Auto-Update: 2024-09-22T08:00:17.345342+00:00

2025-07-09 16:05:11 +00:00 · 2024-09-22 08:03:17 +00:00 · 2024-09-22 08:03:17 +00:00 · 2e253d9168
commit 2e253d9168
parent d638572c43
4 changed files with 294 additions and 12 deletions
--- a/CVE-2024/CVE-2024-90xx/CVE-2024-9080.json
+++ b/CVE-2024/CVE-2024-90xx/CVE-2024-9080.json
@ -0,0 +1,141 @@
+{
+  "id": "CVE-2024-9080",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2024-09-22T07:15:10.607",
+  "lastModified": "2024-09-22T07:15:10.607",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability was found in code-projects Student Record System 1.0. It has been classified as critical. Affected is an unknown function of the file /pincode-verification.php. The manipulation of the argument pincode leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "vulnerableSystemConfidentiality": "LOW",
+          "vulnerableSystemIntegrity": "LOW",
+          "vulnerableSystemAvailability": "LOW",
+          "subsequentSystemConfidentiality": "NONE",
+          "subsequentSystemIntegrity": "NONE",
+          "subsequentSystemAvailability": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirements": "NOT_DEFINED",
+          "integrityRequirements": "NOT_DEFINED",
+          "availabilityRequirements": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
+          "modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
+          "modifiedVulnerableSystemAvailability": "NOT_DEFINED",
+          "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
+          "modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
+          "modifiedSubsequentSystemAvailability": "NOT_DEFINED",
+          "safety": "NOT_DEFINED",
+          "automatable": "NOT_DEFINED",
+          "recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED",
+          "baseScore": 6.9,
+          "baseSeverity": "MEDIUM"
+        }
+      }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 7.3,
+          "baseSeverity": "HIGH"
+        },
+        "exploitabilityScore": 3.9,
+        "impactScore": 3.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "NONE",
+          "confidentialityImpact": "PARTIAL",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "PARTIAL",
+          "baseScore": 7.5
+        },
+        "baseSeverity": "HIGH",
+        "exploitabilityScore": 10.0,
+        "impactScore": 6.4,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://code-projects.org/",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://github.com/ppp-src/a/issues/17",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.278250",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.278250",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.411847",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-90xx/CVE-2024-9081.json
+++ b/CVE-2024/CVE-2024-90xx/CVE-2024-9081.json
@ -0,0 +1,141 @@
+{
+  "id": "CVE-2024-9081",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2024-09-22T07:15:11.073",
+  "lastModified": "2024-09-22T07:15:11.073",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability was found in SourceCodester Online Eyewear Shop 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file view_category.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "vulnerableSystemConfidentiality": "LOW",
+          "vulnerableSystemIntegrity": "LOW",
+          "vulnerableSystemAvailability": "LOW",
+          "subsequentSystemConfidentiality": "NONE",
+          "subsequentSystemIntegrity": "NONE",
+          "subsequentSystemAvailability": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirements": "NOT_DEFINED",
+          "integrityRequirements": "NOT_DEFINED",
+          "availabilityRequirements": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
+          "modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
+          "modifiedVulnerableSystemAvailability": "NOT_DEFINED",
+          "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
+          "modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
+          "modifiedSubsequentSystemAvailability": "NOT_DEFINED",
+          "safety": "NOT_DEFINED",
+          "automatable": "NOT_DEFINED",
+          "recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED",
+          "baseScore": 5.3,
+          "baseSeverity": "MEDIUM"
+        }
+      }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 6.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "PARTIAL",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "PARTIAL",
+          "baseScore": 6.5
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 8.0,
+        "impactScore": 6.4,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/41lai/cve/blob/main/sql.md",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.278251",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.278251",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.411564",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://www.sourcecodester.com/",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-09-22T06:00:17.516645+00:00
+2024-09-22T08:00:17.345342+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-09-22T05:15:11.710000+00:00
+2024-09-22T07:15:11.073000+00:00
 ```

 ### Last Data Feed Release
@ -33,23 +33,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-263536
+263538
 ```

 ### CVEs added in the last Commit

 Recently added CVEs: `2`

- [CVE-2024-9078](CVE-2024/CVE-2024-90xx/CVE-2024-9078.json) (`2024-09-22T04:15:04.203`)
- [CVE-2024-9079](CVE-2024/CVE-2024-90xx/CVE-2024-9079.json) (`2024-09-22T05:15:11.710`)
+- [CVE-2024-9080](CVE-2024/CVE-2024-90xx/CVE-2024-9080.json) (`2024-09-22T07:15:10.607`)
+- [CVE-2024-9081](CVE-2024/CVE-2024-90xx/CVE-2024-9081.json) (`2024-09-22T07:15:11.073`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `2`
+Recently modified CVEs: `0`

