admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-19 17:31:42 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2025-06-05T12:00:21.484429+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2025-06-05 12:03:58 +00:00
parent 4a955b0be9
commit 2a24d3eefe
9 changed files with 975 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

82
CVE-2025/CVE-2025-45xx/CVE-2025-4568.json Normal file
View File

@ -0,0 +1,82 @@
{
"id": "CVE-2025-4568",
"sourceIdentifier": "cvd@cert.pl",
"published": "2025-06-05T10:15:21.730",
"lastModified": "2025-06-05T10:15:21.730",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper neutralization of input provided by an unauthorized user into changes__reference_id parameter in URL allows for boolean-based Blind SQL Injection attacks."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cvd@cert.pl",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
]
},
"weaknesses": [
{
"source": "cvd@cert.pl",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://2clickportal.pl/",
"source": "cvd@cert.pl"
},
{
"url": "https://cert.pl/en/posts/2025/06/CVE-2025-4568",
"source": "cvd@cert.pl"
}
]
}

141
CVE-2025/CVE-2025-56xx/CVE-2025-5650.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2025-5650",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-05T10:15:23.020",
"lastModified": "2025-06-05T10:15:23.020",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability classified as critical was found in 1000projects Online Notice Board 1.0. This vulnerability affects unknown code of the file /register.php. The manipulation of the argument fname leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 6.9,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 7.3,
"baseSeverity": "HIGH",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"baseScore": 7.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/ubfbuz3/cve/issues/17",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.311140",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.311140",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.589819",
"source": "cna@vuldb.com"
}
]
}

145
CVE-2025/CVE-2025-56xx/CVE-2025-5651.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-5651",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-05T10:15:23.270",
"lastModified": "2025-06-05T10:15:23.270",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as problematic, has been found in code-projects Traffic Offense Reporting System 1.0. This issue affects some unknown processing of the file saveuser.php. The manipulation of the argument user_id/username/email/name/position leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "PASSIVE",
"vulnConfidentialityImpact": "NONE",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "NONE",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 3.5,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 2.1,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
"baseScore": 4.0,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
},
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://code-projects.org/",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/tuooo/CVE/issues/1",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.311141",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.311141",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.589962",
"source": "cna@vuldb.com"
}
]
}

145
CVE-2025/CVE-2025-56xx/CVE-2025-5652.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-5652",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-05T10:15:23.477",
"lastModified": "2025-06-05T10:15:23.477",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability, which was classified as critical, was found in PHPGurukul Complaint Management System 2.0. Affected is an unknown function of the file /admin/between-date-complaintreport.php. The manipulation of the argument fromdate/todate leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseScore": 6.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/f1rstb100d/myCVE/issues/41",
"source": "cna@vuldb.com"
},
{
"url": "https://phpgurukul.com/",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.311142",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.311142",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.589963",
"source": "cna@vuldb.com"
}
]
}

145
CVE-2025/CVE-2025-56xx/CVE-2025-5653.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-5653",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-05T11:15:21.093",
"lastModified": "2025-06-05T11:15:21.093",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability has been found in PHPGurukul Complaint Management System 2.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/between-date-userreport.php. The manipulation of the argument fromdate/todate leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseScore": 6.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/f1rstb100d/myCVE/issues/42",
"source": "cna@vuldb.com"
},
{
"url": "https://phpgurukul.com/",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.311143",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.311143",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.589964",
"source": "cna@vuldb.com"
}
]
}

145
CVE-2025/CVE-2025-56xx/CVE-2025-5654.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-5654",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-05T11:15:22.133",
"lastModified": "2025-06-05T11:15:22.133",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in PHPGurukul Complaint Management System 2.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/edit-state.php. The manipulation of the argument description leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseScore": 6.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/f1rstb100d/myCVE/issues/43",
"source": "cna@vuldb.com"
},
{
"url": "https://phpgurukul.com/",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.311144",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.311144",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.589965",
"source": "cna@vuldb.com"
}
]
}

