admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-01-29 18:00:35 +00:00
parent 5200bee9c2
commit c8bf5466da
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
4 changed files with 223 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2021/23xxx/CVE-2021-23434.json
View File

@ -66,6 +66,11 @@
"refsource": "MISC",
"url": "https://github.com/mariocasciaro/object-path%230116",
"name": "https://github.com/mariocasciaro/object-path%230116"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230129 [SECURITY] [DLA 3291-1] node-object-path security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00031.html"
}
]
},

7
2021/3xxx/CVE-2021-3805.json
View File

@ -79,6 +79,11 @@
"name": "https://github.com/mariocasciaro/object-path/commit/e6bb638ffdd431176701b3e9024f80050d0ef0a6",
"refsource": "MISC",
"url": "https://github.com/mariocasciaro/object-path/commit/e6bb638ffdd431176701b3e9024f80050d0ef0a6"
},
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20230129 [SECURITY] [DLA 3291-1] node-object-path security update",
"url": "https://lists.debian.org/debian-lts-announce/2023/01/msg00031.html"
}
]
},
@ -86,4 +91,4 @@
"advisory": "571e3baf-7c46-46e3-9003-ba7e4e623053",
"discovery": "EXTERNAL"
}
}
}

106
2023/0xxx/CVE-2023-0570.json Normal file
View File

@ -0,0 +1,106 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2023-0570",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability, which was classified as critical, was found in SourceCodester Online Tours & Travels Management System 1.0. This affects an unknown part of the file user\\operations\\payment_operation.php. The manipulation of the argument booking_id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-219729 was assigned to this vulnerability."
},
{
"lang": "deu",
"value": "Es wurde eine kritische Schwachstelle in SourceCodester Online Tours & Travels Management System 1.0 gefunden. Betroffen hiervon ist ein unbekannter Ablauf der Datei user\\operations\\payment_operation.php. Durch Manipulation des Arguments booking_id mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-89 SQL Injection",
"cweId": "CWE-89"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "SourceCodester",
"product": {
"product_data": [
{
"product_name": "Online Tours & Travels Management System",
"version": {
"version_data": [
{
"version_value": "1.0",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.219729",
"refsource": "MISC",
"name": "https://vuldb.com/?id.219729"
},
{
"url": "https://vuldb.com/?ctiid.219729",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.219729"
},
{
"url": "https://github.com/linmoren/online-tours-travels-management-system/blob/main/user_operations_payment_operation_booking_id.md",
"refsource": "MISC",
"name": "https://github.com/linmoren/online-tours-travels-management-system/blob/main/user_operations_payment_operation_booking_id.md"
}
]
},
"credits": [
{
"lang": "en",
"value": "ddea (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 6.3,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "3.0",
"baseScore": 6.3,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseSeverity": "MEDIUM"
},
{
"version": "2.0",
"baseScore": 6.5,
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseSeverity": "MEDIUM"
}
]
}
}

106
2023/0xxx/CVE-2023-0571.json Normal file
View File

@ -0,0 +1,106 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"CVE_data_meta": {
"ID": "CVE-2023-0571",
"ASSIGNER": "cna@vuldb.com",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been found in SourceCodester Canteen Management System 1.0 and classified as problematic. This vulnerability affects unknown code of the file createcustomer.php of the component Add Customer. The manipulation of the argument name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-219730 is the identifier assigned to this vulnerability."
},
{
"lang": "deu",
"value": "In SourceCodester Canteen Management System 1.0 wurde eine problematische Schwachstelle gefunden. Es geht um eine nicht n\u00e4her bekannte Funktion der Datei createcustomer.php der Komponente Add Customer. Mittels dem Manipulieren des Arguments name mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-79 Cross Site Scripting",
"cweId": "CWE-79"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "SourceCodester",
"product": {
"product_data": [
{
"product_name": "Canteen Management System",
"version": {
"version_data": [
{
"version_value": "1.0",
"version_affected": "="
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://vuldb.com/?id.219730",
"refsource": "MISC",
"name": "https://vuldb.com/?id.219730"
},
{
"url": "https://vuldb.com/?ctiid.219730",
"refsource": "MISC",
"name": "https://vuldb.com/?ctiid.219730"
},
{
"url": "https://github.com/ctflearner/Vulnerability/blob/main/Canteen%20Management%20System/Canteen_Management_System_XSS_IN_Add_Customer.md",
"refsource": "MISC",
"name": "https://github.com/ctflearner/Vulnerability/blob/main/Canteen%20Management%20System/Canteen_Management_System_XSS_IN_Add_Customer.md"
}
]
},
"credits": [
{
"lang": "en",
"value": "Affan (VulDB User)"
}
],
"impact": {
"cvss": [
{
"version": "3.1",
"baseScore": 3.5,
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "LOW"
},
{
"version": "3.0",
"baseScore": 3.5,
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"baseSeverity": "LOW"
},
{
"version": "2.0",
"baseScore": 4,
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseSeverity": "MEDIUM"
}
]
}
}