Auto-Update: 2023-12-28T11:00:25.665497+00:00

CVE-2023/CVE-2023-46xx/CVE-2023-4671.json

@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-4671",
+  "sourceIdentifier": "iletisim@usom.gov.tr",
+  "published": "2023-12-28T10:15:08.043",
+  "lastModified": "2023-12-28T10:15:08.043",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Talent Software ECOP allows Command Line Execution through SQL Injection.This issue affects ECOP: before 32255.\n\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "iletisim@usom.gov.tr",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "HIGH",
+          "availabilityImpact": "NONE",
+          "baseScore": 7.5,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 3.6
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "iletisim@usom.gov.tr",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.usom.gov.tr/bildirim/tr-23-0737",
+      "source": "iletisim@usom.gov.tr"
+    }
+  ]
+}

CVE-2023/CVE-2023-46xx/CVE-2023-4672.json

@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-4672",
+  "sourceIdentifier": "iletisim@usom.gov.tr",
+  "published": "2023-12-28T10:15:08.423",
+  "lastModified": "2023-12-28T10:15:08.423",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Talent Software ECOP allows Reflected XSS.This issue affects ECOP: before 32255.\n\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "iletisim@usom.gov.tr",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 6.1,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 2.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "iletisim@usom.gov.tr",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://www.usom.gov.tr/bildirim/tr-23-0737",
+      "source": "iletisim@usom.gov.tr"
+    }
+  ]
+}

CVE-2023/CVE-2023-508xx/CVE-2023-50874.json

@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-50874",
+  "sourceIdentifier": "audit@patchstack.com",
+  "published": "2023-12-28T10:15:08.730",
+  "lastModified": "2023-12-28T10:15:08.730",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Darren Cooney WordPress Infinite Scroll \u2013 Ajax Load More allows Stored XSS.This issue affects WordPress Infinite Scroll \u2013 Ajax Load More: from n/a through 6.1.0.1.\n\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "audit@patchstack.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 6.5,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.3,
+        "impactScore": 3.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "audit@patchstack.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://patchstack.com/database/vulnerability/ajax-load-more/wordpress-ajax-load-more-plugin-6-1-0-1-cross-site-scripting-xss-vulnerability?_s_id=cve",
+      "source": "audit@patchstack.com"
+    }
+  ]
+}

CVE-2023/CVE-2023-515xx/CVE-2023-51501.json

@@ -0,0 +1,55 @@
+{
+  "id": "CVE-2023-51501",
+  "sourceIdentifier": "audit@patchstack.com",
+  "published": "2023-12-28T10:15:09.033",
+  "lastModified": "2023-12-28T10:15:09.033",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Undsgn Uncode - Creative & WooCommerce WordPress Theme allows Reflected XSS.This issue affects Uncode - Creative & WooCommerce WordPress Theme: from n/a through 2.8.6.\n\n"
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "audit@patchstack.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "CHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 7.1,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.7
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "audit@patchstack.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://patchstack.com/database/vulnerability/uncode-core/wordpress-uncode-core-plugin-2-8-6-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
+      "source": "audit@patchstack.com"
+    }
+  ]
+}

CVE-2023/CVE-2023-61xx/CVE-2023-6190.json

@@ -2,12 +2,16 @@
   "id": "CVE-2023-6190",
   "sourceIdentifier": "iletisim@usom.gov.tr",
   "published": "2023-12-27T15:15:45.900",
-  "lastModified": "2023-12-27T18:24:09.770",
+  "lastModified": "2023-12-28T09:15:07.360",
   "vulnStatus": "Awaiting Analysis",
   "descriptions": [
     {
       "lang": "en",
-      "value": "Improper Input Validation vulnerability in ?zmir Katip \u00c7elebi University University Information Management System allows Absolute Path Traversal.This issue affects University Information Management System: before 30.11.2023.\n\n"
+      "value": "Improper Input Validation vulnerability in \u0130zmir Katip \u00c7elebi University University Information Management System allows Absolute Path Traversal.This issue affects University Information Management System: before 30.11.2023.\n\n"
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de validaci\u00f3n de entrada incorrecta en ?zmir Katip \u00c7elebi University University Information Management System permite un path traversal. Este problema afecta a University Information Management System: antes del 30.11.2023."
     }
   ],
   "metrics": {
@@ -48,7 +52,7 @@
   ],
   "references": [
     {
-      "url": "https://www.usom.gov.tr/bildirim/tr-23-0735-2",
+      "url": "https://www.usom.gov.tr/bildirim/tr-23-0736",
       "source": "iletisim@usom.gov.tr"
     }
   ]

README.md

@@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2023-12-28T09:00:24.650347+00:00
+2023-12-28T11:00:25.665497+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2023-12-28T08:15:35.710000+00:00
+2023-12-28T10:15:09.033000+00:00
 ```
 
 ### Last Data Feed Release
@@ -29,22 +29,24 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-234318
+234322
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `3`
+Recently added CVEs: `4`
 
-* [CVE-2023-45701](CVE-2023/CVE-2023-457xx/CVE-2023-45701.json) (`2023-12-28T07:15:07.697`)
-* [CVE-2023-50038](CVE-2023/CVE-2023-500xx/CVE-2023-50038.json) (`2023-12-28T07:15:08.790`)
-* [CVE-2023-45702](CVE-2023/CVE-2023-457xx/CVE-2023-45702.json) (`2023-12-28T08:15:35.710`)
+* [CVE-2023-4671](CVE-2023/CVE-2023-46xx/CVE-2023-4671.json) (`2023-12-28T10:15:08.043`)
+* [CVE-2023-4672](CVE-2023/CVE-2023-46xx/CVE-2023-4672.json) (`2023-12-28T10:15:08.423`)
+* [CVE-2023-50874](CVE-2023/CVE-2023-508xx/CVE-2023-50874.json) (`2023-12-28T10:15:08.730`)
+* [CVE-2023-51501](CVE-2023/CVE-2023-515xx/CVE-2023-51501.json) (`2023-12-28T10:15:09.033`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `0`
+Recently modified CVEs: `1`
 
+* [CVE-2023-6190](CVE-2023/CVE-2023-61xx/CVE-2023-6190.json) (`2023-12-28T09:15:07.360`)
 
 
 ## Download and Usage