admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 19:17:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-10-13 01:00:36 +00:00
parent a7ce2a4f4c
commit 9d18fee7fb
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
6 changed files with 196 additions and 35 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
2023/5xxx/CVE-2023-5054.json
View File

@ -11,7 +11,7 @@
"description_data": [
{
"lang": "eng",
"value": "The Super Store Finder plugin for WordPress is vulnerable to unauthenticated arbitrary email creation and relay in versions up to, and including, 6.9.2. This is due to insufficient restrictions on the sendMail.php file that allows direct access. This makes it possible for unauthenticated attackers to send emails utilizing the vulnerable site's server, with arbitrary content. Please note that this vulnerability has already been publicly disclosed with an exploit which is why we are publishing the details without a patch available, we are attempting to initiate contact with the developer."
"value": "The Super Store Finder plugin for WordPress is vulnerable to unauthenticated arbitrary email creation and relay in versions up to, and including, 6.9.3. This is due to insufficient restrictions on the sendMail.php file that allows direct access. This makes it possible for unauthenticated attackers to send emails utilizing the vulnerable site's server, with arbitrary content. Please note that this vulnerability has already been publicly disclosed with an exploit which is why we are publishing the details without a patch available, we are attempting to initiate contact with the developer."
}
]
},
@ -41,7 +41,7 @@
{
"version_affected": "<=",
"version_name": "*",
"version_value": "6.9.2"
"version_value": "6.9.3"
}
]
}
@ -63,6 +63,11 @@
"url": "https://superstorefinder.net/",
"refsource": "MISC",
"name": "https://superstorefinder.net/"
},
{
"url": "https://superstorefinder.net/support/forums/topic/super-store-finder-for-wordpress-patch-notes/",
"refsource": "MISC",
"name": "https://superstorefinder.net/support/forums/topic/super-store-finder-for-wordpress-patch-notes/"
}
]
},

86
2023/5xxx/CVE-2023-5157.json
View File

@ -44,24 +44,24 @@
"x_cve_json_5_version_data": {
"versions": [
{
"version": "10.7.5",
"version": "10.4.26",
"status": "unaffected"
},
{
"version": "10.5.17",
"status": "unaffected"
},
{
"version": "10.8.4",
"status": "unaffected"
},
{
"version": "10.4.26",
"status": "unaffected"
},
{
"version": "10.6.9",
"status": "unaffected"
},
{
"version": "10.7.5",
"status": "unaffected"
},
{
"version": "10.8.4",
"status": "unaffected"
}
]
}
@ -76,19 +76,6 @@
"vendor_name": "Red Hat",
"product": {
"product_data": [
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 8",
"version": {
@ -96,15 +83,17 @@
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "8080020231003163755.63b34585",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
@ -114,7 +103,7 @@
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "affected"
"defaultStatus": "unaffected"
}
}
]
@ -127,18 +116,47 @@
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "0:26.4.14-1.el9_2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
},
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"versions": [
{
"version": "3:10.5.22-1.el9_2",
"lessThan": "*",
"versionType": "rpm",
"status": "unaffected"
}
],
"defaultStatus": "affected"
}
}
]
}
},
{
"product_name": "Red Hat Enterprise Linux 7",
"version": {
"version_data": [
{
"version_value": "not down converted",
"x_cve_json_5_version_data": {
"defaultStatus": "unaffected"
}
}
]
}
},
{
"product_name": "Red Hat Software Collections",
"version": {
@ -216,6 +234,16 @@
},
"references": {
"reference_data": [
{
"url": "https://access.redhat.com/errata/RHSA-2023:5683",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:5683"
},
{
"url": "https://access.redhat.com/errata/RHSA-2023:5684",
"refsource": "MISC",
"name": "https://access.redhat.com/errata/RHSA-2023:5684"
},
{
"url": "https://access.redhat.com/security/cve/CVE-2023-5157",
"refsource": "MISC",

82
2023/5xxx/CVE-2023-5564.json
View File

@ -1,17 +1,91 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-5564",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@huntr.dev",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "Cross-site Scripting (XSS) - Stored in GitHub repository froxlor/froxlor prior to 2.1.0-dev1."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "froxlor",
"product": {
"product_data": [
{
"product_name": "froxlor/froxlor",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "2.1.0-dev1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://huntr.dev/bounties/9254d8f3-a847-4ae8-8477-d2ce027cff5c",
"refsource": "MISC",
"name": "https://huntr.dev/bounties/9254d8f3-a847-4ae8-8477-d2ce027cff5c"
},
{
"url": "https://github.com/froxlor/froxlor/commit/e8ed43056c1665522a586e3485da67f2bdf073aa",
"refsource": "MISC",
"name": "https://github.com/froxlor/froxlor/commit/e8ed43056c1665522a586e3485da67f2bdf073aa"
}
]
},
"source": {
"advisory": "9254d8f3-a847-4ae8-8477-d2ce027cff5c",
"discovery": "EXTERNAL"
},
"impact": {
"cvss": [
{
"version": "3.0",
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"baseScore": 5.2,
"baseSeverity": "MEDIUM"
}
]
}

18
2023/5xxx/CVE-2023-5565.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-5565",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/5xxx/CVE-2023-5566.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-5566",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}

18
2023/5xxx/CVE-2023-5567.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-5567",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}