From c1ab5f881051c182136bb699a423eeff1f6fa585 Mon Sep 17 00:00:00 2001 From: cad-safe-bot Date: Sun, 7 Apr 2024 08:03:26 +0000 Subject: [PATCH] Auto-Update: 2024-04-07T08:00:38.092428+00:00 --- CVE-2024/CVE-2024-34xx/CVE-2024-3417.json | 92 +++++++++++++++++++++++ README.md | 11 ++- _state.csv | 5 +- 3 files changed, 100 insertions(+), 8 deletions(-) create mode 100644 CVE-2024/CVE-2024-34xx/CVE-2024-3417.json diff --git a/CVE-2024/CVE-2024-34xx/CVE-2024-3417.json b/CVE-2024/CVE-2024-34xx/CVE-2024-3417.json new file mode 100644 index 00000000000..10865b975af --- /dev/null +++ b/CVE-2024/CVE-2024-34xx/CVE-2024-3417.json @@ -0,0 +1,92 @@ +{ + "id": "CVE-2024-3417", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-04-07T06:15:08.223", + "lastModified": "2024-04-07T06:15:08.223", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as critical, has been found in SourceCodester Online Courseware 1.0. This issue affects some unknown processing of the file admin/saveeditt.php. The manipulation of the argument contact leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-259589 was assigned to this vulnerability." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "NONE", + "scope": "UNCHANGED", + "confidentialityImpact": "LOW", + "integrityImpact": "LOW", + "availabilityImpact": "LOW", + "baseScore": 6.3, + "baseSeverity": "MEDIUM" + }, + "exploitabilityScore": 2.8, + "impactScore": 3.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "PARTIAL", + "integrityImpact": "PARTIAL", + "availabilityImpact": "PARTIAL", + "baseScore": 6.5 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 6.4, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-89" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/thisissuperann/Vul/blob/Online-Courseware/Online-Courseware-02.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.259589", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.259589", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?submit.311595", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index 203f0fc2f90..4fb45e70654 100644 --- a/README.md +++ b/README.md @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-04-07T06:00:38.400723+00:00 +2024-04-07T08:00:38.092428+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-04-07T04:15:07.853000+00:00 +2024-04-07T06:15:08.223000+00:00 ``` ### Last Data Feed Release @@ -33,21 +33,20 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -244300 +244301 ``` ### CVEs added in the last Commit Recently added CVEs: `1` -- [CVE-2024-3416](CVE-2024/CVE-2024-34xx/CVE-2024-3416.json) (`2024-04-07T04:15:07.853`) +- [CVE-2024-3417](CVE-2024/CVE-2024-34xx/CVE-2024-3417.json) (`2024-04-07T06:15:08.223`) ### CVEs modified in the last Commit -Recently modified CVEs: `1` +Recently modified CVEs: `0` -- [CVE-2024-27575](CVE-2024/CVE-2024-275xx/CVE-2024-27575.json) (`2024-04-07T04:15:07.723`) ## Download and Usage diff --git a/_state.csv b/_state.csv index 3c9e7ac4432..a2b4d8a3a27 100644 --- a/_state.csv +++ b/_state.csv @@ -242887,7 +242887,7 @@ CVE-2024-27569,0,0,000ff88e8ff4678a3790d0ee96674581a9a53afd1b5f0d49033b717c5dd65 CVE-2024-27570,0,0,30e1bdadd931878127199d0565523cd94923921178695ba62d569ae38e48386b,2024-03-01T15:23:36.177000 CVE-2024-27571,0,0,2fcce61cb867ec2a650e4bd74e7018e990625a473882c12953648f5c8c2545b3,2024-03-01T15:23:36.177000 CVE-2024-27572,0,0,6169a6a6221da5c6dbb1556f7b45e6b45c4deebae5e21607b1e3cfa478f1fe5b,2024-03-01T15:23:36.177000 -CVE-2024-27575,0,1,fe78cdbfc48ba2557faf61957a122c11738e27bfad3d91860b0cc50d57150a36,2024-04-07T04:15:07.723000 +CVE-2024-27575,0,0,fe78cdbfc48ba2557faf61957a122c11738e27bfad3d91860b0cc50d57150a36,2024-04-07T04:15:07.723000 CVE-2024-2758,0,0,a3cb437eedb439caebfac4666310f05bccf69de779d818f9f315740c92bee7d8,2024-04-04T12:48:41.700000 CVE-2024-2759,0,0,cb410b99122b16bbafd55e196fc83701c95bae09fba9353767401f5fe587c56c,2024-04-04T16:33:06.610000 CVE-2024-27602,0,0,641d004f193cbc187bf560868353a5607871444565457a2a1f222c57bafe0082,2024-04-03T12:38:04.840000 @@ -244298,4 +244298,5 @@ CVE-2024-3378,0,0,18603e1af81d7ddd6783ce6e71ce93149edac58389cc6209d2aa06899a4765 CVE-2024-3413,0,0,e1d44a7f6ecaa59001e0c3b7293038f73b00022993d5cfe2b006c5f004dd07b4,2024-04-06T19:15:07.303000 CVE-2024-3414,0,0,865b8b9a463ec948dc343c4a30756496edcf661fb9a023649606bd76ffc5f79d,2024-04-06T21:15:20.167000 CVE-2024-3415,0,0,23cc20be89e4c811c9f035ba78dae2c60f0134aa8421de0bb9bfdc4f8027ffdc,2024-04-06T23:15:07.630000 -CVE-2024-3416,1,1,200d89ec70de0812fd3c5d8005f173692de3332633ae40be8d1d14b8003608f6,2024-04-07T04:15:07.853000 +CVE-2024-3416,0,0,200d89ec70de0812fd3c5d8005f173692de3332633ae40be8d1d14b8003608f6,2024-04-07T04:15:07.853000 +CVE-2024-3417,1,1,b709776032706fffe344a55daccb44666332d7c2f5bd28c6517d5f92d2dba641,2024-04-07T06:15:08.223000