Auto-Update: 2025-03-22T21:00:19.398814+00:00

2025-07-11 16:13:34 +00:00 · 2025-03-22 21:03:50 +00:00 · 2025-03-22 21:03:50 +00:00 · cfc20e5c35
commit cfc20e5c35
parent d04831384e
4 changed files with 293 additions and 10 deletions
--- a/CVE-2025/CVE-2025-26xx/CVE-2025-2624.json
+++ b/CVE-2025/CVE-2025-26xx/CVE-2025-2624.json
@ -0,0 +1,141 @@
+{
+  "id": "CVE-2025-2624",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2025-03-22T19:15:34.450",
+  "lastModified": "2025-03-22T19:15:34.450",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability was found in westboy CicadasCMS 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /system/cms/content/save. The manipulation of the argument content/fujian/laiyuan leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "baseScore": 5.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "vulnConfidentialityImpact": "LOW",
+          "vulnIntegrityImpact": "LOW",
+          "vulnAvailabilityImpact": "LOW",
+          "subConfidentialityImpact": "NONE",
+          "subIntegrityImpact": "NONE",
+          "subAvailabilityImpact": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirement": "NOT_DEFINED",
+          "integrityRequirement": "NOT_DEFINED",
+          "availabilityRequirement": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
+          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
+          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
+          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
+          "modifiedSubIntegrityImpact": "NOT_DEFINED",
+          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
+          "Safety": "NOT_DEFINED",
+          "Automatable": "NOT_DEFINED",
+          "Recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED"
+        }
+      }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+          "baseScore": 6.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
+          "baseScore": 6.5,
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "PARTIAL",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "PARTIAL"
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 8.0,
+        "impactScore": 6.4,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-74"
+        },
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/IceFoxH/VULN/issues/11",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.300626",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.300626",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.519295",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}
--- a/CVE-2025/CVE-2025-26xx/CVE-2025-2625.json
+++ b/CVE-2025/CVE-2025-26xx/CVE-2025-2625.json
@ -0,0 +1,141 @@
+{
+  "id": "CVE-2025-2625",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2025-03-22T20:15:12.470",
+  "lastModified": "2025-03-22T20:15:12.470",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability classified as critical has been found in westboy CicadasCMS 1.0. This affects an unknown part of the file /system/cms/content/page. The manipulation of the argument orderField/orderDirection leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "baseScore": 5.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "vulnConfidentialityImpact": "LOW",
+          "vulnIntegrityImpact": "LOW",
+          "vulnAvailabilityImpact": "LOW",
+          "subConfidentialityImpact": "NONE",
+          "subIntegrityImpact": "NONE",
+          "subAvailabilityImpact": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirement": "NOT_DEFINED",
+          "integrityRequirement": "NOT_DEFINED",
+          "availabilityRequirement": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
+          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
+          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
+          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
+          "modifiedSubIntegrityImpact": "NOT_DEFINED",
+          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
+          "Safety": "NOT_DEFINED",
+          "Automatable": "NOT_DEFINED",
+          "Recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED"
+        }
+      }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+          "baseScore": 6.3,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
+          "baseScore": 6.5,
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "PARTIAL",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "PARTIAL"
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 8.0,
+        "impactScore": 6.4,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-74"
+        },
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/IceFoxH/VULN/issues/12",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.300627",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.300627",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.519296",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2025-03-22T19:00:19.973214+00:00
+2025-03-22T21:00:19.398814+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2025-03-22T18:15:12.497000+00:00
+2025-03-22T20:15:12.470000+00:00
 ```

 ### Last Data Feed Release
@ -33,16 +33,15 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-286222
+286224
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `3`
+Recently added CVEs: `2`

- [CVE-2025-2621](CVE-2025/CVE-2025-26xx/CVE-2025-2621.json) (`2025-03-22T17:15:34.790`)
- [CVE-2025-2622](CVE-2025/CVE-2025-26xx/CVE-2025-2622.json) (`2025-03-22T17:15:35.213`)
- [CVE-2025-2623](CVE-2025/CVE-2025-26xx/CVE-2025-2623.json) (`2025-03-22T18:15:12.497`)
+- [CVE-2025-2624](CVE-2025/CVE-2025-26xx/CVE-2025-2624.json) (`2025-03-22T19:15:34.450`)
+- [CVE-2025-2625](CVE-2025/CVE-2025-26xx/CVE-2025-2625.json) (`2025-03-22T20:15:12.470`)


 ### CVEs modified in the last Commit
--- a/_state.csv
+++ b/_state.csv
@ -285355,11 +285355,13 @@ CVE-2025-26202,0,0,f8b0cbe65a751dd37df4c2f886b778f4059fbbdee95a620e7d770c31cb873
 CVE-2025-26204,0,0,a8f05c49578ea0cbde7e961f0f9aa7f0415694b1127756defe681b9982099ed9,2025-03-09T22:15:12.120000
 CVE-2025-26205,0,0,63ed32d242f54d965851d14b37db546b9e668c5b81ac02938c74583c42eba152,2025-03-09T22:15:12.200000
 CVE-2025-26206,0,0,bc67999dabe96502b241246d2665faf1f09178bdb9b72e5e7dd5401b748e2b93,2025-03-04T17:15:18.487000
-CVE-2025-2621,1,1,e645a11d37d3513e549f7f118f5a37919bfad735fafa27ee0bff1e6cbba542b4,2025-03-22T17:15:34.790000
+CVE-2025-2621,0,0,e645a11d37d3513e549f7f118f5a37919bfad735fafa27ee0bff1e6cbba542b4,2025-03-22T17:15:34.790000
 CVE-2025-26215,0,0,398e0534dde9630858e15022c6decb119d529efa2fc59efd24b3f1a57cdf3f89,2025-03-14T17:15:51.613000
 CVE-2025-26216,0,0,fa35563faa6505245c7f05bc4878e14310c206fdd07c5771663544280eaa71b8,2025-03-14T17:15:51.730000
-CVE-2025-2622,1,1,91ac5bc22af896f8580271a5c082c15d7c55661c47f4bf5397d39b48166a2d58,2025-03-22T17:15:35.213000
-CVE-2025-2623,1,1,ea0c57bd044f13afbd3c8183e71a50223508ddf4470ee6c0234a42a5935cf3ba,2025-03-22T18:15:12.497000
+CVE-2025-2622,0,0,91ac5bc22af896f8580271a5c082c15d7c55661c47f4bf5397d39b48166a2d58,2025-03-22T17:15:35.213000
+CVE-2025-2623,0,0,ea0c57bd044f13afbd3c8183e71a50223508ddf4470ee6c0234a42a5935cf3ba,2025-03-22T18:15:12.497000
+CVE-2025-2624,1,1,b5d01a34ccbff70259859813976d70c3ae1ba93ef3a4beac5f6d58fa05b64ab5,2025-03-22T19:15:34.450000
+CVE-2025-2625,1,1,acd8f4429f11a8c768070301e144a83ff45e9d43d154e3cfc9e4c033b219ab5b,2025-03-22T20:15:12.470000
 CVE-2025-26260,0,0,d87498df9911f6ec3fcf716c1acf728dc302a17a13c2bad4d77a68a80619f6a0,2025-03-19T19:15:46.987000
 CVE-2025-26263,0,0,87852969ca209a829a551b3d11cffebf3ca020061fd4d362c34f3d6a1719258e,2025-03-19T14:15:39.293000
 CVE-2025-26264,0,0,7eeeb1b8e87d7e06484f4d071bc6d32b977cfa79c395c4fbca1cefbdfdd35c84,2025-03-19T14:15:39.440000