diff --git a/2018/19xxx/CVE-2018-19327.json b/2018/19xxx/CVE-2018-19327.json new file mode 100644 index 00000000000..8ccffabe3b9 --- /dev/null +++ b/2018/19xxx/CVE-2018-19327.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-19327", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An issue was discovered in JTBC(PHP) 3.0.1.7. aboutus/manage.php?type=action&action=add allows CSRF." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/toiron/setest/blob/master/jtbcpublisharticle.html", + "refsource" : "MISC", + "url" : "https://github.com/toiron/setest/blob/master/jtbcpublisharticle.html" + } + ] + } +} diff --git a/2018/19xxx/CVE-2018-19328.json b/2018/19xxx/CVE-2018-19328.json new file mode 100644 index 00000000000..66c0233ae40 --- /dev/null +++ b/2018/19xxx/CVE-2018-19328.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-19328", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "LAOBANCMS 2.0 allows install/mysql_hy.php?riqi=../ Directory Traversal." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/onkyoworm/poc/blob/master/laobancms/poc.md", + "refsource" : "MISC", + "url" : "https://github.com/onkyoworm/poc/blob/master/laobancms/poc.md" + } + ] + } +} diff --git a/2018/19xxx/CVE-2018-19329.json b/2018/19xxx/CVE-2018-19329.json new file mode 100644 index 00000000000..3f1cf65b2e0 --- /dev/null +++ b/2018/19xxx/CVE-2018-19329.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-19329", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "GreenCMS v2.3.0603 allows remote authenticated administrators to delete arbitrary files by modifying a base64-encoded pathname in an m=admin&c=media&a=delfilehandle&id= call, related to the m=admin&c=media&a=restorefile delete button." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://github.com/GreenCMS/GreenCMS/issues/113", + "refsource" : "MISC", + "url" : "https://github.com/GreenCMS/GreenCMS/issues/113" + } + ] + } +} diff --git a/2018/19xxx/CVE-2018-19330.json b/2018/19xxx/CVE-2018-19330.json new file mode 100644 index 00000000000..c40c609ba7f --- /dev/null +++ b/2018/19xxx/CVE-2018-19330.json @@ -0,0 +1,18 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-19330", + "STATE" : "RESERVED" + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} diff --git a/2018/19xxx/CVE-2018-19331.json b/2018/19xxx/CVE-2018-19331.json new file mode 100644 index 00000000000..a9624a6262a --- /dev/null +++ b/2018/19xxx/CVE-2018-19331.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-19331", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An issue was discovered in S-CMS v1.5. There is a SQL injection vulnerability in search.php via the keyword parameter." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://kingflyme.blogspot.com/2018/11/the-poc-of-s-cmssql-injection.html", + "refsource" : "MISC", + "url" : "https://kingflyme.blogspot.com/2018/11/the-poc-of-s-cmssql-injection.html" + } + ] + } +} diff --git a/2018/19xxx/CVE-2018-19332.json b/2018/19xxx/CVE-2018-19332.json new file mode 100644 index 00000000000..b04228a4c53 --- /dev/null +++ b/2018/19xxx/CVE-2018-19332.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-19332", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "An issue was discovered in S-CMS v1.5. There is a CSRF vulnerability that can add a new user via the admin/ajax.php?type=member&action=add URI." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://kingflyme.blogspot.com/2018/11/the-poc-of-s-cmscsrf.html", + "refsource" : "MISC", + "url" : "https://kingflyme.blogspot.com/2018/11/the-poc-of-s-cmscsrf.html" + } + ] + } +}