admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-03-19 21:00:48 +00:00
parent 68cf90466f
commit a7e6f69833
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
15 changed files with 189 additions and 31 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
2016/9xxx/CVE-2016-9166.json
View File

@ -33,10 +33,12 @@
"problemtype": {
"problemtype_data": [
{
"description": {
"lang": "eng",
"value": "Downgrade of communication security"
}
"description": [
{
"lang": "eng",
"value": "Downgrade of communication security"
}
]
}
]
},

5
2018/10xxx/CVE-2018-10680.json
View File

@ -52,6 +52,11 @@
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://github.com/zblogcn/zblogphp/issues/205",
"url": "https://github.com/zblogcn/zblogphp/issues/205"
},
{
"name": "https://github.com/zblogcn/zblogphp/issues/185",
"refsource": "MISC",

5
2018/11xxx/CVE-2018-11208.json
View File

@ -52,6 +52,11 @@
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://github.com/zblogcn/zblogphp/issues/205",
"url": "https://github.com/zblogcn/zblogphp/issues/205"
},
{
"name": "https://github.com/zblogcn/zblogphp/issues/187",
"refsource": "MISC",

5
2018/11xxx/CVE-2018-11209.json
View File

@ -52,6 +52,11 @@
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://github.com/zblogcn/zblogphp/issues/205",
"url": "https://github.com/zblogcn/zblogphp/issues/205"
},
{
"name": "https://github.com/zblogcn/zblogphp/issues/188",
"refsource": "MISC",

10
2018/11xxx/CVE-2018-11747.json
View File

@ -33,10 +33,12 @@
"problemtype": {
"problemtype_data": [
{
"description": {
"lang": "eng",
"value": "Insecure default"
}
"description": [
{
"lang": "eng",
"value": "Insecure default"
}
]
}
]
},

10
2018/11xxx/CVE-2018-11789.json
View File

@ -33,10 +33,12 @@
"problemtype": {
"problemtype_data": [
{
"description": {
"lang": "eng",
"value": "Information Disclosure"
}
"description": [
{
"lang": "eng",
"value": "Information Disclosure"
}
]
}
]
},

7
2018/19xxx/CVE-2018-19556.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "zb_system/admin/index.php?act=UploadMng in Z-BlogPHP 1.5 mishandles file preview, leading to content spoofing."
"value": "** DISPUTED ** zb_system/admin/index.php?act=UploadMng in Z-BlogPHP 1.5 mishandles file preview, leading to content spoofing. NOTE: the software maintainer disputes that this is a vulnerability."
}
]
},
@ -52,6 +52,11 @@
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://github.com/zblogcn/zblogphp/issues/205",
"url": "https://github.com/zblogcn/zblogphp/issues/205"
},
{
"name": "https://github.com/novysodope/Z-BlogPHP1.5Zero/blob/bee6dba066b3f9aa378dcde63e1e0ffad6ad0f49/Url%20hijacking",
"refsource": "MISC",

7
2018/7xxx/CVE-2018-7736.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "In Z-BlogPHP 1.5.1.1740, cmd.php has XSS via the ZC_BLOG_SUBNAME parameter or ZC_UPLOAD_FILETYPE parameter."
"value": "** DISPUTED ** In Z-BlogPHP 1.5.1.1740, cmd.php has XSS via the ZC_BLOG_SUBNAME parameter or ZC_UPLOAD_FILETYPE parameter. NOTE: the software maintainer disputes that this is a vulnerability."
}
]
},
@ -52,6 +52,11 @@
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://github.com/zblogcn/zblogphp/issues/205",
"url": "https://github.com/zblogcn/zblogphp/issues/205"
},
{
"name": "44406",
"refsource": "EXPLOIT-DB",

7
2018/7xxx/CVE-2018-7737.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "In Z-BlogPHP 1.5.1.1740, there is Web Site physical path leakage, as demonstrated by admin_footer.php or admin_footer.php."
"value": "** DISPUTED ** In Z-BlogPHP 1.5.1.1740, there is Web Site physical path leakage, as demonstrated by admin_footer.php or admin_footer.php. NOTE: the software maintainer disputes that this is a vulnerability."
}
]
},
@ -52,6 +52,11 @@
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://github.com/zblogcn/zblogphp/issues/205",
"url": "https://github.com/zblogcn/zblogphp/issues/205"
},
{
"name": "https://github.com/ponyma233/cms/blob/master/Z-Blog_1.5.1.1740_bugs.md#web-site-physical-path-leakage",
"refsource": "MISC",

10
2019/5xxx/CVE-2019-5414.json
View File

@ -33,10 +33,12 @@
"problemtype": {
"problemtype_data": [
{
"description": {
"lang": "eng",
"value": "Command Injection - Generic (CWE-77)"
}
"description": [
{
"lang": "eng",
"value": "Command Injection - Generic (CWE-77)"
}
]
}
]
},

10
2019/5xxx/CVE-2019-5416.json
View File

@ -33,10 +33,12 @@
"problemtype": {
"problemtype_data": [
{
"description": {
"lang": "eng",
"value": "Path Traversal (CWE-22)"
}
"description": [
{
"lang": "eng",
"value": "Path Traversal (CWE-22)"
}
]
}
]
},

10
2019/5xxx/CVE-2019-5417.json
View File

@ -33,10 +33,12 @@
"problemtype": {
"problemtype_data": [
{
"description": {
"lang": "eng",
"value": "Directory Traversal (Local File Inclusion)"
}
"description": [
{
"lang": "eng",
"value": "Directory Traversal (Local File Inclusion)"
}
]
}
]
},

53
2019/6xxx/CVE-2019-6282.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6282",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "ChinaMobile PLC Wireless Router GPN2.4P21-C-CN devices with firmware W2001EN-00 have CSRF via the cgi-bin/webproc?getpage=html/index.html subpage=wlsecurity URI, allowing an Attacker to change the Wireless Security Password."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://packetstormsecurity.com/files/151275/PLC-Wireless-Router-GPN2.4P21-C-CN-Cross-Site-Request-Forgery.html",
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/151275/PLC-Wireless-Router-GPN2.4P21-C-CN-Cross-Site-Request-Forgery.html"
},
{
"url": "https://www.youtube.com/watch?v=x-r4lnWPdzY",
"refsource": "MISC",
"name": "https://www.youtube.com/watch?v=x-r4lnWPdzY"
}
]
}

53
2019/6xxx/CVE-2019-6441.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-6441",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,33 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered on Shenzhen Coship RT3050 4.0.0.40, RT3052 4.0.0.48, RT7620 10.0.0.49, WM3300 5.0.0.54, and WM3300 5.0.0.55 devices. The password reset functionality of the router doesn't have backend validation for the current password and doesn't require any type of authentication. By making a POST request to the apply.cgi file of the router, the attacker can change the admin username and password of the router."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "http://packetstormsecurity.com/files/151202/Coship-Wireless-Router-Unauthenticated-Admin-Password-Reset.html",
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/151202/Coship-Wireless-Router-Unauthenticated-Admin-Password-Reset.html"
},
{
"refsource": "EXPLOIT-DB",
"name": "46180",
"url": "https://www.exploit-db.com/exploits/46180/"
}
]
}

18
2019/9xxx/CVE-2019-9887.json Normal file
View File

@ -0,0 +1,18 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2019-9887",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
}
]
}
}