mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
"-Synchronized-Data."
This commit is contained in:
CVE Team
parent
5f16592030
commit
db247081b5
@ -66,6 +66,11 @@
|
||||
"refsource": "MISC",
|
||||
"name": "http://packetstormsecurity.com/files/163215/OpenEMR-5.0.1.7-Path-Traversal.html",
|
||||
"url": "http://packetstormsecurity.com/files/163215/OpenEMR-5.0.1.7-Path-Traversal.html"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "http://packetstormsecurity.com/files/163375/OpenEMR-5.0.1.7-Path-Traversal.html",
|
||||
"url": "http://packetstormsecurity.com/files/163375/OpenEMR-5.0.1.7-Path-Traversal.html"
|
||||
}
|
||||
]
|
||||
}
|
||||
|
||||
@ -1,75 +1,80 @@
|
||||
{
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2021-24155",
|
||||
"ASSIGNER": "contact@wpscan.com",
|
||||
"STATE": "PUBLIC",
|
||||
"TITLE": "Backup Guard < 1.6.0 - Authenticated Arbitrary File Upload"
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"generator": "WPScan CVE Generator",
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Unknown",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "WordPress Backup and Migrate Plugin – Backup Guard",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1.6.0",
|
||||
"version_value": "1.6.0"
|
||||
"CVE_data_meta": {
|
||||
"ID": "CVE-2021-24155",
|
||||
"ASSIGNER": "contact@wpscan.com",
|
||||
"STATE": "PUBLIC",
|
||||
"TITLE": "Backup Guard < 1.6.0 - Authenticated Arbitrary File Upload"
|
||||
},
|
||||
"data_format": "MITRE",
|
||||
"data_type": "CVE",
|
||||
"data_version": "4.0",
|
||||
"generator": "WPScan CVE Generator",
|
||||
"affects": {
|
||||
"vendor": {
|
||||
"vendor_data": [
|
||||
{
|
||||
"vendor_name": "Unknown",
|
||||
"product": {
|
||||
"product_data": [
|
||||
{
|
||||
"product_name": "WordPress Backup and Migrate Plugin \u2013 Backup Guard",
|
||||
"version": {
|
||||
"version_data": [
|
||||
{
|
||||
"version_affected": "<",
|
||||
"version_name": "1.6.0",
|
||||
"version_value": "1.6.0"
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
}
|
||||
]
|
||||
}
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The WordPress Backup and Migrate Plugin – Backup Guard WordPress plugin before 1.6.0 did not ensure that the imported files are of the SGBP format and extension, allowing high privilege users (admin+) to upload arbitrary files, including PHP ones, leading to RCE."
|
||||
}
|
||||
]
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://wpscan.com/vulnerability/d442acac-4394-45e4-b6bb-adf4a40960fb",
|
||||
"name": "https://wpscan.com/vulnerability/d442acac-4394-45e4-b6bb-adf4a40960fb"
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"value": "CWE-434 Unrestricted Upload of File with Dangerous Type",
|
||||
"lang": "eng"
|
||||
}
|
||||
},
|
||||
"description": {
|
||||
"description_data": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "The WordPress Backup and Migrate Plugin \u2013 Backup Guard WordPress plugin before 1.6.0 did not ensure that the imported files are of the SGBP format and extension, allowing high privilege users (admin+) to upload arbitrary files, including PHP ones, leading to RCE."
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"credit": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Nguyen Van Khanh - SunCSR (Sun* Cyber Security Research) "
|
||||
},
|
||||
"references": {
|
||||
"reference_data": [
|
||||
{
|
||||
"refsource": "CONFIRM",
|
||||
"url": "https://wpscan.com/vulnerability/d442acac-4394-45e4-b6bb-adf4a40960fb",
|
||||
"name": "https://wpscan.com/vulnerability/d442acac-4394-45e4-b6bb-adf4a40960fb"
|
||||
},
|
||||
{
|
||||
"refsource": "MISC",
|
||||
"name": "http://packetstormsecurity.com/files/163382/WordPress-Backup-Guard-1.5.8-Shell-Upload.html",
|
||||
"url": "http://packetstormsecurity.com/files/163382/WordPress-Backup-Guard-1.5.8-Shell-Upload.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
"problemtype": {
|
||||
"problemtype_data": [
|
||||
{
|
||||
"description": [
|
||||
{
|
||||
"value": "CWE-434 Unrestricted Upload of File with Dangerous Type",
|
||||
"lang": "eng"
|
||||
}
|
||||
]
|
||||
}
|
||||
]
|
||||
},
|
||||
"credit": [
|
||||
{
|
||||
"lang": "eng",
|
||||
"value": "Nguyen Van Khanh - SunCSR (Sun* Cyber Security Research) "
|
||||
}
|
||||
],
|
||||
"source": {
|
||||
"discovery": "UNKNOWN"
|
||||
}
|
||||
],
|
||||
"source": {
|
||||
"discovery": "UNKNOWN"
|
||||
}
|
||||
}
|
||||
@ -91,6 +91,11 @@
|
||||
"refsource": "MLIST",
|
||||
"name": "[jmeter-dev] 20210607 [GitHub] [jmeter] sseide opened a new pull request #667: update x-stream to 1.4.17 (from 1.4.16)",
|
||||
"url": "https://lists.apache.org/thread.html/r8ee51debf7fd184b6a6b020dc31df25118b0aa612885f12fbe77f04f@%3Cdev.jmeter.apache.org%3E"
|
||||
},
|
||||
{
|
||||
"refsource": "MLIST",
|
||||
"name": "[debian-lts-announce] 20210705 [SECURITY] [DLA 2704-1] libxstream-java security update",
|
||||
"url": "https://lists.debian.org/debian-lts-announce/2021/07/msg00004.html"
|
||||
}
|
||||
]
|
||||
},
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user