Auto-Update: 2024-09-23T04:00:16.542136+00:00

CVE-2024/CVE-2024-90xx/CVE-2024-9094.json

@@ -0,0 +1,141 @@
+{
+  "id": "CVE-2024-9094",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2024-09-23T02:15:02.290",
+  "lastModified": "2024-09-23T02:15:02.290",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability classified as critical was found in code-projects Blood Bank System 1.0. This vulnerability affects unknown code of the file /admin/blood/update/o-.php. The manipulation of the argument bloodname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "vulnerableSystemConfidentiality": "LOW",
+          "vulnerableSystemIntegrity": "LOW",
+          "vulnerableSystemAvailability": "LOW",
+          "subsequentSystemConfidentiality": "NONE",
+          "subsequentSystemIntegrity": "NONE",
+          "subsequentSystemAvailability": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirements": "NOT_DEFINED",
+          "integrityRequirements": "NOT_DEFINED",
+          "availabilityRequirements": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
+          "modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
+          "modifiedVulnerableSystemAvailability": "NOT_DEFINED",
+          "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
+          "modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
+          "modifiedSubsequentSystemAvailability": "NOT_DEFINED",
+          "safety": "NOT_DEFINED",
+          "automatable": "NOT_DEFINED",
+          "recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED",
+          "baseScore": 5.3,
+          "baseSeverity": "MEDIUM"
+        }
+      }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 6.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "PARTIAL",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "PARTIAL",
+          "baseScore": 6.5
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 8.0,
+        "impactScore": 6.4,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://code-projects.org/",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://github.com/ByKevin1/CVE/blob/main/sql1.md",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.278272",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.278272",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.412254",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}

README.md

@@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2024-09-23T02:00:16.708787+00:00
+2024-09-23T04:00:16.542136+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2024-09-23T01:15:12.397000+00:00
+2024-09-23T02:15:02.290000+00:00
 ```
 
 ### Last Data Feed Release
@@ -33,22 +33,14 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-263555
+263556
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `9`
+Recently added CVEs: `1`
 
-- [CVE-2024-43989](CVE-2024/CVE-2024-439xx/CVE-2024-43989.json) (`2024-09-23T00:15:10.800`)
-- [CVE-2024-43996](CVE-2024/CVE-2024-439xx/CVE-2024-43996.json) (`2024-09-23T01:15:11.510`)
-- [CVE-2024-44048](CVE-2024/CVE-2024-440xx/CVE-2024-44048.json) (`2024-09-23T01:15:11.730`)
