diff --git a/2023/1xxx/CVE-2023-1007.json b/2023/1xxx/CVE-2023-1007.json index b378483b439..183afc4b510 100644 --- a/2023/1xxx/CVE-2023-1007.json +++ b/2023/1xxx/CVE-2023-1007.json @@ -68,15 +68,15 @@ "refsource": "MISC", "name": "https://vuldb.com/?ctiid.221740" }, - { - "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/unassigned2", - "refsource": "MISC", - "name": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/unassigned2" - }, { "url": "https://drive.google.com/file/d/1wh20g2Ze4gwCtripe7QeHNXd3bS4aZNG/view?usp=sharing", "refsource": "MISC", "name": "https://drive.google.com/file/d/1wh20g2Ze4gwCtripe7QeHNXd3bS4aZNG/view?usp=sharing" + }, + { + "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1007", + "refsource": "MISC", + "name": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1007" } ] }, diff --git a/2023/1xxx/CVE-2023-1008.json b/2023/1xxx/CVE-2023-1008.json index 43e939f0bdb..f92727ca23d 100644 --- a/2023/1xxx/CVE-2023-1008.json +++ b/2023/1xxx/CVE-2023-1008.json @@ -68,15 +68,15 @@ "refsource": "MISC", "name": "https://vuldb.com/?ctiid.221741" }, - { - "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/unassigned1", - "refsource": "MISC", - "name": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/unassigned1" - }, { "url": "https://drive.google.com/file/d/1fdQWJ1uvXELnXnDm2Jk81bA0fwwqQCpY/view?usp=sharing", "refsource": "MISC", "name": "https://drive.google.com/file/d/1fdQWJ1uvXELnXnDm2Jk81bA0fwwqQCpY/view?usp=sharing" + }, + { + "url": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1008", + "refsource": "MISC", + "name": "https://github.com/zeze-zeze/WindowsKernelVuln/tree/master/CVE-2023-1008" } ] }, diff --git a/2023/1xxx/CVE-2023-1035.json b/2023/1xxx/CVE-2023-1035.json new file mode 100644 index 00000000000..08bd1a9994c --- /dev/null +++ b/2023/1xxx/CVE-2023-1035.json @@ -0,0 +1,106 @@ +{ + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", + "CVE_data_meta": { + "ID": "CVE-2023-1035", + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A vulnerability was found in SourceCodester Clinics Patient Management System 1.0. It has been classified as critical. Affected is an unknown function of the file update_user.php. The manipulation of the argument user_id leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221784." + }, + { + "lang": "deu", + "value": "Es wurde eine kritische Schwachstelle in SourceCodester Clinics Patient Management System 1.0 ausgemacht. Betroffen hiervon ist ein unbekannter Ablauf der Datei update_user.php. Mit der Manipulation des Arguments user_id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-89 SQL Injection", + "cweId": "CWE-89" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SourceCodester", + "product": { + "product_data": [ + { + "product_name": "Clinics Patient Management System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.221784", + "refsource": "MISC", + "name": "https://vuldb.com/?id.221784" + }, + { + "url": "https://vuldb.com/?ctiid.221784", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.221784" + }, + { + "url": "https://github.com/E1CHO/cve_hub/blob/main/clinics%20patient%20management%20system/clinics-patient-management-system%20vlun2.pdf", + "refsource": "MISC", + "name": "https://github.com/E1CHO/cve_hub/blob/main/clinics%20patient%20management%20system/clinics-patient-management-system%20vlun2.pdf" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "SSL_Seven_Security Lab_WangZhiQiang_XiaoZiLong (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "3.0", + "baseScore": 6.3, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "2.0", + "baseScore": 6.5, + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "baseSeverity": "MEDIUM" + } + ] + } +} \ No newline at end of file