Auto-Update: 2024-03-13T09:00:32.761704+00:00

2025-07-09 16:05:11 +00:00 · 2024-03-13 09:03:20 +00:00 · 2024-03-13 09:03:20 +00:00 · 21ace5017d
commit 21ace5017d
parent d233d146cf
8 changed files with 82 additions and 55 deletions
--- a/CVE-2024/CVE-2024-265xx/CVE-2024-26529.json
+++ b/CVE-2024/CVE-2024-265xx/CVE-2024-26529.json
@ -0,0 +1,24 @@
+{
+  "id": "CVE-2024-26529",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-03-13T08:15:43.410",
+  "lastModified": "2024-03-13T08:15:43.410",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "An issue in mz-automation libiec61850 v.1.5.3 and before, allows a remote attacker to cause a denial of service (DoS) via the mmsServer_handleDeleteNamedVariableListRequest function of src/mms/iso_mms/server/mms_named_variable_list_service.c."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/mz-automation/libiec61850/issues/492",
+      "source": "cve@mitre.org"
+    },
+    {
+      "url": "https://github.com/mz-automation/libiec61850/issues/495",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-277xx/CVE-2024-27743.json
+++ b/CVE-2024/CVE-2024-277xx/CVE-2024-27743.json
@ -2,27 +2,23 @@
  "id": "CVE-2024-27743",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2024-03-01T22:15:47.823",
-  "lastModified": "2024-03-01T22:22:25.913",
+  "lastModified": "2024-03-13T07:15:36.253",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross Site Scripting vulnerability in Petrol Pump Mangement Software v.1.0 allows an attacker to execute arbitrary code via a crafted payload to the Address parameter in the add_invoices.php component."
+    },
+    {
+      "lang": "es",
+      "value": "Una vulnerabilidad de Cross-Site Scripting en Petrol Pump Mangement Software v.1.0 permite a un atacante ejecutar c\u00f3digo arbitrario a trav\u00e9s de un payload manipulado en el par\u00e1metro Direcci\u00f3n en el componente add_invoices.php."
    }
  ],
  "metrics": {},
  "references": [
-    {
-      "url": "http://mayurik.com",
-      "source": "cve@mitre.org"
-    },
    {
      "url": "https://github.com/shubham-s-pandey/CVE_POC/blob/main/CVE-2024-27743.md",
      "source": "cve@mitre.org"
-    },
-    {
-      "url": "https://www.sourcecodester.com/php/17180/petrol-pump-management-software-free-download.html",
-      "source": "cve@mitre.org"
    }
  ]
 }
--- a/CVE-2024/CVE-2024-277xx/CVE-2024-27744.json
+++ b/CVE-2024/CVE-2024-277xx/CVE-2024-27744.json
@ -2,35 +2,23 @@
  "id": "CVE-2024-27744",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2024-03-01T22:15:47.870",
-  "lastModified": "2024-03-01T22:22:25.913",
+  "lastModified": "2024-03-13T07:15:36.410",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross Site Scripting vulnerability in Petrol Pump Mangement Software v.1.0 allows an attacker to execute arbitrary code via a crafted payload to the image parameter in the profile.php component."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de Cross-Site Scripting en Petrol Pump Mangement Software v.1.0 permite a un atacante ejecutar c\u00f3digo arbitrario a trav\u00e9s de un payload manipulado en el par\u00e1metro de imagen en el componente profile.php."
