Auto-Update: 2024-03-30T11:00:37.287447+00:00

2025-07-09 16:05:11 +00:00 · 2024-03-30 11:03:28 +00:00 · 2024-03-30 11:03:28 +00:00 · 4946c83ee0
commit 4946c83ee0
parent ca46ad1ce0
5 changed files with 248 additions and 18 deletions
--- a/CVE-2024/CVE-2024-24xx/CVE-2024-2491.json
+++ b/CVE-2024/CVE-2024-24xx/CVE-2024-2491.json
@ -0,0 +1,47 @@
 {
  "id": "CVE-2024-2491",
  "sourceIdentifier": "security@wordfence.com",
  "published": "2024-03-30T10:15:07.460",
  "lastModified": "2024-03-30T10:15:07.460",
  "vulnStatus": "Received",
  "descriptions": [
    {
      "lang": "en",
      "value": "The PowerPack Addons for Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the *_html_tag* attribute of multiple widgets in all versions up to, and including, 2.7.17 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "security@wordfence.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "LOW",
          "userInteraction": "NONE",
          "scope": "CHANGED",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "availabilityImpact": "NONE",
          "baseScore": 6.4,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 3.1,
        "impactScore": 2.7
      }
    ]
  },
  "references": [
    {
      "url": "https://plugins.trac.wordpress.org/changeset/3053463/powerpack-lite-for-elementor",
      "source": "security@wordfence.com"
    },
    {
      "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/22c4b981-6135-4c44-aa68-f0d51704a68c?source=cve",
      "source": "security@wordfence.com"
    }
  ]
 }
--- a/CVE-2024/CVE-2024-30xx/CVE-2024-3085.json
+++ b/CVE-2024/CVE-2024-30xx/CVE-2024-3085.json
@ -0,0 +1,92 @@
 {
  "id": "CVE-2024-3085",
  "sourceIdentifier": "cna@vuldb.com",
  "published": "2024-03-30T09:15:22.093",
  "lastModified": "2024-03-30T09:15:22.093",
  "vulnStatus": "Received",
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability classified as critical has been found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. Affected is an unknown function of the file /admin/login.php of the component Admin Login Page. The manipulation of the argument username leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-258678 is the identifier assigned to this vulnerability."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "cna@vuldb.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "NONE",
          "scope": "UNCHANGED",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "availabilityImpact": "LOW",
          "baseScore": 7.3,
          "baseSeverity": "HIGH"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 3.4
      }
    ],
    "cvssMetricV2": [
      {
        "source": "cna@vuldb.com",
        "type": "Secondary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "PARTIAL",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "PARTIAL",
          "baseScore": 7.5
        },
        "baseSeverity": "HIGH",
        "exploitabilityScore": 10.0,
        "impactScore": 6.4,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "cna@vuldb.com",
      "type": "Primary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-89"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/eahp_sqli.md",
      "source": "cna@vuldb.com"
    },
    {
      "url": "https://vuldb.com/?ctiid.258678",
      "source": "cna@vuldb.com"
    },
    {
      "url": "https://vuldb.com/?id.258678",
      "source": "cna@vuldb.com"
    },
    {
      "url": "https://vuldb.com/?submit.306958",
      "source": "cna@vuldb.com"
    }
  ]
 }
--- a/CVE-2024/CVE-2024-30xx/CVE-2024-3086.json
+++ b/CVE-2024/CVE-2024-30xx/CVE-2024-3086.json
@ -0,0 +1,92 @@
 {
  "id": "CVE-2024-3086",
  "sourceIdentifier": "cna@vuldb.com",
  "published": "2024-03-30T09:15:22.367",
  "lastModified": "2024-03-30T09:15:22.367",
  "vulnStatus": "Received",
  "descriptions": [
    {
      "lang": "en",
      "value": "A vulnerability classified as problematic was found in PHPGurukul Emergency Ambulance Hiring Portal 1.0. Affected by this vulnerability is an unknown functionality of the file ambulance-tracking.php of the component Ambulance Tracking Page. The manipulation of the argument searchdata leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-258679."