-- [CVE-2024-45453](CVE-2024/CVE-2024-454xx/CVE-2024-45453.json) (`2024-09-23T01:15:11.923`)
-- [CVE-2024-9089](CVE-2024/CVE-2024-90xx/CVE-2024-9089.json) (`2024-09-23T00:15:11.040`)
-- [CVE-2024-9090](CVE-2024/CVE-2024-90xx/CVE-2024-9090.json) (`2024-09-23T00:15:11.297`)
-- [CVE-2024-9091](CVE-2024/CVE-2024-90xx/CVE-2024-9091.json) (`2024-09-23T00:15:11.537`)
-- [CVE-2024-9092](CVE-2024/CVE-2024-90xx/CVE-2024-9092.json) (`2024-09-23T01:15:12.153`)
-- [CVE-2024-9093](CVE-2024/CVE-2024-90xx/CVE-2024-9093.json) (`2024-09-23T01:15:12.397`)
+- [CVE-2024-9094](CVE-2024/CVE-2024-90xx/CVE-2024-9094.json) (`2024-09-23T02:15:02.290`)
 
 
 ### CVEs modified in the last Commit

_state.csv

@@ -259302,14 +259302,14 @@ CVE-2024-43985,0,0,aa1c4ff43ee665dbdf84e97752be7025182a4441fda6e53b1528cb3015c4f
 CVE-2024-43986,0,0,9478adfda55868d7b94f2eea7c2c936b95469666be97191a74de84a03c2187a9,2024-08-29T13:25:27.537000
 CVE-2024-43987,0,0,5f2ad565a5d32bae37360bc37876e8a6cdef75055ca9a1d57a5047cb69a7250c,2024-09-20T12:30:51.220000
 CVE-2024-43988,0,0,58810a59167a152a28df3aac148f6a81b7e962eeb8f36cca2c04029c80f728ba,2024-09-20T12:30:51.220000
-CVE-2024-43989,1,1,9f19cbbd07eac2d4997a02808c8ed7b359c9c31bd68dd720d1ab97474c15e7dd,2024-09-23T00:15:10.800000
+CVE-2024-43989,0,0,9f19cbbd07eac2d4997a02808c8ed7b359c9c31bd68dd720d1ab97474c15e7dd,2024-09-23T00:15:10.800000
 CVE-2024-4399,0,0,037b40419d6c617c61ec971c9e0affd6b35920b718c94b9e88ff7a43f16d3faf,2024-07-03T02:07:31.827000
 CVE-2024-43991,0,0,dda8dfaf96eadcbed1e5201447898b359abd71dadd4fa20fb8b97e3a369fa7a3,2024-09-20T12:30:51.220000
 CVE-2024-43992,0,0,ce482abec0688eb2a57431414e5c7c14ed21653accf87cc53624b71f8332ee14,2024-09-20T12:30:51.220000
 CVE-2024-43993,0,0,8429fddc72b66938c1cabc2c62cfe7b55cdfd9517ee1a2cff304c65b1cd15c63,2024-09-20T12:30:51.220000
 CVE-2024-43994,0,0,92a57f752ce2faa73917c46fd03cd7058c3f4fe6668ac24e011d5cce000e100c,2024-09-20T12:30:51.220000
 CVE-2024-43995,0,0,d2bc15228a0936c9d52925ee78d8f61fa4f243d84362a990cf6cd93f080ed156,2024-09-20T12:30:51.220000
-CVE-2024-43996,1,1,d7156f428d1448ad8b6ccd44d882e30f14df1390e059d6ddfa9925733f3aeac4,2024-09-23T01:15:11.510000
+CVE-2024-43996,0,0,d7156f428d1448ad8b6ccd44d882e30f14df1390e059d6ddfa9925733f3aeac4,2024-09-23T01:15:11.510000
 CVE-2024-43999,0,0,dcffc3404e52a7bbf6440f499137f398cedd785c7ad8508e3c67849b85d16eca,2024-09-20T12:30:51.220000
 CVE-2024-4400,0,0,387fe642c8f26702c425b79a01d9b1ba308ec0bd188f1564ff2c490875133119,2024-05-16T13:03:05.353000
 CVE-2024-44001,0,0,43db0f88c3e640d31c1ced26a25fee31b35f13afe37712fdf24ec0f8f0863bb5,2024-09-20T12:30:51.220000
@@ -259324,7 +259324,7 @@ CVE-2024-4401,0,0,48f8e641129f81284635fb93c6fe88c5c5fc547b585fa75e650b46a3bc3c0b
 CVE-2024-4403,0,0,07b387e13ed3d47c920433d5f499100d4d5e53ffefe1712d98753a4da5408fe2,2024-06-10T18:06:22.600000
 CVE-2024-4404,0,0,3ae3ea086edb9bd484931090d5df4b9ee138a4bfd155faf3c535f115da6a15de,2024-06-17T12:42:04.623000
 CVE-2024-44047,0,0,3ca711a1cc653b9579857c6add0767ada92d30fe1275f98c949f2f854d5179a0,2024-09-20T12:30:51.220000
-CVE-2024-44048,1,1,96cc8eea74e61ffb80350b4fbbb7e1cb1ce145bd36b7839d4c010d46140d8f39,2024-09-23T01:15:11.730000
