mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-07-09 16:05:11 +00:00
Auto-Update: 2024-10-19T22:00:17.083755+00:00
This commit is contained in:
parent
8bb6f0dcc6
commit
d8c1d4e122
141
CVE-2024/CVE-2024-101xx/CVE-2024-10155.json
Normal file
141
CVE-2024/CVE-2024-101xx/CVE-2024-10155.json
Normal file
@ -0,0 +1,141 @@
|
||||
{
|
||||
"id": "CVE-2024-10155",
|
||||
"sourceIdentifier": "cna@vuldb.com",
|
||||
"published": "2024-10-19T21:15:12.220",
|
||||
"lastModified": "2024-10-19T21:15:12.220",
|
||||
"vulnStatus": "Received",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "A vulnerability was found in PHPGurukul Boat Booking System 1.0. It has been classified as problematic. This affects an unknown part of the file book-boat.php?bid=1 of the component Book a Boat Page. The manipulation of the argument phone_number leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV40": [
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "4.0",
|
||||
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"attackRequirements": "NONE",
|
||||
"privilegesRequired": "LOW",
|
||||
"userInteraction": "NONE",
|
||||
"vulnerableSystemConfidentiality": "NONE",
|
||||
"vulnerableSystemIntegrity": "LOW",
|
||||
"vulnerableSystemAvailability": "NONE",
|
||||
"subsequentSystemConfidentiality": "NONE",
|
||||
"subsequentSystemIntegrity": "NONE",
|
||||
"subsequentSystemAvailability": "NONE",
|
||||
"exploitMaturity": "NOT_DEFINED",
|
||||
"confidentialityRequirements": "NOT_DEFINED",
|
||||
"integrityRequirements": "NOT_DEFINED",
|
||||
"availabilityRequirements": "NOT_DEFINED",
|
||||
"modifiedAttackVector": "NOT_DEFINED",
|
||||
"modifiedAttackComplexity": "NOT_DEFINED",
|
||||
"modifiedAttackRequirements": "NOT_DEFINED",
|
||||
"modifiedPrivilegesRequired": "NOT_DEFINED",
|
||||
"modifiedUserInteraction": "NOT_DEFINED",
|
||||
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
|
||||
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
|
||||
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
|
||||
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
|
||||
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
|
||||
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
|
||||
"safety": "NOT_DEFINED",
|
||||
"automatable": "NOT_DEFINED",
|
||||
"recovery": "NOT_DEFINED",
|
||||
"valueDensity": "NOT_DEFINED",
|
||||
"vulnerabilityResponseEffort": "NOT_DEFINED",
|
||||
"providerUrgency": "NOT_DEFINED",
|
||||
"baseScore": 5.3,
|
||||
"baseSeverity": "MEDIUM"
|
||||
}
|
||||
}
|
||||
],
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "LOW",
|
||||
"userInteraction": "REQUIRED",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "NONE",
|
||||
"integrityImpact": "LOW",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 3.5,
|
||||
"baseSeverity": "LOW"
|
||||
},
|
||||
"exploitabilityScore": 2.1,
|
||||
"impactScore": 1.4
|
||||
}
|
||||
],
|
||||
"cvssMetricV2": [
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "2.0",
|
||||
"vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
|
||||
"accessVector": "NETWORK",
|
||||
"accessComplexity": "LOW",
|
||||
"authentication": "SINGLE",
|
||||
"confidentialityImpact": "NONE",
|
||||
"integrityImpact": "PARTIAL",
|
||||
"availabilityImpact": "NONE",
|
||||
"baseScore": 4.0
|
||||
},
|
||||
"baseSeverity": "MEDIUM",
|
||||
"exploitabilityScore": 8.0,
|
||||
"impactScore": 2.9,
|
||||
"acInsufInfo": false,
|
||||
"obtainAllPrivilege": false,
|
||||
"obtainUserPrivilege": false,
|
||||
"obtainOtherPrivilege": false,
|
||||
"userInteractionRequired": false
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-79"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://github.com/jadu101/CVE/blob/main/phpgurukul_boat_booking_system_book_boat_xss.md",
|
||||
"source": "cna@vuldb.com"
|
||||
},
|
||||
{
|
||||
"url": "https://phpgurukul.com/",
|
||||
"source": "cna@vuldb.com"
|
||||
},
|
||||
{
|
||||
"url": "https://vuldb.com/?ctiid.280941",
|
||||
"source": "cna@vuldb.com"
|
||||
},
|
||||
{
|
||||
"url": "https://vuldb.com/?id.280941",
|
||||
"source": "cna@vuldb.com"
|
||||
},
|
||||
{
|
||||
"url": "https://vuldb.com/?submit.425397",
|
||||
"source": "cna@vuldb.com"
|
||||
}
|
||||
]
|
||||
}
|
141
CVE-2024/CVE-2024-101xx/CVE-2024-10156.json
Normal file
141
CVE-2024/CVE-2024-101xx/CVE-2024-10156.json
Normal file
@ -0,0 +1,141 @@
|
||||
{
|
||||
"id": "CVE-2024-10156",
|
||||
"sourceIdentifier": "cna@vuldb.com",
|
||||
"published": "2024-10-19T21:15:12.490",
|
||||
"lastModified": "2024-10-19T21:15:12.490",
|
||||
"vulnStatus": "Received",
|
||||
"cveTags": [],
|
||||
"descriptions": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "A vulnerability was found in PHPGurukul Boat Booking System 1.0. It has been declared as critical. This vulnerability affects unknown code of the file /admin/index.php of the component Sign In Page. The manipulation of the argument username leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used."