    }
  ],
  "metrics": {
    "cvssMetricV31": [
      {
        "source": "cna@vuldb.com",
        "type": "Secondary",
        "cvssData": {
          "version": "3.1",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
          "attackVector": "NETWORK",
          "attackComplexity": "LOW",
          "privilegesRequired": "NONE",
          "userInteraction": "REQUIRED",
          "scope": "UNCHANGED",
          "confidentialityImpact": "NONE",
          "integrityImpact": "LOW",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "baseSeverity": "MEDIUM"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 1.4
      }
    ],
    "cvssMetricV2": [
      {
        "source": "cna@vuldb.com",
        "type": "Secondary",
        "cvssData": {
          "version": "2.0",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
          "accessVector": "NETWORK",
          "accessComplexity": "LOW",
          "authentication": "NONE",
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "availabilityImpact": "NONE",
          "baseScore": 5.0
        },
        "baseSeverity": "MEDIUM",
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "acInsufInfo": false,
        "obtainAllPrivilege": false,
        "obtainUserPrivilege": false,
        "obtainOtherPrivilege": false,
        "userInteractionRequired": false
      }
    ]
  },
  "weaknesses": [
    {
      "source": "cna@vuldb.com",
      "type": "Secondary",
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ]
    }
  ],
  "references": [
    {
      "url": "https://github.com/dhabaleshwar/Open-Source-Vulnerabilities/blob/main/eahp_rxss.md",
      "source": "cna@vuldb.com"
    },
    {
      "url": "https://vuldb.com/?ctiid.258679",
      "source": "cna@vuldb.com"
    },
    {
      "url": "https://vuldb.com/?id.258679",
      "source": "cna@vuldb.com"
    },
    {
      "url": "https://vuldb.com/?submit.306960",
      "source": "cna@vuldb.com"
    }
  ]
 }
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 ```plain
-2024-03-30T09:00:37.795791+00:00
+2024-03-30T11:00:37.287447+00:00
 ```
 ### Most recent CVE Modification Timestamp synchronized with NVD
 ```plain
-2024-03-30T08:15:07.510000+00:00
+2024-03-30T10:15:07.460000+00:00
 ```
 ### Last Data Feed Release
@ -33,20 +33,16 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 ```plain
-243433
+243436
 ```
 ### CVEs added in the last Commit
-Recently added CVEs: `7`
+Recently added CVEs: `3`
- [CVE-2024-2140](CVE-2024/CVE-2024-21xx/CVE-2024-2140.json) (`2024-03-30T07:15:08.893`)
+- [CVE-2024-2491](CVE-2024/CVE-2024-24xx/CVE-2024-2491.json) (`2024-03-30T10:15:07.460`)
- [CVE-2024-2141](CVE-2024/CVE-2024-21xx/CVE-2024-2141.json) (`2024-03-30T07:15:09.203`)
+- [CVE-2024-3085](CVE-2024/CVE-2024-30xx/CVE-2024-3085.json) (`2024-03-30T09:15:22.093`)
