAvailabilityImpact": "NONE", - "modifiedConfidentialityImpact": "LOW", + "modifiedConfidentialityImpact": "HIGH", "modifiedIntegrityImpact": "NONE", "modifiedPrivilegesRequired": "NONE", "modifiedScope": "NOT_DEFINED", @@ -102,10 +102,10 @@ "remediationLevel": "NOT_DEFINED", "reportConfidence": "NOT_DEFINED", "scope": "UNCHANGED", - "temporalScore": 3.3, - "temporalSeverity": "LOW", + "temporalScore": 5.5, + "temporalSeverity": "MEDIUM", "userInteraction": "REQUIRED", - "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N", + "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N", "version": "3.1" } ] diff --git a/2023/48xxx/CVE-2023-48866.json b/2023/48xxx/CVE-2023-48866.json index cf9a2a6f207..bbb02640200 100644 --- a/2023/48xxx/CVE-2023-48866.json +++ b/2023/48xxx/CVE-2023-48866.json @@ -1,17 +1,66 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-48866", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-48866", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A Cross-Site Scripting (XSS) vulnerability in the recipe preparation component within /api/objects/recipes and note component within /api/objects/shopping_lists/ of Grocy <= 4.0.3 allows attackers to obtain the victim's cookies." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "url": "https://github.com/grocy/grocy", + "refsource": "MISC", + "name": "https://github.com/grocy/grocy" + }, + { + "refsource": "MISC", + "name": "https://nitipoom-jar.github.io/CVE-2023-48866/", + "url": "https://nitipoom-jar.github.io/CVE-2023-48866/" } ] } diff --git a/2023/48xxx/CVE-2023-48965.json b/2023/48xxx/CVE-2023-48965.json index 45b13d77214..b6795fb62ad 100644 --- a/2023/48xxx/CVE-2023-48965.json +++ b/2023/48xxx/CVE-2023-48965.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-48965", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-48965", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An issue in the component /admin/api.plugs/script of ThinkAdmin v6.1.53 allows attackers to getshell via providing a crafted URL to download a malicious PHP file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/1dreamGN/CVE/blob/main/ThinkAdmin%20Logical%20defect%20getshell.md", + "url": "https://github.com/1dreamGN/CVE/blob/main/ThinkAdmin%20Logical%20defect%20getshell.md" } ] } diff --git a/2023/48xxx/CVE-2023-48966.json b/2023/48xxx/CVE-2023-48966.json index 6e9d0cf17f4..9742434ba2d 100644 --- a/2023/48xxx/CVE-2023-48966.json +++ b/2023/48xxx/CVE-2023-48966.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2023-48966", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2023-48966", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "An arbitrary file upload vulnerability in the component /admin/api.upload/file of ThinkAdmin v6.1.53 allows attackers to execute arbitrary code via a crafted Zip file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/1dreamGN/CVE/blob/main/ThinkAdmin%20directory%20traversal%2Bfile%20upload%20getshell.md", + "url": "https://github.com/1dreamGN/CVE/blob/main/ThinkAdmin%20directory%20traversal%2Bfile%20upload%20getshell.md" } ] } diff --git a/2023/6xxx/CVE-2023-6486.json b/2023/6xxx/CVE-2023-6486.json new file mode 100644 index 00000000000..7de689f7e84 --- /dev/null +++ b/2023/6xxx/CVE-2023-6486.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2023-6486", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file