admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-21 05:40:25 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2023-10-19 20:00:40 +00:00
parent 458ec0ac84
commit d5af91b0d1
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
7 changed files with 749 additions and 36 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

76
2022/42xxx/CVE-2022-42150.json
View File

@ -1,17 +1,81 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2022-42150",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2022-42150",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "TinyLab linux-lab v1.1-rc1 and cloud-labv0.8-rc2, v1.1-rc1 are vulnerable to insecure permissions. The default configuration could cause Container Escape."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://github.com/tinyclub/linux-lab/issues/14",
"refsource": "MISC",
"name": "https://github.com/tinyclub/linux-lab/issues/14"
},
{
"url": "https://hackmd.io/@UR9gnr32QymtmtZHnZceOw/ry428EZGo",
"refsource": "MISC",
"name": "https://hackmd.io/@UR9gnr32QymtmtZHnZceOw/ry428EZGo"
},
{
"url": "https://github.com/tinyclub/cloud-lab/blob/d19ff92713685a7fb84b423dea6a184b25c378c9/configs/common/seccomp-profiles-default.json",
"refsource": "MISC",
"name": "https://github.com/tinyclub/cloud-lab/blob/d19ff92713685a7fb84b423dea6a184b25c378c9/configs/common/seccomp-profiles-default.json"
},
{
"refsource": "MISC",
"name": "https://github.com/eBPF-Research/eBPF-Attack/blob/main/PoC.md#attack-requirements",
"url": "https://github.com/eBPF-Research/eBPF-Attack/blob/main/PoC.md#attack-requirements"
},
{
"refsource": "MISC",
"name": "https://www.usenix.org/conference/usenixsecurity23/presentation/he",
"url": "https://www.usenix.org/conference/usenixsecurity23/presentation/he"
}
]
}

56
2023/27xxx/CVE-2023-27791.json
View File

@ -1,17 +1,61 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-27791",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-27791",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue found in IXP Data Easy Install 6.6.148840 allows a remote attacker to escalate privileges via insecure PRNG."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MISC",
"name": "https://www.bramfitt-tech-labs.com/article/easy-install-cve-issue",
"url": "https://www.bramfitt-tech-labs.com/article/easy-install-cve-issue"
}
]
}

64
2023/30xxx/CVE-2023-30633.json
View File

@ -1,18 +1,70 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-30633",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-30633",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "An issue was discovered in TrEEConfigDriver in Insyde InsydeH2O with kernel 5.0 through 5.5. It can report false TPM PCR values, and thus mask malware activity. Devices use Platform Configuration Registers (PCRs) to record information about device and software configuration to ensure that the boot process is secure. (For example, Windows uses these PCR measurements to determine device health.) A vulnerable device can masquerade as a healthy device by extending arbitrary values into Platform Configuration Register (PCR) banks. This requires physical access to a target victim's device, or compromise of user credentials for a device. This issue is similar to CVE-2021-42299 (on Surface Pro devices)."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://www.insyde.com/security-pledge",
"refsource": "MISC",
"name": "https://www.insyde.com/security-pledge"
},
{
"refsource": "MISC",
"name": "https://www.insyde.com/security-pledge/SA-2023045",
"url": "https://www.insyde.com/security-pledge/SA-2023045"
}
]
},
"source": {
"discovery": "INTERNAL"
}
}

