Auto-Update: 2025-06-21T18:00:18.897443+00:00

2025-07-11 16:13:34 +00:00 · 2025-06-21 18:03:57 +00:00 · 2025-06-21 18:03:57 +00:00 · 168720c6a3
commit 168720c6a3
parent 37b7854e7f
5 changed files with 449 additions and 12 deletions
--- a/CVE-2025/CVE-2025-64xx/CVE-2025-6409.json
+++ b/CVE-2025/CVE-2025-64xx/CVE-2025-6409.json
@ -0,0 +1,145 @@
 {
  "id": "CVE-2025-6409",
  "sourceIdentifier": "cna@vuldb.com",
  "published": "2025-06-21T16:15:21.407",
  "lastModified": "2025-06-21T16:15:21.407",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability was found in PHPGurukul Art Gallery Management System 1.1 and classified as critical. This issue affects some unknown processing of the file /admin/forgot-password.php. The manipulation of the argument email leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
    }
  ],
  "metrics": {
    "cvssMetricV40": [
      {
        "source": "cna@vuldb.com",
        "type": "Secondary",
        "cvssData": {
          "version": "4.0",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "baseScore": 6.9,
          "baseSeverity": "MEDIUM",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "vulnConfidentialityImpact": "LOW",
          "vulnIntegrityImpact": "LOW",
          "vulnAvailabilityImpact": "LOW",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "subAvailabilityImpact": "NONE",
          "exploitMaturity": "PROOF_OF_CONCEPT",
          "confidentialityRequirement": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "availabilityRequirement": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "valueDensity": "NOT_DEFINED",
          "vulnerabilityResponseEffort": "NOT_DEFINED",
          "providerUrgency": "NOT_DEFINED"
        }
      }
    ],
    "cvssMetricV31": [
      {
        "source": "cna@vuldb.com",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
          "baseScore": 7.3,
          "baseSeverity": "HIGH",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "availabilityImpact": "LOW"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.4
      }
    ],
    "cvssMetricV2": [
      {
        "source": "cna@vuldb.com",
        "type": "Secondary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "baseScore": 7.5,
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "PARTIAL"
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "cna@vuldb.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-74"
        },
        {
          "lang": "en",
          "value": "CWE-89"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://github.com/f1rstb100d/myCVE/issues/82",
      "source": "cna@vuldb.com"
    },
    {
      "url": "https://phpgurukul.com/",
      "source": "cna@vuldb.com"
    },
    {
      "url": "https://vuldb.com/?ctiid.313403",
      "source": "cna@vuldb.com"
    },
    {
      "url": "https://vuldb.com/?id.313403",
      "source": "cna@vuldb.com"
    },
    {
      "url": "https://vuldb.com/?submit.598225",
      "source": "cna@vuldb.com"
    }
  ]
 }
--- a/CVE-2025/CVE-2025-64xx/CVE-2025-6410.json
+++ b/CVE-2025/CVE-2025-64xx/CVE-2025-6410.json
@ -0,0 +1,145 @@
 {
  "id": "CVE-2025-6410",
  "sourceIdentifier": "cna@vuldb.com",
  "published": "2025-06-21T17:15:23.580",
  "lastModified": "2025-06-21T17:15:23.580",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability was found in PHPGurukul Art Gallery Management System 1.1. It has been classified as critical. Affected is an unknown function of the file /admin/edit-art-medium-detail.php. The manipulation of the argument editid leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
    }
  ],
  "metrics": {
    "cvssMetricV40": [
      {
        "source": "cna@vuldb.com",
        "type": "Secondary",
        "cvssData": {
          "version": "4.0",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "vulnConfidentialityImpact": "LOW",