145
CVE-2025/CVE-2025-56xx/CVE-2025-5655.json Normal file
View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-5655",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-06-05T11:15:22.313",
"lastModified": "2025-06-05T11:15:22.313",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in PHPGurukul Complaint Management System 2.0. It has been classified as critical. This affects an unknown part of the file /admin/edit-subcategory.php. The manipulation of the argument subcategory leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnConfidentialityImpact": "LOW",
"vulnIntegrityImpact": "LOW",
"vulnAvailabilityImpact": "LOW",
"subConfidentialityImpact": "NONE",
"subIntegrityImpact": "NONE",
"subAvailabilityImpact": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirement": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"availabilityRequirement": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseScore": 6.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/f1rstb100d/myCVE/issues/44",
"source": "cna@vuldb.com"
},
{
"url": "https://phpgurukul.com/",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.311145",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.311145",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.589966",
"source": "cna@vuldb.com"
}
]
}

25
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-06-05T10:00:20.740230+00:00
2025-06-05T12:00:21.484429+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-06-05T09:15:23.353000+00:00
2025-06-05T11:15:22.313000+00:00
```
### Last Data Feed Release
@ -33,27 +33,26 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
296557
296564
```
### CVEs added in the last Commit
Recently added CVEs: `5`
Recently added CVEs: `7`
- [CVE-2025-5645](CVE-2025/CVE-2025-56xx/CVE-2025-5645.json) (`2025-06-05T08:15:20.973`)
- [CVE-2025-5646](CVE-2025/CVE-2025-56xx/CVE-2025-5646.json) (`2025-06-05T08:15:21.197`)
- [CVE-2025-5647](CVE-2025/CVE-2025-56xx/CVE-2025-5647.json) (`2025-06-05T09:15:22.847`)
- [CVE-2025-5648](CVE-2025/CVE-2025-56xx/CVE-2025-5648.json) (`2025-06-05T09:15:23.123`)
- [CVE-2025-5649](CVE-2025/CVE-2025-56xx/CVE-2025-5649.json) (`2025-06-05T09:15:23.353`)
- [CVE-2025-4568](CVE-2025/CVE-2025-45xx/CVE-2025-4568.json) (`2025-06-05T10:15:21.730`)
- [CVE-2025-5650](CVE-2025/CVE-2025-56xx/CVE-2025-5650.json) (`2025-06-05T10:15:23.020`)
- [CVE-2025-5651](CVE-2025/CVE-2025-56xx/CVE-2025-5651.json) (`2025-06-05T10:15:23.270`)
- [CVE-2025-5652](CVE-2025/CVE-2025-56xx/CVE-2025-5652.json) (`2025-06-05T10:15:23.477`)
- [CVE-2025-5653](CVE-2025/CVE-2025-56xx/CVE-2025-5653.json) (`2025-06-05T11:15:21.093`)
- [CVE-2025-5654](CVE-2025/CVE-2025-56xx/CVE-2025-5654.json) (`2025-06-05T11:15:22.133`)
- [CVE-2025-5655](CVE-2025/CVE-2025-56xx/CVE-2025-5655.json) (`2025-06-05T11:15:22.313`)
### CVEs modified in the last Commit
Recently modified CVEs: `3`
Recently modified CVEs: `0`
- [CVE-2023-6837](CVE-2023/CVE-2023-68xx/CVE-2023-6837.json) (`2025-06-05T09:15:21.813`)
- [CVE-2025-47577](CVE-2025/CVE-2025-475xx/CVE-2025-47577.json) (`2025-06-05T09:15:22.680`)
- [CVE-2025-5644](CVE-2025/CVE-2025-56xx/CVE-2025-5644.json) (`2025-06-05T07:15:23.990`)
## Download and Usage

