Auto-Update: 2024-04-22T04:00:37.908255+00:00

CVE-2018/CVE-2018-251xx/CVE-2018-25101.json

@@ -0,0 +1,88 @@
+{
+  "id": "CVE-2018-25101",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2024-04-22T02:15:07.547",
+  "lastModified": "2024-04-22T02:15:07.547",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability, which was classified as problematic, has been found in l2c2technologies Koha up to 20180108. This issue affects some unknown processing of the file /cgi-bin/koha/opac-MARCdetail.pl. The manipulation of the argument biblionumber with the input 2\"><TEST> leads to cross site scripting. The attack may be initiated remotely. The identifier of the patch is 950fc8e101886821879066b33e389a47fb0a9782. It is recommended to upgrade the affected component. The identifier VDB-261677 was assigned to this vulnerability."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 3.5,
+          "baseSeverity": "LOW"
+        },
+        "exploitabilityScore": 2.1,
+        "impactScore": 1.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "NONE",
+          "baseScore": 4.0
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 8.0,
+        "impactScore": 2.9,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/l2c2technologies/Koha/commit/950fc8e101886821879066b33e389a47fb0a9782",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.261677",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.261677",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}

README.md

@@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2024-04-22T02:00:29.970362+00:00
+2024-04-22T04:00:37.908255+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2024-04-22T01:15:47.397000+00:00
+2024-04-22T02:15:07.547000+00:00
 ```
 
 ### Last Data Feed Release
@@ -33,16 +33,14 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-246443
+246444
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `3`
+Recently added CVEs: `1`
 
-- [CVE-2024-28722](CVE-2024/CVE-2024-287xx/CVE-2024-28722.json) (`2024-04-22T01:15:47.257`)
-- [CVE-2024-30799](CVE-2024/CVE-2024-307xx/CVE-2024-30799.json) (`2024-04-22T01:15:47.340`)
-- [CVE-2024-32418](CVE-2024/CVE-2024-324xx/CVE-2024-32418.json) (`2024-04-22T01:15:47.397`)
+- [CVE-2018-25101](CVE-2018/CVE-2018-251xx/CVE-2018-25101.json) (`2024-04-22T02:15:07.547`)
 
 
 ### CVEs modified in the last Commit

_state.csv

@@ -121378,6 +121378,7 @@ CVE-2018-25097,0,0,347b569342894544d5b1688d12f00d8e5a46edd855e2fe6fe632b1cf81157
 CVE-2018-25098,0,0,ffbf532e396af68d9e068e3d9067d9f3bdabbc916aa9126b3546a85a032e6693,2024-04-11T01:02:05.707000
 CVE-2018-25099,0,0,4477c16cb5a3503e957873dbddbd3b50ffb7092ffd27acf2a352c93f686dfb7f,2024-03-18T12:38:25.490000
 CVE-2018-25100,0,0,26375a09020100e722ed36e37b25c669512cdaa2d61a780ec73480ee78db5d6b,2024-03-25T01:51:01.223000
+CVE-2018-25101,1,1,a7f9ad9ac1568d119c27a297db6abe9cdcff1a739bb06edf73c1ba7e0158bd20,2024-04-22T02:15:07.547000
 CVE-2018-2515,0,0,158f882e4275a7485a2b9ce17e7e57c4ea22cf74c55a78a9900c73a4caa327c0,2023-11-07T02:57:57.887000
 CVE-2018-2560,0,0,0bb1a26d6c05fddeb488697adb0bbe667a3dd77c1a5bc7af495c8721df5b1197,2020-08-24T17:37:01.140000
