From a381b281d64e6d3048cecf33fd8a2bbaf6fdfd58 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 20 Mar 2019 19:00:45 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2018/20xxx/CVE-2018-20631.json | 48 ++++++++++++++++++++++++++++++++-- 2018/20xxx/CVE-2018-20632.json | 48 ++++++++++++++++++++++++++++++++-- 2018/20xxx/CVE-2018-20633.json | 48 ++++++++++++++++++++++++++++++++-- 2018/20xxx/CVE-2018-20634.json | 48 ++++++++++++++++++++++++++++++++-- 2018/20xxx/CVE-2018-20635.json | 48 ++++++++++++++++++++++++++++++++-- 2018/20xxx/CVE-2018-20636.json | 48 ++++++++++++++++++++++++++++++++-- 2018/20xxx/CVE-2018-20637.json | 48 ++++++++++++++++++++++++++++++++-- 2018/20xxx/CVE-2018-20638.json | 48 ++++++++++++++++++++++++++++++++-- 2018/20xxx/CVE-2018-20639.json | 48 ++++++++++++++++++++++++++++++++-- 2018/20xxx/CVE-2018-20640.json | 48 ++++++++++++++++++++++++++++++++-- 10 files changed, 460 insertions(+), 20 deletions(-) diff --git a/2018/20xxx/CVE-2018-20631.json b/2018/20xxx/CVE-2018-20631.json index 758e3ab8da4..687d0fe5b61 100644 --- a/2018/20xxx/CVE-2018-20631.json +++ b/2018/20xxx/CVE-2018-20631.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-20631", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "PHP Scripts Mall Website Seller Script 2.0.5 allows full Path Disclosure via a request for an arbitrary image URL such as a .png file." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://gkaim.com/cve-2018-20631-vikas-chaudhary/", + "url": "https://gkaim.com/cve-2018-20631-vikas-chaudhary/" } ] } diff --git a/2018/20xxx/CVE-2018-20632.json b/2018/20xxx/CVE-2018-20632.json index de554495098..f838ba1396a 100644 --- a/2018/20xxx/CVE-2018-20632.json +++ b/2018/20xxx/CVE-2018-20632.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-20632", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "PHP Scripts Mall Advance B2B Script 2.1.4 has stored Cross-Site Scripting (XSS) via the FIRST NAME or LAST NAME field." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://gkaim.com/cve-2018-20632-vikas-chaudhary/", + "url": "https://gkaim.com/cve-2018-20632-vikas-chaudhary/" } ] } diff --git a/2018/20xxx/CVE-2018-20633.json b/2018/20xxx/CVE-2018-20633.json index 427c01b73aa..d2de256a342 100644 --- a/2018/20xxx/CVE-2018-20633.json +++ b/2018/20xxx/CVE-2018-20633.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-20633", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "PHP Scripts Mall Advance B2B Script 2.1.4 has Cross-Site Request Forgery (CSRF) via the Edit Profile feature." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://gkaim.com/cve-2018-20633-vikas-chaudhary/", + "url": "https://gkaim.com/cve-2018-20633-vikas-chaudhary/" } ] } diff --git a/2018/20xxx/CVE-2018-20634.json b/2018/20xxx/CVE-2018-20634.json index 27e7cf51af8..a5301f26a0d 100644 --- a/2018/20xxx/CVE-2018-20634.json +++ b/2018/20xxx/CVE-2018-20634.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-20634", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "PHP Scripts Mall Advance B2B Script 2.1.4 allows remote attackers to cause a denial of service (changed Page structure) via JavaScript code in the First Name field." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://gkaim.com/cve-2018-20634-vikas-chaudhary/", + "url": "https://gkaim.com/cve-2018-20634-vikas-chaudhary/" } ] } diff --git a/2018/20xxx/CVE-2018-20635.json b/2018/20xxx/CVE-2018-20635.json index 92770426f37..d5284f718c5 100644 --- a/2018/20xxx/CVE-2018-20635.json +++ b/2018/20xxx/CVE-2018-20635.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-20635", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "PHP Scripts Mall Advance B2B Script 2.1.4 has directory traversal via a direct request for a listing of an image directory such as an assets/ directory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://gkaim.com/cve-2018-20635-vikas-chaudhary/", + "url": "https://gkaim.com/cve-2018-20635-vikas-chaudhary/" } ] } diff --git a/2018/20xxx/CVE-2018-20636.json b/2018/20xxx/CVE-2018-20636.json index c0e49059db7..90c1b47c46d 100644 --- a/2018/20xxx/CVE-2018-20636.json +++ b/2018/20xxx/CVE-2018-20636.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-20636", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has HTML injection via the First Name field." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://gkaim.com/cve-2018-20636-vikas-chaudhary/", + "url": "https://gkaim.com/cve-2018-20636-vikas-chaudhary/" } ] } diff --git a/2018/20xxx/CVE-2018-20637.json b/2018/20xxx/CVE-2018-20637.json index 81b1b8fb256..8d4fa44e588 100644 --- a/2018/20xxx/CVE-2018-20637.json +++ b/2018/20xxx/CVE-2018-20637.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-20637", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 allows remote attackers to cause a denial of service (unrecoverable blank profile) via crafted JavaScript code in the First Name and Last Name field." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://gkaim.com/cve-2018-20637-vikas-chaudhary/", + "url": "https://gkaim.com/cve-2018-20637-vikas-chaudhary/" } ] } diff --git a/2018/20xxx/CVE-2018-20638.json b/2018/20xxx/CVE-2018-20638.json index 4964fd24368..5aff3fb8191 100644 --- a/2018/20xxx/CVE-2018-20638.json +++ b/2018/20xxx/CVE-2018-20638.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-20638", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "PHP Scripts Mall Chartered Accountant : Auditor Website 2.0.1 has directory traversal via a direct request for a listing of an image directory such as an assets/ directory." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://gkaim.com/cve-2018-20638-vikas-chaudhary/", + "url": "https://gkaim.com/cve-2018-20638-vikas-chaudhary/" } ] } diff --git a/2018/20xxx/CVE-2018-20639.json b/2018/20xxx/CVE-2018-20639.json index 2875f4e680e..30927f7bc12 100644 --- a/2018/20xxx/CVE-2018-20639.json +++ b/2018/20xxx/CVE-2018-20639.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-20639", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has HTML injection via the Search Bar." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://gkaim.com/cve-2018-20639-vikas-chaudhary/", + "url": "https://gkaim.com/cve-2018-20639-vikas-chaudhary/" } ] } diff --git a/2018/20xxx/CVE-2018-20640.json b/2018/20xxx/CVE-2018-20640.json index fc39f114f6f..c453367786a 100644 --- a/2018/20xxx/CVE-2018-20640.json +++ b/2018/20xxx/CVE-2018-20640.json @@ -2,7 +2,30 @@ "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-20640", - "STATE": "RESERVED" + "STATE": "PUBLIC" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } }, "data_format": "MITRE", "data_type": "CVE", @@ -11,7 +34,28 @@ "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "PHP Scripts Mall Entrepreneur Job Portal Script 3.0.1 has stored Cross-Site Scripting (XSS) via the Full Name field." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://gkaim.com/cve-2018-20640-vikas-chaudhary/", + "url": "https://gkaim.com/cve-2018-20640-vikas-chaudhary/" } ] }