diff --git a/CVE-2024/CVE-2024-129xx/CVE-2024-12998.json b/CVE-2024/CVE-2024-129xx/CVE-2024-12998.json new file mode 100644 index 00000000000..39d82322963 --- /dev/null +++ b/CVE-2024/CVE-2024-129xx/CVE-2024-12998.json @@ -0,0 +1,141 @@ +{ + "id": "CVE-2024-12998", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-12-28T22:15:16.893", + "lastModified": "2024-12-28T22:15:16.893", + "vulnStatus": "Received", + "cveTags": [], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as problematic, was found in code-projects Online Car Rental System 1.0. This affects an unknown part of the file /index.php of the component GET Parameter Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." + } + ], + "metrics": { + "cvssMetricV40": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "4.0", + "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", + "baseScore": 6.9, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "attackRequirements": "NONE", + "privilegesRequired": "NONE", + "userInteraction": "NONE", + "vulnerableSystemConfidentiality": "NONE", + "vulnerableSystemIntegrity": "LOW", + "vulnerableSystemAvailability": "NONE", + "subsequentSystemConfidentiality": "NONE", + "subsequentSystemIntegrity": "NONE", + "subsequentSystemAvailability": "NONE", + "exploitMaturity": "NOT_DEFINED", + "confidentialityRequirements": "NOT_DEFINED", + "integrityRequirements": "NOT_DEFINED", + "availabilityRequirements": "NOT_DEFINED", + "modifiedAttackVector": "NOT_DEFINED", + "modifiedAttackComplexity": "NOT_DEFINED", + "modifiedAttackRequirements": "NOT_DEFINED", + "modifiedPrivilegesRequired": "NOT_DEFINED", + "modifiedUserInteraction": "NOT_DEFINED", + "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", + "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", + "modifiedVulnerableSystemAvailability": "NOT_DEFINED", + "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", + "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", + "modifiedSubsequentSystemAvailability": "NOT_DEFINED", + "safety": "NOT_DEFINED", + "automatable": "NOT_DEFINED", + "recovery": "NOT_DEFINED", + "valueDensity": "NOT_DEFINED", + "vulnerabilityResponseEffort": "NOT_DEFINED", + "providerUrgency": "NOT_DEFINED" + } + } + ], + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N", + "baseScore": 4.3, + "baseSeverity": "MEDIUM", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "NONE", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE" + }, + "exploitabilityScore": 2.8, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N", + "baseScore": 5.0, + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "NONE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE" + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 10.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + }, + { + "lang": "en", + "value": "CWE-94" + } + ] + } + ], + "references": [ + { + "url": "https://code-projects.org/", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.289659", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.289659", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.469216", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 99ed7954e64..c78832d89f4 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-12-28T21:00:19.190133+00:00 +2024-12-28T23:00:19.836859+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-12-28T19:15:07.800000+00:00 +2024-12-28T22:15:16.893000+00:00 ``` ### Last Data Feed Release @@ -33,26 +33,20 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -275074 +275075 ``` ### CVEs added in the last Commit -Recently added CVEs: `0` +Recently added CVEs: `1` +- [CVE-2024-12998](CVE-2024/CVE-2024-129xx/CVE-2024-12998.json) (`2024-12-28T22:15:16.893`) ### CVEs modified in the last Commit -Recently modified CVEs: `7` +Recently modified CVEs: `0` -- [CVE-2024-50944](CVE-2024/CVE-2024-509xx/CVE-2024-50944.json) (`2024-12-28T19:15:06.197`) -- [CVE-2024-50945](CVE-2024/CVE-2024-509xx/CVE-2024-50945.json) (`2024-12-28T19:15:06.667`) -- [CVE-2024-53476](CVE-2024/CVE-2024-534xx/CVE-2024-53476.json) (`2024-12-28T19:15:06.880`) -- [CVE-2024-54450](CVE-2024/CVE-2024-544xx/CVE-2024-54450.json) (`2024-12-28T19:15:07.103`) -- [CVE-2024-54451](CVE-2024/CVE-2024-544xx/CVE-2024-54451.json) (`2024-12-28T19:15:07.340`) -- [CVE-2024-54452](CVE-2024/CVE-2024-544xx/CVE-2024-54452.json) (`2024-12-28T19:15:07.570`) -- [CVE-2024-56527](CVE-2024/CVE-2024-565xx/CVE-2024-56527.json) (`2024-12-28T19:15:07.800`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 6a27dd487b1..92e809d4002 100644 --- a/_state.csv +++ b/_state.csv @@ -245226,6 +245226,7 @@ CVE-2024-12990,0,0,89807b14608d083a479d00e43b12d437881fd3ad10cef2b8728d787a96ec5 CVE-2024-12991,0,0,7bbf88463030ed854d461acf3a16e27c8e56add3637c215a5507fa6fcaa52774,2024-12-27T20:15:22.140000 CVE-2024-12994,0,0,acc1f74e8195a57c518abcf58a5f0f074ad6c841f18f8ac330ccbd51f6b8910d,2024-12-28T13:15:18.173000 CVE-2024-12995,0,0,a13870c434ee7e911d0d59c4b1c35ebf0baba5277938deaea1b15c6cff4125c4,2024-12-28T14:15:22.507000 +CVE-2024-12998,1,1,eef23b70aa8365e2a841b6d551504892346dc69bac5cd92a662f6e9a2e81cb84,2024-12-28T22:15:16.893000 CVE-2024-1300,0,0,1449d51d635587092ee7e467b53bae80464f92cc07a6bda2595172832d29c1e4,2024-11-25T03:15:10.053000 CVE-2024-1301,0,0,a82904378c141da107f996cbfc3663893c64b71f2f3d06fe2a7b32b9cc0bfa85,2024-11-21T08:50:16.340000 CVE-2024-1302,0,0,50e21539c22b43b4db748f33a4680786d0cd3b39c9a7a5fc858bc75c33660782,2024-11-21T08:50:16.467000 @@ -268469,8 +268470,8 @@ CVE-2024-50930,0,0,ab7e60d69bf9ecdfb091e1a39c70aa41981d95981db536c872725a5ff6771 CVE-2024-50931,0,0,bfe4e69023fe06db8f71d2d6d60e3e4922b2fefb11f278f99af6208127c39938,2024-12-11T16:15:13.317000 CVE-2024-5094,0,0,f572ab7eafee07c8d987d5a3c905aa40f60dd2446639e00e7652e97e7c95fb47,2024-11-21T09:46:57.203000 CVE-2024-50942,0,0,74bb27dcec6f641721fef2704da713b75046095ccb8aeb2b392b8ef1abb8cd71,2024-12-04T17:15:15.020000 -CVE-2024-50944,0,1,2cd90a2a7a8b74df08cb6d328511ac567ae4dae0459e41bd198ef5d5dcc3a111,2024-12-28T19:15:06.197000 -CVE-2024-50945,0,1,666e0273d2b4166fecaee8591da7efe31d95892b05add1b6bfde1009b67fdb8b,2024-12-28T19:15:06.667000 +CVE-2024-50944,0,0,2cd90a2a7a8b74df08cb6d328511ac567ae4dae0459e41bd198ef5d5dcc3a111,2024-12-28T19:15:06.197000 +CVE-2024-50945,0,0,666e0273d2b4166fecaee8591da7efe31d95892b05add1b6bfde1009b67fdb8b,2024-12-28T19:15:06.667000 CVE-2024-50947,0,0,b5c008650b1de4762f100f17a965e455e14b58a340b5da1077acb62ce0721971,2024-12-05T20:15:22.180000 CVE-2024-50948,0,0,a83a95d033c1f852658f7838a2af99f42aaba2f1b7026fbced6a0131c0382cea,2024-12-04T22:15:22.627000 CVE-2024-5095,0,0,435f4b1943c8e810fb8465989f6b408e8982e554cc5e9afb3bd58dc0f211a716,2024-11-21T09:46:57.340000 @@ -270055,7 +270056,7 @@ CVE-2024-53470,0,0,7e717d458d3e971476fce58f4e759acfb3653594788d9bb4f7ef6a8cad1db