admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-07-20 12:00:49 +00:00
parent 8dc2faaca2
commit b5da931259
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
8 changed files with 72 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
2022/2xxx/CVE-2022-2486.json
View File

@ -4,7 +4,7 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-2486",
"TITLE": "WAVLINK WN535K2\/WN535K3 os command injection",
"TITLE": "WAVLINK WN535K2/WN535K3 os command injection",
"REQUESTER": "cna@vuldb.com",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
@ -22,7 +22,7 @@
"version": {
"version_data": [
{
"version_value": "n\/a"
"version_value": "n/a"
}
]
}
@ -32,7 +32,7 @@
"version": {
"version_data": [
{
"version_value": "n\/a"
"version_value": "n/a"
}
]
}
@ -59,7 +59,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability, which was classified as critical, was found in WAVLINK WN535K2 and WN535K3. This affects an unknown part of the file \/cgi-bin\/mesh.cgi?page=upgrade. The manipulation of the argument key leads to os command injection. The exploit has been disclosed to the public and may be used."
"value": "A vulnerability, which was classified as critical, was found in WAVLINK WN535K2 and WN535K3. This affects an unknown part of the file /cgi-bin/mesh.cgi?page=upgrade. The manipulation of the argument key leads to os command injection. The exploit has been disclosed to the public and may be used."
}
]
},
@ -67,16 +67,20 @@
"cvss": {
"version": "3.1",
"baseScore": "8.0",
"vectorString": "CVSS:3.1\/AV:A\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H"
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
},
"references": {
"reference_data": [
{
"url": "https:\/\/github.com\/1angx\/webray.com.cn\/blob\/main\/Wavlink\/Wavlink%20mesh.cgi.md"
"url": "https://github.com/1angx/webray.com.cn/blob/main/Wavlink/Wavlink%20mesh.cgi.md",
"refsource": "MISC",
"name": "https://github.com/1angx/webray.com.cn/blob/main/Wavlink/Wavlink%20mesh.cgi.md"
},
{
"url": "https:\/\/vuldb.com\/?id.204537"
"url": "https://vuldb.com/?id.204537",
"refsource": "MISC",
"name": "https://vuldb.com/?id.204537"
}
]
}

18
2022/2xxx/CVE-2022-2487.json
View File

@ -4,7 +4,7 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-2487",
"TITLE": "WAVLINK WN535K2\/WN535K3 nightled.cgi os command injection",
"TITLE": "WAVLINK WN535K2/WN535K3 nightled.cgi os command injection",
"REQUESTER": "cna@vuldb.com",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
@ -22,7 +22,7 @@
"version": {
"version_data": [
{
"version_value": "n\/a"
"version_value": "n/a"
}
]
}
@ -32,7 +32,7 @@
"version": {
"version_data": [
{
"version_value": "n\/a"
"version_value": "n/a"
}
]
}
@ -59,7 +59,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been found in WAVLINK WN535K2 and WN535K3 and classified as critical. This vulnerability affects unknown code of the file \/cgi-bin\/nightled.cgi. The manipulation of the argument start_hour leads to os command injection. The exploit has been disclosed to the public and may be used."
"value": "A vulnerability has been found in WAVLINK WN535K2 and WN535K3 and classified as critical. This vulnerability affects unknown code of the file /cgi-bin/nightled.cgi. The manipulation of the argument start_hour leads to os command injection. The exploit has been disclosed to the public and may be used."
}
]
},
@ -67,16 +67,20 @@
"cvss": {
"version": "3.1",
"baseScore": "8.0",
"vectorString": "CVSS:3.1\/AV:A\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H"
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
},
"references": {
"reference_data": [
{
"url": "https:\/\/github.com\/1angx\/webray.com.cn\/blob\/main\/Wavlink\/Wavlink%20nightled.cgi%20.md"
"url": "https://github.com/1angx/webray.com.cn/blob/main/Wavlink/Wavlink%20nightled.cgi%20.md",
"refsource": "MISC",
"name": "https://github.com/1angx/webray.com.cn/blob/main/Wavlink/Wavlink%20nightled.cgi%20.md"
},
{
"url": "https:\/\/vuldb.com\/?id.204538"
"url": "https://vuldb.com/?id.204538",
"refsource": "MISC",
"name": "https://vuldb.com/?id.204538"
}
]
}

18
2022/2xxx/CVE-2022-2488.json
View File

@ -4,7 +4,7 @@
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-2488",
"TITLE": "WAVLINK WN535K2\/WN535K3 touchlist_sync.cgi os command injection",
"TITLE": "WAVLINK WN535K2/WN535K3 touchlist_sync.cgi os command injection",
"REQUESTER": "cna@vuldb.com",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
@ -22,7 +22,7 @@
"version": {
"version_data": [
{
"version_value": "n\/a"
"version_value": "n/a"
}
]
}
@ -32,7 +32,7 @@
"version": {
"version_data": [
{
"version_value": "n\/a"
"version_value": "n/a"
}
]
}
@ -59,7 +59,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in WAVLINK WN535K2 and WN535K3 and classified as critical. This issue affects some unknown processing of the file \/cgi-bin\/touchlist_sync.cgi. The manipulation of the argument IP leads to os command injection. The exploit has been disclosed to the public and may be used."
"value": "A vulnerability was found in WAVLINK WN535K2 and WN535K3 and classified as critical. This issue affects some unknown processing of the file /cgi-bin/touchlist_sync.cgi. The manipulation of the argument IP leads to os command injection. The exploit has been disclosed to the public and may be used."
}
]
},
@ -67,16 +67,20 @@
"cvss": {
"version": "3.1",
"baseScore": "8.0",
"vectorString": "CVSS:3.1\/AV:A\/AC:L\/PR:L\/UI:N\/S:U\/C:H\/I:H\/A:H"
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"
}
},
"references": {
"reference_data": [
{
"url": "https:\/\/github.com\/1angx\/webray.com.cn\/blob\/main\/Wavlink\/Wavlink%20touchlist_sync.cgi.md"
"url": "https://github.com/1angx/webray.com.cn/blob/main/Wavlink/Wavlink%20touchlist_sync.cgi.md",
"refsource": "MISC",
"name": "https://github.com/1angx/webray.com.cn/blob/main/Wavlink/Wavlink%20touchlist_sync.cgi.md"
},
{
"url": "https:\/\/vuldb.com\/?id.204539"
"url": "https://vuldb.com/?id.204539",
"refsource": "MISC",
"name": "https://vuldb.com/?id.204539"
}
]
}

