diff --git a/2022/3xxx/CVE-2022-3299.json b/2022/3xxx/CVE-2022-3299.json index 88a0666705c..eb0e41d0c45 100644 --- a/2022/3xxx/CVE-2022-3299.json +++ b/2022/3xxx/CVE-2022-3299.json @@ -79,7 +79,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability was found in Open5GS up to 2.4.10. It has been declared as problematic. Affected by this vulnerability is an unknown functionality in the library lib\/sbi\/client.c of the component AMF. The manipulation leads to denial of service. The attack can be launched remotely. The name of the patch is 724fa568435dae45ef0c3a48b2aabde052afae88. It is recommended to apply a patch to fix this issue. The identifier VDB-209545 was assigned to this vulnerability." + "value": "A vulnerability was found in Open5GS up to 2.4.10. It has been declared as problematic. Affected by this vulnerability is an unknown functionality in the library lib/sbi/client.c of the component AMF. The manipulation leads to denial of service. The attack can be launched remotely. The name of the patch is 724fa568435dae45ef0c3a48b2aabde052afae88. It is recommended to apply a patch to fix this issue. The identifier VDB-209545 was assigned to this vulnerability." } ] }, @@ -88,19 +88,25 @@ "cvss": { "version": "3.1", "baseScore": "4.3", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:N\/I:N\/A:L" + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L" } }, "references": { "reference_data": [ { - "url": "https:\/\/github.com\/open5gs\/open5gs\/issues\/1769" + "url": "https://github.com/open5gs/open5gs/issues/1769", + "refsource": "MISC", + "name": "https://github.com/open5gs/open5gs/issues/1769" }, { - "url": "https:\/\/github.com\/open5gs\/open5gs\/commit\/724fa568435dae45ef0c3a48b2aabde052afae88" + "url": "https://github.com/open5gs/open5gs/commit/724fa568435dae45ef0c3a48b2aabde052afae88", + "refsource": "MISC", + "name": "https://github.com/open5gs/open5gs/commit/724fa568435dae45ef0c3a48b2aabde052afae88" }, { - "url": "https:\/\/vuldb.com\/?id.209545" + "url": "https://vuldb.com/?id.209545", + "refsource": "MISC", + "name": "https://vuldb.com/?id.209545" } ] } diff --git a/2022/3xxx/CVE-2022-3303.json b/2022/3xxx/CVE-2022-3303.json new file mode 100644 index 00000000000..8dc5571a5d8 --- /dev/null +++ b/2022/3xxx/CVE-2022-3303.json @@ -0,0 +1,18 @@ +{ + "data_type": "CVE", + "data_format": "MITRE", + "data_version": "4.0", + "CVE_data_meta": { + "ID": "CVE-2022-3303", + "ASSIGNER": "cve@mitre.org", + "STATE": "RESERVED" + }, + "description": { + "description_data": [ + { + "lang": "eng", + "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + } + ] + } +} \ No newline at end of file diff --git a/2022/40xxx/CVE-2022-40402.json b/2022/40xxx/CVE-2022-40402.json index 0da784a2a04..3cfe9ee255a 100644 --- a/2022/40xxx/CVE-2022-40402.json +++ b/2022/40xxx/CVE-2022-40402.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-40402", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-40402", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the booking parameter at /admin/client_assign.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/wshark00/Bug_report/blob/main/vendors/pushpam02/wedding-planner/SQLi-1.md", + "url": "https://github.com/wshark00/Bug_report/blob/main/vendors/pushpam02/wedding-planner/SQLi-1.md" } ] } diff --git a/2022/40xxx/CVE-2022-40403.json b/2022/40xxx/CVE-2022-40403.json index 0edafd8b1c4..d8cd71eef05 100644 --- a/2022/40xxx/CVE-2022-40403.json +++ b/2022/40xxx/CVE-2022-40403.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-40403", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-40403", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/feature_edit.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/wshark00/Bug_report/blob/main/vendors/pushpam02/wedding-planner/SQLi-3.md", + "url": "https://github.com/wshark00/Bug_report/blob/main/vendors/pushpam02/wedding-planner/SQLi-3.md" } ] } diff --git a/2022/40xxx/CVE-2022-40404.json b/2022/40xxx/CVE-2022-40404.json index b6ef3a75e15..ab4c64b2f9f 100644 --- a/2022/40xxx/CVE-2022-40404.json +++ b/2022/40xxx/CVE-2022-40404.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-40404", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-40404", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Wedding Planner v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /admin/select.php." