Auto-Update: 2024-07-01T02:00:53.948786+00:00

2025-05-08 19:47:09 +00:00 · 2024-07-01 02:03:45 +00:00 · 2024-07-01 02:03:45 +00:00 · 0a9d0af380
commit 0a9d0af380
parent 32f2b0e837
3 changed files with 150 additions and 16 deletions
--- a/CVE-2024/CVE-2024-64xx/CVE-2024-6419.json
+++ b/CVE-2024/CVE-2024-64xx/CVE-2024-6419.json
@ -0,0 +1,137 @@
+{
+  "id": "CVE-2024-6419",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2024-07-01T00:15:01.950",
+  "lastModified": "2024-07-01T00:15:01.950",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability classified as critical was found in SourceCodester Medicine Tracker System 1.0. This vulnerability affects unknown code of the file /classes/Master.php?f=save_medicine. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-270010 is the identifier assigned to this vulnerability."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "vulnerableSystemConfidentiality": "LOW",
+          "vulnerableSystemIntegrity": "LOW",
+          "vulnerableSystemAvailability": "LOW",
+          "subsequentSystemConfidentiality": "NONE",
+          "subsequentSystemIntegrity": "NONE",
+          "subsequentSystemAvailability": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirements": "NOT_DEFINED",
+          "integrityRequirements": "NOT_DEFINED",
+          "availabilityRequirements": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
+          "modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
+          "modifiedVulnerableSystemAvailability": "NOT_DEFINED",
+          "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
+          "modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
+          "modifiedSubsequentSystemAvailability": "NOT_DEFINED",
+          "safety": "NOT_DEFINED",
+          "automatable": "NOT_DEFINED",
+          "recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED",
+          "baseScore": 5.3,
+          "baseSeverity": "MEDIUM"
+        }
+      }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 6.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "PARTIAL",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "PARTIAL",
+          "baseScore": 6.5
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 8.0,
+        "impactScore": 6.4,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/jadu101/CVE/blob/main/SourceCodester_Medicine_Tracker_System_Master_php_sqli.md",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.270010",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.270010",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.365247",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-06-30T23:55:32.608231+00:00
+2024-07-01T02:00:53.948786+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-06-30T23:15:02.953000+00:00
+2024-07-01T00:15:01.950000+00:00
 ```

 ### Last Data Feed Release
@ -27,30 +27,26 @@ Repository synchronizes with the NVD every 2 hours.
 Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest)

 ```plain
-2024-06-30T00:00:08.671462+00:00
+2024-07-01T00:00:08.686275+00:00
 ```

 ### Total Number of included CVEs

 ```plain
-255517
+255518
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `3`
+Recently added CVEs: `1`

- [CVE-2024-6416](CVE-2024/CVE-2024-64xx/CVE-2024-6416.json) (`2024-06-30T22:15:02.113`)
- [CVE-2024-6417](CVE-2024/CVE-2024-64xx/CVE-2024-6417.json) (`2024-06-30T23:15:02.680`)
- [CVE-2024-6418](CVE-2024/CVE-2024-64xx/CVE-2024-6418.json) (`2024-06-30T23:15:02.953`)
+- [CVE-2024-6419](CVE-2024/CVE-2024-64xx/CVE-2024-6419.json) (`2024-07-01T00:15:01.950`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `2`
+Recently modified CVEs: `0`

- [CVE-2023-48733](CVE-2023/CVE-2023-487xx/CVE-2023-48733.json) (`2024-06-30T23:15:02.443`)
- [CVE-2024-1135](CVE-2024/CVE-2024-11xx/CVE-2024-1135.json) (`2024-06-30T23:15:02.563`)


