From b7769f276dcae19f516800311c34d2e65f3343aa Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 15 Jan 2019 11:05:19 -0500 Subject: [PATCH] - Synchronized data. --- 2017/18xxx/CVE-2017-18356.json | 67 ++++++++++++++++++++++++++++++++++ 2017/18xxx/CVE-2017-18357.json | 67 ++++++++++++++++++++++++++++++++++ 2017/18xxx/CVE-2017-18358.json | 67 ++++++++++++++++++++++++++++++++++ 2018/20xxx/CVE-2018-20713.json | 62 +++++++++++++++++++++++++++++++ 2018/20xxx/CVE-2018-20714.json | 62 +++++++++++++++++++++++++++++++ 2018/20xxx/CVE-2018-20715.json | 62 +++++++++++++++++++++++++++++++ 2018/20xxx/CVE-2018-20716.json | 62 +++++++++++++++++++++++++++++++ 2018/20xxx/CVE-2018-20717.json | 67 ++++++++++++++++++++++++++++++++++ 2018/20xxx/CVE-2018-20718.json | 62 +++++++++++++++++++++++++++++++ 2018/20xxx/CVE-2018-20719.json | 62 +++++++++++++++++++++++++++++++ 2019/3xxx/CVE-2019-3811.json | 32 ++++++++-------- 11 files changed, 656 insertions(+), 16 deletions(-) create mode 100644 2017/18xxx/CVE-2017-18356.json create mode 100644 2017/18xxx/CVE-2017-18357.json create mode 100644 2017/18xxx/CVE-2017-18358.json create mode 100644 2018/20xxx/CVE-2018-20713.json create mode 100644 2018/20xxx/CVE-2018-20714.json create mode 100644 2018/20xxx/CVE-2018-20715.json create mode 100644 2018/20xxx/CVE-2018-20716.json create mode 100644 2018/20xxx/CVE-2018-20717.json create mode 100644 2018/20xxx/CVE-2018-20718.json create mode 100644 2018/20xxx/CVE-2018-20719.json diff --git a/2017/18xxx/CVE-2017-18356.json b/2017/18xxx/CVE-2017-18356.json new file mode 100644 index 00000000000..bb6b174613d --- /dev/null +++ b/2017/18xxx/CVE-2017-18356.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2017-18356", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "In the Automattic WooCommerce plugin before 3.2.4 for WordPress, an attack is possible after gaining access to the target site with a user account that has at least Shop manager privileges. The attacker then constructs a specifically crafted string that will turn into a PHP object injection involving the includes/shortcodes/class-wc-shortcode-products.php WC_Shortcode_Products::get_products() use of cached queries within shortcodes." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://blog.ripstech.com/2018/woocommerce-php-object-injection/", + "refsource" : "MISC", + "url" : "https://blog.ripstech.com/2018/woocommerce-php-object-injection/" + }, + { + "name" : "https://woocommerce.wordpress.com/2017/11/16/woocommerce-3-2-4-security-fix-release-notes/", + "refsource" : "MISC", + "url" : "https://woocommerce.wordpress.com/2017/11/16/woocommerce-3-2-4-security-fix-release-notes/" + } + ] + } +} diff --git a/2017/18xxx/CVE-2017-18357.json b/2017/18xxx/CVE-2017-18357.json new file mode 100644 index 00000000000..ce92c04eea2 --- /dev/null +++ b/2017/18xxx/CVE-2017-18357.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2017-18357", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "Shopware before 5.3.4 has a PHP Object Instantiation issue via the sort parameter to the loadPreviewAction() method of the Shopware_Controllers_Backend_ProductStream controller, with resultant XXE via instantiation of a SimpleXMLElement object." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://blog.ripstech.com/2017/shopware-php-object-instantiation-to-blind-xxe/", + "refsource" : "MISC", + "url" : "https://blog.ripstech.com/2017/shopware-php-object-instantiation-to-blind-xxe/" + }, + { + "name" : "https://demo.ripstech.com/projects/shopware_5.3.3", + "refsource" : "MISC", + "url" : "https://demo.ripstech.com/projects/shopware_5.3.3" + } + ] + } +} diff --git a/2017/18xxx/CVE-2017-18358.json b/2017/18xxx/CVE-2017-18358.json new file mode 100644 index 00000000000..b68fb6bdb52 --- /dev/null +++ b/2017/18xxx/CVE-2017-18358.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2017-18358", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "LimeSurvey before 2.72.4 has Stored XSS by using the Continue Later (aka Resume later) feature to enter an email address, which is mishandled in the admin panel." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://blog.ripstech.com/2018/limesurvey-persistent-xss-to-code-execution/", + "refsource" : "MISC", + "url" : "https://blog.ripstech.com/2018/limesurvey-persistent-xss-to-code-execution/" + }, + { + "name" : "https://github.com/LimeSurvey/LimeSurvey/commit/700b20e2ae918550bfbf283f433f07622480978b", + "refsource" : "MISC", + "url" : "https://github.com/LimeSurvey/LimeSurvey/commit/700b20e2ae918550bfbf283f433f07622480978b" + } + ] + } +} diff --git a/2018/20xxx/CVE-2018-20713.json b/2018/20xxx/CVE-2018-20713.json new file mode 100644 index 00000000000..a3d46c69d01 --- /dev/null +++ b/2018/20xxx/CVE-2018-20713.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-20713", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "Shopware before 5.4.3 allows SQL Injection by remote authenticated users, aka SW-21404." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-05-2018", + "refsource" : "MISC", + "url" : "https://docs.shopware.com/en/shopware-5-en/security-updates/security-update-05-2018" + } + ] + } +} diff --git a/2018/20xxx/CVE-2018-20714.json b/2018/20xxx/CVE-2018-20714.json new file mode 100644 index 00000000000..d44b6d056b6 --- /dev/null +++ b/2018/20xxx/CVE-2018-20714.