diff --git a/2013/1xxx/CVE-2013-1937.json b/2013/1xxx/CVE-2013-1937.json index 9b18790a887..3534b9b6740 100644 --- a/2013/1xxx/CVE-2013-1937.json +++ b/2013/1xxx/CVE-2013-1937.json @@ -34,7 +34,7 @@ "description_data" : [ { "lang" : "eng", - "value" : "Multiple cross-site scripting (XSS) vulnerabilities in tbl_gis_visualization.php in phpMyAdmin 3.5.x before 3.5.8 might allow remote attackers to inject arbitrary web script or HTML via the (1) visualizationSettings[width] or (2) visualizationSettings[height] parameter." + "value" : "** DISPUTED ** Multiple cross-site scripting (XSS) vulnerabilities in tbl_gis_visualization.php in phpMyAdmin 3.5.x before 3.5.8 might allow remote attackers to inject arbitrary web script or HTML via the (1) visualizationSettings[width] or (2) visualizationSettings[height] parameter. NOTE: a third party reports that this is \"not exploitable.\"" } ] }, @@ -72,6 +72,11 @@ "refsource" : "MISC", "url" : "http://www.waraxe.us/advisory-102.html" }, + { + "name" : "http://immunityservices.blogspot.com/2019/02/cvss.html", + "refsource" : "MISC", + "url" : "http://immunityservices.blogspot.com/2019/02/cvss.html" + }, { "name" : "https://github.com/phpmyadmin/phpmyadmin/commit/79089c9bc02c82c15419fd9d6496b8781ae08a5a", "refsource" : "CONFIRM", diff --git a/2018/20xxx/CVE-2018-20772.json b/2018/20xxx/CVE-2018-20772.json new file mode 100644 index 00000000000..bf13e57b893 --- /dev/null +++ b/2018/20xxx/CVE-2018-20772.json @@ -0,0 +1,62 @@ +{ + "CVE_data_meta" : { + "ASSIGNER" : "cve@mitre.org", + "ID" : "CVE-2018-20772", + "STATE" : "PUBLIC" + }, + "affects" : { + "vendor" : { + "vendor_data" : [ + { + "product" : { + "product_data" : [ + { + "product_name" : "n/a", + "version" : { + "version_data" : [ + { + "version_value" : "n/a" + } + ] + } + } + ] + }, + "vendor_name" : "n/a" + } + ] + } + }, + "data_format" : "MITRE", + "data_type" : "CVE", + "data_version" : "4.0", + "description" : { + "description_data" : [ + { + "lang" : "eng", + "value" : "Frog CMS 0.9.5 allows PHP code execution via