admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-06 10:41:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2019-07-23 17:00:48 +00:00
parent fd3411e3a7
commit aff5371749
No known key found for this signature in database
GPG Key ID: 0DA1F9F56BC892E8
6 changed files with 287 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
2018/18xxx/CVE-2018-18670.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-18670",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the \"Extra Contents\" parameter, aka the adm/config_form_update.php cf_1~10 parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/gnuboard/gnuboard5/releases/tag/5.3.2.0",
"url": "https://github.com/gnuboard/gnuboard5/releases/tag/5.3.2.0"
},
{
"refsource": "MISC",
"name": "https://github.com/gnuboard/gnuboard5/compare/15b2e73...2549172",
"url": "https://github.com/gnuboard/gnuboard5/compare/15b2e73...2549172"
},
{
"refsource": "MISC",
"name": "https://github.com/gnuboard/gnuboard5/commit/a45241f4bc46aee1ab2cc0749f6444b043681edf#diff-d1ecbee80f57fde59063c4fafcef1bce",
"url": "https://github.com/gnuboard/gnuboard5/commit/a45241f4bc46aee1ab2cc0749f6444b043681edf#diff-d1ecbee80f57fde59063c4fafcef1bce"
}
]
}

58
2018/18xxx/CVE-2018-18672.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-18672",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the \"board head contents\" parameter, aka the adm/board_form_update.php bo_content_head parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/gnuboard/gnuboard5/releases/tag/5.3.2.0",
"url": "https://github.com/gnuboard/gnuboard5/releases/tag/5.3.2.0"
},
{
"refsource": "MISC",
"name": "https://github.com/gnuboard/gnuboard5/compare/15b2e73...2549172",
"url": "https://github.com/gnuboard/gnuboard5/compare/15b2e73...2549172"
},
{
"refsource": "MISC",
"name": "https://github.com/gnuboard/gnuboard5/commit/a45241f4bc46aee1ab2cc0749f6444b043681edf#diff-05e83ad5f4c0624ed6ff385aed1bf33b",
"url": "https://github.com/gnuboard/gnuboard5/commit/a45241f4bc46aee1ab2cc0749f6444b043681edf#diff-05e83ad5f4c0624ed6ff385aed1bf33b"
}
]
}

58
2018/18xxx/CVE-2018-18675.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-18675",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the \"mobile board title contents\" parameter, aka the adm/board_form_update.php bo_mobile_subject parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/gnuboard/gnuboard5/releases/tag/5.3.2.0",
"url": "https://github.com/gnuboard/gnuboard5/releases/tag/5.3.2.0"
},
{
"refsource": "MISC",
"name": "https://github.com/gnuboard/gnuboard5/compare/15b2e73...2549172",
"url": "https://github.com/gnuboard/gnuboard5/compare/15b2e73...2549172"
},
{
"refsource": "MISC",
"name": "https://github.com/gnuboard/gnuboard5/commit/a45241f4bc46aee1ab2cc0749f6444b043681edf#diff-94ec20582215bda9f55fadcefe68c168",
"url": "https://github.com/gnuboard/gnuboard5/commit/a45241f4bc46aee1ab2cc0749f6444b043681edf#diff-94ec20582215bda9f55fadcefe68c168"
}
]
}

58
2018/18xxx/CVE-2018-18676.json
View File

@ -2,7 +2,30 @@
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2018-18676",
"STATE": "RESERVED"
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
@ -11,7 +34,38 @@
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "GNUBOARD5 5.3.1.9 has XSS that allows remote attackers to inject arbitrary web script or HTML via the \"mobile board tail contents\" parameter, aka the adm/board_form_update.php bo_mobile_content_tail parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://github.com/gnuboard/gnuboard5/releases/tag/5.3.2.0",
"url": "https://github.com/gnuboard/gnuboard5/releases/tag/5.3.2.0"
},
{
"refsource": "MISC",
"name": "https://github.com/gnuboard/gnuboard5/compare/15b2e73...2549172",
"url": "https://github.com/gnuboard/gnuboard5/compare/15b2e73...2549172"
},
{
"refsource": "MISC",
"name": "https://github.com/gnuboard/gnuboard5/commit/a45241f4bc46aee1ab2cc0749f6444b043681edf#diff-653a2b5a93ed2ca9b8c809ba723638c1",
"url": "https://github.com/gnuboard/gnuboard5/commit/a45241f4bc46aee1ab2cc0749f6444b043681edf#diff-653a2b5a93ed2ca9b8c809ba723638c1"
}
]
}

2
2019/11xxx/CVE-2019-11553.json
View File

@ -34,7 +34,7 @@
"description_data": [
{
"lang": "eng",
"value": "Code42 for Enterprise through 6.8.4 has Incorrect Access Control."
"value": "In Code42 for Enterprise through 6.8.4, an administrator without web restore permission but with the ability to manage users in an organization can impersonate a user with web restore permission. When requesting the token to do a web restore, an administrator with permission to manage a user could request the token of that user. If the administrator was not authorized to perform web restores but the user was authorized to perform web restores, this would allow the administrator to impersonate the user with greater permissions. In order to exploit this vulnerability, the user would have to be an administrator with access to manage an organization with a user with greater permissions than themselves."
}
]
},

62
2019/13xxx/CVE-2019-13570.json Normal file
View File

@ -0,0 +1,62 @@
{
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-13570",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The AJdG AdRotate plugin before 5.3 for WordPress allows SQL Injection."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"name": "https://ajdg.solutions/2019/07/11/adrotate-pro-5-3-important-update-for-security-and-ads-txt/",
"url": "https://ajdg.solutions/2019/07/11/adrotate-pro-5-3-important-update-for-security-and-ads-txt/"
}
]
}
}