- Synchronized data.

2025-06-08 22:18:26 +00:00 · 2018-01-23 14:02:39 -05:00 · 2018-01-23 14:02:39 -05:00 · ea16148d8e
commit ea16148d8e
parent 1e5ed7940f
2 changed files with 48 additions and 3 deletions
--- a/2017/16xxx/CVE-2017-16789.json
+++ b/2017/16xxx/CVE-2017-16789.json
@ -34,7 +34,7 @@
      "description_data" : [
         {
            "lang" : "eng",
-            "value" : "Cross-site scripting (XSS) vulnerability in Integration Matters nJAMS 3, as used in TIBCO BusinessWorks Process Monitor through 3.0.1.3 and other products, allows remote authenticated administrators to inject arbitrary web script or HTML via the users management panel of the web interface."
+            "value" : "Cross-site scripting (XSS) vulnerability in Integration Matters nJAMS 3 before 3.2.0 Hotfix 7, as used in TIBCO BusinessWorks Process Monitor through 3.0.1.3 and other products, allows remote authenticated administrators to inject arbitrary web script or HTML via the users management panel of the web interface."
         }
      ]
   },
@ -54,6 +54,9 @@
      "reference_data" : [
         {
            "url" : "https://pastebin.com/AxvP1v2Z"
+         },
+         {
+            "url" : "https://www.integrationmatters.com/cms/upload/Resources/nJAMS_SecurityUpdate_CVE-2017-16789.pdf"
         }
      ]
   }
--- a/2018/5xxx/CVE-2018-5749.json
+++ b/2018/5xxx/CVE-2018-5749.json
@ -2,7 +2,30 @@
   "CVE_data_meta" : {
      "ASSIGNER" : "cve@mitre.org",
      "ID" : "CVE-2018-5749",
-      "STATE" : "RESERVED"
+      "STATE" : "PUBLIC"
+   },
+   "affects" : {
+      "vendor" : {
+         "vendor_data" : [
+            {
+               "product" : {
+                  "product_data" : [
+                     {
+                        "product_name" : "n/a",
+                        "version" : {
+                           "version_data" : [
+                              {
+                                 "version_value" : "n/a"
+                              }
+                           ]
+                        }
+                     }
+                  ]
+               },
+               "vendor_name" : "n/a"
+            }
+         ]
+      }
   },
   "data_format" : "MITRE",
   "data_type" : "CVE",
@ -11,7 +34,26 @@
      "description_data" : [
         {
            "lang" : "eng",
-            "value" : "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+            "value" : "install.php in Minecraft Servers List Lite before commit c1cd164 and Premium Minecraft Servers List before 2.0.4 does not sanitize input before saving database connection information in connect.php, which might allow remote attackers to execute arbitrary PHP code via the (1) database_server, (2) database_user, (3) database_password, or (4) database_name parameter."
+         }
+      ]
+   },
+   "problemtype" : {
+      "problemtype_data" : [
+         {
+            "description" : [
+               {
+                  "lang" : "eng",
+                  "value" : "n/a"
+               }
+            ]
+         }
+      ]
+   },
+   "references" : {
+      "reference_data" : [
+         {
+            "url" : "https://www.rastating.com/minecraft-servers-list-unauthenticated-shell-upload/"
         }
      ]
   }