Auto-Update: 2024-12-28T23:00:19.836859+00:00

CVE-2024/CVE-2024-129xx/CVE-2024-12998.json

@@ -0,0 +1,141 @@
+{
+  "id": "CVE-2024-12998",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2024-12-28T22:15:16.893",
+  "lastModified": "2024-12-28T22:15:16.893",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability, which was classified as problematic, was found in code-projects Online Car Rental System 1.0. This affects an unknown part of the file /index.php of the component GET Parameter Handler. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "baseScore": 6.9,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "NONE",
+          "userInteraction": "NONE",
+          "vulnerableSystemConfidentiality": "NONE",
+          "vulnerableSystemIntegrity": "LOW",
+          "vulnerableSystemAvailability": "NONE",
+          "subsequentSystemConfidentiality": "NONE",
+          "subsequentSystemIntegrity": "NONE",
+          "subsequentSystemAvailability": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirements": "NOT_DEFINED",
+          "integrityRequirements": "NOT_DEFINED",
+          "availabilityRequirements": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
+          "modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
+          "modifiedVulnerableSystemAvailability": "NOT_DEFINED",
+          "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
+          "modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
+          "modifiedSubsequentSystemAvailability": "NOT_DEFINED",
+          "safety": "NOT_DEFINED",
+          "automatable": "NOT_DEFINED",
+          "recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED"
+        }
+      }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N",
+          "baseScore": 4.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "NONE",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 1.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:N",
+          "baseScore": 5.0,
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "NONE",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "NONE"
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 10.0,
+        "impactScore": 2.9,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        },
+        {
+          "lang": "en",
+          "value": "CWE-94"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://code-projects.org/",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.289659",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.289659",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.469216",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}

README.md

@@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2024-12-28T21:00:19.190133+00:00
+2024-12-28T23:00:19.836859+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2024-12-28T19:15:07.800000+00:00
+2024-12-28T22:15:16.893000+00:00
 ```
 
 ### Last Data Feed Release
@@ -33,26 +33,20 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-275074
+275075
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `0`
+Recently added CVEs: `1`
 
+- [CVE-2024-12998](CVE-2024/CVE-2024-129xx/CVE-2024-12998.json) (`2024-12-28T22:15:16.893`)
 
 
