diff --git a/2022/0xxx/CVE-2022-0390.json b/2022/0xxx/CVE-2022-0390.json index 45ee4316870..a892a3c6ac8 100644 --- a/2022/0xxx/CVE-2022-0390.json +++ b/2022/0xxx/CVE-2022-0390.json @@ -19,13 +19,13 @@ "version": { "version_data": [ { - "version_value": ">=14.7, <=14.7.1" + "version_value": ">=14.7, <14.7.1" }, { - "version_value": ">=14.6, <=14.6.4" + "version_value": ">=14.6, <14.6.4" }, { - "version_value": ">=12.7, <=14.5.4" + "version_value": ">=12.7, <14.5.4" } ] } diff --git a/2022/0xxx/CVE-2022-0425.json b/2022/0xxx/CVE-2022-0425.json index 684997a7516..a50ff1e8479 100644 --- a/2022/0xxx/CVE-2022-0425.json +++ b/2022/0xxx/CVE-2022-0425.json @@ -22,10 +22,10 @@ "version_value": ">=7.9, <14.5.4" }, { - "version_value": ">=7.10, <14.6.4" + "version_value": ">=14.6, <14.6.4" }, { - "version_value": ">=7.11, <14.7.1" + "version_value": ">=14.7, <14.7.1" } ] } diff --git a/2022/0xxx/CVE-2022-0488.json b/2022/0xxx/CVE-2022-0488.json index 0456708b88e..95c30409bc5 100644 --- a/2022/0xxx/CVE-2022-0488.json +++ b/2022/0xxx/CVE-2022-0488.json @@ -19,13 +19,13 @@ "version": { "version_data": [ { - "version_value": ">=14.7, <=14.7.1" + "version_value": ">=14.7, <14.7.1" }, { - "version_value": ">=14.6, <=14.6.4" + "version_value": ">=14.6, <14.6.4" }, { - "version_value": ">=8.10, <=14.5.4" + "version_value": ">=8.10, <14.5.4" } ] } diff --git a/2022/0xxx/CVE-2022-0489.json b/2022/0xxx/CVE-2022-0489.json index c92f6df4254..8c604432dc6 100644 --- a/2022/0xxx/CVE-2022-0489.json +++ b/2022/0xxx/CVE-2022-0489.json @@ -19,13 +19,13 @@ "version": { "version_data": [ { - "version_value": ">=14.7, <=14.8.1" + "version_value": ">=14.8, <14.8.2" }, { - "version_value": ">=14.6, <=14.7.4" + "version_value": ">=14.7, <14.7.4" }, { - "version_value": ">=8.15, <=14.6.4" + "version_value": ">=8.15, <14.6.5" } ] } diff --git a/2022/1xxx/CVE-2022-1714.json b/2022/1xxx/CVE-2022-1714.json index 3bc9171ed86..d59fb4507c3 100644 --- a/2022/1xxx/CVE-2022-1714.json +++ b/2022/1xxx/CVE-2022-1714.json @@ -1,89 +1,89 @@ { - "CVE_data_meta": { - "ASSIGNER": "security@huntr.dev", - "ID": "CVE-2022-1714", - "STATE": "PUBLIC", - "TITLE": "Heap-based Buffer Overflow in radareorg/radare2" - }, - "affects": { - "vendor": { - "vendor_data": [ - { - "product": { - "product_data": [ - { - "product_name": "radareorg/radare2", - "version": { - "version_data": [ - { - "version_affected": "<", - "version_value": "5.7.0" - } - ] + "CVE_data_meta": { + "ASSIGNER": "security@huntr.dev", + "ID": "CVE-2022-1714", + "STATE": "PUBLIC", + "TITLE": "Heap-based Buffer Overflow in radareorg/radare2" + }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "radareorg/radare2", + "version": { + "version_data": [ + { + "version_affected": "<", + "version_value": "5.7.0" + } + ] + } + } + ] + }, + "vendor_name": "radareorg" } - } ] - }, - "vendor_name": "radareorg" } - ] - } - }, - "data_format": "MITRE", - "data_type": "CVE", - "data_version": "4.0", - "description": { - "description_data": [ - { - "lang": "eng", - "value": "Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash." - } - ] - }, - "impact": { - "cvss": { - "attackComplexity": "LOW", - "attackVector": "LOCAL", - "availabilityImpact": "LOW", - "baseScore": 7.9, - "baseSeverity": "HIGH", - "confidentialityImpact": "LOW", - "integrityImpact": "HIGH", - "privilegesRequired": "LOW", - "scope": "CHANGED", - "userInteraction": "NONE", - "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:L", - "version": "3.0" - } - }, - "problemtype": { - "problemtype_data": [ - { - "description": [ - { - "lang": "eng", - "value": "CWE-122 Heap-based Buffer Overflow" - } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", + "description": { + "description_data": [ + { + "lang": "eng", + "value": "Heap-based Buffer Overflow in GitHub repository radareorg/radare2 prior to 5.7.0. The bug causes the program reads data past the end of the intented buffer. Typically, this can allow attackers to read sensitive information from other memory locations or cause a crash." + } ] - } - ] - }, - "references": { - "reference_data": [ - { - "name": "https://huntr.dev/bounties/1c22055b-b015-47a8-a57b-4982978751d0", - "refsource": "CONFIRM", - "url": "https://huntr.dev/bounties/1c22055b-b015-47a8-a57b-4982978751d0" - }, - { - "name": "https://github.com/radareorg/radare2/commit/3ecdbf8e21186a9c5a4d3cfa3b1e9fd27045340e", - "refsource": "MISC", - "url": "https://github.com/radareorg/radare2/commit/3ecdbf8e21186a9c5a4d3cfa3b1e9fd27045340e" - } - ] - }, - "source": { - "advisory": "1c22055b-b015-47a8-a57b-4982978751d0", - "discovery": "EXTERNAL" - } + }, + "impact": { + "cvss": { + "attackComplexity": "LOW", + "attackVector": "LOCAL", + "availabilityImpact": "LOW", + "baseScore": 