10
2022/2xxx/CVE-2022-2489.json
View File

@ -57,16 +57,20 @@
"cvss": {
"version": "3.1",
"baseScore": "6.3",
"vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:L\/A:L"
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"
}
},
"references": {
"reference_data": [
{
"url": "https:\/\/github.com\/xiahao90\/CVEproject\/blob\/main\/xiahao.webray.com.cn\/Simple-E-Learning-System.md"
"url": "https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Simple-E-Learning-System.md",
"refsource": "MISC",
"name": "https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Simple-E-Learning-System.md"
},
{
"url": "https:\/\/vuldb.com\/?id.204551"
"url": "https://vuldb.com/?id.204551",
"refsource": "MISC",
"name": "https://vuldb.com/?id.204551"
}
]
}

10
2022/2xxx/CVE-2022-2490.json
View File

@ -57,16 +57,20 @@
"cvss": {
"version": "3.1",
"baseScore": "6.3",
"vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:L\/A:L"
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"
}
},
"references": {
"reference_data": [
{
"url": "https:\/\/github.com\/xiahao90\/CVEproject\/blob\/main\/xiahao.webray.com.cn\/Simple-E-Learning-System.md#search.php"
"url": "https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Simple-E-Learning-System.md#search.php",
"refsource": "MISC",
"name": "https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Simple-E-Learning-System.md#search.php"
},
{
"url": "https:\/\/vuldb.com\/?id.204552"
"url": "https://vuldb.com/?id.204552",
"refsource": "MISC",
"name": "https://vuldb.com/?id.204552"
}
]
}

10
2022/2xxx/CVE-2022-2491.json
View File

@ -57,16 +57,20 @@
"cvss": {
"version": "3.1",
"baseScore": "6.3",
"vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:L\/A:L"
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"
}
},
"references": {
"reference_data": [
{
"url": "https:\/\/github.com\/xiahao90\/CVEproject\/blob\/main\/xiahao.webray.com.cn\/Library-Management-System-with-QR-code-Attendance-and-Auto-Generate-Library-Card.md"
"url": "https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Library-Management-System-with-QR-code-Attendance-and-Auto-Generate-Library-Card.md",
"refsource": "MISC",
"name": "https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Library-Management-System-with-QR-code-Attendance-and-Auto-Generate-Library-Card.md"
},
{
"url": "https:\/\/vuldb.com\/?id.204574"
"url": "https://vuldb.com/?id.204574",
"refsource": "MISC",
"name": "https://vuldb.com/?id.204574"
}
]
}

12
2022/2xxx/CVE-2022-2492.json
View File

@ -49,7 +49,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability was found in SourceCodester Library Management System 1.0 and classified as critical. This issue affects some unknown processing of the file \/index.php. The manipulation of the argument RollNo with the input admin' AND (SELECT 2625 FROM (SELECT(SLEEP(5)))MdIL) AND 'KXmq'='KXmq&Password=1231312312 leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
"value": "A vulnerability was found in SourceCodester Library Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /index.php. The manipulation of the argument RollNo with the input admin' AND (SELECT 2625 FROM (SELECT(SLEEP(5)))MdIL) AND 'KXmq'='KXmq&Password=1231312312 leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
}
]
},
@ -57,16 +57,20 @@
"cvss": {
"version": "3.1",
"baseScore": "6.3",
"vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:L\/A:L"
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"
}
},
"references": {
"reference_data": [
{
"url": "https:\/\/github.com\/xiahao90\/CVEproject\/blob\/main\/xiahao.webray.com.cn\/Library-Management-System-with-QR-code-Attendance-and-Auto-Generate-Library-Card.md#index.php"
"url": "https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Library-Management-System-with-QR-code-Attendance-and-Auto-Generate-Library-Card.md#index.php",
"refsource": "MISC",
"name": "https://github.com/xiahao90/CVEproject/blob/main/xiahao.webray.com.cn/Library-Management-System-with-QR-code-Attendance-and-Auto-Generate-Library-Card.md#index.php"
},
{
"url": "https:\/\/vuldb.com\/?id.204575"
"url": "https://vuldb.com/?id.204575",
"refsource": "MISC",
"name": "https://vuldb.com/?id.204575"
}
]
}

10
2022/34xxx/CVE-2022-34169.json
View File

@ -86,6 +86,16 @@
"refsource": "MLIST",
"name": "[oss-security] 20220719 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets",
"url": "http://www.openwall.com/lists/oss-security/2022/07/19/6"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20220719 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets",
"url": "http://www.openwall.com/lists/oss-security/2022/07/20/2"
},
{
"refsource": "MLIST",
"name": "[oss-security] 20220720 Re: CVE-2022-34169: Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when processing malicious XSLT stylesheets",
"url": "http://www.openwall.com/lists/oss-security/2022/07/20/3"
}
]
},