    }
  ],
  "metrics": {},
  "references": [
-    {
-      "url": "http://mayurik.com",
-      "source": "cve@mitre.org"
-    },
-    {
-      "url": "http://www.w3.org/2000/svg",
-      "source": "cve@mitre.org"
-    },
-    {
-      "url": "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd",
-      "source": "cve@mitre.org"
-    },
    {
      "url": "https://github.com/shubham-s-pandey/CVE_POC/blob/main/CVE-2024-27744.md",
      "source": "cve@mitre.org"
-    },
-    {
-      "url": "https://www.sourcecodester.com/php/17180/petrol-pump-management-software-free-download.html",
-      "source": "cve@mitre.org"
    }
  ]
 }
--- a/CVE-2024/CVE-2024-277xx/CVE-2024-27746.json
+++ b/CVE-2024/CVE-2024-277xx/CVE-2024-27746.json
@ -2,27 +2,23 @@
  "id": "CVE-2024-27746",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2024-03-01T22:15:47.923",
-  "lastModified": "2024-03-01T22:22:25.913",
+  "lastModified": "2024-03-13T07:15:36.470",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
      "value": "SQL Injection vulnerability in Petrol Pump Mangement Software v.1.0 allows an attacker to execute arbitrary code via a crafted payload to the email address parameter in the index.php component."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de inyecci\u00f3n SQL en Petrol Pump Mangement Software v.1.0 permite a un atacante ejecutar c\u00f3digo arbitrario a trav\u00e9s de un payload manipulado en el par\u00e1metro de direcci\u00f3n de correo electr\u00f3nico en el componente index.php."
    }
  ],
  "metrics": {},
  "references": [
-    {
-      "url": "http://mayurik.com",
-      "source": "cve@mitre.org"
-    },
    {
      "url": "https://github.com/shubham-s-pandey/CVE_POC/blob/main/CVE-2024-27746.md",
      "source": "cve@mitre.org"
-    },
-    {
-      "url": "https://www.sourcecodester.com/php/17180/petrol-pump-management-software-free-download.html",
-      "source": "cve@mitre.org"
    }
  ]
 }
--- a/CVE-2024/CVE-2024-277xx/CVE-2024-27747.json
+++ b/CVE-2024/CVE-2024-277xx/CVE-2024-27747.json
@ -2,27 +2,23 @@
  "id": "CVE-2024-27747",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2024-03-01T22:15:47.973",
-  "lastModified": "2024-03-01T22:22:25.913",
+  "lastModified": "2024-03-13T07:15:36.523",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
      "value": "File Upload vulnerability in Petrol Pump Mangement Software v.1.0 allows an attacker to execute arbitrary code via a crafted payload to the email Image parameter in the profile.php component."
+    },
+    {
+      "lang": "es",
+      "value": "Vulnerabilidad de carga de archivos en Petrol Pump Mangement Software v.1.0 permite a un atacante ejecutar c\u00f3digo arbitrario a trav\u00e9s de un payload manipulado en el par\u00e1metro Imagen de correo electr\u00f3nico en el componente profile.php."
    }
  ],
  "metrics": {},
  "references": [
-    {
-      "url": "http://mayurik.com",
-      "source": "cve@mitre.org"
-    },
    {
      "url": "https://github.com/shubham-s-pandey/CVE_POC/blob/main/CVE-2024-27747.md",
      "source": "cve@mitre.org"
-    },
-    {
-      "url": "https://www.sourcecodester.com/php/17180/petrol-pump-management-software-free-download.html",
-      "source": "cve@mitre.org"
    }
  ]
 }
--- a/CVE-2024/CVE-2024-286xx/CVE-2024-28623.json
+++ b/CVE-2024/CVE-2024-286xx/CVE-2024-28623.json
@ -0,0 +1,20 @@
+{
+  "id": "CVE-2024-28623",
+  "sourceIdentifier": "cve@mitre.org",
+  "published": "2024-03-13T08:15:43.497",
+  "lastModified": "2024-03-13T08:15:43.497",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "RiteCMS v3.0.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component main_menu/edit_section."
