admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-03-30 17:01:31 +00:00
parent dca64db582
commit b8de28006c
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
9 changed files with 203 additions and 80 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2019/17xxx/CVE-2019-17124.json
View File

@ -56,6 +56,11 @@
"refsource": "MISC",
"name": "https://github.com/hessandrew/CVE-2019-17124",
"url": "https://github.com/hessandrew/CVE-2019-17124"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/166541/Kramer-VIAware-2.5.0719.1034-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/166541/Kramer-VIAware-2.5.0719.1034-Remote-Code-Execution.html"
}
]
}

5
2019/9xxx/CVE-2019-9193.json
View File

@ -81,6 +81,11 @@
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/152757/PostgreSQL-COPY-FROM-PROGRAM-Command-Execution.html",
"url": "http://packetstormsecurity.com/files/152757/PostgreSQL-COPY-FROM-PROGRAM-Command-Execution.html"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/166540/PostgreSQL-11.7-Remote-Code-Execution.html",
"url": "http://packetstormsecurity.com/files/166540/PostgreSQL-11.7-Remote-Code-Execution.html"
}
]
}

141
2021/24xxx/CVE-2021-24405.json
View File

@ -1,75 +1,80 @@
{
"CVE_data_meta": {
"ID": "CVE-2021-24405",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Easy Cookie Policy <= 1.6.2 - Broken Access Control to Stored Cross-Site Scripting"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IZSoft",
"product": {
"product_data": [
{
"product_name": "Easy Cookies Policy",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "1.6.2",
"version_value": "1.6.2"
"CVE_data_meta": {
"ID": "CVE-2021-24405",
"ASSIGNER": "contact@wpscan.com",
"STATE": "PUBLIC",
"TITLE": "Easy Cookie Policy <= 1.6.2 - Broken Access Control to Stored Cross-Site Scripting"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"generator": "WPScan CVE Generator",
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "IZSoft",
"product": {
"product_data": [
{
"product_name": "Easy Cookies Policy",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "1.6.2",
"version_value": "1.6.2"
}
]
}
}
]
}
]
}
}
]
}
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Easy Cookies Policy WordPress plugin through 1.6.2 is lacking any capability and CSRF check when saving its settings, allowing any authenticated users (such as subscriber) to change them. If users can't register, this can be done through CSRF. Furthermore, the cookie banner setting is not sanitised or validated before being output in all pages of the frontend and the backend settings one, leading to a Stored Cross-Site Scripting issue."
}
]
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/9157d6d2-4bda-4fcd-8192-363a63a51ff5",
"name": "https://wpscan.com/vulnerability/9157d6d2-4bda-4fcd-8192-363a63a51ff5"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-284 Improper Access Control",
"lang": "eng"
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Easy Cookies Policy WordPress plugin through 1.6.2 is lacking any capability and CSRF check when saving its settings, allowing any authenticated users (such as subscriber) to change them. If users can't register, this can be done through CSRF. Furthermore, the cookie banner setting is not sanitised or validated before being output in all pages of the frontend and the backend settings one, leading to a Stored Cross-Site Scripting issue."
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "0xB9"
},
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://wpscan.com/vulnerability/9157d6d2-4bda-4fcd-8192-363a63a51ff5",
"name": "https://wpscan.com/vulnerability/9157d6d2-4bda-4fcd-8192-363a63a51ff5"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/166543/WordPress-Easy-Cookie-Policy-1.6.2-Cross-Site-Scripting.html",
"url": "http://packetstormsecurity.com/files/166543/WordPress-Easy-Cookie-Policy-1.6.2-Cross-Site-Scripting.html"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"value": "CWE-284 Improper Access Control",
"lang": "eng"
}
]
}
]
},
"credit": [
{
"lang": "eng",
"value": "0xB9"
}
],
"source": {
"discovery": "UNKNOWN"
}
],
"source": {
"discovery": "UNKNOWN"
}
}
}

5
2021/43xxx/CVE-2021-43701.json
View File

@ -61,6 +61,11 @@
"refsource": "MISC",
"name": "https://www.exploit-db.com/exploits/50846",
"url": "https://www.exploit-db.com/exploits/50846"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/166535/CSZ-CMS-1.2.9-SQL-Injection.html",
"url": "http://packetstormsecurity.com/files/166535/CSZ-CMS-1.2.9-SQL-Injection.html"
}
]
}

56
2021/44xxx/CVE-2021-44310.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-44310",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-44310",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in Firmware Analysis and Comparison Tool v3.2. With administrator privileges, the attacker could perform stored XSS attacks by inserting JavaScript and HTML code in user creation functionality."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://brainy-sternum-995.notion.site/CVE-2021-44310-Reserved-e9efc897f9944464b8807d44c6fc21df",
"url": "https://brainy-sternum-995.notion.site/CVE-2021-44310-Reserved-e9efc897f9944464b8807d44c6fc21df"
}
]
}

56
2021/44xxx/CVE-2021-44312.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-44312",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2021-44312",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in Firmware Analysis and Comparison Tool v3.2. Logged in administrators could be targeted by a CSRF attack through visiting a crafted web page."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://brainy-sternum-995.notion.site/CVE-2021-44312-Reserved-b4a4415e95444c0e847f926a9e9d6266",
"url": "https://brainy-sternum-995.notion.site/CVE-2021-44312-Reserved-b4a4415e95444c0e847f926a9e9d6266"
}
]
}

5
2022/0xxx/CVE-2022-0289.json
View File

@ -54,6 +54,11 @@
"url": "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html",
"refsource": "MISC",
"name": "https://chromereleases.googleblog.com/2022/01/stable-channel-update-for-desktop_19.html"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/166547/Chrome-safe_browsing-ThreatDetails-OnReceivedThreatDOMDetails-Use-After-Free.html",
"url": "http://packetstormsecurity.com/files/166547/Chrome-safe_browsing-ThreatDetails-OnReceivedThreatDOMDetails-Use-After-Free.html"
}
]
},

5
2022/23xxx/CVE-2022-23793.json
View File

@ -68,6 +68,11 @@
"url": "https://developer.joomla.org/security-centre/870-20220301-core-zip-slip-within-the-tar-extractor.html",
"refsource": "MISC",
"name": "https://developer.joomla.org/security-centre/870-20220301-core-zip-slip-within-the-tar-extractor.html"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/166546/Joomla-4.1.0-Zip-Slip-File-Overwrite-Path-Traversal.html",
"url": "http://packetstormsecurity.com/files/166546/Joomla-4.1.0-Zip-Slip-File-Overwrite-Path-Traversal.html"
}
]
}

5
2022/25xxx/CVE-2022-25487.json
View File

@ -56,6 +56,11 @@
"url": "https://github.com/thedigicraft/Atom.CMS/issues/256",
"refsource": "MISC",
"name": "https://github.com/thedigicraft/Atom.CMS/issues/256"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/166532/Atom-CMS-1.0.2-Shell-Upload.html",
"url": "http://packetstormsecurity.com/files/166532/Atom-CMS-1.0.2-Shell-Upload.html"
}
]
}