 CVE-2018-2561,0,0,b76feaa260e2f54fc8eeb8d50d578ffdd22b603f486ac4f8f5b3bc42df22fa45,2018-01-25T13:53:15.120000
@@ -244366,7 +244367,7 @@ CVE-2024-28713,0,0,beab16cae2dae6cd08028a095390b29624a6437ed474d84784c32091c71ec
 CVE-2024-28714,0,0,05d12d8ac80645ded00d1ead25c51baa98cf4af4d5a078fc724fffec6f7925ec,2024-03-29T12:45:02.937000
 CVE-2024-28715,0,0,054dc6dc725c244acb835446cab8d82270f7d8ffd8311eb9aca1ba238d62a38d,2024-03-20T13:00:16.367000
 CVE-2024-28718,0,0,5f0a839ac4250fecd45af64be191fc810afd4c63b89d4fc0f63a8d6841ad970e,2024-04-15T13:15:51.577000
-CVE-2024-28722,1,1,9a6f4d6874ce2675d934334510162e51791866267fbad8bf881facdd464d8e27,2024-04-22T01:15:47.257000
+CVE-2024-28722,0,0,9a6f4d6874ce2675d934334510162e51791866267fbad8bf881facdd464d8e27,2024-04-22T01:15:47.257000
 CVE-2024-2873,0,0,38b44d61d3230fcaba1c551f8073fe8dda4eadd0cd50d8705b668e3c4529f628,2024-03-26T12:55:05.010000
 CVE-2024-28732,0,0,ec5e6c9882e97cf45b4c95c1c5ffa7b0d32a1a92ed89d346b2a432d5adcd9a14,2024-04-08T18:48:40.217000
 CVE-2024-28734,0,0,f4687488b267ac163f3e0d4b9d3eb38f6f5a041c19b985a560624c627a7f4e16,2024-04-01T21:15:33.200000
@@ -245403,7 +245404,7 @@ CVE-2024-30736,0,0,c9d1cbf13e640c6d0aad30d5b12c1d8e9eb4c675776ee84065ff7ca937010
 CVE-2024-30737,0,0,1c036a16278ee8ea2e333e89f0d66457a587f7e2e9da86fd57591a8972289c80,2024-04-17T02:15:12.117000
 CVE-2024-3077,0,0,df42d4a62ceb1c6a6275b9b1d36ac8da42c0ae3505d0e07beac8238605b5504b,2024-03-29T12:45:02.937000
 CVE-2024-3078,0,0,de9e294582cbb558bf2417239a323549d99f034f1b581828b43e34b1ad1f5683,2024-04-11T01:25:52.940000
-CVE-2024-30799,1,1,5c22ce064a7dc6ce8b2652cfc17eb3a1996392801e7817d0c969e675a4bea9ff,2024-04-22T01:15:47.340000
+CVE-2024-30799,0,0,5c22ce064a7dc6ce8b2652cfc17eb3a1996392801e7817d0c969e675a4bea9ff,2024-04-22T01:15:47.340000
 CVE-2024-30806,0,0,3c4bbd71defb52c4de24f9ad1626459edef6b60997b976e6d74aead4ee0b3b0f,2024-04-02T20:31:58.463000
 CVE-2024-30807,0,0,8463e04fd42dedab289dad3fe1621f8f66d69fb63942da8a4e7f4baade23226e,2024-04-02T20:31:58.463000
 CVE-2024-30808,0,0,3edb296009dfb16a5061a2505986b3903e36250320b7a7a1ea6af0d775f588e5,2024-04-02T20:31:58.463000
@@ -245998,7 +245999,7 @@ CVE-2024-3235,0,0,87b194ac57d76e3164f790cf262b7f15e5577bfab72d12fd067ebb5070eb75
 CVE-2024-32391,0,0,088b185fbb10f088939fad9b89b36daa9fcfb870df443ae309733259e871c034,2024-04-19T21:15:08.700000
 CVE-2024-32392,0,0,ed9045c59c05af8ddd393f75662cceec81cb2642cd5fc86505497f055cad15c6,2024-04-19T21:15:08.747000
 CVE-2024-32409,0,0,2cc0bf26ecd8938fd89992a98bae2541af2d19072f0bc8cdc919759b6ea980aa,2024-04-19T16:19:49.043000
-CVE-2024-32418,1,1,7e22141d1ec31aa135fb6582febde6fc56975084c1c69e66b2b345efe8febdc3,2024-04-22T01:15:47.397000
+CVE-2024-32418,0,0,7e22141d1ec31aa135fb6582febde6fc56975084c1c69e66b2b345efe8febdc3,2024-04-22T01:15:47.397000
 CVE-2024-32428,0,0,87a3edde2c4b0ace5bed90e6337013a3436ae0c663c6eeed3dbaf59e4e702dff,2024-04-15T13:15:31.997000
 CVE-2024-32429,0,0,eb5275541e0171326bf869e836661a3d04172e6e7d4adfaa9657297147332796,2024-04-15T13:15:31.997000
 CVE-2024-3243,0,0,c0b3d501de451bd25695181364b192f45772ac0c3be190b71ef36c93a88e910d,2024-04-16T13:24:07.103000