23
_state.csv
View File

@ -243685,7 +243685,7 @@ CVE-2023-6832,0,0,6a90580492f9d38df9fd6d1827ce228df2bbc5f49746cd9544810f80933154
CVE-2023-6833,0,0,5b3660cdc42820823ba7a126010a2a7497c2a7133a3e273438edd05670d71c65,2024-11-21T08:44:38.547000
CVE-2023-6835,0,0,252c9566237081f48f16e407655c88ecc560df01fb4ba359634d671fe01c26d2,2024-11-21T08:44:38.680000
CVE-2023-6836,0,0,6d82b41c95c77801da8fe6aab355a889a5b0d0b365b95f10c8b48621743359ac,2024-11-21T08:44:38.827000
CVE-2023-6837,0,1,98e604dfeb4708ff2e3062bc94b58bb6cabc485855e519f069e4d9de9eeba5be,2025-06-05T09:15:21.813000
CVE-2023-6837,0,0,98e604dfeb4708ff2e3062bc94b58bb6cabc485855e519f069e4d9de9eeba5be,2025-06-05T09:15:21.813000
CVE-2023-6838,0,0,94589a15cd43d095d6904ee58354d0379e7bd4e5f6cd1d2760693ae54a8214e4,2024-11-21T08:44:39.153000
CVE-2023-6839,0,0,33aa58158b721beae894461c30e7e6926f93c29fdec2cf47a3d03407368eacb2,2024-11-21T08:44:39.303000
CVE-2023-6840,0,0,6d546453dbc1e0a3746d923568ce015e06fbb09e2bd08253f5dd212306e4b902,2024-11-21T08:44:39.447000
@ -294721,6 +294721,7 @@ CVE-2025-45618,0,0,767ee00e764e7ef5bf5da280443f8f8ac155a067bd61e2227396cf4720a51
CVE-2025-4562,0,0,d2657f9e359abe15e16bbecb49ae9ba4428138285e1222df0d7e8c7358260e0e,2025-05-22T23:15:19.620000
CVE-2025-4564,0,0,8d3f9720d908e446b737db8b900434db81b180dd53397ac7362129a7e91e5314,2025-05-16T14:43:26.160000
CVE-2025-4567,0,0,58147eb394708580d7afe585e734cf01dd405d0c4de5ce4464b448a64c2b1169,2025-06-04T14:54:33.783000
CVE-2025-4568,1,1,29804dbca17dc2cdb314f878db2d00cdd669a902429b3276afb628cea7658662,2025-06-05T10:15:21.730000
CVE-2025-4574,0,0,a936e70ea81d08570f1b370d85f904e33ed32b85014f55e350943da2afdfcfb5,2025-05-16T14:43:56.797000
CVE-2025-45746,0,0,4f739c19260013516117a27de71915ddd8b481653d1fe15c253a574b15da0223,2025-05-21T14:15:31.553000
CVE-2025-4575,0,0,0624d6300232d42a9f90f1e62069c560ca8ea8d361bea47508069c55d62ec0b1,2025-05-23T15:55:02.040000
@ -295422,7 +295423,7 @@ CVE-2025-47568,0,0,816122bf6ee3258a91c70b57c27a64864503daf9f011fa2dfdbf1808df01c
CVE-2025-4757,0,0,aff32a5dd8531f1cf16b47f2eaa3e2f3dcb4fa067452c943f1a1e24c22fb61c9,2025-05-27T19:49:21.437000
CVE-2025-47575,0,0,3856dc014fc47893d7ef5712b0e151680734365e77cbdf4b14af12b94f83ad85,2025-05-23T15:54:42.643000
CVE-2025-47576,0,0,edb28b0afb2590818e704b2b702bc94672987057adfe446ab20f50ce396f0510,2025-05-21T20:25:16.407000
CVE-2025-47577,0,1,e6bf35f708db79d6247522f1af460f531b906a5c3729299a5379bdb63ca6b1e2,2025-06-05T09:15:22.680000
CVE-2025-47577,0,0,e6bf35f708db79d6247522f1af460f531b906a5c3729299a5379bdb63ca6b1e2,2025-06-05T09:15:22.680000
CVE-2025-47578,0,0,b616bbe684d2eb7dd92eb1261c0ad506edfdcec7b43968e410f446f8f1826964,2025-05-12T17:32:32.760000
CVE-2025-4758,0,0,b1e527b6226a15a73ab3d3f863b7bc3ca89ba9b39c71a5d7592a77b45f45047c,2025-05-27T19:49:07.163000
CVE-2025-47580,0,0,f8509d199a0124c7777f42c3b3494347d37d7adbf76a1a5ef4cb845905274582,2025-05-16T14:43:26.160000