7.9, + "baseSeverity": "HIGH", + "confidentialityImpact": "LOW", + "integrityImpact": "HIGH", + "privilegesRequired": "LOW", + "scope": "CHANGED", + "userInteraction": "NONE", + "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:H/A:L", + "version": "3.0" + } + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "CWE-122 Heap-based Buffer Overflow" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "name": "https://huntr.dev/bounties/1c22055b-b015-47a8-a57b-4982978751d0", + "refsource": "CONFIRM", + "url": "https://huntr.dev/bounties/1c22055b-b015-47a8-a57b-4982978751d0" + }, + { + "name": "https://github.com/radareorg/radare2/commit/3ecdbf8e21186a9c5a4d3cfa3b1e9fd27045340e", + "refsource": "MISC", + "url": "https://github.com/radareorg/radare2/commit/3ecdbf8e21186a9c5a4d3cfa3b1e9fd27045340e" + } + ] + }, + "source": { + "advisory": "1c22055b-b015-47a8-a57b-4982978751d0", + "discovery": "EXTERNAL" + } } \ No newline at end of file diff --git a/2022/30xxx/CVE-2022-30398.json b/2022/30xxx/CVE-2022-30398.json index b99bca8d831..b07679fb3a3 100644 --- a/2022/30xxx/CVE-2022-30398.json +++ b/2022/30xxx/CVE-2022-30398.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-30398", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-30398", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=orders/view_order&id=." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/merchandise-online-store/SQLi-10.md", + "url": "https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/merchandise-online-store/SQLi-10.md" } ] } diff --git a/2022/30xxx/CVE-2022-30399.json b/2022/30xxx/CVE-2022-30399.json index b53f45ee173..3c72cafe8a0 100644 --- a/2022/30xxx/CVE-2022-30399.json +++ b/2022/30xxx/CVE-2022-30399.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-30399", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-30399", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=maintenance/manage_category&id=." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/merchandise-online-store/SQLi-11.md", + "url": "https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/merchandise-online-store/SQLi-11.md" } ] } diff --git a/2022/30xxx/CVE-2022-30400.json b/2022/30xxx/CVE-2022-30400.json index 0ebdca8fa01..b02b85f4468 100644 --- a/2022/30xxx/CVE-2022-30400.json +++ b/2022/30xxx/CVE-2022-30400.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-30400", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-30400", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/orders/view_order.php?view=user&id=." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/merchandise-online-store/SQLi-13.md", + "url": "https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/merchandise-online-store/SQLi-13.md" } ] } diff --git a/2022/30xxx/CVE-2022-30401.json b/2022/30xxx/CVE-2022-30401.json index 0704b690616..e078b232923 100644 --- a/2022/30xxx/CVE-2022-30401.json +++ b/2022/30xxx/CVE-2022-30401.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-30401", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-30401", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/?p=view_product&id=." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/merchandise-online-store/SQLi-14.md", + "url": "https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/merchandise-online-store/SQLi-14.md" } ] } diff --git a/2022/30xxx/CVE-2022-30402.json b/2022/30xxx/CVE-2022-30402.json index 5d7ebed76f2..abcd5c9f513 100644 --- a/2022/30xxx/CVE-2022-30402.json +++ b/2022/30xxx/CVE-2022-30402.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-30402", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-30402", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=maintenance/manage_sub_category&id=." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/merchandise-online-store/SQLi-12.md", + "url": "https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/merchandise-online-store/SQLi-12.md" } ] } diff --git a/2022/30xxx/CVE-2022-30403.json b/2022/30xxx/CVE-2022-30403.json index e8a56f73223..428202a6bd8 100644 --- a/2022/30xxx/CVE-2022-30403.json +++ b/2022/30xxx/CVE-2022-30403.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-30403", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-30403", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/?p=products&c=." