Auto-Update: 2024-03-30T15:00:37.901925+00:00

CVE-2024/CVE-2024-30xx/CVE-2024-3090.json

@@ -0,0 +1,92 @@
+{
+  "id": "CVE-2024-3090",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2024-03-30T13:15:45.663",
+  "lastModified": "2024-03-30T13:15:45.663",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability was found in PHPGurukul Emergency Ambulance Hiring Portal 1.0 and classified as problematic. This issue affects some unknown processing of the file /admin/add-ambulance.php of the component Add Ambulance Page. The manipulation of the argument Ambulance Reg No/Driver Name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-258683."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 2.4,
+          "baseSeverity": "LOW"
+        },
+        "exploitabilityScore": 0.9,
+        "impactScore": 1.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N",
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "MULTIPLE",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "NONE",
+          "baseScore": 3.3
+        },
+        "baseSeverity": "LOW",
+        "exploitabilityScore": 6.4,
+        "impactScore": 2.9,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/eahp_authsxss.md",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.258683",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.258683",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.306964",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}

CVE-2024/CVE-2024-30xx/CVE-2024-3091.json

@@ -0,0 +1,92 @@
+{
+  "id": "CVE-2024-3091",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2024-03-30T14:15:07.720",
+  "lastModified": "2024-03-30T14:15:07.720",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability was found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. It has been classified as problematic. Affected is an unknown function of the file /admin/search.php of the component Search Request Page. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-258684."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 2.4,
+          "baseSeverity": "LOW"
+        },
+        "exploitabilityScore": 0.9,
+        "impactScore": 1.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N",
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "MULTIPLE",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "NONE",
+          "baseScore": 3.3
+        },
+        "baseSeverity": "LOW",
+        "exploitabilityScore": 6.4,
+        "impactScore": 2.9,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/eahp_authrxss.md",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.258684",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.258684",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.306965",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}

