diff --git a/CVE-2024/CVE-2024-53xx/CVE-2024-5374.json b/CVE-2024/CVE-2024-53xx/CVE-2024-5374.json new file mode 100644 index 00000000000..13ef202ae4a --- /dev/null +++ b/CVE-2024/CVE-2024-53xx/CVE-2024-5374.json @@ -0,0 +1,92 @@ +{ + "id": "CVE-2024-5374", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-05-26T20:15:08.317", + "lastModified": "2024-05-26T20:15:08.317", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as problematic, was found in Kashipara College Management System 1.0. Affected is an unknown function of the file submit_new_faculty.php. The manipulation of the argument address leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-266286 is the identifier assigned to this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 3.5, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE", + "baseScore": 4.0 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/E1CHO/cve_hub/blob/main/College%20Management%20System%20-%20xss/College%20Management%20System%20-%20vuln%208.pdf", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.266286", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.266286", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.343454", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-53xx/CVE-2024-5375.json b/CVE-2024/CVE-2024-53xx/CVE-2024-5375.json new file mode 100644 index 00000000000..4b8bb1ec06b --- /dev/null +++ b/CVE-2024/CVE-2024-53xx/CVE-2024-5375.json @@ -0,0 +1,92 @@ +{ + "id": "CVE-2024-5375", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-05-26T20:15:08.600", + "lastModified": "2024-05-26T20:15:08.600", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability has been found in Kashipara College Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file submit_student.php. The manipulation of the argument address leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-266287." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 3.5, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE", + "baseScore": 4.0 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/E1CHO/cve_hub/blob/main/College%20Management%20System%20-%20xss/College%20Management%20System%20-%20vuln%209.pdf", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.266287", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.266287", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.343455", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-53xx/CVE-2024-5376.json b/CVE-2024/CVE-2024-53xx/CVE-2024-5376.json new file mode 100644 index 00000000000..3fa573e568a --- /dev/null +++ b/CVE-2024/CVE-2024-53xx/CVE-2024-5376.json @@ -0,0 +1,92 @@ +{ + "id": "CVE-2024-5376", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-05-26T21:15:08.383", + "lastModified": "2024-05-26T21:15:08.383", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in Kashipara College Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file view_each_faculty.php. The manipulation of the argument id leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-266288." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 3.5, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE", + "baseScore": 4.0 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/E1CHO/cve_hub/blob/main/College%20Management%20System%20-%20xss/College%20Management%20System%20-%20vuln%2010.pdf", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.266288", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.266288", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.343456", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/CVE-2024/CVE-2024-53xx/CVE-2024-5377.json b/CVE-2024/CVE-2024-53xx/CVE-2024-5377.json new file mode 100644 index 00000000000..b27d853b643 --- /dev/null +++ b/CVE-2024/CVE-2024-53xx/CVE-2024-5377.json @@ -0,0 +1,92 @@ +{ + "id": "CVE-2024-5377", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-05-26T21:15:08.673", + "lastModified": "2024-05-26T21:15:08.673", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in SourceCodester Vehicle Management System 1.0. It has been classified as critical. This affects an unknown part of the file /newvehicle.php. The manipulation of the argument file leads to unrestricted upload. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-266289 was assigned to this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 7.3, + "baseSeverity": "HIGH" + }, + "exploitabilityScore": 3.9, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 7.5 + }, + "baseSeverity": "HIGH", + "exploitabilityScore": 10.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-434" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/yuyuliq/cve/issues/1", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.266289", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.266289", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.343809", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 9260ad32923..18233e2a1fa 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-05-26T20:00:37.266395+00:00 +2024-05-26T22:00:30.068057+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-05-26T19:15:08.447000+00:00 +2024-05-26T21:15:08.673000+00:00 ``` ### Last Data Feed Release @@ -33,17 +33,17 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -251812 +251816 ``` ### CVEs added in the last Commit Recently added CVEs: `4` -- [CVE-2024-5370](CVE-2024/CVE-2024-53xx/CVE-2024-5370.json) (`2024-05-26T18:15:08.547`) -- [CVE-2024-5371](CVE-2024/CVE-2024-53xx/CVE-2024-5371.json) (`2024-05-26T18:15:08.840`) -- [CVE-2024-5372](CVE-2024/CVE-2024-53xx/CVE-2024-5372.json) (`2024-05-26T19:15:08.167`) -- [CVE-2024-5373](CVE-2024/CVE-2024-53xx/CVE-2024-5373.json) (`2024-05-26T19:15:08.447`) +- [CVE-2024-5374](CVE-2024/CVE-2024-53xx/CVE-2024-5374.json) (`2024-05-26T20:15:08.317`) +- [CVE-2024-5375](CVE-2024/CVE-2024-53xx/CVE-2024-5375.json) (`2024-05-26T20:15:08.600`) +- [CVE-2024-5376](CVE-2024/CVE-2024-53xx/CVE-2024-5376.json) (`2024-05-26T21:15:08.383`) +- [CVE-2024-5377](CVE-2024/CVE-2024-53xx/CVE-2024-5377.json) (`2024-05-26T21:15:08.673`) ### CVEs modified in the last Commit diff --git a/_state.csv b/_state.csv index f8b5698d7bd..b92419368c8 100644 --- a/_state.csv +++ b/_state.csv @@ -251807,7 +251807,11 @@ CVE-2024-5366,0,0,bf478e2423ea330984c07fcf6891653c1ec41613dd2091419a99e76a3459be CVE-2024-5367,0,0,cd319ddccfc2a6b214cf2d698c9b0f989c7d05592c560094a48ee8a65d0168a4,2024-05-26T15:15:08.010000 CVE-2024-5368,0,0,73e825460777a3e62c0a017f586fea2dc5e71098be77ac75e6dcf66080548075,2024-05-26T16:15:08.367000 CVE-2024-5369,0,0,cb938916fbbaf5d3bfd5dbd91451b9fd0b3f2a81bdcbedbcec51524b9209d366,2024-05-26T17:15:21.760000 -CVE-2024-5370,1,1,14c7da2672eebae3d0b6cc8f462bf25de07a9cdd18132cb75ccf40464a389f30,2024-05-26T18:15:08.547000 -CVE-2024-5371,1,1,9be98f02c5bebf424f04dde153f2a2e0e5c2fe8e37ffcd67c91789c7cb6596ff,2024-05-26T18:15:08.840000 -CVE-2024-5372,1,1,5700614e120a534fc657827564720978aa920a95dad497630c378bb58fd2314e,2024-05-26T19:15:08.167000 -CVE-2024-5373,1,1,bcdbc2e3e8e68c792329b221d0cb16965d0e8233638979f1406ed5c709c008a7,2024-05-26T19:15:08.447000 +CVE-2024-5370,0,0,14c7da2672eebae3d0b6cc8f462bf25de07a9cdd18132cb75ccf40464a389f30,2024-05-26T18:15:08.547000 +CVE-2024-5371,0,0,9be98f02c5bebf424f04dde153f2a2e0e5c2fe8e37ffcd67c91789c7cb6596ff,2024-05-26T18:15:08.840000 +CVE-2024-5372,0,0,5700614e120a534fc657827564720978aa920a95dad497630c378bb58fd2314e,2024-05-26T19:15:08.167000 +CVE-2024-5373,0,0,bcdbc2e3e8e68c792329b221d0cb16965d0e8233638979f1406ed5c709c008a7,2024-05-26T19:15:08.447000 +CVE-2024-5374,1,1,9d0065534d8f28e9f95cc9b288a36b0fef6c4b6e4f9eadc9d4bcf7d5cd9e3a54,2024-05-26T20:15:08.317000 +CVE-2024-5375,1,1,22a41a52f8127cf77fc020e1d70df40b755fd718f0ea7badc1f1a2263c1c56df,2024-05-26T20:15:08.600000 +CVE-2024-5376,1,1,62e4bc8dd75ff4cdd6ef1f13aab45fd1bcdcb1cf5634972b5ef9a9151eb8f9c4,2024-05-26T21:15:08.383000 +CVE-2024-5377,1,1,b1ce75d7f9d5fb37a90a7deae75307c4f1b1b656098d91fdd5e339c026682071,2024-05-26T21:15:08.673000