+    }
+  ],
+  "metrics": {},
+  "references": [
+    {
+      "url": "https://github.com/GURJOTEXPERT/ritecms",
+      "source": "cve@mitre.org"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-03-13T07:00:31.834063+00:00
+2024-03-13T09:00:32.761704+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-03-13T06:15:52.273000+00:00
+2024-03-13T08:15:43.497000+00:00
 ```

 ### Last Data Feed Release
@ -29,20 +29,25 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-241252
+241254
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `1`
+Recently added CVEs: `2`

-* [CVE-2024-27440](CVE-2024/CVE-2024-274xx/CVE-2024-27440.json) (`2024-03-13T06:15:52.273`)
+* [CVE-2024-26529](CVE-2024/CVE-2024-265xx/CVE-2024-26529.json) (`2024-03-13T08:15:43.410`)
+* [CVE-2024-28623](CVE-2024/CVE-2024-286xx/CVE-2024-28623.json) (`2024-03-13T08:15:43.497`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `0`
+Recently modified CVEs: `4`

+* [CVE-2024-27743](CVE-2024/CVE-2024-277xx/CVE-2024-27743.json) (`2024-03-13T07:15:36.253`)
+* [CVE-2024-27744](CVE-2024/CVE-2024-277xx/CVE-2024-27744.json) (`2024-03-13T07:15:36.410`)
+* [CVE-2024-27746](CVE-2024/CVE-2024-277xx/CVE-2024-27746.json) (`2024-03-13T07:15:36.470`)
+* [CVE-2024-27747](CVE-2024/CVE-2024-277xx/CVE-2024-27747.json) (`2024-03-13T07:15:36.523`)


 ## Download and Usage
--- a/_state.csv
+++ b/_state.csv
@ -240981,6 +240981,7 @@ CVE-2024-26490,0,0,b6f6bbce17cb8b3e0d7ffc74af2883f439e6d11d15d184e2f1a2e43e85a99
 CVE-2024-26491,0,0,73ef4da115c90ed06a18a1a334653b2533761b4f911c3db9814bd0d18285bcac,2024-02-22T19:07:27.197000
 CVE-2024-26492,0,0,223ddadc0c7efe7b0886f487630808be0927541c8864c0a1df96647191c41c4f,2024-03-08T14:02:57.420000
 CVE-2024-26521,0,0,0e3dff2f526dd01b3807e889e548f69877c6fbe716f338bf9b68ff7b3cd2a892,2024-03-12T12:40:13.500000
+CVE-2024-26529,1,1,0af184ea782176ac95d690f0be194eb057dac8c53b30f761481d667b2672ca66,2024-03-13T08:15:43.410000
 CVE-2024-26542,0,0,84bcc676050237f7706e936cd8d9d490aa0a127cdccddbe7afe739c073267e25,2024-02-28T14:06:45.783000
 CVE-2024-26548,0,0,7b31129407d10e539a4174451b23a0f83a48cdb246d6dd13af61036fdc95df1c,2024-03-01T14:04:26.010000
 CVE-2024-26559,0,0,3b7b5127dd0e422a83fadfb79310bdd57e4fb71532d47a597a5aa1449637c0ce,2024-02-29T13:49:47.277000
@ -241113,7 +241114,7 @@ CVE-2024-27354,0,0,3316a11ae03e51007e09710a76a22632e619f5d31d833e6569bcace78ce3c
 CVE-2024-27355,0,0,0b9031e2eb548ad12d2d9e0065d270364951139eb9b910f1e5678f52ec43857a,2024-03-04T13:58:23.447000
 CVE-2024-27356,0,0,2464f4bdc7cd759969915038df7055199f0bd02c6d9b1a8ceb85c7588507e9ba,2024-02-27T14:20:06.637000
 CVE-2024-27359,0,0,45c452c4a5013555c154282328f794ae0e5bd9c68f52a53f3747792eec7b2661,2024-02-26T16:32:25.577000
-CVE-2024-27440,1,1,6e294c502025b0bf49f91f6fc4cbf5e66e4ac059f9ae65341b9f951c5cfccaa5,2024-03-13T06:15:52.273000
+CVE-2024-27440,0,0,6e294c502025b0bf49f91f6fc4cbf5e66e4ac059f9ae65341b9f951c5cfccaa5,2024-03-13T06:15:52.273000