- [CVE-2024-2142](CVE-2024/CVE-2024-21xx/CVE-2024-2142.json) (`2024-03-30T07:15:09.513`)
+- [CVE-2024-3086](CVE-2024/CVE-2024-30xx/CVE-2024-3086.json) (`2024-03-30T09:15:22.367`)
 - [CVE-2024-2143](CVE-2024/CVE-2024-21xx/CVE-2024-2143.json) (`2024-03-30T07:15:09.997`)
 - [CVE-2024-2144](CVE-2024/CVE-2024-21xx/CVE-2024-2144.json) (`2024-03-30T07:15:10.497`)
 - [CVE-2024-2948](CVE-2024/CVE-2024-29xx/CVE-2024-2948.json) (`2024-03-30T08:15:07.330`)
 - [CVE-2024-3084](CVE-2024/CVE-2024-30xx/CVE-2024-3084.json) (`2024-03-30T08:15:07.510`)
 ### CVEs modified in the last Commit
--- a/_state.csv
+++ b/_state.csv
@ -239838,7 +239838,7 @@ CVE-2024-21395,0,0,f1993dcc4aa6b30f8100a014aabe16306e5164d7170173d986fa0305ec479
 CVE-2024-21396,0,0,89247a83900398acb67f829665b4596d2292eee6f6859844049c54511236f48b,2024-02-23T17:41:27.623000
 CVE-2024-21397,0,0,513c417ad39d9a2066a289680b245c01e1ceeae2b0ee83f69db302cf1dfa050d,2024-02-23T17:47:25.600000
 CVE-2024-21399,0,0,481cce32c9e9a83e040ae50a7ae1201df812aadb50eba52c79fdd8a16608ba2c,2024-02-09T03:00:47.227000
-CVE-2024-2140,1,1,00c3e2168a7c47eb1826eb294f188731562727cf9d049d1cb71be48665026ae2,2024-03-30T07:15:08.893000
+CVE-2024-2140,0,0,00c3e2168a7c47eb1826eb294f188731562727cf9d049d1cb71be48665026ae2,2024-03-30T07:15:08.893000
 CVE-2024-21400,0,0,b652fe8c0b6abbaa87372d3f18128a0d3ba6de315b5c8ae76a9b6fb5a5c4dd18,2024-03-12T17:46:17.273000
 CVE-2024-21401,0,0,169936f9e80ab8f68930febaec3b03620bcee4c9e21a4a75d7bfbfb87d28264c,2024-02-23T21:06:05.783000
 CVE-2024-21402,0,0,3dc7f77c0dcdfcbea6de1ddb879c655a9bcdc8aea8cb1ca9e0fd0e2f41a79092,2024-02-22T18:38:54.443000
@ -239848,21 +239848,21 @@ CVE-2024-21405,0,0,7b2bcd85f8b75e36055a51e8d6e50e620fbb5da00673d7a82956b2dcc3d7e
 CVE-2024-21406,0,0,4926f610f67020e143f717a8966dfc594abc79953c895df1691f78cfff880f19,2024-03-01T22:57:15.940000
 CVE-2024-21407,0,0,13806882df1727e3bbc8e26b8c7dd4da4315e03da171f9dbf0647863a4d47218,2024-03-21T21:06:06.530000
 CVE-2024-21408,0,0,5325218009ff3c8f10a3b9269e4b1c5ec312eb3ea56b73f6a728479c1bad3635,2024-03-21T21:06:09.543000
-CVE-2024-2141,1,1,6ffc21259396265e873a86547783a6cdb4f662061372bc1c4dbf3645578deea3,2024-03-30T07:15:09.203000
+CVE-2024-2141,0,0,6ffc21259396265e873a86547783a6cdb4f662061372bc1c4dbf3645578deea3,2024-03-30T07:15:09.203000
 CVE-2024-21410,0,0,bd862af63cde79d77d3d96c08b20eb8ee12ef6b46d7738e8f98c5d9c8af65aee,2024-02-26T21:10:38.713000
 CVE-2024-21411,0,0,752b3d730293c266885035a1f030073e3f7456710c29851319bdadbb6794b6d6,2024-03-12T17:46:17.273000
 CVE-2024-21412,0,0,6df500642ad441e157d67f1fe17b6dc5155211f5565d89e1eed7797770fe5407,2024-03-07T17:48:58.173000
 CVE-2024-21413,0,0,e8b53a5cd4bd3cc4178f808efd349017a89b016f9da30aa2b26e33753aaea59b,2024-02-23T21:04:05.710000
 CVE-2024-21418,0,0,ef663b9214de74ab8b1eda2c85169dc13f12218d87536de8a5f4de5236a43541,2024-03-12T17:46:17.273000
