mirror of
https://github.com/CVEProject/cvelist.git
synced 2025-05-29 01:31:47 +00:00
105 lines
4.0 KiB
JSON
105 lines
4.0 KiB
JSON
{
|
|
"data_version": "4.0",
|
|
"data_type": "CVE",
|
|
"data_format": "MITRE",
|
|
"CVE_data_meta": {
|
|
"ID": "CVE-2024-2150",
|
|
"ASSIGNER": "cna@vuldb.com",
|
|
"STATE": "PUBLIC"
|
|
},
|
|
"description": {
|
|
"description_data": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "A vulnerability, which was classified as critical, has been found in SourceCodester Insurance Management System 1.0. This issue affects some unknown processing. The manipulation of the argument page leads to file inclusion. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-255503."
|
|
},
|
|
{
|
|
"lang": "deu",
|
|
"value": "Eine Schwachstelle wurde in SourceCodester Insurance Management System 1.0 entdeckt. Sie wurde als kritisch eingestuft. Betroffen davon ist ein unbekannter Prozess. Mittels Manipulieren des Arguments page mit unbekannten Daten kann eine file inclusion-Schwachstelle ausgenutzt werden. Die Umsetzung des Angriffs kann dabei \u00fcber das Netzwerk erfolgen. Der Exploit steht zur \u00f6ffentlichen Verf\u00fcgung."
|
|
}
|
|
]
|
|
},
|
|
"problemtype": {
|
|
"problemtype_data": [
|
|
{
|
|
"description": [
|
|
{
|
|
"lang": "eng",
|
|
"value": "CWE-73 File Inclusion",
|
|
"cweId": "CWE-73"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
},
|
|
"affects": {
|
|
"vendor": {
|
|
"vendor_data": [
|
|
{
|
|
"vendor_name": "SourceCodester",
|
|
"product": {
|
|
"product_data": [
|
|
{
|
|
"product_name": "Insurance Management System",
|
|
"version": {
|
|
"version_data": [
|
|
{
|
|
"version_affected": "=",
|
|
"version_value": "1.0"
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
}
|
|
]
|
|
}
|
|
},
|
|
"references": {
|
|
"reference_data": [
|
|
{
|
|
"url": "https://vuldb.com/?id.255503",
|
|
"refsource": "MISC",
|
|
"name": "https://vuldb.com/?id.255503"
|
|
},
|
|
{
|
|
"url": "https://vuldb.com/?ctiid.255503",
|
|
"refsource": "MISC",
|
|
"name": "https://vuldb.com/?ctiid.255503"
|
|
},
|
|
{
|
|
"url": "https://github.com/wkeyi0x1/vul-report/blob/main/Insurance%20Management%20System%20PHP%20and%20MySQL/Insurance%20Management%20System%20PHP%20and%20MySQL%20v1.0%20-%20File%20Inclusion.md",
|
|
"refsource": "MISC",
|
|
"name": "https://github.com/wkeyi0x1/vul-report/blob/main/Insurance%20Management%20System%20PHP%20and%20MySQL/Insurance%20Management%20System%20PHP%20and%20MySQL%20v1.0%20-%20File%20Inclusion.md"
|
|
}
|
|
]
|
|
},
|
|
"credits": [
|
|
{
|
|
"lang": "en",
|
|
"value": "wkeyi0x1 (VulDB User)"
|
|
}
|
|
],
|
|
"impact": {
|
|
"cvss": [
|
|
{
|
|
"version": "3.1",
|
|
"baseScore": 5.3,
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
|
|
"baseSeverity": "MEDIUM"
|
|
},
|
|
{
|
|
"version": "3.0",
|
|
"baseScore": 5.3,
|
|
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
|
|
"baseSeverity": "MEDIUM"
|
|
},
|
|
{
|
|
"version": "2.0",
|
|
"baseScore": 5,
|
|
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N"
|
|
}
|
|
]
|
|
}
|
|
} |