admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2022-07-05 16:00:44 +00:00
parent 9c7642d677
commit e181caa208
No known key found for this signature in database
GPG Key ID: E3252B3D49582C98
4 changed files with 11 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
2022/30xxx/CVE-2022-30150.json
View File

@ -237,6 +237,11 @@
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30150",
"refsource": "MISC",
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2022-30150"
},
{
"refsource": "MISC",
"name": "http://packetstormsecurity.com/files/167697/Windows-Defender-Remote-Credential-Guard-Authentication-Relay-Privilege-Escalation.html",
"url": "http://packetstormsecurity.com/files/167697/Windows-Defender-Remote-Credential-Guard-Authentication-Relay-Privilege-Escalation.html"
}
]
},

4
2022/34xxx/CVE-2022-34876.json
View File

@ -44,7 +44,7 @@
"description_data": [
{
"lang": "eng",
"value": "SQL Injection vulnerability in admin interface (/vicidial/admin.php) of VICIdial via modify_email_accounts, access_recordings, and\nagentcall_email parameters allows attacker to spoof identity, tamper with existing data, allow the complete disclosure of all data on the system, destroy the data or make it otherwise unavailable, and become administrators of the database server.\nThis issue affects:\nVICIdial 2.14b0.5 versions prior to 3555."
"value": "SQL Injection vulnerability in admin interface (/vicidial/admin.php) of VICIdial via modify_email_accounts, access_recordings, and agentcall_email parameters allows attacker to spoof identity, tamper with existing data, allow the complete disclosure of all data on the system, destroy the data or make it otherwise unavailable, and become administrators of the database server. This issue affects: VICIdial 2.14b0.5 versions prior to 3555."
}
]
},
@ -108,4 +108,4 @@
"source": {
"discovery": "EXTERNAL"
}
}
}

4
2022/34xxx/CVE-2022-34877.json
View File

@ -44,7 +44,7 @@
"description_data": [
{
"lang": "eng",
"value": "SQL Injection vulnerability in AST Agent Time Sheet interface ((/vicidial/AST_agent_time_sheet.php) of VICIdial via the agent parameter allows attacker to spoof identity, tamper with existing data, allow the complete disclosure of all data on the system, destroy the data or make it otherwise unavailable, and become administrators of the database server.\nThis issue affects:\nVICIdial 2.14b0.5 versions prior to 3555."
"value": "SQL Injection vulnerability in AST Agent Time Sheet interface ((/vicidial/AST_agent_time_sheet.php) of VICIdial via the agent parameter allows attacker to spoof identity, tamper with existing data, allow the complete disclosure of all data on the system, destroy the data or make it otherwise unavailable, and become administrators of the database server. This issue affects: VICIdial 2.14b0.5 versions prior to 3555."
}
]
},
@ -108,4 +108,4 @@
"source": {
"discovery": "EXTERNAL"
}
}
}

4
2022/34xxx/CVE-2022-34879.json
View File

@ -44,7 +44,7 @@
"description_data": [
{
"lang": "eng",
"value": "Reflected Cross Site Scripting (XSS) vulnerabilities in AST Agent Time Sheet interface (/vicidial/AST_agent_time_sheet.php) of VICIdial via agent, and search_archived_data parameters.\nThis issue affects:\nVICIdial 2.14b0.5 versions prior to 3555."
"value": "Reflected Cross Site Scripting (XSS) vulnerabilities in AST Agent Time Sheet interface (/vicidial/AST_agent_time_sheet.php) of VICIdial via agent, and search_archived_data parameters. This issue affects: VICIdial 2.14b0.5 versions prior to 3555."
}
]
},
@ -97,4 +97,4 @@
"source": {
"discovery": "EXTERNAL"
}
}
}