"-Synchronized-Data."

2025-05-08 03:27:03 +00:00 · 2024-07-21 02:00:35 +00:00 · 2024-07-21 02:00:35 +00:00 · ea6fa14c68
commit ea6fa14c68
parent 28948c590b
2 changed files with 192 additions and 8 deletions
--- a/2024/6xxx/CVE-2024-6934.json
+++ b/2024/6xxx/CVE-2024-6934.json
@ -1,17 +1,109 @@
 {
+    "data_version": "4.0",
    "data_type": "CVE",
    "data_format": "MITRE",
-    "data_version": "4.0",
    "CVE_data_meta": {
        "ID": "CVE-2024-6934",
-        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ASSIGNER": "cna@vuldb.com",
+        "STATE": "PUBLIC"
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "A vulnerability classified as problematic has been found in formtools.org Form Tools 3.1.1. This affects an unknown part of the file /admin/forms/add/step2.php?submission_type=direct. The manipulation of the argument Form URL leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-271989 was assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
+            },
+            {
+                "lang": "deu",
+                "value": "Es wurde eine Schwachstelle in formtools.org Form Tools 3.1.1 entdeckt. Sie wurde als problematisch eingestuft. Betroffen hiervon ist ein unbekannter Ablauf der Datei /admin/forms/add/step2.php?submission_type=direct. Durch die Manipulation des Arguments Form URL mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "CWE-79 Cross Site Scripting",
+                        "cweId": "CWE-79"
+                    }
+                ]
+            }
+        ]
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "formtools.org",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "Form Tools",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_affected": "=",
+                                            "version_value": "3.1.1"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://vuldb.com/?id.271989",
+                "refsource": "MISC",
+                "name": "https://vuldb.com/?id.271989"
+            },
+            {
+                "url": "https://vuldb.com/?ctiid.271989",
+                "refsource": "MISC",
+                "name": "https://vuldb.com/?ctiid.271989"
+            },
+            {
+                "url": "https://vuldb.com/?submit.372309",
+                "refsource": "MISC",
+                "name": "https://vuldb.com/?submit.372309"
+            },
+            {
+                "url": "https://github.com/DeepMountains/Mirage/blob/main/CVE-2.md",
+                "refsource": "MISC",
+                "name": "https://github.com/DeepMountains/Mirage/blob/main/CVE-2.md"
+            }
+        ]
+    },
+    "credits": [
+        {
+            "lang": "en",
+            "value": "Dee.Mirage (VulDB User)"
+        }
+    ],
+    "impact": {
+        "cvss": [
+            {
+                "version": "3.1",
+                "baseScore": 2.4,
+                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
+                "baseSeverity": "LOW"
+            },
+            {
+                "version": "3.0",
+                "baseScore": 2.4,
+                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
+                "baseSeverity": "LOW"
+            },
+            {
+                "version": "2.0",
+                "baseScore": 3.3,
+                "vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N"
            }
        ]
    }
--- a/2024/6xxx/CVE-2024-6935.json
+++ b/2024/6xxx/CVE-2024-6935.json
@ -1,17 +1,109 @@
 {
+    "data_version": "4.0",
    "data_type": "CVE",
    "data_format": "MITRE",
-    "data_version": "4.0",
    "CVE_data_meta": {
        "ID": "CVE-2024-6935",
-        "ASSIGNER": "cve@mitre.org",
-        "STATE": "RESERVED"
+        "ASSIGNER": "cna@vuldb.com",
+        "STATE": "PUBLIC"
    },
    "description": {
        "description_data": [
            {
                "lang": "eng",
-                "value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
+                "value": "A vulnerability classified as problematic was found in formtools.org Form Tools 3.1.1. This vulnerability affects unknown code of the file /admin/clients/ of the component User Settings Page. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-271990 is the identifier assigned to this vulnerability. NOTE: The vendor was contacted early about this disclosure but did not respond in any way."
+            },
+            {
+                "lang": "deu",
+                "value": "In formtools.org Form Tools 3.1.1 wurde eine Schwachstelle entdeckt. Sie wurde als problematisch eingestuft. Es geht um eine nicht n\u00e4her bekannte Funktion der Datei /admin/clients/ der Komponente User Settings Page. Durch Manipulation mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Der Angriff kann \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
+            }
+        ]
+    },
+    "problemtype": {
+        "problemtype_data": [
+            {
+                "description": [
+                    {
+                        "lang": "eng",
+                        "value": "CWE-79 Cross Site Scripting",
+                        "cweId": "CWE-79"
+                    }
+                ]
+            }
+        ]
+    },
+    "affects": {
+        "vendor": {
+            "vendor_data": [
+                {
+                    "vendor_name": "formtools.org",
+                    "product": {
+                        "product_data": [
+                            {
+                                "product_name": "Form Tools",
+                                "version": {
+                                    "version_data": [
+                                        {
+                                            "version_affected": "=",
+                                            "version_value": "3.1.1"
+                                        }
+                                    ]
+                                }
+                            }
+                        ]
+                    }
+                }
+            ]
+        }
+    },
+    "references": {
+        "reference_data": [
+            {
+                "url": "https://vuldb.com/?id.271990",
+                "refsource": "MISC",
+                "name": "https://vuldb.com/?id.271990"
+            },
+            {
+                "url": "https://vuldb.com/?ctiid.271990",
+                "refsource": "MISC",
+                "name": "https://vuldb.com/?ctiid.271990"
+            },
+            {
+                "url": "https://vuldb.com/?submit.372317",
+                "refsource": "MISC",
+                "name": "https://vuldb.com/?submit.372317"
+            },
+            {
+                "url": "https://github.com/DeepMountains/Mirage/blob/main/CVE2-1.md",
+                "refsource": "MISC",
+                "name": "https://github.com/DeepMountains/Mirage/blob/main/CVE2-1.md"
+            }
+        ]
+    },
+    "credits": [
+        {
+            "lang": "en",
+            "value": "Dee.Mirage (VulDB User)"
+        }
+    ],
+    "impact": {
+        "cvss": [
+            {
+                "version": "3.1",
+                "baseScore": 2.4,
+                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
+                "baseSeverity": "LOW"
+            },
+            {
+                "version": "3.0",
+                "baseScore": 2.4,
+                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
+                "baseSeverity": "LOW"
+            },
+            {
+                "version": "2.0",
+                "baseScore": 3.3,
+                "vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N"
            }
        ]
    }