 ## Download and Usage
--- a/_state.csv
+++ b/_state.csv
@ -235971,7 +235971,7 @@ CVE-2023-48729,0,0,13f3c83cf7904baff3f0b31a9a04b64ff281e898cd527079412a7cd8a8ab6
 CVE-2023-4873,0,0,465c1e241ee1b198b74a3fc3bb12f674d897060f7573d208dbebf389159d3a67,2024-05-17T02:31:51.323000
 CVE-2023-48730,0,0,264cdffbcd1795eb0f7049cf85c1272ee87fdcc52b1b266a46432ae9844fc0ea,2024-01-17T15:17:52.480000
 CVE-2023-48732,0,0,abb3554f314c5b51f0ffa427cedc4088e23aff012c62daae32b295958f08e668,2024-01-08T19:03:27.590000
-CVE-2023-48733,0,1,d0d2fb37e6e7a2804a26b87bf0dbbb84e4d259a5259245158b9235f611b08bf6,2024-06-30T23:15:02.443000
+CVE-2023-48733,0,0,d0d2fb37e6e7a2804a26b87bf0dbbb84e4d259a5259245158b9235f611b08bf6,2024-06-30T23:15:02.443000
 CVE-2023-48734,0,0,72879831203a5f2de62fb7f903b5d3e66a7fe00055b0fab93508a2b24ab82951,2024-02-14T18:15:46.277000
 CVE-2023-48736,0,0,a0b6e9b56e2b0dc6ffadf1fe32c560a31ba2d1a03059ee4bad90225fee89c9f4,2023-11-24T23:03:02.490000
 CVE-2023-48737,0,0,84b65c99e267de32377e196f5b0727715b9f6973d89cbca7515916793bf7df42,2023-12-05T20:36:45.767000
@ -241584,7 +241584,7 @@ CVE-2024-1130,0,0,19b9a2e3e227bc6e3d85f9dd98bd15cfd41c18a2ee1bc79c328385d5148fea
 CVE-2024-1132,0,0,9ed9093a5d69eec7aaa9293012130ad2c33be7b2260c2825364334ddab958fd0,2024-06-20T06:15:09.397000
 CVE-2024-1133,0,0,85f4bf6d861639f9431d20ab28a51d2af9f3a3ecb32590788260710816d3a125,2024-02-29T13:49:29.390000
 CVE-2024-1134,0,0,2e7c5ee3a71225c7c6e3e9d595fec8d66565da1f8113a13a6b762c5258606aef,2024-05-24T13:03:05.093000
-CVE-2024-1135,0,1,c4e807742cebaf6bf696946dfb175a5e42a114f551ef03f8a1a000797bbd864f,2024-06-30T23:15:02.563000
+CVE-2024-1135,0,0,c4e807742cebaf6bf696946dfb175a5e42a114f551ef03f8a1a000797bbd864f,2024-06-30T23:15:02.563000
 CVE-2024-1136,0,0,609070256c4defa988e1113275bf8273fe15f50574e00ed3dcfde13143e471cc,2024-02-28T14:06:45.783000
 CVE-2024-1137,0,0,9f8c1cf74ca4778ab709faeea998997368a7f042480977a7d6535f2dd892d7f7,2024-03-13T12:33:51.697000
 CVE-2024-1138,0,0,0bb26866b03e9dd351d8284004467140fe2cfdfbd72af071fda864e5a2dc9e58,2024-03-13T12:33:51.697000
@ -255513,6 +255513,7 @@ CVE-2024-6403,0,0,429dfb36ed402b9131ff77942437fb1a517bdb7d9c4bc0d98800d556162777
 CVE-2024-6405,0,0,038b14279ce0315b7a8980b7821f46591d9e467d7f65f841d288ca599d5003a6,2024-06-29T02:15:02.223000
 CVE-2024-6414,0,0,70b26d50e267b67a07d9bb4b9f1c84966b1a8bfb20d759370cc1a093ba5f1259,2024-06-30T03:15:02.223000
 CVE-2024-6415,0,0,62e9973ee32aafad192ff857247035567ab1ac1ef13febe846fa28737426c3a2,2024-06-30T04:15:02.250000
-CVE-2024-6416,1,1,42460422645508deba815384c205b5e704c0f5f916fb0a7b2efed93e1162e2e4,2024-06-30T22:15:02.113000
-CVE-2024-6417,1,1,32851c719cd1c65444d9f0687cd37e02fd9715c54484a0e16c9a397be6861748,2024-06-30T23:15:02.680000
-CVE-2024-6418,1,1,e6fe9ac34c4b22aecb612ef18a1b6ee75745c96c699586b14f82bdf1bd364999,2024-06-30T23:15:02.953000
+CVE-2024-6416,0,0,42460422645508deba815384c205b5e704c0f5f916fb0a7b2efed93e1162e2e4,2024-06-30T22:15:02.113000
+CVE-2024-6417,0,0,32851c719cd1c65444d9f0687cd37e02fd9715c54484a0e16c9a397be6861748,2024-06-30T23:15:02.680000
+CVE-2024-6418,0,0,e6fe9ac34c4b22aecb612ef18a1b6ee75745c96c699586b14f82bdf1bd364999,2024-06-30T23:15:02.953000
+CVE-2024-6419,1,1,92807316841d932714223cfcd15bad518a4419bb5a5d3d4cee6d072592967cd4,2024-07-01T00:15:01.950000