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-20714", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "The logging system of the Automattic WooCommerce plugin before 3.4.6 for WordPress is vulnerable to a File Deletion vulnerability. This allows deletion of woocommerce.php, which leads to certain privilege checks not being in place, and therefore a shop manager can escalate privileges to admin." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://blog.ripstech.com/2018/wordpress-design-flaw-leads-to-woocommerce-rce/", + "refsource" : "MISC", + "url" : "https://blog.ripstech.com/2018/wordpress-design-flaw-leads-to-woocommerce-rce/" + } + ] + } +} diff --git a/2018/20xxx/CVE-2018-20715.json b/2018/20xxx/CVE-2018-20715.json new file mode 100644 index 00000000000..6fb84197485 --- /dev/null +++ b/2018/20xxx/CVE-2018-20715.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-20715", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "The DB abstraction layer of OXID eSales 4.10.6 is vulnerable to SQL injection via the oxid or synchoxid parameter to the oxConfig::getRequestParameter() method in core/oxconfig.php." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://demo.ripstech.com/main/(scans/38/51//sidebar:types/38/51/0)", + "refsource" : "MISC", + "url" : "https://demo.ripstech.com/main/(scans/38/51//sidebar:types/38/51/0)" + } + ] + } +} diff --git a/2018/20xxx/CVE-2018-20716.json b/2018/20xxx/CVE-2018-20716.json new file mode 100644 index 00000000000..c907e42c6a6 --- /dev/null +++ b/2018/20xxx/CVE-2018-20716.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-20716", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "CubeCart before 6.1.13 has SQL Injection via the validate[] parameter of the \"I forgot my Password!\" feature." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://blog.ripstech.com/2018/cubecart-admin-authentication-bypass/", + "refsource" : "MISC", + "url" : "https://blog.ripstech.com/2018/cubecart-admin-authentication-bypass/" + } + ] + } +} diff --git a/2018/20xxx/CVE-2018-20717.json b/2018/20xxx/CVE-2018-20717.json new file mode 100644 index 00000000000..17bbed84b04 --- /dev/null +++ b/2018/20xxx/CVE-2018-20717.json @@ -0,0 +1,67 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-20717", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "In the orders section of PrestaShop before 1.7.2.5, an attack is possible after gaining access to a target store with a user role with the rights of at least a Salesman or higher privileges. The attacker can then inject arbitrary PHP objects into the process and abuse an object chain in order to gain Remote Code Execution. This occurs because protection against serialized objects looks for a 0: followed by an integer, but does not consider 0:+ followed by an integer." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://blog.ripstech.com/2018/prestashop-remote-code-execution/", + "refsource" : "MISC", + "url" : "https://blog.ripstech.com/2018/prestashop-remote-code-execution/" + }, + { + "name" : "https://build.prestashop.com/news/prestashop-1-7-2-5-maintenance-release/", + "refsource" : "MISC", + "url" : "https://build.prestashop.com/news/prestashop-1-7-2-5-maintenance-release/" + } + ] + } +} diff --git a/2018/20xxx/CVE-2018-20718.json b/2018/20xxx/CVE-2018-20718.json new file mode 100644 index 00000000000..99f9e05a650 --- /dev/null +++ b/2018/20xxx/CVE-2018-20718.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-20718", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "In Pydio before 8.2.2, an attack is possible via PHP Object Injection because a user is allowed to use the $phpserial$a:0:{} syntax to store a preference. An attacker either needs a \"public link\" of a file, or access to any unprivileged user account for creation of such a link." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://blog.ripstech.com/2018/pydio-unauthenticated-remote-code-execution/", + "refsource" : "MISC", + "url" : "https://blog.ripstech.com/2018/pydio-unauthenticated-remote-code-execution/" + } + ] + } +} diff --git a/2018/20xxx/CVE-2018-20719.json b/2018/20xxx/CVE-2018-20719.json new file mode 100644 index 00000000000..79c44917108 --- /dev/null +++ b/2018/20xxx/CVE-2018-20719.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-20719", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "In Tiki before 17.2, the user task component is vulnerable to a SQL Injection via the tiki-user_tasks.php show_history parameter." + } + ] + }, + "problemtype" : { + "problemtype_data" : [ + { + "description" : [ + { + "lang" : "eng", + "value" : "n/a" + } + ] + } + ] + }, + "references" : { + "reference_data" : [ + { + "name" : "https://blog.ripstech.com/2018/scan-verify-patch-security-issues-in-minutes/", + "refsource" : "MISC", + "url" : "https://blog.ripstech.com/2018/scan-verify-patch-security-issues-in-minutes/" + } + ] + } +} diff --git a/2019/3xxx/CVE-2019-3811.json b/2019/3xxx/CVE-2019-3811.json index 01cd25473c5..d3e61ef5796 100644 --- a/2019/3xxx/CVE-2019-3811.json +++ b/2019/3xxx/CVE-2019-3811.json @@ -50,22 +50,22 @@ }, "problemtype" : { "problemtype_data" : [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-552" - } - ] - }, - { - "description": [ - { - "lang": "eng", - "value": "CWE-200" - } - ] - } + { + "description" : [ + { + "lang" : "eng", + "value" : "CWE-552" + } + ] + }, + { + "description" : [ + { + "lang" : "eng", + "value" : "CWE-200" + } + ] + } ] }, "references" : {