CVE-2024-53471,0,0,dea70dfafbf7c115f6b9fc5aab8fa383b86b6c8d65d06c11e3049e5b3d3b885e,2024-12-10T22:15:25.277000 CVE-2024-53472,0,0,f62f01117567dfa980810b663addc9d4b9e324fc111266531f31ef2f0fb28372,2024-12-11T17:15:19.720000 CVE-2024-53473,0,0,4f11e5668fdef12cb16e2bf05d839c650d20a6c384846fe0258311160154b68b,2024-12-12T02:07:58.713000 -CVE-2024-53476,0,1,1000f6416155c52d1da19e6dc9557a007310c3d11f9d581a9eab03f7acd41c61,2024-12-28T19:15:06.880000 +CVE-2024-53476,0,0,1000f6416155c52d1da19e6dc9557a007310c3d11f9d581a9eab03f7acd41c61,2024-12-28T19:15:06.880000 CVE-2024-53477,0,0,3dfbb52637bb052a793d1b67a024cd50b899929ad7fee8a9366a9aa6e069e388,2024-12-11T16:15:14.150000 CVE-2024-5348,0,0,0c3454114961657672c2409af3f9f2f3bb9995c6579ea15f7d29552347b906f3,2024-11-21T09:47:28.240000 CVE-2024-53480,0,0,5e46c0ee9bfffb1ecaafb500e19fbf13655a91348c28c3d7d2daabc702146564,2024-12-12T15:15:15.917000 @@ -270710,9 +270711,9 @@ CVE-2024-54441,0,0,4998045381787fcc4b3ba91881da0472af2407cb6b3b4e86c69cbecd8e8e1 CVE-2024-54442,0,0,4654114cbbe36af251b0a17ca273aa4c42991899ac7df3d541352dc363b8b95d,2024-12-16T15:15:23.273000 CVE-2024-54443,0,0,a19735fa20af88aa6b80d25f5f3fba13bc36980cd33611fe0939754004239647,2024-12-16T15:15:23.420000 CVE-2024-5445,0,0,868cf662746874f2c335da1d583d2882ec8b61a1e57de341d372842bb0244e3a,2024-08-12T13:41:36.517000 -CVE-2024-54450,0,1,aabb18820136b7c039cd7c034c7f73bb4fbf564b47289185c90837686625b797,2024-12-28T19:15:07.103000 -CVE-2024-54451,0,1,eb5dc636c5bdd52381b7fa77adc3a2623336dbdd2148286dff7294e8af2d17f3,2024-12-28T19:15:07.340000 -CVE-2024-54452,0,1,580ca4477632f0f9b88f16b8293e24b9d00dfbf3c0e7ff0a9b0468914ad431d2,2024-12-28T19:15:07.570000 +CVE-2024-54450,0,0,aabb18820136b7c039cd7c034c7f73bb4fbf564b47289185c90837686625b797,2024-12-28T19:15:07.103000 +CVE-2024-54451,0,0,eb5dc636c5bdd52381b7fa77adc3a2623336dbdd2148286dff7294e8af2d17f3,2024-12-28T19:15:07.340000 +CVE-2024-54452,0,0,580ca4477632f0f9b88f16b8293e24b9d00dfbf3c0e7ff0a9b0468914ad431d2,2024-12-28T19:15:07.570000 CVE-2024-54453,0,0,1d29d387e8d483eb2d9c2fac7421c2316d1f5ad23687a8624aafda457808ac20,2024-12-27T20:15:23.670000 CVE-2024-54454,0,0,d47284e16acb38d36b7357f0d17c834483610159e501bace03ffb7af0ec70668,2024-12-27T20:15:23.777000 CVE-2024-54457,0,0,da0353a7ec7d859fd477580e7c54e31a24aeea86ab2c2ac2e00b7a1eda59c2cf,2024-12-18T07:15:08.377000 @@ -271206,7 +271207,7 @@ CVE-2024-5652,0,0,1dda3b28a95a3027cca32754d8e2a9cb8bd181dca86e7b0a455abcf575817a CVE-2024-56520,0,0,4a9aa9a1a3adcd1997d0b43db425637bc4984e59f1d448be2595594ab203989e,2024-12-27T05:15:07.837000 CVE-2024-56521,0,0,97b68e3a5a928b0646ce77bf269259779b5065ddddc387966f52663153bd98a8,2024-12-27T05:15:07.977000 CVE-2024-56522,0,0,932806003c80917db6a4613c79f24ada3f16757e896618a1b3cbf4f9e43c330c,2024-12-27T05:15:08.130000 -CVE-2024-56527,0,1,bc553a98c63c830a826f605f9380ce4cabbc6f74db77f93c30b7ece0efc5737f,2024-12-28T19:15:07.800000 +CVE-2024-56527,0,0,bc553a98c63c830a826f605f9380ce4cabbc6f74db77f93c30b7ece0efc5737f,2024-12-28T19:15:07.800000 CVE-2024-5653,0,0,6a43b27cee3d2293652e8e6e2ccb4fc0236822263be85c5365c247a4f0b2a7b5,2024-11-21T09:48:05.873000 CVE-2024-56531,0,0,aa7a2b0529de2aaf00ad78e03c50eb61b577053ac1fd73582426ce44706e04f7,2024-12-27T14:15:32.503000 CVE-2024-56532,0,0,356bd52ed55ce1deb2238d9f1d6546ed8f5000ee1eb152ee78a656b54595c191,2024-12-27T14:15:32.640000