+CVE-2024-44048,0,0,96cc8eea74e61ffb80350b4fbbb7e1cb1ce145bd36b7839d4c010d46140d8f39,2024-09-23T01:15:11.730000
 CVE-2024-44049,0,0,ef748edf1617fabb389d566975f7c0a6eac60a167e3cd5f1bcd1e2cc72bf4851,2024-09-20T12:30:51.220000
 CVE-2024-4405,0,0,45cc63f187ac8ca241b3f6f4ea8115546cfb9789c95e5b84e970d2850f40bb92,2024-05-02T18:00:37.360000
 CVE-2024-44050,0,0,1ff55ac869ad3ea12c7c7d98e92859a501ab18429c03f30696257b4b773cae5c,2024-09-20T12:30:51.220000
@@ -259914,7 +259914,7 @@ CVE-2024-4545,0,0,864a22773c6eaa7a20fdb4cf4c4b7a2709a2c8e64cfe98132d05364d67e97a
 CVE-2024-45450,0,0,aa5d1afac94647878136a29faab537df333625d6375aa0ea38189e29e05bb108,2024-09-12T19:30:22.863000
 CVE-2024-45451,0,0,a5f3c269bfe73aa36bb7e68d30b413496a52a46e472afc8b3f53dbd5cc7f8a36,2024-09-20T12:30:51.220000
 CVE-2024-45452,0,0,2ea26ae6193cf50ec971738f633c24b782bc76d27deae32253c71dc02fedbfa3,2024-09-20T12:30:51.220000
-CVE-2024-45453,1,1,bb3a8aaa7954777d3aa9635504c34c96f8cc4336ef5a6f0756ed7dd58888f5e4,2024-09-23T01:15:11.923000
+CVE-2024-45453,0,0,bb3a8aaa7954777d3aa9635504c34c96f8cc4336ef5a6f0756ed7dd58888f5e4,2024-09-23T01:15:11.923000
 CVE-2024-45455,0,0,4d27dc502cdc314ca65322205c1992846fdc5d39734d6d904b9bfe916c2c58d0,2024-09-19T18:51:15.433000
 CVE-2024-45456,0,0,47f416b4ad02b4137088267164d544ec869b0c8806ca776b6a7c643c5eb500b1,2024-09-19T18:38:57.500000
 CVE-2024-45457,0,0,5900191db09039069fbddda66128c2809bcb929085a84aed28a0c8f708ed46f3,2024-09-19T20:53:46.313000
@@ -263549,8 +263549,9 @@ CVE-2024-9085,0,0,81aa0dfb4f5019831f841378181f944eb206bbbc088679eae52e76ba4cb4ec
 CVE-2024-9086,0,0,7e7b21b694ab62f84d3b7a86d59048c6730d56b0ceb29d59976980dcab448d4e,2024-09-22T21:15:10.813000
 CVE-2024-9087,0,0,0e6c2aa42b11af9980101e2e6cb77574d8b2b66a047d609c06d3cc6d1bc7f5fe,2024-09-22T22:15:02.177000
 CVE-2024-9088,0,0,acb66b0a460df4ed3f521799f2db72a4c3af137bc121c9421b3aa0e7e9831d85,2024-09-22T22:15:02.447000
-CVE-2024-9089,1,1,010089573b803e5494db7ecf7d4cbb69775d0b1fcdbd723703dc1ac21ac7d9f6,2024-09-23T00:15:11.040000
-CVE-2024-9090,1,1,6f5359aa884325b491f15078122dc10a747f3129208c41f866767d28d36fa28e,2024-09-23T00:15:11.297000
-CVE-2024-9091,1,1,dd0c4181c9cebd1724087613a8f14499a1c11b7d8978304e7db23b64c9d6b130,2024-09-23T00:15:11.537000
-CVE-2024-9092,1,1,f51078b662d0fa87f13a1c2b2a8f39772bb1bf1e2106b52a00ceedceb2be97fe,2024-09-23T01:15:12.153000
-CVE-2024-9093,1,1,438238c069c5ac6529bb6292011378d5d671dd4896066b5e610aac0da08b63e7,2024-09-23T01:15:12.397000
+CVE-2024-9089,0,0,010089573b803e5494db7ecf7d4cbb69775d0b1fcdbd723703dc1ac21ac7d9f6,2024-09-23T00:15:11.040000
+CVE-2024-9090,0,0,6f5359aa884325b491f15078122dc10a747f3129208c41f866767d28d36fa28e,2024-09-23T00:15:11.297000
+CVE-2024-9091,0,0,dd0c4181c9cebd1724087613a8f14499a1c11b7d8978304e7db23b64c9d6b130,2024-09-23T00:15:11.537000
+CVE-2024-9092,0,0,f51078b662d0fa87f13a1c2b2a8f39772bb1bf1e2106b52a00ceedceb2be97fe,2024-09-23T01:15:12.153000
+CVE-2024-9093,0,0,438238c069c5ac6529bb6292011378d5d671dd4896066b5e610aac0da08b63e7,2024-09-23T01:15:12.397000
+CVE-2024-9094,1,1,73f29876641967f48e743806e18be47edac1de549021375f728e997ae5717f94,2024-09-23T02:15:02.290000