Auto-Update: 2024-04-06T22:00:37.478936+00:00

2025-05-08 19:47:09 +00:00 · 2024-04-06 22:03:26 +00:00 · 2024-04-06 22:03:26 +00:00 · 6fd2a34ba6
commit 6fd2a34ba6
parent a44fd26bc5
3 changed files with 101 additions and 10 deletions
--- a/CVE-2024/CVE-2024-34xx/CVE-2024-3414.json
+++ b/CVE-2024/CVE-2024-34xx/CVE-2024-3414.json
@ -0,0 +1,92 @@
+{
+  "id": "CVE-2024-3414",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2024-04-06T21:15:20.167",
+  "lastModified": "2024-04-06T21:15:20.167",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability was found in SourceCodester Human Resource Information System 1.0 and classified as problematic. This issue affects some unknown processing of the file Superadmin_Dashboard/process/addcorporate_process.php. The manipulation of the argument corporate_name leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-259583."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 3.5,
+          "baseSeverity": "LOW"
+        },
+        "exploitabilityScore": 2.1,
+        "impactScore": 1.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "NONE",
+          "baseScore": 4.0
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 8.0,
+        "impactScore": 2.9,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/thisissuperann/Vul/blob/Human-Resource-Information-System/Human-Resource-Information-System-02.md",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.259583",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.259583",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.311436",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-04-06T20:00:38.874217+00:00
+2024-04-06T22:00:37.478936+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-04-06T19:15:07.303000+00:00
+2024-04-06T21:15:20.167000+00:00
 ```

 ### Last Data Feed Release
@ -33,16 +33,14 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-244296
+244297
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `3`
+Recently added CVEs: `1`

- [CVE-2024-27620](CVE-2024/CVE-2024-276xx/CVE-2024-27620.json) (`2024-04-06T19:15:07.183`)
- [CVE-2024-28741](CVE-2024/CVE-2024-287xx/CVE-2024-28741.json) (`2024-04-06T19:15:07.247`)
- [CVE-2024-3413](CVE-2024/CVE-2024-34xx/CVE-2024-3413.json) (`2024-04-06T19:15:07.303`)
+- [CVE-2024-3414](CVE-2024/CVE-2024-34xx/CVE-2024-3414.json) (`2024-04-06T21:15:20.167`)


 ### CVEs modified in the last Commit
--- a/_state.csv
+++ b/_state.csv
@ -242896,7 +242896,7 @@ CVE-2024-27609,0,0,f5d2fceb3a71c480d99c4c75cd0a83ffe0e0dd3a726d0869ef9aadec6a003
 CVE-2024-27612,0,0,c510222cc98aeecd84a141efbf806cb4a31be0185bd980ef0ea0993f9e29a425,2024-03-08T14:02:57.420000
 CVE-2024-27613,0,0,55e42cf2e4639a6096ea75af39dc974125f1048dbd4b80fc4aa61dc42e00d85d,2024-03-08T14:02:57.420000
 CVE-2024-27619,0,0,ac27585ed59a6668049d75158e75afc441f45955e396bf2ead784d9f82b5977e,2024-04-01T01:12:59.077000
-CVE-2024-27620,1,1,a39ca740f47ad27742f34d3bd3f86260ea8eac572f198f6a32bc8896f290f0fc,2024-04-06T19:15:07.183000
+CVE-2024-27620,0,0,a39ca740f47ad27742f34d3bd3f86260ea8eac572f198f6a32bc8896f290f0fc,2024-04-06T19:15:07.183000
 CVE-2024-27622,0,0,1f97ac5b5ef46757629262fb3eae095c2e31f5e8d93445f5e445dbfb6034e57e,2024-03-05T14:27:46.090000
 CVE-2024-27623,0,0,2fddee8e74e15c6e7895f22777fd9ac33928389d1ff6851e7ceeb0e05ed9e8b4,2024-03-05T14:27:46.090000
 CVE-2024-27625,0,0,d6b6da55ca3f292d09b4a714bcb504e227f68a5bde518c62e1054c68c65c7b4c,2024-03-05T14:27:46.090000
@ -243324,7 +243324,7 @@ CVE-2024-28715,0,0,054dc6dc725c244acb835446cab8d82270f7d8ffd8311eb9aca1ba238d62a
 CVE-2024-2873,0,0,38b44d61d3230fcaba1c551f8073fe8dda4eadd0cd50d8705b668e3c4529f628,2024-03-26T12:55:05.010000
 CVE-2024-28734,0,0,f4687488b267ac163f3e0d4b9d3eb38f6f5a041c19b985a560624c627a7f4e16,2024-04-01T21:15:33.200000
 CVE-2024-28735,0,0,27a3fb731c930af76bd97477e46fd57873e1d90373135fa3e190a08c95c9db47,2024-04-01T21:15:37.360000
-CVE-2024-28741,1,1,1678ed4de6f62b62747c7cf1ef99a3f3ff7e7dec4db75414c76ffae859a52b6b,2024-04-06T19:15:07.247000
+CVE-2024-28741,0,0,1678ed4de6f62b62747c7cf1ef99a3f3ff7e7dec4db75414c76ffae859a52b6b,2024-04-06T19:15:07.247000
 CVE-2024-28745,0,0,15394cfaddabd1c5537f1c3a0b8bc4d088d58358d421e9d9475a38fad6a5e44f,2024-03-18T12:38:25.490000
 CVE-2024-28746,0,0,fb320a7d6e12ec8f68beabcf59bf59d1aef1d7213d73fb79561b698cb3fb6967,2024-03-14T12:52:09.877000
 CVE-2024-28752,0,0,495f9c5e12c0e13f37b84e847c6c74c560494d5ce882050026116e368be1891f,2024-03-15T12:53:06.423000
@ -244294,4 +244294,5 @@ CVE-2024-3369,0,0,7a39035754b68492641cb801e8701eeb86e1c475b1c8ae1891ee1f8aedb43b
 CVE-2024-3376,0,0,9009bf84f2f2acf8c6da092be580b37368b74d73874442305c15722269582997,2024-04-06T12:15:08.603000
 CVE-2024-3377,0,0,c094224cee8d924a29bc0a9702b2198278de47decc998b32b54a996076466234,2024-04-06T12:15:08.857000
 CVE-2024-3378,0,0,18603e1af81d7ddd6783ce6e71ce93149edac58389cc6209d2aa06899a476553,2024-04-06T13:15:12.473000
-CVE-2024-3413,1,1,e1d44a7f6ecaa59001e0c3b7293038f73b00022993d5cfe2b006c5f004dd07b4,2024-04-06T19:15:07.303000
+CVE-2024-3413,0,0,e1d44a7f6ecaa59001e0c3b7293038f73b00022993d5cfe2b006c5f004dd07b4,2024-04-06T19:15:07.303000
+CVE-2024-3414,1,1,865b8b9a463ec948dc343c4a30756496edcf661fb9a023649606bd76ffc5f79d,2024-04-06T21:15:20.167000