176
2023/38xxx/CVE-2023-38584.json
View File

@ -1,17 +1,185 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-38584",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "\n\n\n\n\n\n\nIn Weintek's cMT3000 HMI Web CGI device, the cgi-bin command_wb.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication.\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121 Stack-based Buffer Overflow",
"cweId": "CWE-121"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Weintek",
"product": {
"product_data": [
{
"product_name": "cMT-FHD",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "20210210 "
}
]
}
},
{
"product_name": "cMT-HDM",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "20210204 "
}
]
}
},
{
"product_name": "cMT3071",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "20210218"
}
]
}
},
{
"product_name": "cMT3072",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "20210218"
}
]
}
},
{
"product_name": "cMT3103",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "20210218"
}
]
}
},
{
"product_name": "cMT3090",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "20210218"
}
]
}
},
{
"product_name": "cMT3151",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "20210218"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12",
"refsource": "MISC",
"name": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12"
},
{
"url": "https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf",
"refsource": "MISC",
"name": "https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"advisory": "ICSMA-23-285-12",
"discovery": "EXTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\n\n\n\n<p>Weintek recommends users follow their <a target=\"_blank\" rel=\"nofollow\" href=\"https://dl.weintek.com/public/Document/UM0/UM018010E_cMT_Series_OS_Update_Instructions_eng.pdf\">Upgrade Instructions</a>&nbsp;to update the following products to the latest versions:</p><ul><li>cMT-FHD: OS version 20210211</li><li>cMT-HDM: OS version 20210205</li><li>cMT3071: OS version 20210219</li><li>cMT3072: OS version 20210219</li><li>cMT3103: OS version 20210219</li><li>cMT3090: OS version 20210219</li><li>cMT3151: OS version 20210219</li></ul><p>For additional information, refer to <a target=\"_blank\" rel=\"nofollow\" href=\"https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf\">Weintek's security bulletin</a>.</p>\n\n\n\n\n\n<br>"
}
],
"value": "\n\n\n\n\nWeintek recommends users follow their Upgrade Instructions https://dl.weintek.com/public/Document/UM0/UM018010E_cMT_Series_OS_Update_Instructions_eng.pdf \u00a0to update the following products to the latest versions:\n\n * cMT-FHD: OS version 20210211\n * cMT-HDM: OS version 20210205\n * cMT3071: OS version 20210219\n * cMT3072: OS version 20210219\n * cMT3103: OS version 20210219\n * cMT3090: OS version 20210219\n * cMT3151: OS version 20210219\n\n\nFor additional information, refer to Weintek's security bulletin https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf .\n\n\n\n\n\n\n\n\n"
}
],
"credits": [
{
"lang": "en",
"value": "Hank Chen (PSIRT and Threat Research of TXOne Networks) reported these vulnerabilities to CISA."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

176
2023/40xxx/CVE-2023-40145.json
View File

@ -1,17 +1,185 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-40145",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "\n\n\n\n\n\n\n\n\nIn Weintek's cMT3000 HMI Web CGI device, an anonymous attacker can execute arbitrary commands after login to the device.\n\n\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-78 OS Command Injection",
"cweId": "CWE-78"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Weintek",
"product": {
"product_data": [
{
"product_name": "cMT-FHD",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "20210210 "
}
]
}
},
{
"product_name": "cMT-HDM",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "20210204 "
}
]
}
},
{
"product_name": "cMT3071",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "20210218"
}
]
}
},
{
"product_name": "cMT3072",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "20210218"
}
]
}
},
{
"product_name": "cMT3103",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "20210218"
}
]
}
},
{
"product_name": "cMT3090",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "20210218"
}
]
}
},
{
"product_name": "cMT3151",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "20210218"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12",
"refsource": "MISC",
"name": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12"
},
{
"url": "https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf",
"refsource": "MISC",
"name": "https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"advisory": "ICSMA-23-285-12",
"discovery": "EXTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\n\n\n\n<p>Weintek recommends users follow their <a target=\"_blank\" rel=\"nofollow\" href=\"https://dl.weintek.com/public/Document/UM0/UM018010E_cMT_Series_OS_Update_Instructions_eng.pdf\">Upgrade Instructions</a>&nbsp;to update the following products to the latest versions:</p><ul><li>cMT-FHD: OS version 20210211</li><li>cMT-HDM: OS version 20210205</li><li>cMT3071: OS version 20210219</li><li>cMT3072: OS version 20210219</li><li>cMT3103: OS version 20210219</li><li>cMT3090: OS version 20210219</li><li>cMT3151: OS version 20210219</li></ul><p>For additional information, refer to <a target=\"_blank\" rel=\"nofollow\" href=\"https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf\">Weintek's security bulletin</a>.</p>\n\n\n\n\n\n<br>"
}
],
"value": "\n\n\n\n\nWeintek recommends users follow their Upgrade Instructions https://dl.weintek.com/public/Document/UM0/UM018010E_cMT_Series_OS_Update_Instructions_eng.pdf \u00a0to update the following products to the latest versions:\n\n * cMT-FHD: OS version 20210211\n * cMT-HDM: OS version 20210205\n * cMT3071: OS version 20210219\n * cMT3072: OS version 20210219\n * cMT3103: OS version 20210219\n * cMT3090: OS version 20210219\n * cMT3151: OS version 20210219\n\n\nFor additional information, refer to Weintek's security bulletin https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf .\n\n\n\n\n\n\n\n\n"
}
],
"credits": [
{
"lang": "en",
"value": "Hank Chen (PSIRT and Threat Research of TXOne Networks) reported these vulnerabilities to CISA."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

