Auto-Update: 2024-08-31T20:00:16.730236+00:00

2025-05-08 19:47:09 +00:00 · 2024-08-31 20:03:13 +00:00 · 2024-08-31 20:03:13 +00:00 · 13f9a94353
commit 13f9a94353
parent 29058ecce0
3 changed files with 143 additions and 5 deletions
--- a/CVE-2024/CVE-2024-83xx/CVE-2024-8366.json
+++ b/CVE-2024/CVE-2024-83xx/CVE-2024-8366.json
@ -0,0 +1,137 @@
+{
+  "id": "CVE-2024-8366",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2024-08-31T18:15:13.257",
+  "lastModified": "2024-08-31T18:15:13.257",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability was found in code-projects Pharmacy Management System 1.0. It has been classified as problematic. This affects an unknown part of the file /index.php?id=userProfileEdit of the component Update My Profile Page. The manipulation of the argument fname/lname/email with the input <script>alert(1)</script> leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "vulnerableSystemConfidentiality": "NONE",
+          "vulnerableSystemIntegrity": "LOW",
+          "vulnerableSystemAvailability": "NONE",
+          "subsequentSystemConfidentiality": "NONE",
+          "subsequentSystemIntegrity": "NONE",
+          "subsequentSystemAvailability": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirements": "NOT_DEFINED",
+          "integrityRequirements": "NOT_DEFINED",
+          "availabilityRequirements": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
+          "modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
+          "modifiedVulnerableSystemAvailability": "NOT_DEFINED",
+          "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
+          "modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
+          "modifiedSubsequentSystemAvailability": "NOT_DEFINED",
+          "safety": "NOT_DEFINED",
+          "automatable": "NOT_DEFINED",
+          "recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED",
+          "baseScore": 6.9,
+          "baseSeverity": "MEDIUM"
+        }
+      }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 4.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 1.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "NONE",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "NONE",
+          "baseScore": 5.0
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 10.0,
+        "impactScore": 2.9,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://code-projects.org/",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.276261",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.276261",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.398777",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-08-31T16:00:17.068289+00:00
+2024-08-31T20:00:16.730236+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-08-31T14:15:04.320000+00:00
+2024-08-31T18:15:13.257000+00:00
 ```

 ### Last Data Feed Release
@ -33,14 +33,14 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-261635
+261636
 ```

 ### CVEs added in the last Commit

 Recently added CVEs: `1`

- [CVE-2024-44946](CVE-2024/CVE-2024-449xx/CVE-2024-44946.json) (`2024-08-31T14:15:04.320`)
+- [CVE-2024-8366](CVE-2024/CVE-2024-83xx/CVE-2024-8366.json) (`2024-08-31T18:15:13.257`)


 ### CVEs modified in the last Commit
--- a/_state.csv
+++ b/_state.csv
@ -258773,7 +258773,7 @@ CVE-2024-44942,0,0,17b37362bd3ba24b1a5ce481b72105519e3d684fbcb26bdd0327529225c43
 CVE-2024-44943,0,0,5bf597bf2fa044f6eb0ba2afa66eeb4ae405658ddc3b2a597c7fedca3c5f2035,2024-08-28T12:57:17.117000
 CVE-2024-44944,0,0,2311e8e140052a8ffceda234565ab592ce1eef31ad86de13e1707e1e1dd9a467,2024-08-30T13:00:05.390000
 CVE-2024-44945,0,0,b9925d61818b0f13538430fa3fa098f09fe3d38e458b14d49416d01436c660e9,2024-08-31T07:15:03.760000
-CVE-2024-44946,1,1,d9f2fb39169b8e252339022a2c24ef3f9dbe59fc8bb83ae8d86d1e665239a7b9,2024-08-31T14:15:04.320000
+CVE-2024-44946,0,0,d9f2fb39169b8e252339022a2c24ef3f9dbe59fc8bb83ae8d86d1e665239a7b9,2024-08-31T14:15:04.320000
 CVE-2024-4495,0,0,cb1d8bc801c43f7ab8180176a646c9e39a56603c1305eac804522af3adac0fa8,2024-05-17T02:40:25.167000
 CVE-2024-4496,0,0,6e858d3d5b48b877aff577f900a80fd10c799bd74cdf4188d346fa0d13641a80,2024-06-04T19:20:39.340000
 CVE-2024-4497,0,0,6a1d6365c146727895628930cc6e441179a183396cbc0224f0d3e640240772d3,2024-06-04T19:20:39.437000
@ -261634,3 +261634,4 @@ CVE-2024-8345,0,0,64e0a45eab2d63ed1ca49430f715da68fb3efa7fec84d2122cc6f0b48b7712
 CVE-2024-8346,0,0,1dcae9dcb60c40066b7db8edfc0728b08627f6f1080c993c40d94710941ef22b,2024-08-30T21:15:16.093000
 CVE-2024-8347,0,0,f4405c147820506ecc8a0d93f307216e82705b32a3fd6daedc97f5b53d63deb2,2024-08-30T22:15:07.770000
 CVE-2024-8348,0,0,9d0797ebabc9b80a834938e85f7f2e978054cd2128ee4176b5bc8efc39cf9a04,2024-08-30T22:15:08.233000
+CVE-2024-8366,1,1,aa72fcd41b228be7b06f6c9a81ecf2f8f9fd5e20be0db7cf0df490a8a5890f57,2024-08-31T18:15:13.257000