admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity

Auto-Update: 2024-11-02T17:00:20.182275+00:00

Browse Source
This commit is contained in:
cad-safe-bot 2024-11-02 17:03:20 +00:00
parent b5aef95f83
commit 3bd7e4cd23
4 changed files with 291 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

141
CVE-2024/CVE-2024-106xx/CVE-2024-10699.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2024-10699",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-02T15:15:16.313",
"lastModified": "2024-11-02T15:15:16.313",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in code-projects Wazifa System 1.0. It has been classified as critical. This affects an unknown part of the file /controllers/logincontrol.php. The manipulation of the argument username leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 6.9,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.3,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 3.9,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "NONE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5
},
"baseSeverity": "HIGH",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://code-projects.org/",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/lan041221/cve/blob/main/sql9.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.282867",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.282867",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.435048",
"source": "cna@vuldb.com"
}
]
}

141
CVE-2024/CVE-2024-107xx/CVE-2024-10700.json Normal file
View File

@ -0,0 +1,141 @@
{
"id": "CVE-2024-10700",
"sourceIdentifier": "cna@vuldb.com",
"published": "2024-11-02T16:15:03.243",
"lastModified": "2024-11-02T16:15:03.243",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in code-projects University Event Management System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file submit.php. The manipulation of the argument name/email/title/Year/gender/fromdate/todate/people leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The initial researcher advisory only mentions the parameter \"name\" to be affected. But it must be assumed that a variety of other parameters is affected too."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://code-projects.org/",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/aa1928992772/CVE/blob/main/sqlInjection.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.282868",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.282868",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.435051",
"source": "cna@vuldb.com"
}
]
}

11
README.md
View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update ### Last Repository Update
```plain ```plain
2024-11-02T15:00:19.457758+00:00 2024-11-02T17:00:20.182275+00:00
``` ```
### Most recent CVE Modification Timestamp synchronized with NVD ### Most recent CVE Modification Timestamp synchronized with NVD
```plain ```plain
2024-11-02T14:15:12.980000+00:00 2024-11-02T16:15:03.243000+00:00
``` ```
### Last Data Feed Release ### Last Data Feed Release
@ -33,14 +33,15 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs ### Total Number of included CVEs
```plain ```plain
268016 268018
``` ```
### CVEs added in the last Commit ### CVEs added in the last Commit
Recently added CVEs: `1` Recently added CVEs: `2`
- [CVE-2024-10698](CVE-2024/CVE-2024-106xx/CVE-2024-10698.json) (`2024-11-02T14:15:12.980`) - [CVE-2024-10699](CVE-2024/CVE-2024-106xx/CVE-2024-10699.json) (`2024-11-02T15:15:16.313`)
- [CVE-2024-10700](CVE-2024/CVE-2024-107xx/CVE-2024-10700.json) (`2024-11-02T16:15:03.243`)
### CVEs modified in the last Commit ### CVEs modified in the last Commit

4
_state.csv
View File

@ -242718,8 +242718,10 @@ CVE-2024-1067,0,0,54f094f38a51fcd0954e79c36caca8c799a450eda4559137980b77dd6d9caf
CVE-2024-1068,0,0,affccf40ed47a318eb2ecd8e307c56fa640a43f94e3b3e8b50a778ab4a9c998f,2024-08-26T19:35:04.287000 CVE-2024-1068,0,0,affccf40ed47a318eb2ecd8e307c56fa640a43f94e3b3e8b50a778ab4a9c998f,2024-08-26T19:35:04.287000
CVE-2024-1069,0,0,9f4b19e535b82e8b50b814b402985dc45959fb8eebaa25a120ba3f787349c9c3,2024-02-06T20:11:52.587000 CVE-2024-1069,0,0,9f4b19e535b82e8b50b814b402985dc45959fb8eebaa25a120ba3f787349c9c3,2024-02-06T20:11:52.587000
CVE-2024-10697,0,0,b6a5fbdd54ff78ca8f29be9d904245700764dda2892e20d8100f91a87604ea47,2024-11-02T12:15:15.780000 CVE-2024-10697,0,0,b6a5fbdd54ff78ca8f29be9d904245700764dda2892e20d8100f91a87604ea47,2024-11-02T12:15:15.780000
CVE-2024-10698,1,1,8281674c5312d1eac605117cac32e949ec8e479274dd1749bb2715d742010d6d,2024-11-02T14:15:12.980000 CVE-2024-10698,0,0,8281674c5312d1eac605117cac32e949ec8e479274dd1749bb2715d742010d6d,2024-11-02T14:15:12.980000
CVE-2024-10699,1,1,ef67a20c3335f29b114cad7b0aedb794f1b00f327f73345873f5e40c4d641fcb,2024-11-02T15:15:16.313000
CVE-2024-1070,0,0,945eeccf4f5ba232f5b58cbe0a0fb277520149997c332f988c0ef3d652aa0c5c,2024-02-29T13:49:29.390000 CVE-2024-1070,0,0,945eeccf4f5ba232f5b58cbe0a0fb277520149997c332f988c0ef3d652aa0c5c,2024-02-29T13:49:29.390000
CVE-2024-10700,1,1,b17b93e7f82967a1cd70f297abdf013df9d7712afeb0e21e10309930c9dd8b06,2024-11-02T16:15:03.243000
CVE-2024-1071,0,0,203dd69d50b387b330a57560d4e66e827311506680b4f1e4c4b62b6aa394169c,2024-03-13T18:16:18.563000 CVE-2024-1071,0,0,203dd69d50b387b330a57560d4e66e827311506680b4f1e4c4b62b6aa394169c,2024-03-13T18:16:18.563000
CVE-2024-1072,0,0,d1340477909607c729b87fb4231ec3eb5b83c947dd2f9537edfb72049dfc44f6,2024-02-13T19:44:28.620000 CVE-2024-1072,0,0,d1340477909607c729b87fb4231ec3eb5b83c947dd2f9537edfb72049dfc44f6,2024-02-13T19:44:28.620000
CVE-2024-1073,0,0,39b7dc528198b2afbafa91161478b052efb2c858a3c417cf6368bfe809460c5d,2024-02-07T20:56:30.313000 CVE-2024-1073,0,0,39b7dc528198b2afbafa91161478b052efb2c858a3c417cf6368bfe809460c5d,2024-02-07T20:56:30.313000

Can't render this file because it is too large.