|
||||
}
|
||||
],
|
||||
"metrics": {
|
||||
"cvssMetricV40": [
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "4.0",
|
||||
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"attackRequirements": "NONE",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"vulnerableSystemConfidentiality": "LOW",
|
||||
"vulnerableSystemIntegrity": "LOW",
|
||||
"vulnerableSystemAvailability": "LOW",
|
||||
"subsequentSystemConfidentiality": "NONE",
|
||||
"subsequentSystemIntegrity": "NONE",
|
||||
"subsequentSystemAvailability": "NONE",
|
||||
"exploitMaturity": "NOT_DEFINED",
|
||||
"confidentialityRequirements": "NOT_DEFINED",
|
||||
"integrityRequirements": "NOT_DEFINED",
|
||||
"availabilityRequirements": "NOT_DEFINED",
|
||||
"modifiedAttackVector": "NOT_DEFINED",
|
||||
"modifiedAttackComplexity": "NOT_DEFINED",
|
||||
"modifiedAttackRequirements": "NOT_DEFINED",
|
||||
"modifiedPrivilegesRequired": "NOT_DEFINED",
|
||||
"modifiedUserInteraction": "NOT_DEFINED",
|
||||
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
|
||||
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
|
||||
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
|
||||
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
|
||||
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
|
||||
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
|
||||
"safety": "NOT_DEFINED",
|
||||
"automatable": "NOT_DEFINED",
|
||||
"recovery": "NOT_DEFINED",
|
||||
"valueDensity": "NOT_DEFINED",
|
||||
"vulnerabilityResponseEffort": "NOT_DEFINED",
|
||||
"providerUrgency": "NOT_DEFINED",
|
||||
"baseScore": 6.9,
|
||||
"baseSeverity": "MEDIUM"
|
||||
}
|
||||
}
|
||||
],
|
||||
"cvssMetricV31": [
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "3.1",
|
||||
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
|
||||
"attackVector": "NETWORK",
|
||||
"attackComplexity": "LOW",
|
||||
"privilegesRequired": "NONE",
|
||||
"userInteraction": "NONE",
|
||||
"scope": "UNCHANGED",
|
||||
"confidentialityImpact": "LOW",
|
||||
"integrityImpact": "LOW",
|
||||
"availabilityImpact": "LOW",
|
||||
"baseScore": 7.3,
|
||||
"baseSeverity": "HIGH"
|
||||
},
|
||||
"exploitabilityScore": 3.9,
|
||||
"impactScore": 3.4
|
||||
}
|
||||
],
|
||||
"cvssMetricV2": [
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Secondary",
|
||||
"cvssData": {
|
||||
"version": "2.0",
|
||||
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
||||
"accessVector": "NETWORK",
|
||||
"accessComplexity": "LOW",
|
||||
"authentication": "NONE",
|
||||
"confidentialityImpact": "PARTIAL",
|
||||
"integrityImpact": "PARTIAL",
|
||||
"availabilityImpact": "PARTIAL",
|
||||
"baseScore": 7.5
|
||||
},
|
||||
"baseSeverity": "HIGH",
|
||||
"exploitabilityScore": 10.0,
|
||||
"impactScore": 6.4,
|
||||
"acInsufInfo": false,
|
||||
"obtainAllPrivilege": false,
|
||||
"obtainUserPrivilege": false,
|
||||
"obtainOtherPrivilege": false,
|
||||
"userInteractionRequired": false
|
||||
}
|
||||
]
|
||||
},
|
||||
"weaknesses": [
|
||||
{
|
||||
"source": "cna@vuldb.com",
|
||||
"type": "Primary",
|
||||
"description": [
|
||||
{
|
||||
"lang": "en",
|
||||
"value": "CWE-89"
|
||||
}
|
||||
]
|
||||
}
|
||||
],
|
||||
"references": [
|
||||
{
|
||||
"url": "https://github.com/jadu101/CVE/blob/main/phpgurukul_boat_booking_system_admin_index_sqli.md",
