admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 19:17:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2024-05-17 19:00:36 +00:00
parent 88608e2f4b
commit c2ac1934f7
No known key found for this signature in database
GPG Key ID: BC5FD8F2443B23B7
4 changed files with 329 additions and 17 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

79
2021/22xxx/CVE-2021-22508.json
View File

@ -1,17 +1,88 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2021-22508",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@opentext.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A potential vulnerability has been identified for OpenText Operations Bridge Reporter. The vulnerability could be exploited to inject malicious SQL queries. An attack requires to be an authenticated administrator of OBR with network access to the OBR web application."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-20 Improper Input Validation",
"cweId": "CWE-20"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "vendor or project",
"product": {
"product_data": [
{
"product_name": "product name",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "10.50"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://support.microfocus.com/kb/kmdoc.php?id=KM03793174",
"refsource": "MISC",
"name": "https://support.microfocus.com/kb/kmdoc.php?id=KM03793174"
}
]
},
"generator": {
"engine": "Vulnogram 0.2.0"
},
"source": {
"discovery": "UNKNOWN"
},
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

67
2024/5xxx/CVE-2024-5022.json
View File

@ -1,18 +1,75 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-5022",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "security@mozilla.org",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "The file scheme of URLs would be hidden, resulting in potential spoofing of a website's address in the location bar This vulnerability affects Focus for iOS < 126."
}
]
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "URLs with file scheme could have been used to spoof addresses in the location bar"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Mozilla",
"product": {
"product_data": [
{
"product_name": "Focus for iOS",
"version": {
"version_data": [
{
"version_affected": "<",
"version_name": "unspecified",
"version_value": "126"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://bugzilla.mozilla.org/show_bug.cgi?id=1874560",
"refsource": "MISC",
"name": "https://bugzilla.mozilla.org/show_bug.cgi?id=1874560"
},
{
"url": "https://www.mozilla.org/security/advisories/mfsa2024-24/",
"refsource": "MISC",
"name": "https://www.mozilla.org/security/advisories/mfsa2024-24/"
}
]
},
"credits": [
{
"lang": "en",
"value": "James Lee"
}
]
}

100
2024/5xxx/CVE-2024-5063.json
View File

@ -1,17 +1,109 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-5063",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability was found in PHPGurukul Online Course Registration System 3.1. It has been declared as critical. This vulnerability affects unknown code of the file /admin/index.php. The manipulation of the argument username/password leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-264922 is the identifier assigned to this vulnerability."
},
{
"lang": "deu",
"value": "In PHPGurukul Online Course Registration System 3.1 wurde eine Schwachstelle ausgemacht. Sie wurde als kritisch eingestuft. Betroffen ist eine unbekannte Verarbeitung der Datei /admin/index.php. Durch das Beeinflussen des Arguments username/password mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk passieren. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 SQL Injection",
"cweId": "CWE-89"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "PHPGurukul",
"product": {
"product_data": [
{
"product_name": "Online Course Registration System",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.264922",
"refsource": "MISC",
"name": "https://vuldb.com/?id.264922"
},
{
"url": "https://vuldb.com/?ctiid.264922",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.264922"
},
{
"url": "https://vuldb.com/?submit.336236",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.336236"
},
{
"url": "https://github.com/BurakSevben/CVEs/blob/main/Online%20Course%20Registration%20System/Online%20Course%20Registration%20System%20-%20Authentication%20Bypass.md",
"refsource": "MISC",
"name": "https://github.com/BurakSevben/CVEs/blob/main/Online%20Course%20Registration%20System/Online%20Course%20Registration%20System%20-%20Authentication%20Bypass.md"
}
]
},
"credits": [
{
"lang": "en",
"value": "Burak (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 7.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "HIGH"
},
{
"version": "3.0",
"baseScore": 7.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "HIGH"
},
{
"version": "2.0",
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P"
}
]
}

100
2024/5xxx/CVE-2024-5064.json
View File

@ -1,17 +1,109 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2024-5064",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "A vulnerability was found in PHPGurukul Online Course Registration System 3.1. It has been rated as critical. This issue affects some unknown processing of the file news-details.php. The manipulation of the argument nid leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-264923."
},
{
"lang": "deu",
"value": "Eine Schwachstelle wurde in PHPGurukul Online Course Registration System 3.1 ausgemacht. Sie wurde als kritisch eingestuft. Betroffen davon ist ein unbekannter Prozess der Datei news-details.php. Durch Beeinflussen des Arguments nid mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 SQL Injection",
"cweId": "CWE-89"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "PHPGurukul",
"product": {
"product_data": [
{
"product_name": "Online Course Registration System",
"version": {
"version_data": [
{
"version_affected": "=",
"version_value": "3.1"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.264923",
"refsource": "MISC",
"name": "https://vuldb.com/?id.264923"
},
{
"url": "https://vuldb.com/?ctiid.264923",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.264923"
},
{
"url": "https://vuldb.com/?submit.336238",
"refsource": "MISC",
"name": "https://vuldb.com/?submit.336238"
},
{
"url": "https://github.com/BurakSevben/CVEs/blob/main/Online%20Course%20Registration%20System/Online%20Course%20Registration%20System%20-%20SQL%20Injection%20-%202%20(Unauthenticated).md",
"refsource": "MISC",
"name": "https://github.com/BurakSevben/CVEs/blob/main/Online%20Course%20Registration%20System/Online%20Course%20Registration%20System%20-%20SQL%20Injection%20-%202%20(Unauthenticated).md"
}
]
},
"credits": [
{
"lang": "en",
"value": "Burak (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 7.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "HIGH"
},
{
"version": "3.0",
"baseScore": 7.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "HIGH"
},
{
"version": "2.0",
"baseScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P"
}
]
}