admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-06-19 17:32:41 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2020-11-04 17:01:41 +00:00
parent 0d55a97fdc
commit ed80b72054
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
6 changed files with 310 additions and 30 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

72
2020/22xxx/CVE-2020-22275.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-22275",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-22275",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Easy Registration Forms (ER Forms) Wordpress Plugin 2.0.6 allows an attacker to submit an entry with malicious CSV commands. After that, when the system administrator generates CSV output from the forms information, there is no check on this inputs and the codes are executable."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://filebin.net/30ceikgukh268yyj",
"refsource": "MISC",
"name": "https://filebin.net/30ceikgukh268yyj"
},
{
"url": "http://uploadboy.com/ty0715vdcii6/886/mp4",
"refsource": "MISC",
"name": "http://uploadboy.com/ty0715vdcii6/886/mp4"
},
{
"refsource": "MISC",
"name": "https://cert.ikiu.ac.ir/public-files/news/document/CVE-99/CVE-2020-22275.pdf",
"url": "https://cert.ikiu.ac.ir/public-files/news/document/CVE-99/CVE-2020-22275.pdf"
}
]
}

72
2020/22xxx/CVE-2020-22276.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-22276",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-22276",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "WeForms Wordpress Plugin 1.4.7 allows CSV injection via a form's entry."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://filebin.net/khncr59vyfztn6wj",
"refsource": "MISC",
"name": "https://filebin.net/khncr59vyfztn6wj"
},
{
"url": "http://uploadboy.com/tvvs4p2gf03m/887/mp4",
"refsource": "MISC",
"name": "http://uploadboy.com/tvvs4p2gf03m/887/mp4"
},
{
"refsource": "MISC",
"name": "https://cert.ikiu.ac.ir/public-files/news/document/CVE-99/CVE-2020-22276.pdf",
"url": "https://cert.ikiu.ac.ir/public-files/news/document/CVE-99/CVE-2020-22276.pdf"
}
]
}

72
2020/22xxx/CVE-2020-22277.json
View File

@ -1,17 +1,71 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-22277",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-22277",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Import and export users and customers WordPress Plugin through 1.15.5.11 allows CSV injection via a customer's profile."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://mega.nz/file/bSQnlS4R#UY_ozLkvXgXFKzqtTRKeB9RXGi6aEQF3X6eKXdSiBt0",
"refsource": "MISC",
"name": "https://mega.nz/file/bSQnlS4R#UY_ozLkvXgXFKzqtTRKeB9RXGi6aEQF3X6eKXdSiBt0"
},
{
"refsource": "MISC",
"name": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#:~:text=Install%20Import%20and%20export%20users%20and%20customers%20automatically,is%20uploaded%20and%20extracted%2C%20click%20Activate%20Plugin%20.",
"url": "https://wordpress.org/plugins/import-users-from-csv-with-meta/#:~:text=Install%20Import%20and%20export%20users%20and%20customers%20automatically,is%20uploaded%20and%20extracted%2C%20click%20Activate%20Plugin%20."
},
{
"refsource": "MISC",
"name": "https://cert.ikiu.ac.ir/public-files/news/document/CVE-99/CVE-2020-22277.pdf",
"url": "https://cert.ikiu.ac.ir/public-files/news/document/CVE-99/CVE-2020-22277.pdf"
}
]
}

67
2020/22xxx/CVE-2020-22278.json
View File

@ -1,17 +1,66 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-22278",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-22278",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "phpMyAdmin through 5.0.2 allows CSV injection via Export Section"
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://mega.nz/file/ySQnlQSR#vXzY46mgf0CE2ysYpWpbE4O6T_g37--rtaL8pqdHcQs",
"refsource": "MISC",
"name": "https://mega.nz/file/ySQnlQSR#vXzY46mgf0CE2ysYpWpbE4O6T_g37--rtaL8pqdHcQs"
},
{
"refsource": "MISC",
"name": "https://cert.ikiu.ac.ir/public-files/news/document/CVE-99/CVE-2020-22278.pdf",
"url": "https://cert.ikiu.ac.ir/public-files/news/document/CVE-99/CVE-2020-22278.pdf"
}
]
}

77
2020/26xxx/CVE-2020-26167.json
View File

@ -1,17 +1,76 @@
{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ID": "CVE-2020-26167",
"ASSIGNER": "cve@mitre.org",
"STATE": "RESERVED"
"ID": "CVE-2020-26167",
"STATE": "PUBLIC"
},
"description": {
"description_data": [
"affects": {
"vendor": {
"vendor_data": [
{
"lang": "eng",
"value": "** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new security problem. When the candidate has been publicized, the details for this candidate will be provided."
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In FUEL CMS 11.4.12 and before, the page preview feature allows an anonymous user to take complete ownership of any account including an administrator one."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"url": "https://excellium-services.com/cert-xlm-advisory/cve-2020-26167/",
"refsource": "MISC",
"name": "https://excellium-services.com/cert-xlm-advisory/cve-2020-26167/"
},
{
"url": "https://www.getfuelcms.com/",
"refsource": "MISC",
"name": "https://www.getfuelcms.com/"
},
{
"url": "https://github.com/daylightstudio/FUEL-CMS/",
"refsource": "MISC",
"name": "https://github.com/daylightstudio/FUEL-CMS/"
},
{
"url": "https://thedaylightstudio.com/",
"refsource": "MISC",
"name": "https://thedaylightstudio.com/"
}
]
}

10
2020/28xxx/CVE-2020-28042.json
View File

@ -61,6 +61,16 @@
"url": "https://github.com/ServiceStack/ServiceStack/commit/540d4060e877a03ae95343c1a8560a26768585ee",
"refsource": "MISC",
"name": "https://github.com/ServiceStack/ServiceStack/commit/540d4060e877a03ae95343c1a8560a26768585ee"
},
{
"refsource": "MISC",
"name": "https://www.shielder.it/blog/2020/11/re-discovering-a-jwt-authentication-bypass-in-servicestack/",
"url": "https://www.shielder.it/blog/2020/11/re-discovering-a-jwt-authentication-bypass-in-servicestack/"
},
{
"refsource": "MISC",
"name": "https://www.shielder.it/advisories/servicestack-jwt-signature-verification-bypass/",
"url": "https://www.shielder.it/advisories/servicestack-jwt-signature-verification-bypass/"
}
]
},