 CVE-2024-21419,0,0,2b2cb4db09da9495fc2ecf8fae18cde53ce11b6d772c946de837373d3f835c9d,2024-03-12T17:46:17.273000
-CVE-2024-2142,1,1,2baa1be14ea87a7ce70e0e3e17dfb569e87ae981e3997dfc9470e8fa34c8ded6,2024-03-30T07:15:09.513000
+CVE-2024-2142,0,0,2baa1be14ea87a7ce70e0e3e17dfb569e87ae981e3997dfc9470e8fa34c8ded6,2024-03-30T07:15:09.513000
 CVE-2024-21420,0,0,4a89fb64b6e21ff3e8e62b1263c75efc47583308c96cfb26d691252d4777d2ed,2024-02-13T18:22:43.577000
 CVE-2024-21421,0,0,7f3d201054cbde03fea298b3b62f09a5835e6858ea20c6e60673b54188a987a6,2024-03-12T17:46:17.273000
 CVE-2024-21423,0,0,bdd3e5505bf37095cf28502668c3363668037784f8adcb8492701fb6ce5eb572,2024-02-26T13:42:22.567000
 CVE-2024-21426,0,0,d393d657fa9631ae4a7e338940f17c59c22b9a1c79406ce6c198e0e929a7ae1b,2024-03-12T17:46:17.273000
 CVE-2024-21427,0,0,f2592991e7304b29003b372e68d3f0a5c7232d5b37eb13a43127f77590c861e8,2024-03-12T17:46:17.273000
 CVE-2024-21429,0,0,432d3834c625233c5a21b7d14e6b2d92ea43b60981cfe0a7c1e3f6363d4b8242,2024-03-12T17:46:17.273000
-CVE-2024-2143,1,1,8a3b02b64ed809034af3eb8399c73ec5024d4cbd3eb660ceef73c1ce395e0221,2024-03-30T07:15:09.997000
+CVE-2024-2143,0,0,8a3b02b64ed809034af3eb8399c73ec5024d4cbd3eb660ceef73c1ce395e0221,2024-03-30T07:15:09.997000
 CVE-2024-21430,0,0,f0323e656bba17b2c286d5c2f562080f05bce6bcbf944452b18cf9b643e389d2,2024-03-12T17:46:17.273000
 CVE-2024-21431,0,0,26c4452850a50cb1240e5475bc72713eb6853df62e53111991ad8917b98a91ea,2024-03-12T17:46:17.273000
 CVE-2024-21432,0,0,fab8d7290e99771982b5f8cadee12a7229e54e95365bb6c52ca3b2240ad66917,2024-03-12T17:46:17.273000
@ -239873,7 +239873,7 @@ CVE-2024-21436,0,0,0dd87189c7353c26efcd8b4c46b990b4f91e29fa2912a735a2fd44ab16c87
 CVE-2024-21437,0,0,d68d1284ce344470b1e7d6e7ec437e6a811301e250b1bf82bd56ca2589342e67,2024-03-12T17:46:17.273000
 CVE-2024-21438,0,0,0984d49fe88902a08e3f8bcc7e2245bb23fd280e9382fbcf6192c69efb734310,2024-03-12T17:46:17.273000
 CVE-2024-21439,0,0,27307394f1ffff04a4b85c5411a75da570619f8a3ad6f4da08c2e001914244e1,2024-03-12T17:46:17.273000
-CVE-2024-2144,1,1,f64c0f9437d43b93b69b19c4a347cc382ba1e5cb79a3b9c75bcc71d3c3b01060,2024-03-30T07:15:10.497000
+CVE-2024-2144,0,0,f64c0f9437d43b93b69b19c4a347cc382ba1e5cb79a3b9c75bcc71d3c3b01060,2024-03-30T07:15:10.497000
 CVE-2024-21440,0,0,6f61fd68e9deac86867c494212547f54aa54ff0eb7ab6436113da9b0d1135d3e,2024-03-12T17:46:17.273000
 CVE-2024-21441,0,0,60ec7a64913922ceeff946bffca3a156dc2df936ff37cc69f9b4248e6770163b,2024-03-12T17:46:17.273000
 CVE-2024-21442,0,0,e32988f4a6f4e8b33b6e29cea1f1a0ef77e96b7daa729f5981a98fdcb7c815e2,2024-03-12T17:46:17.273000
@ -241421,6 +241421,7 @@ CVE-2024-24904,0,0,78ac0ecc337c1c3cf6e2760caf67e88b6e00a19c5576326a3f49c9a71b975
 CVE-2024-24905,0,0,0364517ab894b73bf8c30cbe20b80273a93d4e9e263ab05b98b6931e08025cbd,2024-03-01T15:23:36.177000
 CVE-2024-24906,0,0,b228b1520570950c7c3e86ac4523299ab67e1d327a9c2256213093954d2009dd,2024-03-01T14:04:04.827000