          "vulnIntegrityImpact": "LOW",
          "vulnAvailabilityImpact": "LOW",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "subAvailabilityImpact": "NONE",
          "exploitMaturity": "PROOF_OF_CONCEPT",
          "confidentialityRequirement": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "availabilityRequirement": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "valueDensity": "NOT_DEFINED",
          "vulnerabilityResponseEffort": "NOT_DEFINED",
          "providerUrgency": "NOT_DEFINED"
        }
      }
    ],
    "cvssMetricV31": [
      {
        "source": "cna@vuldb.com",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
          "baseScore": 6.3,
          "baseSeverity": "MEDIUM",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "availabilityImpact": "LOW"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.4
      }
    ],
    "cvssMetricV2": [
      {
        "source": "cna@vuldb.com",
        "type": "Secondary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "baseScore": 6.5,
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "SINGLE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "PARTIAL"
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "cna@vuldb.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-74"
        },
        {
          "lang": "en",
          "value": "CWE-89"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://github.com/f1rstb100d/myCVE/issues/83",
      "source": "cna@vuldb.com"
    },
    {
      "url": "https://phpgurukul.com/",
      "source": "cna@vuldb.com"
    },
    {
      "url": "https://vuldb.com/?ctiid.313404",
      "source": "cna@vuldb.com"
    },
    {
      "url": "https://vuldb.com/?id.313404",
      "source": "cna@vuldb.com"
    },
    {
      "url": "https://vuldb.com/?submit.598226",
      "source": "cna@vuldb.com"
    }
  ]
 }
--- a/CVE-2025/CVE-2025-64xx/CVE-2025-6411.json
+++ b/CVE-2025/CVE-2025-64xx/CVE-2025-6411.json
@ -0,0 +1,145 @@
 {
  "id": "CVE-2025-6411",
  "sourceIdentifier": "cna@vuldb.com",
  "published": "2025-06-21T17:15:23.800",
  "lastModified": "2025-06-21T17:15:23.800",
  "vulnStatus": "Received",
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability was found in PHPGurukul Art Gallery Management System 1.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /admin/changepropic.php. The manipulation of the argument imageid leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
    }
  ],
  "metrics": {
    "cvssMetricV40": [
      {
        "source": "cna@vuldb.com",
        "type": "Secondary",
        "cvssData": {
          "version": "4.0",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "vulnConfidentialityImpact": "LOW",
          "vulnIntegrityImpact": "LOW",
          "vulnAvailabilityImpact": "LOW",
          "subConfidentialityImpact": "NONE",
          "subIntegrityImpact": "NONE",
          "subAvailabilityImpact": "NONE",
          "exploitMaturity": "PROOF_OF_CONCEPT",
          "confidentialityRequirement": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "availabilityRequirement": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "valueDensity": "NOT_DEFINED",
          "vulnerabilityResponseEffort": "NOT_DEFINED",
          "providerUrgency": "NOT_DEFINED"
        }
      }
    ],
    "cvssMetricV31": [
      {
        "source": "cna@vuldb.com",
        "type": "Primary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
          "baseScore": 6.3,
          "baseSeverity": "MEDIUM",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "availabilityImpact": "LOW"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 3.4
      }
    ],
    "cvssMetricV2": [
      {
        "source": "cna@vuldb.com",
        "type": "Secondary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
