From a0b3d2358f4cefa187db74d6b926c8889f9534e9 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Sun, 22 Sep 2024 08:00:34 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2024/9xxx/CVE-2024-9081.json | 105 ++++++++++++++++++++++++++++++-- 2024/9xxx/CVE-2024-9085.json | 115 +++++++++++++++++++++++++++++++++++ 2024/9xxx/CVE-2024-9086.json | 18 ++++++ 3 files changed, 234 insertions(+), 4 deletions(-) create mode 100644 2024/9xxx/CVE-2024-9085.json create mode 100644 2024/9xxx/CVE-2024-9086.json diff --git a/2024/9xxx/CVE-2024-9081.json b/2024/9xxx/CVE-2024-9081.json index 9d3d4506979..571fceca35a 100644 --- a/2024/9xxx/CVE-2024-9081.json +++ b/2024/9xxx/CVE-2024-9081.json @@ -1,17 +1,114 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-9081", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file view_category.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "deu", + "value": "In SourceCodester Online Eyewear Shop 1.0 wurde eine kritische Schwachstelle ausgemacht. Das betrifft eine unbekannte Funktionalit\u00e4t der Datei view_category.php. Mittels Manipulieren des Arguments id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "SQL Injection", + "cweId": "CWE-89" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "SourceCodester", + "product": { + "product_data": [ + { + "product_name": "Online Eyewear Shop", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.278251", + "refsource": "MISC", + "name": "https://vuldb.com/?id.278251" + }, + { + "url": "https://vuldb.com/?ctiid.278251", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.278251" + }, + { + "url": "https://vuldb.com/?submit.411564", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.411564" + }, + { + "url": "https://github.com/41lai/cve/blob/main/sql.md", + "refsource": "MISC", + "name": "https://github.com/41lai/cve/blob/main/sql.md" + }, + { + "url": "https://www.sourcecodester.com/", + "refsource": "MISC", + "name": "https://www.sourcecodester.com/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "5hu1K (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 6.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "3.0", + "baseScore": 6.3, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "2.0", + "baseScore": 6.5, + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } diff --git a/2024/9xxx/CVE-2024-9085.json b/2024/9xxx/CVE-2024-9085.json new file mode 100644 index 00000000000..4414497e111 --- /dev/null +++ b/2024/9xxx/CVE-2024-9085.json @@ -0,0 +1,115 @@ +{ + "data_version": "4.0", + "data_type": "CVE", + "data_format": "MITRE", + "CVE_data_meta": { + "ID": "CVE-2024-9085", + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "A vulnerability was found in code-projects Restaurant Reservation System 1.0. It has been rated as critical. This issue affects some unknown processing of the file index.php. The manipulation of the argument date leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The initial researcher advisory mentions sid as affected paramater which is incorrect." + }, + { + "lang": "deu", + "value": "Eine Schwachstelle wurde in code-projects Restaurant Reservation System 1.0 ausgemacht. Sie wurde als kritisch eingestuft. Es geht hierbei um eine nicht n\u00e4her spezifizierte Funktion der Datei index.php. Mittels dem Manipulieren des Arguments date mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk angegangen werden. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "SQL Injection", + "cweId": "CWE-89" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "code-projects", + "product": { + "product_data": [ + { + "product_name": "Restaurant Reservation System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.278261", + "refsource": "MISC", + "name": "https://vuldb.com/?id.278261" + }, + { + "url": "https://vuldb.com/?ctiid.278261", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.278261" + }, + { + "url": "https://vuldb.com/?submit.411848", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.411848" + }, + { + "url": "https://github.com/ppp-src/a/issues/18", + "refsource": "MISC", + "name": "https://github.com/ppp-src/a/issues/18" + }, + { + "url": "https://code-projects.org/", + "refsource": "MISC", + "name": "https://code-projects.org/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "wangweijie (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 7.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "HIGH" + }, + { + "version": "3.0", + "baseScore": 7.3, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "HIGH" + }, + { + "version": "2.0", + "baseScore": 7.5, + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P" + } + ] + } +} \ No newline at end of file diff --git a/2024/9xxx/CVE-2024-9086.json b/2024/9xxx/CVE-2024-9086.json new file mode 100644 index 00000000000..a4d55bb0035 --- /dev/null +++ b/2024/9xxx/CVE-2024-9086.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-9086", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file