diff --git a/CVE-2024/CVE-2024-25xx/CVE-2024-2518.json b/CVE-2024/CVE-2024-25xx/CVE-2024-2518.json new file mode 100644 index 00000000000..141f22413b6 --- /dev/null +++ b/CVE-2024/CVE-2024-25xx/CVE-2024-2518.json @@ -0,0 +1,88 @@ +{ + "id": "CVE-2024-2518", + "sourceIdentifier": "cna@vuldb.com", + "published": "2024-03-16T13:15:05.727", + "lastModified": "2024-03-16T13:15:05.727", + "vulnStatus": "Received", + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability was found in MAGESH-K21 Online-College-Event-Hall-Reservation-System 1.0 and classified as problematic. This issue affects some unknown processing of the file book_history.php. The manipulation of the argument id leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-256955. NOTE: The vendor was contacted early about this disclosure but did not respond in any way." + } + ], + "metrics": { + "cvssMetricV31": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "3.1", + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N", + "attackVector": "NETWORK", + "attackComplexity": "LOW", + "privilegesRequired": "LOW", + "userInteraction": "REQUIRED", + "scope": "UNCHANGED", + "confidentialityImpact": "NONE", + "integrityImpact": "LOW", + "availabilityImpact": "NONE", + "baseScore": 3.5, + "baseSeverity": "LOW" + }, + "exploitabilityScore": 2.1, + "impactScore": 1.4 + } + ], + "cvssMetricV2": [ + { + "source": "cna@vuldb.com", + "type": "Secondary", + "cvssData": { + "version": "2.0", + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N", + "accessVector": "NETWORK", + "accessComplexity": "LOW", + "authentication": "SINGLE", + "confidentialityImpact": "NONE", + "integrityImpact": "PARTIAL", + "availabilityImpact": "NONE", + "baseScore": 4.0 + }, + "baseSeverity": "MEDIUM", + "exploitabilityScore": 8.0, + "impactScore": 2.9, + "acInsufInfo": false, + "obtainAllPrivilege": false, + "obtainUserPrivilege": false, + "obtainOtherPrivilege": false, + "userInteractionRequired": false + } + ] + }, + "weaknesses": [ + { + "source": "cna@vuldb.com", + "type": "Primary", + "description": [ + { + "lang": "en", + "value": "CWE-79" + } + ] + } + ], + "references": [ + { + "url": "https://github.com/skid-nochizplz/skid-nochizplz/blob/main/TrashBin/CVE/MAGESH-K21%20%20Online-College-Event-Hall-Reservation-System/Reflected%20XSS%20-%20book_history.php.md", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?ctiid.256955", + "source": "cna@vuldb.com" + }, + { + "url": "https://vuldb.com/?id.256955", + "source": "cna@vuldb.com" + } + ] +} \ No newline at end of file diff --git a/README.md b/README.md index da03c3f4cf7..11af514713a 100644 --- a/README.md +++ b/README.md @@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours. ### Last Repository Update ```plain -2024-03-16T13:00:38.573907+00:00 +2024-03-16T15:00:38.009178+00:00 ``` ### Most recent CVE Modification Timestamp synchronized with NVD ```plain -2024-03-16T12:15:15.630000+00:00 +2024-03-16T13:15:05.727000+00:00 ``` ### Last Data Feed Release @@ -29,15 +29,14 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/ ### Total Number of included CVEs ```plain -241699 +241700 ``` ### CVEs added in the last Commit -Recently added CVEs: `2` +Recently added CVEs: `1` -* [CVE-2024-2516](CVE-2024/CVE-2024-25xx/CVE-2024-2516.json) (`2024-03-16T12:15:14.363`) -* [CVE-2024-2517](CVE-2024/CVE-2024-25xx/CVE-2024-2517.json) (`2024-03-16T12:15:15.630`) +* [CVE-2024-2518](CVE-2024/CVE-2024-25xx/CVE-2024-2518.json) (`2024-03-16T13:15:05.727`) ### CVEs modified in the last Commit diff --git a/_state.csv b/_state.csv index f0f90c2f8b3..9667f915071 100644 --- a/_state.csv +++ b/_state.csv @@ -240904,13 +240904,14 @@ CVE-2024-25153,0,0,775282f725a876087acdba53f461f3baa9801462e99742b8c25ffb741aae3 CVE-2024-25154,0,0,b84502ec820db42f28b9f6ea1f0042ed5789d730803624e1c0314ffec301761d,2024-03-13T18:16:18.563000 CVE-2024-25155,0,0,3ad258ed3247163315d2c712fd67a3b733e9a9a45f799b40a6541fa2f73ed094,2024-03-13T18:16:18.563000 CVE-2024-25156,0,0,d457d3c4a9930008e5561f93ebe5ea05a93c7a21b356ec6a113e616483229ab2,2024-03-14T14:21:20.217000 -CVE-2024-2516,1,1,aece4e4038ab2b4a840f1e973872efcec08ca880df08575ade82eb90c5483d33,2024-03-16T12:15:14.363000 +CVE-2024-2516,0,0,aece4e4038ab2b4a840f1e973872efcec08ca880df08575ade82eb90c5483d33,2024-03-16T12:15:14.363000 CVE-2024-25164,0,0,cb09965552a1f390f4064031a22c4e145a720dca523f49b901fb7b90f192d036,2024-03-05T13:41:01.900000 CVE-2024-25165,0,0,416a8b518b9c4a5742bbec94408d835314b2b53d43ae0a8909f15e16fbbd1a92,2024-02-15T06:23:39.303000 CVE-2024-25166,0,0,129a95ebe90cc2b383c4fe37f7a5c2e5cdcb882bd64dbe64af9759fbd5ff754c,2024-02-27T14:20:06.637000 CVE-2024-25169,0,0,085f93c697cbc9b87909098278959f0cd92cdefab08c3f134d9cf1b867f4821c,2024-02-29T13:49:47.277000 -CVE-2024-2517,1,1,0bc257e22d6e02189773bba1c8d38b16477a100c6445c7cc8d7766be487ddd51,2024-03-16T12:15:15.630000 +CVE-2024-2517,0,0,0bc257e22d6e02189773bba1c8d38b16477a100c6445c7cc8d7766be487ddd51,2024-03-16T12:15:15.630000 CVE-2024-25170,0,0,8c10b04ca5b0dc9d98ec03819b8af4a2061c2ed0e688a9769189e27171052682,2024-02-29T13:49:47.277000 +CVE-2024-2518,1,1,e7a2d5e8b89ed3a0f985235f90b67493f8c61417b6652ac4be349074cd30e8bf,2024-03-16T13:15:05.727000 CVE-2024-25180,0,0,dfb589c05c1e9278a8bc73271695ffb0b4516c86eacf76026c100edaaf3aeb4f,2024-03-01T14:04:26.010000 CVE-2024-25189,0,0,1d7cfa2fabf5895c762903d790e93c25bf340820dfaf308e4a90bf0e023f8d31,2024-02-26T16:27:58.813000 CVE-2024-25190,0,0,0b17f2f2ea995d7258b5b23efd7256f476d5e214b06ad4b138007808b72ba049,2024-02-15T05:03:08.533000