admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-03-22 16:01:13 +00:00
parent 26e41dd0e4
commit 9519e24ca1
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
2 changed files with 139 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

62
2020/10xxx/CVE-2020-10806.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10806",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "eZ Publish Kernel before 5.4.14.1, 6.x before 6.13.6.2, and 7.x before 7.5.6.2 and eZ Publish Legacy before 5.4.14.1, 2017 before 2017.12.7.2, and 2019 before 2019.03.4.2 allow remote attackers to execute arbitrary code by uploading PHP code, unless the vhost configuration permits only app.php execution."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://ezplatform.com/security-advisories/ezsa-2020-001-remote-code-execution-in-file-uploads",
"refsource": "MISC",
"name": "https://ezplatform.com/security-advisories/ezsa-2020-001-remote-code-execution-in-file-uploads"
}
]
}
}

77
2020/10xxx/CVE-2020-10807.json Normal file
View File

@ -0,0 +1,77 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-10807",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "auth_svc in Caldera before 2.6.5 allows authentication bypass (for REST API requests) via a forged \"localhost\" string in the HTTP Host header."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/mitre/caldera/issues/1405",
"refsource": "MISC",
"name": "https://github.com/mitre/caldera/issues/1405"
},
{
"url": "https://github.com/mitre/caldera/pull/1407",
"refsource": "MISC",
"name": "https://github.com/mitre/caldera/pull/1407"
},
{
"url": "https://github.com/mitre/caldera/compare/2.6.4...2.6.5",
"refsource": "MISC",
"name": "https://github.com/mitre/caldera/compare/2.6.4...2.6.5"
},
{
"url": "https://github.com/mitre/caldera/releases/tag/2.6.5",
"refsource": "MISC",
"name": "https://github.com/mitre/caldera/releases/tag/2.6.5"
}
]
}
}