Auto-Update: 2025-07-06T10:00:12.361328+00:00

2025-07-11 16:13:34 +00:00 · 2025-07-06 10:03:49 +00:00 · 2025-07-06 10:03:49 +00:00 · 97c6e56318
commit 97c6e56318
parent fcc8757ea8
3 changed files with 149 additions and 8 deletions
--- a/CVE-2025/CVE-2025-70xx/CVE-2025-7078.json
+++ b/CVE-2025/CVE-2025-70xx/CVE-2025-7078.json
@ -0,0 +1,141 @@
+{
+  "id": "CVE-2025-7078",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2025-07-06T09:15:23.400",
+  "lastModified": "2025-07-06T09:15:23.400",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability classified as problematic was found in 07FLYCMS, 07FLY-CMS and 07FlyCRM up to 1.3.9. This vulnerability affects unknown code. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. This product is published under multiple names. The vendor was contacted early about this disclosure but did not respond in any way."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "baseScore": 5.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "NONE",
+          "userInteraction": "PASSIVE",
+          "vulnConfidentialityImpact": "NONE",
+          "vulnIntegrityImpact": "LOW",
+          "vulnAvailabilityImpact": "NONE",
+          "subConfidentialityImpact": "NONE",
+          "subIntegrityImpact": "NONE",
+          "subAvailabilityImpact": "NONE",
+          "exploitMaturity": "PROOF_OF_CONCEPT",
+          "confidentialityRequirement": "NOT_DEFINED",
+          "integrityRequirement": "NOT_DEFINED",
+          "availabilityRequirement": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
+          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
+          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
+          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
+          "modifiedSubIntegrityImpact": "NOT_DEFINED",
+          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
+          "Safety": "NOT_DEFINED",
+          "Automatable": "NOT_DEFINED",
+          "Recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED"
+        }
+      }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
+          "baseScore": 4.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 1.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
+          "baseScore": 5.0,
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "NONE",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "NONE"
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 10.0,
+        "impactScore": 2.9,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-352"
+        },
+        {
+          "lang": "en",
+          "value": "CWE-862"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/Excentique/yuxuan_mei/blob/main/07fly-crm_1.md",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.314992",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.314992",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.603552",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2025-07-06T08:00:14.455300+00:00
+2025-07-06T10:00:12.361328+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2025-07-06T07:15:35.383000+00:00
+2025-07-06T09:15:23.400000+00:00
 ```

 ### Last Data Feed Release
@ -33,15 +33,14 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-300508
+300509
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `2`
+Recently added CVEs: `1`

- [CVE-2025-27446](CVE-2025/CVE-2025-274xx/CVE-2025-27446.json) (`2025-07-06T06:15:21.587`)
- [CVE-2025-7077](CVE-2025/CVE-2025-70xx/CVE-2025-7077.json) (`2025-07-06T07:15:35.383`)
+- [CVE-2025-7078](CVE-2025/CVE-2025-70xx/CVE-2025-7078.json) (`2025-07-06T09:15:23.400`)


 ### CVEs modified in the last Commit
--- a/_state.csv
+++ b/_state.csv
@ -290084,7 +290084,7 @@ CVE-2025-27442,0,0,3da2fa991b1fa899731d47641052ab04d437584548e9c485460b64214e501
 CVE-2025-27443,0,0,ccd5fa9501bd1c4c89d386363f67b3971f9105cc14cdb667513fb78e12c76ecc,2025-04-08T18:13:53.347000
 CVE-2025-27444,0,0,4a47feecb17e273ada092c286d134005100fd80febdd86293ecde589498b8bab,2025-06-09T15:04:33.780000
 CVE-2025-27445,0,0,b3f5f26acd9b1eeb391c632e6a4f22f7ea880cf9f07dc106f61ff101a1eb24d4,2025-06-17T20:15:31.250000
-CVE-2025-27446,1,1,03c93c94815d89288446c29712e946a24628661ec89b7a5440b385df169bdcaf,2025-07-06T06:15:21.587000
+CVE-2025-27446,0,0,03c93c94815d89288446c29712e946a24628661ec89b7a5440b385df169bdcaf,2025-07-06T06:15:21.587000
 CVE-2025-27447,0,0,ce4ed780b04d23d0b37375dc5564770df1e43bef795462a910832c4a8be33070,2025-07-03T15:13:53.147000
 CVE-2025-27448,0,0,f5ba7ace9d667bdbf65684150773cbbb69ec990406c133785b5b5234e0e68e7b,2025-07-03T15:13:53.147000
 CVE-2025-27449,0,0,338c5660364661bf96c6ab3e44992ed998c75364f3c7528d1f424a54c6f530fe,2025-07-03T15:13:53.147000
@ -300506,4 +300506,5 @@ CVE-2025-7070,0,0,5f1d750a5e8c3a8f6a22a3c4ba050db3b74a14614263bd616051bd77ed245d
 CVE-2025-7074,0,0,17a3f0ba3ddd59bcaa881a4c58ffb1fd038264f365c60b06d4f0954ae7fd2a19,2025-07-05T09:15:27.913000
 CVE-2025-7075,0,0,f55145ea7b8b425f9a71256e9af22508bfcd7fe47fec2009f7e9ecaad13268b4,2025-07-06T00:15:22.177000
 CVE-2025-7076,0,0,12a886580faa52060fa14c3385e4efa8af2c70ae6539b826fcb69118c4e94272,2025-07-06T01:15:20.563000
-CVE-2025-7077,1,1,5cf46dd264f943652ab85c60911298ed73fd226440062423a149de6f68a6458a,2025-07-06T07:15:35.383000
+CVE-2025-7077,0,0,5cf46dd264f943652ab85c60911298ed73fd226440062423a149de6f68a6458a,2025-07-06T07:15:35.383000
+CVE-2025-7078,1,1,e3e01c0b85e9f338c256052c94d058110940bc0660a993bf3e6ba73a98ff97d2,2025-07-06T09:15:23.400000