{ "data_version": "4.0", "data_type": "CVE", "data_format": "MITRE", "CVE_data_meta": { "ID": "CVE-2024-0483", "ASSIGNER": "cna@vuldb.com", "STATE": "PUBLIC" }, "description": { "description_data": [ { "lang": "eng", "value": "A vulnerability classified as critical was found in Taokeyun up to 1.0.5. This vulnerability affects the function index of the file application/index/controller/app/Task.php of the component HTTP POST Request Handler. The manipulation of the argument cid leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-250588." }, { "lang": "deu", "value": "In Taokeyun bis 1.0.5 wurde eine Schwachstelle entdeckt. Sie wurde als kritisch eingestuft. Dabei geht es um die Funktion index der Datei application/index/controller/app/Task.php der Komponente HTTP POST Request Handler. Durch Manipulieren des Arguments cid mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "CWE-89 SQL Injection", "cweId": "CWE-89" } ] } ] }, "affects": { "vendor": { "vendor_data": [ { "vendor_name": "n/a", "product": { "product_data": [ { "product_name": "Taokeyun", "version": { "version_data": [ { "version_affected": "=", "version_value": "1.0.0" }, { "version_affected": "=", "version_value": "1.0.1" }, { "version_affected": "=", "version_value": "1.0.2" }, { "version_affected": "=", "version_value": "1.0.3" }, { "version_affected": "=", "version_value": "1.0.4" }, { "version_affected": "=", "version_value": "1.0.5" } ] } } ] } } ] } }, "references": { "reference_data": [ { "url": "https://vuldb.com/?id.250588", "refsource": "MISC", "name": "https://vuldb.com/?id.250588" }, { "url": "https://vuldb.com/?ctiid.250588", "refsource": "MISC", "name": "https://vuldb.com/?ctiid.250588" }, { "url": "https://note.zhaoj.in/share/dm5VSyxmQIdl", "refsource": "MISC", "name": "https://note.zhaoj.in/share/dm5VSyxmQIdl" } ] }, "credits": [ { "lang": "en", "value": "glzjin (VulDB User)" } ], "impact": { "cvss": [ { "version": "3.1", "baseScore": 6.3, "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "baseSeverity": "MEDIUM" }, { "version": "3.0", "baseScore": 6.3, "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "baseSeverity": "MEDIUM" }, { "version": "2.0", "baseScore": 6.5, "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" } ] } }