From 8fe96f37dc077c79b2ec7505fbd64b49c34ffed6 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Sat, 31 May 2025 04:03:55 +0000 Subject: [PATCH] Auto-Update: 2025-05-31T04:00:19.216415+00:00 --- CVE-2025/CVE-2025-53xx/CVE-2025-5367.json | 145 ++++++++++++++++++++++ README.md | 15 +-- _state.csv | 9 +- 3 files changed, 156 insertions(+), 13 deletions(-) create mode 100644 CVE-2025/CVE-2025-53xx/CVE-2025-5367.json diff --git a/CVE-2025/CVE-2025-53xx/CVE-2025-5367.json b/CVE-2025/CVE-2025-53xx/CVE-2025-5367.json new file mode 100644 index 00000000000..eb7d84d7371 --- /dev/null +++ b/CVE-2025/CVE-2025-53xx/CVE-2025-5367.json @@ -0,0 +1,145 @@ +{ + "id": "CVE-2025-5367", + "sourceIdentifier": "cna@vuldb.com", + "published": "2025-05-31T02:15:19.383", + "lastModified": "2025-05-31T02:15:19.383", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in PHPGurukul Online Shopping Portal Project 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /category.php. The manipulation of the argument Product leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnConfidentialityImpact": "LOW", + "vulnIntegrityImpact": "LOW", + "vulnAvailabilityImpact": "LOW", + "subConfidentialityImpact": "NONE", + "subIntegrityImpact": "NONE", + "subAvailabilityImpact": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirement": "NOT_DEFINED", + "integrityRequirement": "NOT_DEFINED", + "availabilityRequirement": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnConfidentialityImpact": "NOT_DEFINED", + "modifiedVulnIntegrityImpact": "NOT_DEFINED", + "modifiedVulnAvailabilityImpact": "NOT_DEFINED", + "modifiedSubConfidentialityImpact": "NOT_DEFINED", + "modifiedSubIntegrityImpact": "NOT_DEFINED", + "modifiedSubAvailabilityImpact": "NOT_DEFINED", + "Safety": "NOT_DEFINED", + "Automatable": "NOT_DEFINED", + "Recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "baseScore": 7.3, + "baseSeverity": "HIGH", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "baseScore": 7.5, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL" + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-74" + }, + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/shanranne/myCVE/issues/1", + "source": "cna@vuldb.com" + }, + { + "url": "https://phpgurukul.com/", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.310660", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.310660", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.586814", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 8c5212b639b..c433cff1803 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2025-05-31T02:00:19.156918+00:00 +2025-05-31T04:00:19.216415+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2025-05-31T01:15:20.507000+00:00 +2025-05-31T02:15:19.383000+00:00 ``` ### Last Data Feed Release @@ -33,23 +33,20 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -296088 +296089 ``` ### CVEs added in the last Commit -Recently added CVEs: `2` +Recently added CVEs: `1` -- [CVE-2018-25111](CVE-2018/CVE-2018-251xx/CVE-2018-25111.json) (`2025-05-31T01:15:19.123`) -- [CVE-2025-5365](CVE-2025/CVE-2025-53xx/CVE-2025-5365.json) (`2025-05-31T01:15:20.507`) +- [CVE-2025-5367](CVE-2025/CVE-2025-53xx/CVE-2025-5367.json) (`2025-05-31T02:15:19.383`) ### CVEs modified in the last Commit -Recently modified CVEs: `2` +Recently modified CVEs: `0` -- [CVE-2025-40909](CVE-2025/CVE-2025-409xx/CVE-2025-40909.json) (`2025-05-31T01:15:20.217`) -- [CVE-2025-48912](CVE-2025/CVE-2025-489xx/CVE-2025-48912.json) (`2025-05-31T01:15:20.390`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 92be09cba43..78055e6eca7 100644 --- a/_state.csv +++ b/_state.csv @@ -121453,7 +121453,7 @@ CVE-2018-25107,0,0,e74e5f133ec4c9e42aba268447c5e4b8ad803c3cf4918fd4d980370e8a360 CVE-2018-25108,0,0,b20ffbb6cbdeced293a2d0d5632cf118c9bcd4427f34608769eddf9c049b94c3,2025-01-16T11:15:06.850000 CVE-2018-25109,0,0,78a6fcfa9783d17890c8ccdbf5bd43dceffab865f734cb93193e2f03c25430f9,2025-03-23T23:15:13.060000 CVE-2018-25110,0,0,08f3cae3ffc7d7e54b5eaf99236e9263fd5f461cb135acb2027706bce1876f3d,2025-05-23T15:54:42.643000 -CVE-2018-25111,1,1,24e37cd49b1684a18a58e07d7abc2afe9e5211e443c242f4d15147ea0588a8a6,2025-05-31T01:15:19.123000 +CVE-2018-25111,0,0,24e37cd49b1684a18a58e07d7abc2afe9e5211e443c242f4d15147ea0588a8a6,2025-05-31T01:15:19.123000 CVE-2018-2515,0,0,5409b099d6b1ad12de2273669dad1cdf61ce6e1c2e305b93396a548635b48aa4,2023-11-07T02:57:57.887000 CVE-2018-2560,0,0,64c0ce8dd86b8cd41f028fc0faeb4c2703b3a3d6c99b5cfb7e065de6e8a10aab,2024-11-21T04:03:56.060000 CVE-2018-2561,0,0,03752647d2e63906688e002ddaaa7e85aba13094709fdf81fa6e8215efd59a07,2024-11-21T04:03:56.197000 @@ -293857,7 +293857,7 @@ CVE-2025-4089,0,0,505a4df56497bc3e08f2e58439684c838786761a96bd4da3f2b0e37b4fa97e CVE-2025-4090,0,0,7f9eabb4ad6772523e0c5f0a270166b4617494fcbb3075e75cc2736a0fa15b02,2025-05-09T19:32:34.333000 CVE-2025-40906,0,0,3bcd0a99f567a8c8c8c888444bf8652ce672ff26763dd9562ab4be9a1279c017,2025-05-19T13:35:50.497000 CVE-2025-40907,0,0,02479ee238b9c2c4380d00bd9d3c9ee05adf00f8c7961fd6f9263c931d94c687,2025-05-16T16:15:41.590000 -CVE-2025-40909,0,1,18728e90d02bd071d5442765be38f7f39285eeeb0496c2d4d452027e8589c68c,2025-05-31T01:15:20.217000 +CVE-2025-40909,0,0,18728e90d02bd071d5442765be38f7f39285eeeb0496c2d4d452027e8589c68c,2025-05-31T01:15:20.217000 CVE-2025-4091,0,0,798a4cccfe2006913bea941ae05240fec836c7335fe01bd824f887f2a82ba4a5,2025-05-09T19:32:09.470000 CVE-2025-40911,0,0,fcf4deedf6cc79e67d521479df45c4b1f5ac81bf8605fcf0e3b318f0c121b089,2025-05-28T15:01:30.720000 CVE-2025-4092,0,0,5c481b9edaa4dc01b6e2af0355fb37068b547aa3807c69c17d8381f725e9d766,2025-05-09T19:32:00.773000 @@ -295776,7 +295776,7 @@ CVE-2025-48889,0,0,10193c433a4bb6349663dd15365e40e7749e3028945374c079cc00a7a9212 CVE-2025-4889,0,0,01c7a8037082d88b5ac656519933c8c5460517579f14e0273e6b2875f7942bab,2025-05-28T15:30:05.053000 CVE-2025-4890,0,0,81e619b8915c0f1194bf5df58e7b0a9363ea517d5998dc711619ba92ff360f3e,2025-05-21T19:37:54.033000 CVE-2025-4891,0,0,ce5eadb58621294f252fd31aa2b4c3c08be14da6ad289e0467dbab1173f36755,2025-05-27T15:29:23.960000 -CVE-2025-48912,0,1,e863a16f8786aa6a633e3e694eac96f68f44de0d79e1923409a3b16cc227b023,2025-05-31T01:15:20.390000 +CVE-2025-48912,0,0,e863a16f8786aa6a633e3e694eac96f68f44de0d79e1923409a3b16cc227b023,2025-05-31T01:15:20.390000 CVE-2025-4892,0,0,002d5f2a93da7cbbf0db54aa5606cb91f8377f6151252d2e3edadf3dcfd06185,2025-05-28T15:32:12.643000 CVE-2025-48925,0,0,db68e0a65a71df0477f1e90703b2c95ade78235b08f178b6b5254b12967953eb,2025-05-29T14:29:50.247000 CVE-2025-48926,0,0,ec5ab6c497930f2e8bdc212d0c7fd2409e8a2a353740c4542d73db5a01c3f61e,2025-05-29T14:29:50.247000 @@ -296086,4 +296086,5 @@ CVE-2025-5361,0,0,e8eba883639e659977595177b642fe3e0769583284c6f3c759498ce41b4733 CVE-2025-5362,0,0,279f52f5153eed56904c386faba48236e7b4dcf0cd8b1c6a455da88f86bce1ea,2025-05-30T21:15:21.240000 CVE-2025-5363,0,0,f4ab9e51ea923ee5f68276dc2bb6e2c66199ce0bf765a5f6db2d84f03caadd41,2025-05-30T21:15:21.433000 CVE-2025-5364,0,0,8512fc7e318a4f9a02f790667cf7190b54f5e349e12cf13599f99f2abd16e086,2025-05-30T22:15:24.777000 -CVE-2025-5365,1,1,9c3add4ccbce326277aadd94e875c7c908d8965a66ee0aafcf70fd798992c1f2,2025-05-31T01:15:20.507000 +CVE-2025-5365,0,0,9c3add4ccbce326277aadd94e875c7c908d8965a66ee0aafcf70fd798992c1f2,2025-05-31T01:15:20.507000 +CVE-2025-5367,1,1,dead5a494104ea03e39b4b151a76de3fa5c02b84a712451f4c5b5c4043cf095f,2025-05-31T02:15:19.383000