 CVE-2024-27444,0,0,a237f36c45a82911cb697384887c7b89bc1c2ea038ffd45f33470a0acaad42ea,2024-02-26T16:32:25.577000
 CVE-2024-27447,0,0,cb57e8d03df573cd861f28c33cc0f260471c72de24ec7e9c3037c0509931fb18,2024-02-26T16:32:25.577000
 CVE-2024-27454,0,0,420cb9ec3b08ac5a96e141e933952328f4cf525758241b7fd36981eea8d7ea27,2024-02-26T16:32:25.577000
@ -241163,10 +241164,10 @@ CVE-2024-27707,0,0,bd4780ccfe95d75b10e00a8c73b93480b3348a16006d364b38b5efca7ebc6
 CVE-2024-27718,0,0,1278a2a8cee5a68342beae95f220d454fcd35e5e3853b311cb50bcc440948ebc,2024-03-05T13:41:01.900000
 CVE-2024-27733,0,0,8d363cf969790e7f98247f28db2e0a162d296bdeea0f77bb77693ca2f7a6137e,2024-03-08T14:02:57.420000
 CVE-2024-27734,0,0,3c0f551c79bd519411a50f44170878bc190cec512cea2012a65cd2d3219a1ee2,2024-03-01T22:22:25.913000
-CVE-2024-27743,0,0,6af784c89001e5e3304a051e2cbbb71e2daee0d197f297c681b1d37ee3f97874,2024-03-01T22:22:25.913000
-CVE-2024-27744,0,0,678780b6b69944545a0d8cad148a51f5d84c2d7bab88f74324d94f2ee8805643,2024-03-01T22:22:25.913000
-CVE-2024-27746,0,0,7ab44c3e75be4b1a83353b8b85a4423f849d600cec61873dbfda740cf90a82d4,2024-03-01T22:22:25.913000
-CVE-2024-27747,0,0,eda09f2b4b6af0e7dd609f89b3c49bd0b33e897e57a0119562f4261f2003f27f,2024-03-01T22:22:25.913000
+CVE-2024-27743,0,1,69a5e2d8c49bcfbf0b9f2f2f3b35b9cf6afe8c9f20e8371fcf519a2d380509ef,2024-03-13T07:15:36.253000
+CVE-2024-27744,0,1,c100d4ba8f49a307e8f166c43dcf72396c641c27bc5c30f424e004f4b4c33d3f,2024-03-13T07:15:36.410000
+CVE-2024-27746,0,1,6f3ddced2e2b26bef51987507b4e7466957a803a9da415c8c1c8b245cafe1423,2024-03-13T07:15:36.470000
+CVE-2024-27747,0,1,eff635f872515818dfe20352d610bb047327d7f6971e953c63bc92feb6bf3ebe,2024-03-13T07:15:36.523000
 CVE-2024-27758,0,0,6abe87e0a8905ac150ade2fec85250ff5e7fbf580c101c16b193b98f7d58141f,2024-03-12T17:46:17.273000
 CVE-2024-27764,0,0,a6da085213081f41482d74001d5b27250ddae1567bc465fa0f4b1023f8322f06,2024-03-06T15:18:08.093000
 CVE-2024-27765,0,0,c9283b485df441e5cf44e98a2bcaa6921e6b7ae7825314dc1fd3bb862197fb6e,2024-03-06T15:18:08.093000
@ -241246,6 +241247,7 @@ CVE-2024-28339,0,0,06a7f15d55f22a965683bef17c82587bc073ddf9fa5edb33c38c4cd82d5f3
 CVE-2024-28340,0,0,89775fa07d73d115a7392603111ecb04f65799be74b8d41063e67ed0eb97d0cf,2024-03-12T17:46:17.273000
 CVE-2024-28535,0,0,05b59fc574e3ec1a67ffae1023c5999e94849ce19d6ee2f539dda71a994d8b6c,2024-03-12T16:02:33.900000
 CVE-2024-28553,0,0,805b633f3af1b0b015d2f8e90520174ed99391ad33f4ee744bfc3e783d7c9257,2024-03-12T16:02:33.900000
+CVE-2024-28623,1,1,c5116971097b2daf370624fbe36959f90f8af4f952090d2ba8645b66a04904e4,2024-03-13T08:15:43.497000
 CVE-2024-28753,0,0,73ca850c1b6879daba607bc61d7d16457b56173a47004b8bff799b514a526c36,2024-03-11T01:32:39.697000
 CVE-2024-28754,0,0,9281349f951cf3fa92b3f484f1e5f3e3b9f20229dcabe6872ba34e9bebaf3b2c,2024-03-11T01:32:39.697000
 CVE-2024-28757,0,0,2ea8a9bd701b62a4c7d927e860f5361b09b4376e3bc3bbb014ff5d4ca725cec6,2024-03-11T01:32:29.610000