admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-05-07 03:02:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-07-12 17:00:40 +00:00
parent 0ec826ff54
commit dd09977c7a
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
4 changed files with 32 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
2022/2xxx/CVE-2022-2297.json
View File

@ -49,7 +49,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability, which was classified as critical, was found in SourceCodester Clinics Patient Management System 2.0. Affected is an unknown function of the file \/pms\/update_user.php?user_id=1. The manipulation of the argument profile_picture with the input <?php phpinfo();?> leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
"value": "A vulnerability, which was classified as critical, was found in SourceCodester Clinics Patient Management System 2.0. Affected is an unknown function of the file /pms/update_user.php?user_id=1. The manipulation of the argument profile_picture with the input <?php phpinfo();?> leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
}
]
},
@ -57,16 +57,20 @@
"cvss": {
"version": "3.1",
"baseScore": "6.3",
"vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:L\/A:L"
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"
}
},
"references": {
"reference_data": [
{
"url": "https:\/\/github.com\/CyberThoth\/CVE\/blob\/8c6b66919be1bd66a54c16cc27cbdd9793221d3e\/CVE\/Clinic's%20Patient%20Management%20System\/Unrestricted%20file%20upload%20(RCE)\/POC.md"
"url": "https://github.com/CyberThoth/CVE/blob/8c6b66919be1bd66a54c16cc27cbdd9793221d3e/CVE/Clinic's%20Patient%20Management%20System/Unrestricted%20file%20upload%20(RCE)/POC.md",
"refsource": "MISC",
"name": "https://github.com/CyberThoth/CVE/blob/8c6b66919be1bd66a54c16cc27cbdd9793221d3e/CVE/Clinic's%20Patient%20Management%20System/Unrestricted%20file%20upload%20(RCE)/POC.md"
},
{
"url": "https:\/\/vuldb.com\/?id.203178"
"url": "https://vuldb.com/?id.203178",
"refsource": "MISC",
"name": "https://vuldb.com/?id.203178"
}
]
}

12
2022/2xxx/CVE-2022-2298.json
View File

@ -49,7 +49,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability has been found in SourceCodester Clinics Patient Management System 2.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file \/pms\/index.php of the component Login Page. The manipulation of the argument user_name with the input admin' or '1'='1 leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
"value": "A vulnerability has been found in SourceCodester Clinics Patient Management System 2.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /pms/index.php of the component Login Page. The manipulation of the argument user_name with the input admin' or '1'='1 leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
}
]
},
@ -57,16 +57,20 @@
"cvss": {
"version": "3.1",
"baseScore": "7.3",
"vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:L\/I:L\/A:L"
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
}
},
"references": {
"reference_data": [
{
"url": "https:\/\/github.com\/CyberThoth\/CVE\/blob\/63e283e7d7dad3783237f15cdae2bb649bc1e198\/CVE\/Clinic's%20Patient%20Management%20System\/SQLi\/POC.md"
"url": "https://github.com/CyberThoth/CVE/blob/63e283e7d7dad3783237f15cdae2bb649bc1e198/CVE/Clinic's%20Patient%20Management%20System/SQLi/POC.md",
"refsource": "MISC",
"name": "https://github.com/CyberThoth/CVE/blob/63e283e7d7dad3783237f15cdae2bb649bc1e198/CVE/Clinic's%20Patient%20Management%20System/SQLi/POC.md"
},
{
"url": "https:\/\/vuldb.com\/?id.203179"
"url": "https://vuldb.com/?id.203179",
"refsource": "MISC",
"name": "https://vuldb.com/?id.203179"
}
]
}

12
2022/2xxx/CVE-2022-2363.json
View File

@ -49,7 +49,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability, which was classified as problematic, has been found in SourceCodester Simple Parking Management System 1.0. Affected by this issue is some unknown functionality of the file \/ci_spms\/admin\/search\/searching\/. The manipulation of the argument search with the input \"><script>alert(\"XSS\")<\/script> leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
"value": "A vulnerability, which was classified as problematic, has been found in SourceCodester Simple Parking Management System 1.0. Affected by this issue is some unknown functionality of the file /ci_spms/admin/search/searching/. The manipulation of the argument search with the input \"><script>alert(\"XSS\")</script> leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
}
]
},
@ -57,16 +57,20 @@
"cvss": {
"version": "3.1",
"baseScore": "3.5",
"vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:U\/C:N\/I:L\/A:N"
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"
}
},
"references": {
"reference_data": [
{
"url": "https:\/\/github.com\/CyberThoth\/CVE\/blob\/eea3090b960da014312f7ad4b09aa58d23966d77\/CVE\/Simple%20Parking%20Management%20System\/Cross%20Site%20Scripting(Refelected)\/POC.md"
"url": "https://github.com/CyberThoth/CVE/blob/eea3090b960da014312f7ad4b09aa58d23966d77/CVE/Simple%20Parking%20Management%20System/Cross%20Site%20Scripting(Refelected)/POC.md",
"refsource": "MISC",
"name": "https://github.com/CyberThoth/CVE/blob/eea3090b960da014312f7ad4b09aa58d23966d77/CVE/Simple%20Parking%20Management%20System/Cross%20Site%20Scripting(Refelected)/POC.md"
},
{
"url": "https:\/\/vuldb.com\/?id.203420"
"url": "https://vuldb.com/?id.203420",
"refsource": "MISC",
"name": "https://vuldb.com/?id.203420"
}
]
}

12
2022/2xxx/CVE-2022-2364.json
View File

@ -49,7 +49,7 @@
"description_data": [
{
"lang": "eng",
"value": "A vulnerability, which was classified as problematic, was found in SourceCodester Simple Parking Management System 1.0. This affects an unknown part of the file \/ci_spms\/admin\/category. The manipulation of the argument vehicle_type with the input \"><script>alert(\"XSS\")<\/script> leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
"value": "A vulnerability, which was classified as problematic, was found in SourceCodester Simple Parking Management System 1.0. This affects an unknown part of the file /ci_spms/admin/category. The manipulation of the argument vehicle_type with the input \"><script>alert(\"XSS\")</script> leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
}
]
},
@ -57,16 +57,20 @@
"cvss": {
"version": "3.1",
"baseScore": "3.5",
"vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:U\/C:N\/I:L\/A:N"
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N"
}
},
"references": {
"reference_data": [
{
"url": "https:\/\/github.com\/CyberThoth\/CVE\/blob\/eea3090b960da014312f7ad4b09aa58d23966d77\/CVE\/Simple%20Parking%20Management%20System\/Cross%20Site%20Scripting(Stored)\/POC.md"
"url": "https://github.com/CyberThoth/CVE/blob/eea3090b960da014312f7ad4b09aa58d23966d77/CVE/Simple%20Parking%20Management%20System/Cross%20Site%20Scripting(Stored)/POC.md",
"refsource": "MISC",
"name": "https://github.com/CyberThoth/CVE/blob/eea3090b960da014312f7ad4b09aa58d23966d77/CVE/Simple%20Parking%20Management%20System/Cross%20Site%20Scripting(Stored)/POC.md"
},
{
"url": "https:\/\/vuldb.com\/?id.203421"
"url": "https://vuldb.com/?id.203421",
"refsource": "MISC",
"name": "https://vuldb.com/?id.203421"
}
]
}