          "baseScore": 6.5,
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "SINGLE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "PARTIAL"
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 8.0,
        "impactScore": 6.4,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "cna@vuldb.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-74"
        },
        {
          "lang": "en",
          "value": "CWE-89"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://github.com/f1rstb100d/myCVE/issues/84",
      "source": "cna@vuldb.com"
    },
    {
      "url": "https://phpgurukul.com/",
      "source": "cna@vuldb.com"
    },
    {
      "url": "https://vuldb.com/?ctiid.313405",
      "source": "cna@vuldb.com"
    },
    {
      "url": "https://vuldb.com/?id.313405",
      "source": "cna@vuldb.com"
    },
    {
      "url": "https://vuldb.com/?submit.598227",
      "source": "cna@vuldb.com"
    }
  ]
 }
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 ```plain
-2025-06-21T16:00:26.992949+00:00
+2025-06-21T18:00:18.897443+00:00
 ```
 ### Most recent CVE Modification Timestamp synchronized with NVD
 ```plain
-2025-06-21T15:15:21.397000+00:00
+2025-06-21T17:15:23.800000+00:00
 ```
 ### Last Data Feed Release
@ -33,17 +33,16 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 ```plain
-298994
+298997
 ```
 ### CVEs added in the last Commit
-Recently added CVEs: `4`
+Recently added CVEs: `3`
- [CVE-2025-6405](CVE-2025/CVE-2025-64xx/CVE-2025-6405.json) (`2025-06-21T14:15:19.557`)
+- [CVE-2025-6409](CVE-2025/CVE-2025-64xx/CVE-2025-6409.json) (`2025-06-21T16:15:21.407`)
- [CVE-2025-6406](CVE-2025/CVE-2025-64xx/CVE-2025-6406.json) (`2025-06-21T14:15:19.777`)
+- [CVE-2025-6410](CVE-2025/CVE-2025-64xx/CVE-2025-6410.json) (`2025-06-21T17:15:23.580`)
- [CVE-2025-6407](CVE-2025/CVE-2025-64xx/CVE-2025-6407.json) (`2025-06-21T15:15:21.213`)
+- [CVE-2025-6411](CVE-2025/CVE-2025-64xx/CVE-2025-6411.json) (`2025-06-21T17:15:23.800`)
 - [CVE-2025-6408](CVE-2025/CVE-2025-64xx/CVE-2025-6408.json) (`2025-06-21T15:15:21.397`)
 ### CVEs modified in the last Commit
--- a/_state.csv
+++ b/_state.csv
@ -298989,7 +298989,10 @@ CVE-2025-6401,0,0,9d9dd7c8c9a8182d339c1e04938e080d45737af681976610632f07c1158446
 CVE-2025-6402,0,0,86e3fb80660b4a0aa440d06524000ca21ff60f631715b366a9d8547e04bbf0c9,2025-06-21T09:15:22.193000
 CVE-2025-6403,0,0,a51a9538a82140ab5ad24f972d31a2b06348c1c5ccc754591ee3e4c8a835207f,2025-06-21T10:15:22.360000
 CVE-2025-6404,0,0,66eeb672419eb85012b33bf024c01a147d8626d097119d13d23a8fc923e26206,2025-06-21T12:15:19.313000
-CVE-2025-6405,1,1,94ef189068805426ed1d28886f493619ae325912d651a6f555f5fee7f50be3a3,2025-06-21T14:15:19.557000
+CVE-2025-6405,0,0,94ef189068805426ed1d28886f493619ae325912d651a6f555f5fee7f50be3a3,2025-06-21T14:15:19.557000
-CVE-2025-6406,1,1,6044b6ade38b16e932d972b9e5b801f7e3e93ba18a4cbce60106f3dff36d2e1b,2025-06-21T14:15:19.777000
+CVE-2025-6406,0,0,6044b6ade38b16e932d972b9e5b801f7e3e93ba18a4cbce60106f3dff36d2e1b,2025-06-21T14:15:19.777000
-CVE-2025-6407,1,1,8d96e89731319e20e539e96d7c3145509ea58eb03f77065ca256630a5f257ddb,2025-06-21T15:15:21.213000
+CVE-2025-6407,0,0,8d96e89731319e20e539e96d7c3145509ea58eb03f77065ca256630a5f257ddb,2025-06-21T15:15:21.213000
-CVE-2025-6408,1,1,6de6f6330144cd9edd00fd7b4ac9056a7073a139fa6b4c1bea7a5e08f21c55d6,2025-06-21T15:15:21.397000
+CVE-2025-6408,0,0,6de6f6330144cd9edd00fd7b4ac9056a7073a139fa6b4c1bea7a5e08f21c55d6,2025-06-21T15:15:21.397000
 CVE-2025-6409,1,1,ab58691f2ecf6e947a9564c4c0156aa3bbf03a9b1aeb4b1e15a35636ca599aaf,2025-06-21T16:15:21.407000
 CVE-2025-6410,1,1,c0173d12925efeb271e682924d6b75fbb1583ecd595d8bae5f480e46133161cc,2025-06-21T17:15:23.580000
 CVE-2025-6411,1,1,b8157503290e836e4debd48f60c1e95d700074b4878a50f7f6bd70907c82b061,2025-06-21T17:15:23.800000