diff --git a/CVE-2024/CVE-2024-90xx/CVE-2024-9080.json b/CVE-2024/CVE-2024-90xx/CVE-2024-9080.json new file mode 100644 index 00000000000..3c61e36db5a --- /dev/null +++ b/CVE-2024/CVE-2024-90xx/CVE-2024-9080.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2024-9080", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-09-22T07:15:10.607", + "lastModified": "2024-09-22T07:15:10.607", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in code-projects Student Record System 1.0. It has been classified as critical. Affected is an unknown function of the file /pincode-verification.php. The manipulation of the argument pincode leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 6.9, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 7.5 + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://code-projects.org/", + "source": "cna@vuldb.com" + }, + { + "url": "https://github.com/ppp-src/a/issues/17", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.278250", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.278250", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.411847", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-90xx/CVE-2024-9081.json b/CVE-2024/CVE-2024-90xx/CVE-2024-9081.json new file mode 100644 index 00000000000..0d87a3634e5 --- /dev/null +++ b/CVE-2024/CVE-2024-90xx/CVE-2024-9081.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2024-9081", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-09-22T07:15:11.073", + "lastModified": "2024-09-22T07:15:11.073", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file view_category.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/41lai/cve/blob/main/sql.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.278251", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.278251", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.411564", + "source": "cna@vuldb.com" + }, + { + "url": "https://www.sourcecodester.com/", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index ccd87f56f18..6c4763b9589 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-09-22T06:00:17.516645+00:00 +2024-09-22T08:00:17.345342+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-09-22T05:15:11.710000+00:00 +2024-09-22T07:15:11.073000+00:00 ``` ### Last Data Feed Release @@ -33,23 +33,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -263536 +263538 ``` ### CVEs added in the last Commit Recently added CVEs: `2` -- [CVE-2024-9078](CVE-2024/CVE-2024-90xx/CVE-2024-9078.json) (`2024-09-22T04:15:04.203`) -- [CVE-2024-9079](CVE-2024/CVE-2024-90xx/CVE-2024-9079.json) (`2024-09-22T05:15:11.710`) +- [CVE-2024-9080](CVE-2024/CVE-2024-90xx/CVE-2024-9080.json) (`2024-09-22T07:15:10.607`) +- [CVE-2024-9081](CVE-2024/CVE-2024-90xx/CVE-2024-9081.json) (`2024-09-22T07:15:11.073`) ### CVEs modified in the last Commit -Recently modified CVEs: `2` +Recently modified CVEs: `0` -- [CVE-2024-27185](CVE-2024/CVE-2024-271xx/CVE-2024-27185.json) (`2024-09-22T05:15:11.530`) -- [CVE-2024-9075](CVE-2024/CVE-2024-90xx/CVE-2024-9075.json) (`2024-09-22T04:15:02.783`) ## Download and Usage diff --git a/_state.csv b/_state.csv index fa18f0386f8..c7162370e93 100644 --- a/_state.csv +++ b/_state.csv @@ -248118,7 +248118,7 @@ CVE-2024-27181,0,0,21e26148840b13fc3c6737fbae62d8da3122fe005206d34756c4a69e36306 CVE-2024-27182,0,0,3745db63e259cb2e1fbe54f15ae0e0f8afab0bc93a91d91e5de7d932d84971e0,2024-08-16T16:55:10.923000 CVE-2024-27183,0,0,73875a696a64d9ddbd95175557e5ab869a14de50e9906db42e11184efe06e929,2024-07-12T17:13:30.700000 CVE-2024-27184,0,0,d27258a08ec723a941addb4bb2a2c30ae14dda17a55ede0aef2dc950361ddede,2024-08-21T12:30:33.697000 -CVE-2024-27185,0,1,b762b551c83c129a4d40b0942e2ef5f495129c37450126af06e72aba7aa9a55f,2024-09-22T05:15:11.530000 +CVE-2024-27185,0,0,b762b551c83c129a4d40b0942e2ef5f495129c37450126af06e72aba7aa9a55f,2024-09-22T05:15:11.530000 CVE-2024-27186,0,0,f7fe08e5f4b7d5180c79088df80bd67536777321be61e31aba4444583ba7c65a,2024-08-21T12:30:33.697000 CVE-2024-27187,0,0,32158e2082b18c6d5d5bddb28bf354f8353016a3e995123bcfaff2f5ad6259ca,2024-08-21T12:30:33.697000 CVE-2024-27188,0,0,def19a2058b71e528abca5da80971f2d008d715cb853d3ea2c84141e42391a01,2024-03-27T12:29:30.307000 @@ -263530,8 +263530,10 @@ CVE-2024-9040,0,0,b2e6ba9f70727fa0a7ad666e492a886dd19e8c26da377d2d82938ce54a27f8 CVE-2024-9041,0,0,9b2bb47050dcdd44edd27fd4fde021bb936ec7198fce2f08f9ad2c86bf8bcde4,2024-09-20T17:15:15.507000 CVE-2024-9043,0,0,81423ab8fcfb05dd45e3302e824ef8ada797ee829706f87e181d341455e8e98d,2024-09-20T12:30:17.483000 CVE-2024-9048,0,0,913e9b0e4b91d6981c8b5bd62134205df1942a32410b4410b939157a5d95c26c,2024-09-21T09:15:04.660000 -CVE-2024-9075,0,1,4716c4e5ba8e91ca37f0e224a5d5b3aa383a98ebad04602ccb075777de620584,2024-09-22T04:15:02.783000 +CVE-2024-9075,0,0,4716c4e5ba8e91ca37f0e224a5d5b3aa383a98ebad04602ccb075777de620584,2024-09-22T04:15:02.783000 CVE-2024-9076,0,0,0b3b96a398343055b41362913783b2ca554ef2f9854d1133427b4deed073fa68,2024-09-22T01:15:12.070000 CVE-2024-9077,0,0,680741d24193ad6cf751b7fc92e6077bae6ba533b5d3ee137e5e41ff54f08456,2024-09-22T02:15:03.650000 -CVE-2024-9078,1,1,1a5052f06cdc7d4acc0bf95bc2ad4d974e2a303784c7fd29b6a8cae51edf4462,2024-09-22T04:15:04.203000 -CVE-2024-9079,1,1,e76a3ae4a8abec7c1a01dec5d7ec9c97a51740506a77b6c83c77ca1c5a4b57ea,2024-09-22T05:15:11.710000 +CVE-2024-9078,0,0,1a5052f06cdc7d4acc0bf95bc2ad4d974e2a303784c7fd29b6a8cae51edf4462,2024-09-22T04:15:04.203000 +CVE-2024-9079,0,0,e76a3ae4a8abec7c1a01dec5d7ec9c97a51740506a77b6c83c77ca1c5a4b57ea,2024-09-22T05:15:11.710000 +CVE-2024-9080,1,1,b19946dfe8254d1ef6f942e6b2629c2578c2527b473394e1556153bb30fc2436,2024-09-22T07:15:10.607000 +CVE-2024-9081,1,1,83d64789c2f84e0d8ffe5455ad72010c960463abb0acee3360d27d5e18a8b875,2024-09-22T07:15:11.073000