From b7678a4803151a609e348bd2857c5366348a051f Mon Sep 17 00:00:00 2001 From: CVE Team Date: Wed, 23 Oct 2024 20:00:36 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2024/10xxx/CVE-2024-10300.json | 100 +++++++++++++++++++++++++++++++-- 2024/10xxx/CVE-2024-10301.json | 100 +++++++++++++++++++++++++++++++-- 2024/10xxx/CVE-2024-10316.json | 18 ++++++ 2024/10xxx/CVE-2024-10317.json | 18 ++++++ 2024/10xxx/CVE-2024-10318.json | 18 ++++++ 5 files changed, 246 insertions(+), 8 deletions(-) create mode 100644 2024/10xxx/CVE-2024-10316.json create mode 100644 2024/10xxx/CVE-2024-10317.json create mode 100644 2024/10xxx/CVE-2024-10318.json diff --git a/2024/10xxx/CVE-2024-10300.json b/2024/10xxx/CVE-2024-10300.json index 5226062e655..d5ad99e0c01 100644 --- a/2024/10xxx/CVE-2024-10300.json +++ b/2024/10xxx/CVE-2024-10300.json @@ -1,17 +1,109 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-10300", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability, which was classified as critical, has been found in PHPGurukul Medical Card Generation System 1.0. This issue affects some unknown processing of the file /admin/view-enquiry.php of the component View Enquiry Page. The manipulation of the argument viewid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "deu", + "value": "Eine Schwachstelle wurde in PHPGurukul Medical Card Generation System 1.0 entdeckt. Sie wurde als kritisch eingestuft. Dies betrifft einen unbekannten Teil der Datei /admin/view-enquiry.php der Komponente View Enquiry Page. Dank der Manipulation des Arguments viewid mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "SQL Injection", + "cweId": "CWE-89" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "PHPGurukul", + "product": { + "product_data": [ + { + "product_name": "Medical Card Generation System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.281567", + "refsource": "MISC", + "name": "https://vuldb.com/?id.281567" + }, + { + "url": "https://vuldb.com/?ctiid.281567", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.281567" + }, + { + "url": "https://vuldb.com/?submit.427404", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.427404" + }, + { + "url": "https://phpgurukul.com/", + "refsource": "MISC", + "name": "https://phpgurukul.com/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Delvy (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 4.7, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "3.0", + "baseScore": 4.7, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "2.0", + "baseScore": 5.8, + "vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P" } ] } diff --git a/2024/10xxx/CVE-2024-10301.json b/2024/10xxx/CVE-2024-10301.json index 90643e9a4d1..f39991a8d40 100644 --- a/2024/10xxx/CVE-2024-10301.json +++ b/2024/10xxx/CVE-2024-10301.json @@ -1,17 +1,109 @@ { + "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { "ID": "CVE-2024-10301", - "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ASSIGNER": "cna@vuldb.com", + "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "A vulnerability, which was classified as critical, was found in PHPGurukul Medical Card Generation System 1.0. Affected is an unknown function of the file /admin/search-medicalcard.php of the component Search. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." + }, + { + "lang": "deu", + "value": "Es wurde eine Schwachstelle in PHPGurukul Medical Card Generation System 1.0 gefunden. Sie wurde als kritisch eingestuft. Dabei betrifft es einen unbekannter Codeteil der Datei /admin/search-medicalcard.php der Komponente Search. Dank Manipulation des Arguments searchdata mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "SQL Injection", + "cweId": "CWE-89" + } + ] + } + ] + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "vendor_name": "PHPGurukul", + "product": { + "product_data": [ + { + "product_name": "Medical Card Generation System", + "version": { + "version_data": [ + { + "version_affected": "=", + "version_value": "1.0" + } + ] + } + } + ] + } + } + ] + } + }, + "references": { + "reference_data": [ + { + "url": "https://vuldb.com/?id.281568", + "refsource": "MISC", + "name": "https://vuldb.com/?id.281568" + }, + { + "url": "https://vuldb.com/?ctiid.281568", + "refsource": "MISC", + "name": "https://vuldb.com/?ctiid.281568" + }, + { + "url": "https://vuldb.com/?submit.427405", + "refsource": "MISC", + "name": "https://vuldb.com/?submit.427405" + }, + { + "url": "https://phpgurukul.com/", + "refsource": "MISC", + "name": "https://phpgurukul.com/" + } + ] + }, + "credits": [ + { + "lang": "en", + "value": "Delvy (VulDB User)" + } + ], + "impact": { + "cvss": [ + { + "version": "3.1", + "baseScore": 4.7, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "3.0", + "baseScore": 4.7, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L", + "baseSeverity": "MEDIUM" + }, + { + "version": "2.0", + "baseScore": 5.8, + "vectorString": "AV:N/AC:L/Au:M/C:P/I:P/A:P" } ] } diff --git a/2024/10xxx/CVE-2024-10316.json b/2024/10xxx/CVE-2024-10316.json new file mode 100644 index 00000000000..ed959e587fc --- /dev/null +++ b/2024/10xxx/CVE-2024-10316.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-10316", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/10xxx/CVE-2024-10317.json b/2024/10xxx/CVE-2024-10317.json new file mode 100644 index 00000000000..84d89f5cf86 --- /dev/null +++ b/2024/10xxx/CVE-2024-10317.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-10317", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2024/10xxx/CVE-2024-10318.json b/2024/10xxx/CVE-2024-10318.json new file mode 100644 index 00000000000..27b8acb1079 --- /dev/null +++ b/2024/10xxx/CVE-2024-10318.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2024-10318", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file