176
2023/43xxx/CVE-2023-43492.json
View File

@ -1,17 +1,185 @@
{
"data_version": "4.0",
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-43492",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ASSIGNER": "ics-cert@hq.dhs.gov",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "\n\n\n\n\n\n\n\n\nIn Weintek's cMT3000 HMI Web CGI device, the cgi-bin codesys.cgi contains a stack-based buffer overflow, which could allow an anonymous attacker to hijack control flow and bypass login authentication.\n\n\n\n"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "CWE-121 Stack-based Buffer Overflow",
"cweId": "CWE-121"
}
]
}
]
},
"affects": {
"vendor": {
"vendor_data": [
{
"vendor_name": "Weintek",
"product": {
"product_data": [
{
"product_name": "cMT-FHD",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "20210210 "
}
]
}
},
{
"product_name": "cMT-HDM",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "20210204 "
}
]
}
},
{
"product_name": "cMT3071",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "20210218"
}
]
}
},
{
"product_name": "cMT3072",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "20210218"
}
]
}
},
{
"product_name": "cMT3103",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "20210218"
}
]
}
},
{
"product_name": "cMT3090",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "20210218"
}
]
}
},
{
"product_name": "cMT3151",
"version": {
"version_data": [
{
"version_affected": "<=",
"version_name": "0",
"version_value": "20210218"
}
]
}
}
]
}
}
]
}
},
"references": {
"reference_data": [
{
"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12",
"refsource": "MISC",
"name": "https://www.cisa.gov/news-events/ics-advisories/icsa-23-285-12"
},
{
"url": "https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf",
"refsource": "MISC",
"name": "https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf"
}
]
},
"generator": {
"engine": "Vulnogram 0.1.0-dev"
},
"source": {
"advisory": "ICSMA-23-285-12",
"discovery": "EXTERNAL"
},
"solution": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\n\n\n\n\n\n<p>Weintek recommends users follow their <a target=\"_blank\" rel=\"nofollow\" href=\"https://dl.weintek.com/public/Document/UM0/UM018010E_cMT_Series_OS_Update_Instructions_eng.pdf\">Upgrade Instructions</a>&nbsp;to update the following products to the latest versions:</p><ul><li>cMT-FHD: OS version 20210211</li><li>cMT-HDM: OS version 20210205</li><li>cMT3071: OS version 20210219</li><li>cMT3072: OS version 20210219</li><li>cMT3103: OS version 20210219</li><li>cMT3090: OS version 20210219</li><li>cMT3151: OS version 20210219</li></ul><p>For additional information, refer to <a target=\"_blank\" rel=\"nofollow\" href=\"https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf\">Weintek's security bulletin</a>.</p>\n\n\n\n\n\n<br>"
}
],
"value": "\n\n\n\n\nWeintek recommends users follow their Upgrade Instructions https://dl.weintek.com/public/Document/UM0/UM018010E_cMT_Series_OS_Update_Instructions_eng.pdf \u00a0to update the following products to the latest versions:\n\n * cMT-FHD: OS version 20210211\n * cMT-HDM: OS version 20210205\n * cMT3071: OS version 20210219\n * cMT3072: OS version 20210219\n * cMT3103: OS version 20210219\n * cMT3090: OS version 20210219\n * cMT3151: OS version 20210219\n\n\nFor additional information, refer to Weintek's security bulletin https://dl.weintek.com/public/Document/TEC/TEC23005E_cMT_Web_Security_Update.pdf .\n\n\n\n\n\n\n\n\n"
}
],
"credits": [
{
"lang": "en",
"value": "Hank Chen (PSIRT and Threat Research of TXOne Networks) reported these vulnerabilities to CISA."
}
],
"impact": {
"cvss": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
]
}

61
2023/45xxx/CVE-2023-45376.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2023-45376",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2023-45376",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"value": "In the module \"Carousels Pack - Instagram, Products, Brands, Supplier\" (hicarouselspack) for PrestaShop up to version 1.5.0 from HiPresta for PrestaShop, a guest can perform SQL injection via HiCpProductGetter::getViewedProduct().`"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://addons.prestashop.com/en/sliders-galleries/20410-carousels-pack-instagram-products-brands-supplier.html",
"refsource": "MISC",
"name": "https://addons.prestashop.com/en/sliders-galleries/20410-carousels-pack-instagram-products-brands-supplier.html"
},
{
"refsource": "MISC",
"name": "https://security.friendsofpresta.org/modules/2023/10/19/hicarouselspack.html",
"url": "https://security.friendsofpresta.org/modules/2023/10/19/hicarouselspack.html"
}
]
}