diff --git a/CVE-2024/CVE-2024-83xx/CVE-2024-8380.json b/CVE-2024/CVE-2024-83xx/CVE-2024-8380.json new file mode 100644 index 00000000000..5186a4cdbe7 --- /dev/null +++ b/CVE-2024/CVE-2024-83xx/CVE-2024-8380.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2024-8380", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-09-03T01:15:13.690", + "lastModified": "2024-09-03T01:15:13.690", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in SourceCodester Contact Manager with Export to VCF 1.0. It has been rated as critical. This issue affects some unknown processing of the file /endpoint/delete-account.php of the component Delete Contact Handler. The manipulation of the argument contact leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "LOW", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "LOW", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED", + "baseScore": 5.3, + "baseSeverity": "MEDIUM" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/jadu101/CVE/blob/main/SourceCodester_Contact_Manager_delete_contact_sqli.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.276353", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.276353", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.401249", + "source": "cna@vuldb.com" + }, + { + "url": "https://www.sourcecodester.com/", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 32b5e3137eb..2c27f3cd76d 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-09-02T22:00:16.768861+00:00 +2024-09-03T02:00:17.355931+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-09-02T21:15:11.363000+00:00 +2024-09-03T01:15:13.690000+00:00 ``` ### Last Data Feed Release @@ -27,21 +27,20 @@ Repository synchronizes with the NVD every 2 hours. Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/releases/latest) ```plain -2024-09-02T10:03:48.875137+00:00 +2024-09-03T00:00:08.681685+00:00 ``` ### Total Number of included CVEs ```plain -261721 +261722 ``` ### CVEs added in the last Commit -Recently added CVEs: `2` +Recently added CVEs: `1` -- [CVE-2024-1621](CVE-2024/CVE-2024-16xx/CVE-2024-1621.json) (`2024-09-02T20:15:03.223`) -- [CVE-2024-45623](CVE-2024/CVE-2024-456xx/CVE-2024-45623.json) (`2024-09-02T21:15:11.363`) +- [CVE-2024-8380](CVE-2024/CVE-2024-83xx/CVE-2024-8380.json) (`2024-09-03T01:15:13.690`) ### CVEs modified in the last Commit diff --git a/_state.csv b/_state.csv index ff44b8be902..c73a6768be4 100644 --- a/_state.csv +++ b/_state.csv @@ -242571,7 +242571,7 @@ CVE-2024-1606,0,0,15a17e447d99df7418714d7ef94e3798f3d5d0e7ef6ca0dc3b7b341bddda71 CVE-2024-1608,0,0,44224eee05265f6f7b8c8729d57dee56f28fe5925bde16e1c91e799aa3c2bf41,2024-07-03T01:45:25.227000 CVE-2024-1618,0,0,3886085aa0e530a3cd7ca87e86ea29f5f9d41baf4dd8dca3226a1b22f221980f,2024-03-12T16:02:33.900000 CVE-2024-1619,0,0,01b7d19909a94551e828e77c9f333931b13ef7600c345044af8f16766ef9e448,2024-02-29T13:49:29.390000 -CVE-2024-1621,1,1,48acdfc90301fbba8816e2d17ff397869166f6d4caaec24b394146d8b94d2ec2,2024-09-02T20:15:03.223000 +CVE-2024-1621,0,0,48acdfc90301fbba8816e2d17ff397869166f6d4caaec24b394146d8b94d2ec2,2024-09-02T20:15:03.223000 CVE-2024-1622,0,0,90a7ac12e644da856fef8a87eb083c29b5cbc6ef54024c4fa075b222ca54bc89,2024-03-23T03:15:10.947000 CVE-2024-1623,0,0,3ba11c4b97908f2b99dcf57078312ab0e09d7a907a83f42f8c58a9ed7ccc2585,2024-03-14T14:21:20.217000 CVE-2024-1624,0,0,be6a9a69a944e9dd61590c16d7893d842fe68943f296187e7945d7ce86481789,2024-03-01T22:22:25.913000 @@ -258961,7 +258961,7 @@ CVE-2024-4561,0,0,8ef61ebc386f7e587b6eb6df8054d64514729591e443c5ac6735c0df58420e CVE-2024-4562,0,0,e0a783b0d1c16da234e0fe3d351cbae7a089d075739ba22ec0641c397b879b0f,2024-05-15T16:40:19.330000 CVE-2024-45621,0,0,0b120d0ed61ccec663a0d1e80b0f5c072f370ac2ff33012ab2b7a02d0113b491,2024-09-02T19:15:13.073000 CVE-2024-45622,0,0,a9b592efeff8e6f8d35d152c5fc6c7a2397aad7d98377f2200f908ad9781c741,2024-09-02T19:15:13.170000 -CVE-2024-45623,1,1,71aca376538fc4e76dc7cb6ce92391607a5646b6791e9c241f31e87a86f79181,2024-09-02T21:15:11.363000 +CVE-2024-45623,0,0,71aca376538fc4e76dc7cb6ce92391607a5646b6791e9c241f31e87a86f79181,2024-09-02T21:15:11.363000 CVE-2024-4563,0,0,a90af34c00297497a78ff72a2c306ea2262a49c5811c3b8bcaed5ddcefc9b6fb,2024-05-23T16:15:08.867000 CVE-2024-4564,0,0,045273651cbda7642192b25b1ce14ee6220cb16969b1d2c569252c03c480a950,2024-06-13T18:36:09.013000 CVE-2024-4565,0,0,15260fda70e8733111d52b1dae1a14ee33f22d1739a2e8de851c031d5bec2fb8,2024-07-17T14:14:08.750000 @@ -261720,3 +261720,4 @@ CVE-2024-8366,0,0,aa72fcd41b228be7b06f6c9a81ecf2f8f9fd5e20be0db7cf0df490a8a5890f CVE-2024-8367,0,0,8148f938d91de1e8fd6536b835fce7d047e450cd706d113fc44497b29c91e0fa,2024-09-01T04:15:14.107000 CVE-2024-8368,0,0,b6512ddcc37b6e90aa53a67b75199705c7ccbc726e2c91253f9dcb246f9ed10e,2024-09-01T05:15:12.187000 CVE-2024-8370,0,0,fc6619055deaa0369ad7ec9ea228a5984b89e76836c9bae412619b763ebbc1d6,2024-09-01T22:15:14.117000 +CVE-2024-8380,1,1,59536f41ae8eb3ab90b4321adcf0c677bff349890fe9496a5f0af1786eb08033,2024-09-03T01:15:13.690000