|
||||
"source": "cna@vuldb.com"
|
||||
},
|
||||
{
|
||||
"url": "https://phpgurukul.com/",
|
||||
"source": "cna@vuldb.com"
|
||||
},
|
||||
{
|
||||
"url": "https://vuldb.com/?ctiid.280942",
|
||||
"source": "cna@vuldb.com"
|
||||
},
|
||||
{
|
||||
"url": "https://vuldb.com/?id.280942",
|
||||
"source": "cna@vuldb.com"
|
||||
},
|
||||
{
|
||||
"url": "https://vuldb.com/?submit.425398",
|
||||
"source": "cna@vuldb.com"
|
||||
}
|
||||
]
|
||||
}
|
10
README.md
10
README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
|
||||
### Last Repository Update
|
||||
|
||||
```plain
|
||||
2024-10-19T20:00:17.232376+00:00
|
||||
2024-10-19T22:00:17.083755+00:00
|
||||
```
|
||||
|
||||
### Most recent CVE Modification Timestamp synchronized with NVD
|
||||
|
||||
```plain
|
||||
2024-10-19T19:15:04.090000+00:00
|
||||
2024-10-19T21:15:12.490000+00:00
|
||||
```
|
||||
|
||||
### Last Data Feed Release
|
||||
@ -33,15 +33,15 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
|
||||
### Total Number of included CVEs
|
||||
|
||||
```plain
|
||||
266166
|
||||
266168
|
||||
```
|
||||
|
||||
### CVEs added in the last Commit
|
||||
|
||||
Recently added CVEs: `2`
|
||||
|
||||
- [CVE-2024-10153](CVE-2024/CVE-2024-101xx/CVE-2024-10153.json) (`2024-10-19T18:15:02.437`)
|
||||
- [CVE-2024-10154](CVE-2024/CVE-2024-101xx/CVE-2024-10154.json) (`2024-10-19T19:15:04.090`)
|
||||
- [CVE-2024-10155](CVE-2024/CVE-2024-101xx/CVE-2024-10155.json) (`2024-10-19T21:15:12.220`)
|
||||
- [CVE-2024-10156](CVE-2024/CVE-2024-101xx/CVE-2024-10156.json) (`2024-10-19T21:15:12.490`)
|
||||
|
||||
|
||||
### CVEs modified in the last Commit
|
||||
|
@ -242286,8 +242286,10 @@ CVE-2024-10140,0,0,aec311209a02b8c14f754431c8bb87bae3f3320865efe32c0e3bd857d5cea
|
||||
CVE-2024-10141,0,0,09fa08cc46cecf31331ef8b05b7e25cdba3a32b1fba57ba9bc41b0aac71ce99c,2024-10-19T15:15:14.973000
|
||||
CVE-2024-10142,0,0,8f40432a96404db59ba7840a4b90da81e1beb2e19d77a9cec5d89b9a339af23c,2024-10-19T17:15:10.657000
|
||||
CVE-2024-1015,0,0,5516b1d1af5a9d3814b8a6e102d3692fcdb9c463b2e2645787afdcb157946f20,2024-02-02T02:04:13.267000
|
||||
CVE-2024-10153,1,1,53cdd7b1faf79b7014d10984cde91af8d0727db65823fae8333e484880aed2b6,2024-10-19T18:15:02.437000
|
||||
CVE-2024-10154,1,1,7e7c002f56d275740fe09f07861e1d8c7c84d5a302d17ebda9002d1cc89af9eb,2024-10-19T19:15:04.090000
|
||||
CVE-2024-10153,0,0,53cdd7b1faf79b7014d10984cde91af8d0727db65823fae8333e484880aed2b6,2024-10-19T18:15:02.437000
|
||||
CVE-2024-10154,0,0,7e7c002f56d275740fe09f07861e1d8c7c84d5a302d17ebda9002d1cc89af9eb,2024-10-19T19:15:04.090000
|
||||
CVE-2024-10155,1,1,c28c867d84c77c1d8b44365b1692537e6e29ecf12a6d0137ca0f337b9f9af334,2024-10-19T21:15:12.220000
|
||||
CVE-2024-10156,1,1,83e755790254c7c2e4d1027ae8f6334dc4933aa9f16f90c5f13d6ecf7d7b4b70,2024-10-19T21:15:12.490000
|
||||
CVE-2024-1016,0,0,71cf76ab1a6b276906d8ecf764cf0be1d15a9c7c60543569d9e172588701616f,2024-05-17T02:35:10.520000
|
||||
CVE-2024-1017,0,0,50b68641acb97d381e6a65107328f0dab0fccf027bea27ef0f379cc058119760,2024-05-17T02:35:10.627000
|
||||
CVE-2024-1018,0,0,6a41753bbb9bddfdeb27e8da1aa301f604399583ccfe73ec2b7c0e024f66f45f,2024-05-17T02:35:10.733000
|
||||
|
Can't render this file because it is too large.
|
Loading…
x
Reference in New Issue
Block a user