@ -296547,12 +296548,18 @@ CVE-2025-5640,0,0,0a44d2717618bf0a46c88e7eba3b9b2d49b4870ec347415bc404a7a4edcf5d
CVE-2025-5641,0,0,c8b8d3bca818a7becef08e6b36639b90c5e27057202f0ffcc45129c6a66a20df,2025-06-05T07:15:23.317000
CVE-2025-5642,0,0,528421914045159b8b3e5e1b139bbeed69ee32d429d13b5ecfeb7c038e4694db,2025-06-05T07:15:23.583000
CVE-2025-5643,0,0,73930ae01cb8be7ac4fa838687eb1a706ac7c2dbb69c6b7c4c1bf2bbac46b053,2025-06-05T07:15:23.780000
CVE-2025-5644,0,1,7ef9cceda7c9a616d93e140c0a3079d5da3ae6acc00054e6bac6ae7d35b196ca,2025-06-05T07:15:23.990000
CVE-2025-5645,1,1,b59a0a4f8672151ed1dc642279b01eceb4f0cc95ef2b492169510ec16e578632,2025-06-05T08:15:20.973000
CVE-2025-5646,1,1,1c09e3ee4279bbb303f68b9f5ffb1ac47b840b242c88be0ecdb8280bcd0ebd1c,2025-06-05T08:15:21.197000
CVE-2025-5647,1,1,71bb7d14d0c12b1cdce5374f6e7f9b7e420d3be3ca525fe3c6817f62ae103604,2025-06-05T09:15:22.847000
CVE-2025-5648,1,1,fbfbcda085b87e923a60877f0858ed1713cb4a263dbfefcc550392244e8b26f5,2025-06-05T09:15:23.123000
CVE-2025-5649,1,1,c5902840d6b6394c48c9775eda5452a9ca0d6c5bc764ed076171722caf945a02,2025-06-05T09:15:23.353000
CVE-2025-5644,0,0,7ef9cceda7c9a616d93e140c0a3079d5da3ae6acc00054e6bac6ae7d35b196ca,2025-06-05T07:15:23.990000
CVE-2025-5645,0,0,b59a0a4f8672151ed1dc642279b01eceb4f0cc95ef2b492169510ec16e578632,2025-06-05T08:15:20.973000
CVE-2025-5646,0,0,1c09e3ee4279bbb303f68b9f5ffb1ac47b840b242c88be0ecdb8280bcd0ebd1c,2025-06-05T08:15:21.197000
CVE-2025-5647,0,0,71bb7d14d0c12b1cdce5374f6e7f9b7e420d3be3ca525fe3c6817f62ae103604,2025-06-05T09:15:22.847000
CVE-2025-5648,0,0,fbfbcda085b87e923a60877f0858ed1713cb4a263dbfefcc550392244e8b26f5,2025-06-05T09:15:23.123000
CVE-2025-5649,0,0,c5902840d6b6394c48c9775eda5452a9ca0d6c5bc764ed076171722caf945a02,2025-06-05T09:15:23.353000
CVE-2025-5650,1,1,b2fcc16e9e2d67331d6225af628f2742cf989eb49709e012a985d5c2c9128015,2025-06-05T10:15:23.020000
CVE-2025-5651,1,1,faaaae0c6ab7f44cada622ff689882dd1bf6e3d9d5455ef956229bd187c0c8e2,2025-06-05T10:15:23.270000
CVE-2025-5652,1,1,aa7cc3b3173f805c8726602c5a4f2758cf548e05d85c7daeef7cc865f6c5c669,2025-06-05T10:15:23.477000
CVE-2025-5653,1,1,b830e3106d8341b72802bb4ce6673af8da2ad2a8b99006202e99812deb7cbe0c,2025-06-05T11:15:21.093000
CVE-2025-5654,1,1,49e9d2a391c820529831583d942e6d45bb44650b0264404c2ba595a167d8623f,2025-06-05T11:15:22.133000
CVE-2025-5655,1,1,f89a2b4fde8513e5947db455187b5cb74296f432637dfa8bd45dbc068a0412da,2025-06-05T11:15:22.313000
CVE-2025-5683,0,0,ba4cab8ac4a992f679318045c0972e1d1d7a83c5101ea31565eb781d5696d00a,2025-06-05T06:15:27.517000
CVE-2025-5688,0,0,73bb641229fc7f0cc58d056bcd50b9204b2df12fec290a20f6d3344d9742580f,2025-06-04T17:15:29.330000
CVE-2025-5690,0,0,ac9502bdafeae675eb4593084c8644a2164e57d1b6a23446acd8173b20c2ef82,2025-06-04T22:15:26.470000

Can't render this file because it is too large.