 CVE-2024-24907,0,0,10281c2cdefacd19bcde83af128428b7182a3d780a05c7b0d1630f2ada3f8271,2024-03-01T15:23:36.177000
 CVE-2024-2491,1,1,3a2cac36f3611f311c24b6e56ab4a32260a4f518dc4c29962fdd8b96ee6c7d9f,2024-03-30T10:15:07.460000
 CVE-2024-24920,0,0,0c6e0a299c3dcb3e2c9c47cd3391320c9c9126b8fcb7683d54f65bff941cba09,2024-02-13T14:01:00.987000
 CVE-2024-24921,0,0,2756f13f54e6771800d4e52f7442498e73a8fe2b3f97e730b1c320dbcf7f624d,2024-02-13T14:01:00.987000
 CVE-2024-24922,0,0,680b15f3fa23668c58f8fb97e1903f0bb50dd4180870bdd41f68c0313884ae2b,2024-02-13T14:01:00.987000
@ -243047,7 +243048,7 @@ CVE-2024-29471,0,0,82d45a5ffd79414ce139218b143945b76a967fb1502a8005b616153a32c45
 CVE-2024-29472,0,0,8914457096a81cfec257e1932986907f8b2f25a966f10c0d7629905ec24b0f86,2024-03-21T12:58:51.093000
 CVE-2024-29473,0,0,2dcbe7e94767e08f46a9353b62d8f30da500a221f5affb32fc9ef958cfff985b,2024-03-21T12:58:51.093000
 CVE-2024-29474,0,0,cd74b93fedbacc13ab911c0f2a2b89e07d9e578953f3b262ce40503b72930e98,2024-03-21T12:58:51.093000
-CVE-2024-2948,1,1,a4fcee96ac543a16a7c4648e47d99e7d01a8481e14063944ded2893728590958,2024-03-30T08:15:07.330000
+CVE-2024-2948,0,0,a4fcee96ac543a16a7c4648e47d99e7d01a8481e14063944ded2893728590958,2024-03-30T08:15:07.330000
 CVE-2024-29489,0,0,b53e28436eacd43712154645616899ea4ad86f89638685c2d1c1f1bd71a439fa,2024-03-29T12:45:02.937000
 CVE-2024-29499,0,0,bc8db29a97bf5517e5213278d0d5f5ecdec4b51f00adea3262848d25f6e735bc,2024-03-22T19:02:10.300000
 CVE-2024-2951,0,0,7025f71f619ebfb5f00b29e3d72fe62bb5f0ea0dbfe92a58b33e63352aa0779c,2024-03-27T12:29:41.530000
@ -243417,7 +243418,9 @@ CVE-2024-30645,0,0,88b4c3396d5e0adacc93f28d39da5928d08265f1211f6c05c1d8690fd0f03
 CVE-2024-3077,0,0,764729ebf4e3dc3c20da54caae721047879db4db5e2887f4d077635ba39ad95a,2024-03-29T12:45:02.937000
 CVE-2024-3078,0,0,07ca6090eecfc88a41afb186ab370517deca7caa0d1280cb8ed031f58d59e15a,2024-03-29T13:28:22.880000
 CVE-2024-3081,0,0,dffc68d1388aac08d9d9a9d84e2f2854f24235b2dd8bd2e907a0a195e3c85f14,2024-03-29T15:15:14.657000
-CVE-2024-3084,1,1,feb04b6812a124315d1816b70ccdcdd41a89f3d42f26905fef1bc9732a4ee86a,2024-03-30T08:15:07.510000
+CVE-2024-3084,0,0,feb04b6812a124315d1816b70ccdcdd41a89f3d42f26905fef1bc9732a4ee86a,2024-03-30T08:15:07.510000
 CVE-2024-3085,1,1,f189393abcf3f39030a0b0c96f6cb9307d0bf6deb0ef88912d8e876c4692bd1c,2024-03-30T09:15:22.093000
 CVE-2024-3086,1,1,cc5a01ab88ce423f04c8e499fc5c4ae76ca65b66c37b46eb53fe666ff0b26be5,2024-03-30T09:15:22.367000
 CVE-2024-3094,0,0,c6fffd56cf4a81476425ca638ec856baec49e7641b48e65fcf99476d7346527a,2024-03-29T19:15:41.947000
 CVE-2024-31032,0,0,f6232fe0ef0534ba6d6e20ea0777fd8892cbb87efba42355deb8d8634b00d21e,2024-03-29T17:15:20.993000
 CVE-2024-31061,0,0,3a611478260a969dc7c268c913c4f396b21e3b4ebcb9a4cb4b0ae2a352b58da0,2024-03-28T20:53:20.813000