Auto-Update: 2025-01-01T15:00:19.939723+00:00

2025-05-07 19:16:29 +00:00 · 2025-01-01 15:03:44 +00:00 · 2025-01-01 15:03:44 +00:00 · 85420e2b0e
commit 85420e2b0e
parent 2c59f952cb
3 changed files with 151 additions and 5 deletions
--- a/CVE-2025/CVE-2025-01xx/CVE-2025-0168.json
+++ b/CVE-2025/CVE-2025-01xx/CVE-2025-0168.json
@ -0,0 +1,145 @@
+{
+  "id": "CVE-2025-0168",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2025-01-01T14:15:23.590",
+  "lastModified": "2025-01-01T14:15:23.590",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability classified as critical has been found in code-projects Job Recruitment 1.0. This affects an unknown part of the file /_parse/_feedback_system.php. The manipulation of the argument person leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "baseScore": 5.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "vulnerableSystemConfidentiality": "LOW",
+          "vulnerableSystemIntegrity": "LOW",
+          "vulnerableSystemAvailability": "LOW",
+          "subsequentSystemConfidentiality": "NONE",
+          "subsequentSystemIntegrity": "NONE",
+          "subsequentSystemAvailability": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirements": "NOT_DEFINED",
+          "integrityRequirements": "NOT_DEFINED",
+          "availabilityRequirements": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
+          "modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
+          "modifiedVulnerableSystemAvailability": "NOT_DEFINED",
+          "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
+          "modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
+          "modifiedSubsequentSystemAvailability": "NOT_DEFINED",
+          "safety": "NOT_DEFINED",
+          "automatable": "NOT_DEFINED",
+          "recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED"
+        }
+      }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+          "baseScore": 6.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
+          "baseScore": 6.5,
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "PARTIAL",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "PARTIAL"
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 8.0,
+        "impactScore": 6.4,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-74"
+        },
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://code-projects.org/",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://github.com/UnrealdDei/cve/blob/main/sql11.md",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.289917",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.289917",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.473107",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2025-01-01T07:00:20.026444+00:00
+2025-01-01T15:00:19.939723+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2025-01-01T06:15:23.220000+00:00
+2025-01-01T14:15:23.590000+00:00
 ```

 ### Last Data Feed Release
@ -33,14 +33,14 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-275385
+275386
 ```

 ### CVEs added in the last Commit

 Recently added CVEs: `1`

- [CVE-2024-11846](CVE-2024/CVE-2024-118xx/CVE-2024-11846.json) (`2025-01-01T06:15:23.220`)
+- [CVE-2025-0168](CVE-2025/CVE-2025-01xx/CVE-2025-0168.json) (`2025-01-01T14:15:23.590`)


 ### CVEs modified in the last Commit
--- a/_state.csv
+++ b/_state.csv
@ -244612,7 +244612,7 @@ CVE-2024-11840,0,0,4f72dc8e1aec5c10e4842e27b0438d261a566769857022259f6d9b1c51e88
 CVE-2024-11841,0,0,29b2d8ff488587d8a4e1b1dd2198cfdea87c7a6a53f626f6147622127a8032b7,2024-12-16T17:15:07.830000
 CVE-2024-11842,0,0,b468b59966d33ed9e284180ae3d4b6da56e7697d6ed23bc6f677a3b17c040944,2024-12-27T19:15:07.700000
 CVE-2024-11844,0,0,04412f8d1e89e121c8013622c692022d4f804bc36ac5e0beee05cf8987e8ae7f,2024-12-03T09:15:04.473000
-CVE-2024-11846,1,1,a5829a222dda8f0f1d34c6ce55e97a076867e903c9abbe05376a63ff811cfc40,2025-01-01T06:15:23.220000
+CVE-2024-11846,0,0,a5829a222dda8f0f1d34c6ce55e97a076867e903c9abbe05376a63ff811cfc40,2025-01-01T06:15:23.220000
 CVE-2024-1185,0,0,4ecd1740115bf103fbc8dca69b2cfbb42ac9a6d23eecf86cdd29f9e498ced7fa,2024-11-21T08:49:59.223000
 CVE-2024-11852,0,0,fcae6a31251538fa21922d7f8a34f94ee6c6390a3a29cfb5a4e8903a4faa77f7,2024-12-22T02:15:16.510000
 CVE-2024-11853,0,0,34e99eba0841fa956ba4d7c4a308f8505540f1a8e5d486ec7f2fdd3d46494b2f,2024-12-03T08:15:06.710000
@ -275384,3 +275384,4 @@ CVE-2024-9996,0,0,433ba4c226a5a6d2212e25ce0b55b45b5a0aaae59192553eedeafbaec42bc6
 CVE-2024-9997,0,0,c951d1dfad7abcf434414a546a4fccad53052e3fa40c16bd73a8c37c97d5eba8,2024-11-01T16:27:34.960000
 CVE-2024-9998,0,0,0419a3dad23ae850906f2650ca4d40b180999b4a5d360bcc1b838f8893ae2af5,2024-11-12T11:15:03.840000
 CVE-2024-9999,0,0,cad7c92a380ae514b71a1dd06f3b79a139ea65cb773110d32be2b942d72ae5af,2024-11-13T17:01:58.603000
+CVE-2025-0168,1,1,fde79a3f95dbae8045d22c8e981cbdd84ae894d89db499f6872ba4edd67b57a4,2025-01-01T14:15:23.590000