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/wshark00/Bug_report/blob/main/vendors/pushpam02/wedding-planner/SQLi-2.md", + "url": "https://github.com/wshark00/Bug_report/blob/main/vendors/pushpam02/wedding-planner/SQLi-2.md" } ] } diff --git a/2022/40xxx/CVE-2022-40924.json b/2022/40xxx/CVE-2022-40924.json index ae31aacda22..fbf98c0cf41 100644 --- a/2022/40xxx/CVE-2022-40924.json +++ b/2022/40xxx/CVE-2022-40924.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-40924", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-40924", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Zoo Management System v1.0 has an arbitrary file upload vulnerability in the picture upload point of the \"save_animal\" file of the \"Animals\" module in the background management system." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/admin77888/Bug_report/blob/main/vendors/pushpam02/zoo-management-system/RCE-1.md", + "url": "https://github.com/admin77888/Bug_report/blob/main/vendors/pushpam02/zoo-management-system/RCE-1.md" } ] } diff --git a/2022/40xxx/CVE-2022-40925.json b/2022/40xxx/CVE-2022-40925.json index bb1aa18e048..4615ebee7e9 100644 --- a/2022/40xxx/CVE-2022-40925.json +++ b/2022/40xxx/CVE-2022-40925.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-40925", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-40925", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Zoo Management System v1.0 has an arbitrary file upload vulnerability in the picture upload point of the \"save_event\" file of the \"Events\" module in the background management system." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/admin77888/Bug_report/blob/main/vendors/pushpam02/zoo-management-system/RCE-2.md", + "url": "https://github.com/admin77888/Bug_report/blob/main/vendors/pushpam02/zoo-management-system/RCE-2.md" } ] } diff --git a/2022/40xxx/CVE-2022-40926.json b/2022/40xxx/CVE-2022-40926.json index 2ddcb97aed9..29ccb4e7773 100644 --- a/2022/40xxx/CVE-2022-40926.json +++ b/2022/40xxx/CVE-2022-40926.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-40926", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-40926", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Online Leave Management System v1.0 is vulnerable to SQL Injection via /leave_system/classes/Master.php?f=delete_leave_type." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/admin77888/Bug_report/blob/main/vendors/oretnom23/online-leave-management-system/SQLi-2.md", + "url": "https://github.com/admin77888/Bug_report/blob/main/vendors/oretnom23/online-leave-management-system/SQLi-2.md" } ] } diff --git a/2022/40xxx/CVE-2022-40927.json b/2022/40xxx/CVE-2022-40927.json index 0c334f87629..c480383d1ec 100644 --- a/2022/40xxx/CVE-2022-40927.json +++ b/2022/40xxx/CVE-2022-40927.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-40927", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-40927", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Online Leave Management System v1.0 is vulnerable to SQL Injection via /leave_system/classes/Master.php?f=delete_designation." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/admin77888/Bug_report/blob/main/vendors/oretnom23/online-leave-management-system/SQLi-1.md", + "url": "https://github.com/admin77888/Bug_report/blob/main/vendors/oretnom23/online-leave-management-system/SQLi-1.md" } ] } diff --git a/2022/40xxx/CVE-2022-40928.json b/2022/40xxx/CVE-2022-40928.json index 3ce6bf82426..e09cf94ee7f 100644 --- a/2022/40xxx/CVE-2022-40928.json +++ b/2022/40xxx/CVE-2022-40928.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-40928", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-40928", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Online Leave Management System v1.0 is vulnerable to SQL Injection via /leave_system/classes/Master.php?f=delete_application." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/admin77888/Bug_report/blob/main/vendors/oretnom23/online-leave-management-system/SQLi-3.md", + "url": "https://github.com/admin77888/Bug_report/blob/main/vendors/oretnom23/online-leave-management-system/SQLi-3.md" } ] }