 ### CVEs modified in the last Commit
 
-Recently modified CVEs: `7`
+Recently modified CVEs: `0`
 
-- [CVE-2024-50944](CVE-2024/CVE-2024-509xx/CVE-2024-50944.json) (`2024-12-28T19:15:06.197`)
-- [CVE-2024-50945](CVE-2024/CVE-2024-509xx/CVE-2024-50945.json) (`2024-12-28T19:15:06.667`)
-- [CVE-2024-53476](CVE-2024/CVE-2024-534xx/CVE-2024-53476.json) (`2024-12-28T19:15:06.880`)
-- [CVE-2024-54450](CVE-2024/CVE-2024-544xx/CVE-2024-54450.json) (`2024-12-28T19:15:07.103`)
-- [CVE-2024-54451](CVE-2024/CVE-2024-544xx/CVE-2024-54451.json) (`2024-12-28T19:15:07.340`)
-- [CVE-2024-54452](CVE-2024/CVE-2024-544xx/CVE-2024-54452.json) (`2024-12-28T19:15:07.570`)
-- [CVE-2024-56527](CVE-2024/CVE-2024-565xx/CVE-2024-56527.json) (`2024-12-28T19:15:07.800`)
 
 
 ## Download and Usage

_state.csv

@@ -245226,6 +245226,7 @@ CVE-2024-12990,0,0,89807b14608d083a479d00e43b12d437881fd3ad10cef2b8728d787a96ec5
 CVE-2024-12991,0,0,7bbf88463030ed854d461acf3a16e27c8e56add3637c215a5507fa6fcaa52774,2024-12-27T20:15:22.140000
 CVE-2024-12994,0,0,acc1f74e8195a57c518abcf58a5f0f074ad6c841f18f8ac330ccbd51f6b8910d,2024-12-28T13:15:18.173000
 CVE-2024-12995,0,0,a13870c434ee7e911d0d59c4b1c35ebf0baba5277938deaea1b15c6cff4125c4,2024-12-28T14:15:22.507000
+CVE-2024-12998,1,1,eef23b70aa8365e2a841b6d551504892346dc69bac5cd92a662f6e9a2e81cb84,2024-12-28T22:15:16.893000
 CVE-2024-1300,0,0,1449d51d635587092ee7e467b53bae80464f92cc07a6bda2595172832d29c1e4,2024-11-25T03:15:10.053000
 CVE-2024-1301,0,0,a82904378c141da107f996cbfc3663893c64b71f2f3d06fe2a7b32b9cc0bfa85,2024-11-21T08:50:16.340000
 CVE-2024-1302,0,0,50e21539c22b43b4db748f33a4680786d0cd3b39c9a7a5fc858bc75c33660782,2024-11-21T08:50:16.467000
@@ -268469,8 +268470,8 @@ CVE-2024-50930,0,0,ab7e60d69bf9ecdfb091e1a39c70aa41981d95981db536c872725a5ff6771
 CVE-2024-50931,0,0,bfe4e69023fe06db8f71d2d6d60e3e4922b2fefb11f278f99af6208127c39938,2024-12-11T16:15:13.317000
 CVE-2024-5094,0,0,f572ab7eafee07c8d987d5a3c905aa40f60dd2446639e00e7652e97e7c95fb47,2024-11-21T09:46:57.203000
 CVE-2024-50942,0,0,74bb27dcec6f641721fef2704da713b75046095ccb8aeb2b392b8ef1abb8cd71,2024-12-04T17:15:15.020000
-CVE-2024-50944,0,1,2cd90a2a7a8b74df08cb6d328511ac567ae4dae0459e41bd198ef5d5dcc3a111,2024-12-28T19:15:06.197000
+CVE-2024-50944,0,0,2cd90a2a7a8b74df08cb6d328511ac567ae4dae0459e41bd198ef5d5dcc3a111,2024-12-28T19:15:06.197000
-CVE-2024-50945,0,1,666e0273d2b4166fecaee8591da7efe31d95892b05add1b6bfde1009b67fdb8b,2024-12-28T19:15:06.667000
+CVE-2024-50945,0,0,666e0273d2b4166fecaee8591da7efe31d95892b05add1b6bfde1009b67fdb8b,2024-12-28T19:15:06.667000
 CVE-2024-50947,0,0,b5c008650b1de4762f100f17a965e455e14b58a340b5da1077acb62ce0721971,2024-12-05T20:15:22.180000
 CVE-2024-50948,0,0,a83a95d033c1f852658f7838a2af99f42aaba2f1b7026fbced6a0131c0382cea,2024-12-04T22:15:22.627000
 CVE-2024-5095,0,0,435f4b1943c8e810fb8465989f6b408e8982e554cc5e9afb3bd58dc0f211a716,2024-11-21T09:46:57.340000
@@ -270055,7 +270056,7 @@ CVE-2024-53470,0,0,7e717d458d3e971476fce58f4e759acfb3653594788d9bb4f7ef6a8cad1db
 CVE-2024-53471,0,0,dea70dfafbf7c115f6b9fc5aab8fa383b86b6c8d65d06c11e3049e5b3d3b885e,2024-12-10T22:15:25.277000