- [CVE-2024-27185](CVE-2024/CVE-2024-271xx/CVE-2024-27185.json) (`2024-09-22T05:15:11.530`)
- [CVE-2024-9075](CVE-2024/CVE-2024-90xx/CVE-2024-9075.json) (`2024-09-22T04:15:02.783`)


 ## Download and Usage
--- a/_state.csv
+++ b/_state.csv
@ -248118,7 +248118,7 @@ CVE-2024-27181,0,0,21e26148840b13fc3c6737fbae62d8da3122fe005206d34756c4a69e36306
 CVE-2024-27182,0,0,3745db63e259cb2e1fbe54f15ae0e0f8afab0bc93a91d91e5de7d932d84971e0,2024-08-16T16:55:10.923000
 CVE-2024-27183,0,0,73875a696a64d9ddbd95175557e5ab869a14de50e9906db42e11184efe06e929,2024-07-12T17:13:30.700000
 CVE-2024-27184,0,0,d27258a08ec723a941addb4bb2a2c30ae14dda17a55ede0aef2dc950361ddede,2024-08-21T12:30:33.697000
-CVE-2024-27185,0,1,b762b551c83c129a4d40b0942e2ef5f495129c37450126af06e72aba7aa9a55f,2024-09-22T05:15:11.530000
+CVE-2024-27185,0,0,b762b551c83c129a4d40b0942e2ef5f495129c37450126af06e72aba7aa9a55f,2024-09-22T05:15:11.530000
 CVE-2024-27186,0,0,f7fe08e5f4b7d5180c79088df80bd67536777321be61e31aba4444583ba7c65a,2024-08-21T12:30:33.697000
 CVE-2024-27187,0,0,32158e2082b18c6d5d5bddb28bf354f8353016a3e995123bcfaff2f5ad6259ca,2024-08-21T12:30:33.697000
 CVE-2024-27188,0,0,def19a2058b71e528abca5da80971f2d008d715cb853d3ea2c84141e42391a01,2024-03-27T12:29:30.307000
@ -263530,8 +263530,10 @@ CVE-2024-9040,0,0,b2e6ba9f70727fa0a7ad666e492a886dd19e8c26da377d2d82938ce54a27f8
 CVE-2024-9041,0,0,9b2bb47050dcdd44edd27fd4fde021bb936ec7198fce2f08f9ad2c86bf8bcde4,2024-09-20T17:15:15.507000
 CVE-2024-9043,0,0,81423ab8fcfb05dd45e3302e824ef8ada797ee829706f87e181d341455e8e98d,2024-09-20T12:30:17.483000
 CVE-2024-9048,0,0,913e9b0e4b91d6981c8b5bd62134205df1942a32410b4410b939157a5d95c26c,2024-09-21T09:15:04.660000
-CVE-2024-9075,0,1,4716c4e5ba8e91ca37f0e224a5d5b3aa383a98ebad04602ccb075777de620584,2024-09-22T04:15:02.783000
+CVE-2024-9075,0,0,4716c4e5ba8e91ca37f0e224a5d5b3aa383a98ebad04602ccb075777de620584,2024-09-22T04:15:02.783000
 CVE-2024-9076,0,0,0b3b96a398343055b41362913783b2ca554ef2f9854d1133427b4deed073fa68,2024-09-22T01:15:12.070000
 CVE-2024-9077,0,0,680741d24193ad6cf751b7fc92e6077bae6ba533b5d3ee137e5e41ff54f08456,2024-09-22T02:15:03.650000
-CVE-2024-9078,1,1,1a5052f06cdc7d4acc0bf95bc2ad4d974e2a303784c7fd29b6a8cae51edf4462,2024-09-22T04:15:04.203000
-CVE-2024-9079,1,1,e76a3ae4a8abec7c1a01dec5d7ec9c97a51740506a77b6c83c77ca1c5a4b57ea,2024-09-22T05:15:11.710000
+CVE-2024-9078,0,0,1a5052f06cdc7d4acc0bf95bc2ad4d974e2a303784c7fd29b6a8cae51edf4462,2024-09-22T04:15:04.203000
+CVE-2024-9079,0,0,e76a3ae4a8abec7c1a01dec5d7ec9c97a51740506a77b6c83c77ca1c5a4b57ea,2024-09-22T05:15:11.710000
+CVE-2024-9080,1,1,b19946dfe8254d1ef6f942e6b2629c2578c2527b473394e1556153bb30fc2436,2024-09-22T07:15:10.607000
+CVE-2024-9081,1,1,83d64789c2f84e0d8ffe5455ad72010c960463abb0acee3360d27d5e18a8b875,2024-09-22T07:15:11.073000