From dd09977c7a013a6a8e5e29b1f357171db5690293 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 12 Jul 2022 17:00:40 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2022/2xxx/CVE-2022-2297.json | 12 ++++++++---- 2022/2xxx/CVE-2022-2298.json | 12 ++++++++---- 2022/2xxx/CVE-2022-2363.json | 12 ++++++++---- 2022/2xxx/CVE-2022-2364.json | 12 ++++++++---- 4 files changed, 32 insertions(+), 16 deletions(-) diff --git a/2022/2xxx/CVE-2022-2297.json b/2022/2xxx/CVE-2022-2297.json index 9b7d71c0905..5402ecc3017 100644 --- a/2022/2xxx/CVE-2022-2297.json +++ b/2022/2xxx/CVE-2022-2297.json @@ -49,7 +49,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability, which was classified as critical, was found in SourceCodester Clinics Patient Management System 2.0. Affected is an unknown function of the file \/pms\/update_user.php?user_id=1. The manipulation of the argument profile_picture with the input leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." + "value": "A vulnerability, which was classified as critical, was found in SourceCodester Clinics Patient Management System 2.0. Affected is an unknown function of the file /pms/update_user.php?user_id=1. The manipulation of the argument profile_picture with the input leads to unrestricted upload. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." } ] }, @@ -57,16 +57,20 @@ "cvss": { "version": "3.1", "baseScore": "6.3", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:U\/C:L\/I:L\/A:L" + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L" } }, "references": { "reference_data": [ { - "url": "https:\/\/github.com\/CyberThoth\/CVE\/blob\/8c6b66919be1bd66a54c16cc27cbdd9793221d3e\/CVE\/Clinic's%20Patient%20Management%20System\/Unrestricted%20file%20upload%20(RCE)\/POC.md" + "url": "https://github.com/CyberThoth/CVE/blob/8c6b66919be1bd66a54c16cc27cbdd9793221d3e/CVE/Clinic's%20Patient%20Management%20System/Unrestricted%20file%20upload%20(RCE)/POC.md", + "refsource": "MISC", + "name": "https://github.com/CyberThoth/CVE/blob/8c6b66919be1bd66a54c16cc27cbdd9793221d3e/CVE/Clinic's%20Patient%20Management%20System/Unrestricted%20file%20upload%20(RCE)/POC.md" }, { - "url": "https:\/\/vuldb.com\/?id.203178" + "url": "https://vuldb.com/?id.203178", + "refsource": "MISC", + "name": "https://vuldb.com/?id.203178" } ] } diff --git a/2022/2xxx/CVE-2022-2298.json b/2022/2xxx/CVE-2022-2298.json index f7601da48bf..0b1b561bd4f 100644 --- a/2022/2xxx/CVE-2022-2298.json +++ b/2022/2xxx/CVE-2022-2298.json @@ -49,7 +49,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability has been found in SourceCodester Clinics Patient Management System 2.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file \/pms\/index.php of the component Login Page. The manipulation of the argument user_name with the input admin' or '1'='1 leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." + "value": "A vulnerability has been found in SourceCodester Clinics Patient Management System 2.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /pms/index.php of the component Login Page. The manipulation of the argument user_name with the input admin' or '1'='1 leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." } ] }, @@ -57,16 +57,20 @@ "cvss": { "version": "3.1", "baseScore": "7.3", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:N\/UI:N\/S:U\/C:L\/I:L\/A:L" + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L" } }, "references": { "reference_data": [ { - "url": "https:\/\/github.com\/CyberThoth\/CVE\/blob\/63e283e7d7dad3783237f15cdae2bb649bc1e198\/CVE\/Clinic's%20Patient%20Management%20System\/SQLi\/POC.md" + "url": "https://github.com/CyberThoth/CVE/blob/63e283e7d7dad3783237f15cdae2bb649bc1e198/CVE/Clinic's%20Patient%20Management%20System/SQLi/POC.md", + "refsource": "MISC", + "name": "https://github.com/CyberThoth/CVE/blob/63e283e7d7dad3783237f15cdae2bb649bc1e198/CVE/Clinic's%20Patient%20Management%20System/SQLi/POC.md" }, { - "url": "https:\/\/vuldb.com\/?id.203179" + "url": "https://vuldb.com/?id.203179", + "refsource": "MISC", + "name": "https://vuldb.com/?id.203179" } ] } diff --git a/2022/2xxx/CVE-2022-2363.json b/2022/2xxx/CVE-2022-2363.json index ab6840c6884..e404c05e069 100644 --- a/2022/2xxx/CVE-2022-2363.json +++ b/2022/2xxx/CVE-2022-2363.json @@ -49,7 +49,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability, which was classified as problematic, has been found in SourceCodester Simple Parking Management System 1.0. Affected by this issue is some unknown functionality of the file \/ci_spms\/admin\/search\/searching\/. The manipulation of the argument search with the input \"> leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." } ] }, @@ -57,16 +57,20 @@ "cvss": { "version": "3.1", "baseScore": "3.5", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:U\/C:N\/I:L\/A:N" + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N" } }, "references": { "reference_data": [ { - "url": "https:\/\/github.com\/CyberThoth\/CVE\/blob\/eea3090b960da014312f7ad4b09aa58d23966d77\/CVE\/Simple%20Parking%20Management%20System\/Cross%20Site%20Scripting(Refelected)\/POC.md" + "url": "https://github.com/CyberThoth/CVE/blob/eea3090b960da014312f7ad4b09aa58d23966d77/CVE/Simple%20Parking%20Management%20System/Cross%20Site%20Scripting(Refelected)/POC.md", + "refsource": "MISC", + "name": "https://github.com/CyberThoth/CVE/blob/eea3090b960da014312f7ad4b09aa58d23966d77/CVE/Simple%20Parking%20Management%20System/Cross%20Site%20Scripting(Refelected)/POC.md" }, { - "url": "https:\/\/vuldb.com\/?id.203420" + "url": "https://vuldb.com/?id.203420", + "refsource": "MISC", + "name": "https://vuldb.com/?id.203420" } ] } diff --git a/2022/2xxx/CVE-2022-2364.json b/2022/2xxx/CVE-2022-2364.json index c4616db4116..616f9d1b04f 100644 --- a/2022/2xxx/CVE-2022-2364.json +++ b/2022/2xxx/CVE-2022-2364.json @@ -49,7 +49,7 @@ "description_data": [ { "lang": "eng", - "value": "A vulnerability, which was classified as problematic, was found in SourceCodester Simple Parking Management System 1.0. This affects an unknown part of the file \/ci_spms\/admin\/category. The manipulation of the argument vehicle_type with the input \"> leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." } ] }, @@ -57,16 +57,20 @@ "cvss": { "version": "3.1", "baseScore": "3.5", - "vectorString": "CVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:R\/S:U\/C:N\/I:L\/A:N" + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N" } }, "references": { "reference_data": [ { - "url": "https:\/\/github.com\/CyberThoth\/CVE\/blob\/eea3090b960da014312f7ad4b09aa58d23966d77\/CVE\/Simple%20Parking%20Management%20System\/Cross%20Site%20Scripting(Stored)\/POC.md" + "url": "https://github.com/CyberThoth/CVE/blob/eea3090b960da014312f7ad4b09aa58d23966d77/CVE/Simple%20Parking%20Management%20System/Cross%20Site%20Scripting(Stored)/POC.md", + "refsource": "MISC", + "name": "https://github.com/CyberThoth/CVE/blob/eea3090b960da014312f7ad4b09aa58d23966d77/CVE/Simple%20Parking%20Management%20System/Cross%20Site%20Scripting(Stored)/POC.md" }, { - "url": "https:\/\/vuldb.com\/?id.203421" + "url": "https://vuldb.com/?id.203421", + "refsource": "MISC", + "name": "https://vuldb.com/?id.203421" } ] }