 CVE-2024-53472,0,0,f62f01117567dfa980810b663addc9d4b9e324fc111266531f31ef2f0fb28372,2024-12-11T17:15:19.720000
 CVE-2024-53473,0,0,4f11e5668fdef12cb16e2bf05d839c650d20a6c384846fe0258311160154b68b,2024-12-12T02:07:58.713000
-CVE-2024-53476,0,1,1000f6416155c52d1da19e6dc9557a007310c3d11f9d581a9eab03f7acd41c61,2024-12-28T19:15:06.880000
+CVE-2024-53476,0,0,1000f6416155c52d1da19e6dc9557a007310c3d11f9d581a9eab03f7acd41c61,2024-12-28T19:15:06.880000
 CVE-2024-53477,0,0,3dfbb52637bb052a793d1b67a024cd50b899929ad7fee8a9366a9aa6e069e388,2024-12-11T16:15:14.150000
 CVE-2024-5348,0,0,0c3454114961657672c2409af3f9f2f3bb9995c6579ea15f7d29552347b906f3,2024-11-21T09:47:28.240000
 CVE-2024-53480,0,0,5e46c0ee9bfffb1ecaafb500e19fbf13655a91348c28c3d7d2daabc702146564,2024-12-12T15:15:15.917000
@@ -270710,9 +270711,9 @@ CVE-2024-54441,0,0,4998045381787fcc4b3ba91881da0472af2407cb6b3b4e86c69cbecd8e8e1
 CVE-2024-54442,0,0,4654114cbbe36af251b0a17ca273aa4c42991899ac7df3d541352dc363b8b95d,2024-12-16T15:15:23.273000
 CVE-2024-54443,0,0,a19735fa20af88aa6b80d25f5f3fba13bc36980cd33611fe0939754004239647,2024-12-16T15:15:23.420000
 CVE-2024-5445,0,0,868cf662746874f2c335da1d583d2882ec8b61a1e57de341d372842bb0244e3a,2024-08-12T13:41:36.517000
-CVE-2024-54450,0,1,aabb18820136b7c039cd7c034c7f73bb4fbf564b47289185c90837686625b797,2024-12-28T19:15:07.103000
+CVE-2024-54450,0,0,aabb18820136b7c039cd7c034c7f73bb4fbf564b47289185c90837686625b797,2024-12-28T19:15:07.103000
-CVE-2024-54451,0,1,eb5dc636c5bdd52381b7fa77adc3a2623336dbdd2148286dff7294e8af2d17f3,2024-12-28T19:15:07.340000
+CVE-2024-54451,0,0,eb5dc636c5bdd52381b7fa77adc3a2623336dbdd2148286dff7294e8af2d17f3,2024-12-28T19:15:07.340000
-CVE-2024-54452,0,1,580ca4477632f0f9b88f16b8293e24b9d00dfbf3c0e7ff0a9b0468914ad431d2,2024-12-28T19:15:07.570000
+CVE-2024-54452,0,0,580ca4477632f0f9b88f16b8293e24b9d00dfbf3c0e7ff0a9b0468914ad431d2,2024-12-28T19:15:07.570000
 CVE-2024-54453,0,0,1d29d387e8d483eb2d9c2fac7421c2316d1f5ad23687a8624aafda457808ac20,2024-12-27T20:15:23.670000
 CVE-2024-54454,0,0,d47284e16acb38d36b7357f0d17c834483610159e501bace03ffb7af0ec70668,2024-12-27T20:15:23.777000
 CVE-2024-54457,0,0,da0353a7ec7d859fd477580e7c54e31a24aeea86ab2c2ac2e00b7a1eda59c2cf,2024-12-18T07:15:08.377000
@@ -271206,7 +271207,7 @@ CVE-2024-5652,0,0,1dda3b28a95a3027cca32754d8e2a9cb8bd181dca86e7b0a455abcf575817a
 CVE-2024-56520,0,0,4a9aa9a1a3adcd1997d0b43db425637bc4984e59f1d448be2595594ab203989e,2024-12-27T05:15:07.837000
 CVE-2024-56521,0,0,97b68e3a5a928b0646ce77bf269259779b5065ddddc387966f52663153bd98a8,2024-12-27T05:15:07.977000
 CVE-2024-56522,0,0,932806003c80917db6a4613c79f24ada3f16757e896618a1b3cbf4f9e43c330c,2024-12-27T05:15:08.130000
-CVE-2024-56527,0,1,bc553a98c63c830a826f605f9380ce4cabbc6f74db77f93c30b7ece0efc5737f,2024-12-28T19:15:07.800000
+CVE-2024-56527,0,0,bc553a98c63c830a826f605f9380ce4cabbc6f74db77f93c30b7ece0efc5737f,2024-12-28T19:15:07.800000
 CVE-2024-5653,0,0,6a43b27cee3d2293652e8e6e2ccb4fc0236822263be85c5365c247a4f0b2a7b5,2024-11-21T09:48:05.873000
 CVE-2024-56531,0,0,aa7a2b0529de2aaf00ad78e03c50eb61b577053ac1fd73582426ce44706e04f7,2024-12-27T14:15:32.503000
 CVE-2024-56532,0,0,356bd52ed55ce1deb2238d9f1d6546ed8f5000ee1eb152ee78a656b54595c191,2024-12-27T14:15:32.640000