mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-07-29 05:56:59 +00:00
82 lines
2.7 KiB
JSON
82 lines
2.7 KiB
JSON
{
|
|
"CVE_data_meta": {
|
|
"ASSIGNER": "cve@mitre.org",
|
|
"ID": "CVE-2014-3842",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "n/a",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
},
|
|
"vendor_name": "n/a"
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"data_format": "MITRE",
|
|
"data_type": "CVE",
|
|
"data_version": "4.0",
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "Multiple cross-site scripting (XSS) vulnerabilities in the iMember360 plugin 3.8.012 through 3.9.001 for WordPress allow remote attackers to inject arbitrary web script or HTML via the (1) decrypt or (2) encrypt parameter."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "n/a"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"name": "58094",
|
|
"refsource": "SECUNIA",
|
|
"url": "http://secunia.com/advisories/58094"
|
|
},
|
|
{
|
|
"name": "http://packetstormsecurity.com/files/126324/WordPress-iMember360is-3.9.001-XSS-Disclosure-Code-Execution.html",
|
|
"refsource": "MISC",
|
|
"url": "http://packetstormsecurity.com/files/126324/WordPress-iMember360is-3.9.001-XSS-Disclosure-Code-Execution.html"
|
|
},
|
|
{
|
|
"name": "33076",
|
|
"refsource": "EXPLOIT-DB",
|
|
"url": "http://www.exploit-db.com/exploits/33076"
|
|
},
|
|
{
|
|
"name": "106299",
|
|
"refsource": "OSVDB",
|
|
"url": "http://osvdb.org/show/osvdb/106299"
|
|
},
|
|
{
|
|
"name": "20140424 Multiple Vulnerabilities in iMember360 (Wordpress plugin)",
|
|
"refsource": "FULLDISC",
|
|
"url": "http://seclists.org/fulldisclosure/2014/Apr/265"
|
|
}
|
|
]
|
|
}
|
|
} |