README.md

@@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2024-03-30T13:00:38.462974+00:00
+2024-03-30T15:00:37.901925+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2024-03-30T12:15:07.730000+00:00
+2024-03-30T14:15:07.720000+00:00
 ```
 
 ### Last Data Feed Release
@@ -33,24 +33,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-243440
+243442
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `4`
+Recently added CVEs: `2`
 
-- [CVE-2024-3018](CVE-2024/CVE-2024-30xx/CVE-2024-3018.json) (`2024-03-30T12:15:07.543`)
-- [CVE-2024-3087](CVE-2024/CVE-2024-30xx/CVE-2024-3087.json) (`2024-03-30T11:15:50.123`)
-- [CVE-2024-3088](CVE-2024/CVE-2024-30xx/CVE-2024-3088.json) (`2024-03-30T11:15:50.483`)
-- [CVE-2024-3089](CVE-2024/CVE-2024-30xx/CVE-2024-3089.json) (`2024-03-30T12:15:07.730`)
+- [CVE-2024-3090](CVE-2024/CVE-2024-30xx/CVE-2024-3090.json) (`2024-03-30T13:15:45.663`)
+- [CVE-2024-3091](CVE-2024/CVE-2024-30xx/CVE-2024-3091.json) (`2024-03-30T14:15:07.720`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `1`
+Recently modified CVEs: `0`
 
-- [CVE-2024-3094](CVE-2024/CVE-2024-30xx/CVE-2024-3094.json) (`2024-03-30T11:15:50.713`)
 
 
 ## Download and Usage

_state.csv

@@ -243238,7 +243238,7 @@ CVE-2024-30161,0,0,f6d00094643508d05d1e5626fca4ef83c82ab69ba4696adb329c49eff6d0a
 CVE-2024-30177,0,0,ce7cec2fca67508ea4a8b86ac0339410ad9c9cb05c2afad1960db626913e7789,2024-03-27T12:29:30.307000
 CVE-2024-30178,0,0,d11fc89cba6da171daf23dbb46df2a76bfb6083f334196d374e91e86d9976c38,2024-03-27T12:29:30.307000
 CVE-2024-30179,0,0,35abc90ebe1a793047559644af343573def8da2ffc996aad9121641adf83cee8,2024-03-27T12:29:30.307000
-CVE-2024-3018,1,1,6615e8a56060c257c4b67d69dbffd8f50c4c72bf28f00c301f68c19ea6625e89,2024-03-30T12:15:07.543000
+CVE-2024-3018,0,0,6615e8a56060c257c4b67d69dbffd8f50c4c72bf28f00c301f68c19ea6625e89,2024-03-30T12:15:07.543000
 CVE-2024-30180,0,0,f5fdb110c03fb97533c78472d1d528181074b53d825b1ba9ff6d4938f78491e3,2024-03-27T12:29:30.307000
 CVE-2024-30181,0,0,8a2b0f53664e4096913cb3b2aaf99815ff9150b97170d5953fbe59ce6accb0af,2024-03-27T12:29:30.307000
 CVE-2024-30182,0,0,556427d1450e23e4a4ecf72bf9048682fc7d0a52a02ad41567836d21fc584ba6,2024-03-27T12:29:30.307000
@@ -243422,10 +243422,12 @@ CVE-2024-3081,0,0,dffc68d1388aac08d9d9a9d84e2f2854f24235b2dd8bd2e907a0a195e3c85f
 CVE-2024-3084,0,0,feb04b6812a124315d1816b70ccdcdd41a89f3d42f26905fef1bc9732a4ee86a,2024-03-30T08:15:07.510000
 CVE-2024-3085,0,0,f189393abcf3f39030a0b0c96f6cb9307d0bf6deb0ef88912d8e876c4692bd1c,2024-03-30T09:15:22.093000
 CVE-2024-3086,0,0,cc5a01ab88ce423f04c8e499fc5c4ae76ca65b66c37b46eb53fe666ff0b26be5,2024-03-30T09:15:22.367000
-CVE-2024-3087,1,1,58a2a50b13efdc9006ff609b1b35a4d1f9aa703f618a30d89033d50f7e02b844,2024-03-30T11:15:50.123000
-CVE-2024-3088,1,1,75e336a30e6366575c15823fb5c1169d3c04cc034936f7f9923994a537b606f7,2024-03-30T11:15:50.483000
-CVE-2024-3089,1,1,d9e6000375bc975d92e9af606a08c79464dd8df87e00cc3a7780d662edd5a1a0,2024-03-30T12:15:07.730000
-CVE-2024-3094,0,1,c8cfb5d8db4948559902213da97949db9e528da393ca65060d5bc6149c3532fa,2024-03-30T11:15:50.713000
+CVE-2024-3087,0,0,58a2a50b13efdc9006ff609b1b35a4d1f9aa703f618a30d89033d50f7e02b844,2024-03-30T11:15:50.123000
+CVE-2024-3088,0,0,75e336a30e6366575c15823fb5c1169d3c04cc034936f7f9923994a537b606f7,2024-03-30T11:15:50.483000
+CVE-2024-3089,0,0,d9e6000375bc975d92e9af606a08c79464dd8df87e00cc3a7780d662edd5a1a0,2024-03-30T12:15:07.730000
+CVE-2024-3090,1,1,041a60bb5db48d2385ac7440882bf24387cc4a4c84793d33c53aebe3dee428b4,2024-03-30T13:15:45.663000
+CVE-2024-3091,1,1,9228666915943527bd7b660c37f84937c5d51df8cece4dbce66d12f967ca2b48,2024-03-30T14:15:07.720000
+CVE-2024-3094,0,0,c8cfb5d8db4948559902213da97949db9e528da393ca65060d5bc6149c3532fa,2024-03-30T11:15:50.713000
 CVE-2024-31032,0,0,f6232fe0ef0534ba6d6e20ea0777fd8892cbb87efba42355deb8d8634b00d21e,2024-03-29T17:15:20.993000
 CVE-2024-31061,0,0,3a611478260a969dc7c268c913c4f396b21e3b4ebcb9a4cb4b0ae2a352b58da0,2024-03-28T20:53:20.813000
 CVE-2024-31062,0,0,952fafab14c88ef7f6d1b1ec6a2fcadf9629e538f73b776826c7478ea44a065b,2024-03-28T20:53:20.813000