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/merchandise-online-store/SQLi-15.md", + "url": "https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/merchandise-online-store/SQLi-15.md" } ] } diff --git a/2022/30xxx/CVE-2022-30404.json b/2022/30xxx/CVE-2022-30404.json index 55c989fd484..80382c18b7b 100644 --- a/2022/30xxx/CVE-2022-30404.json +++ b/2022/30xxx/CVE-2022-30404.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-30404", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-30404", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "College Management System v1.0 is vulnerable to SQL Injection via /College_Management_System/admin/display-teacher.php?teacher_id=." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/k0xx11/bug_report/blob/main/vendors/code-projects/College-Management-System/SQLi-1.md.", + "url": "https://github.com/k0xx11/bug_report/blob/main/vendors/code-projects/College-Management-System/SQLi-1.md." } ] } diff --git a/2022/30xxx/CVE-2022-30407.json b/2022/30xxx/CVE-2022-30407.json index d32d1bc7993..1a848d682d6 100644 --- a/2022/30xxx/CVE-2022-30407.json +++ b/2022/30xxx/CVE-2022-30407.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-30407", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-30407", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Pharmacy Sales And Inventory System v1.0 is vulnerable to SQL Injection via /pharmacy-sales-and-inventory-system/manage_user.php?id=." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/pharmacy-sales-and-inventory-system/SQLi-1.md", + "url": "https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/pharmacy-sales-and-inventory-system/SQLi-1.md" } ] } diff --git a/2022/30xxx/CVE-2022-30408.json b/2022/30xxx/CVE-2022-30408.json index 60afe9d40c9..ce51e289fdf 100644 --- a/2022/30xxx/CVE-2022-30408.json +++ b/2022/30xxx/CVE-2022-30408.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-30408", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-30408", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Covid-19 Travel Pass Management System v1.0 is vulnerable to file deletion via /ctpms/classes/Master.php?f=delete_img." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/covid-19-travel-pass-management-system/delete-file-1.md", + "url": "https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/covid-19-travel-pass-management-system/delete-file-1.md" } ] } diff --git a/2022/30xxx/CVE-2022-30415.json b/2022/30xxx/CVE-2022-30415.json index 4dca76ef48f..16c5a3d89c5 100644 --- a/2022/30xxx/CVE-2022-30415.json +++ b/2022/30xxx/CVE-2022-30415.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-30415", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-30415", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/applications/update_status.php?id=." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/covid-19-travel-pass-management-system/SQLi-5.md", + "url": "https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/covid-19-travel-pass-management-system/SQLi-5.md" } ] } diff --git a/2022/30xxx/CVE-2022-30417.json b/2022/30xxx/CVE-2022-30417.json index 02014921fdc..4c7a747fcd3 100644 --- a/2022/30xxx/CVE-2022-30417.json +++ b/2022/30xxx/CVE-2022-30417.json @@ -1,17 +1,61 @@ { - "data_type": "CVE", - "data_format": "MITRE", - "data_version": "4.0", "CVE_data_meta": { - "ID": "CVE-2022-30417", "ASSIGNER": "cve@mitre.org", - "STATE": "RESERVED" + "ID": "CVE-2022-30417", + "STATE": "PUBLIC" }, + "affects": { + "vendor": { + "vendor_data": [ + { + "product": { + "product_data": [ + { + "product_name": "n/a", + "version": { + "version_data": [ + { + "version_value": "n/a" + } + ] + } + } + ] + }, + "vendor_name": "n/a" + } + ] + } + }, + "data_format": "MITRE", + "data_type": "CVE", + "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", - "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided." + "value": "Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via ctpms/admin/?page=user/manage_user&id=." + } + ] + }, + "problemtype": { + "problemtype_data": [ + { + "description": [ + { + "lang": "eng", + "value": "n/a" + } + ] + } + ] + }, + "references": { + "reference_data": [ + { + "refsource": "MISC", + "name": "https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/covid-19-travel-pass-management-system/SQLi-6.md", + "url": "https://github.com/k0xx11/bug_report/blob/main/vendors/oretnom23/covid-19-travel-pass-management-system/SQLi-6.md" } ] }