Auto-Update: 2025-03-23T15:00:19.823850+00:00

CVE-2025/CVE-2025-26xx/CVE-2025-2650.json

@@ -0,0 +1,145 @@
+{
+  "id": "CVE-2025-2650",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2025-03-23T14:15:13.797",
+  "lastModified": "2025-03-23T14:15:13.797",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability, which was classified as problematic, has been found in PHPGurukul Medical Card Generation System 1.0. This issue affects some unknown processing of the file /download-medical-cards.php. The manipulation of the argument searchdata leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "baseScore": 5.1,
+          "baseSeverity": "MEDIUM",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "LOW",
+          "userInteraction": "PASSIVE",
+          "vulnConfidentialityImpact": "NONE",
+          "vulnIntegrityImpact": "LOW",
+          "vulnAvailabilityImpact": "NONE",
+          "subConfidentialityImpact": "NONE",
+          "subIntegrityImpact": "NONE",
+          "subAvailabilityImpact": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirement": "NOT_DEFINED",
+          "integrityRequirement": "NOT_DEFINED",
+          "availabilityRequirement": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
+          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
+          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
+          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
+          "modifiedSubIntegrityImpact": "NOT_DEFINED",
+          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
+          "Safety": "NOT_DEFINED",
+          "Automatable": "NOT_DEFINED",
+          "Recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED"
+        }
+      }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Primary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N",
+          "baseScore": 3.5,
+          "baseSeverity": "LOW",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE"
+        },
+        "exploitabilityScore": 2.1,
+        "impactScore": 1.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N",
+          "baseScore": 4.0,
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "NONE"
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 8.0,
+        "impactScore": 2.9,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        },
+        {
+          "lang": "en",
+          "value": "CWE-94"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/liuhao2638/cve/issues/13",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://phpgurukul.com/",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.300665",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.300665",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.519781",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}

README.md

@@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update
 
 ```plain
-2025-03-23T13:00:19.941666+00:00
+2025-03-23T15:00:19.823850+00:00
 ```
 
 ### Most recent CVE Modification Timestamp synchronized with NVD
 
 ```plain
-2025-03-23T12:15:13.083000+00:00
+2025-03-23T14:15:13.797000+00:00
 ```
 
 ### Last Data Feed Release
@@ -33,16 +33,14 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs
 
 ```plain
-286242
+286243
 ```
 
 ### CVEs added in the last Commit
 
-Recently added CVEs: `3`
+Recently added CVEs: `1`
 
-- [CVE-2025-2647](CVE-2025/CVE-2025-26xx/CVE-2025-2647.json) (`2025-03-23T11:15:34.133`)
-- [CVE-2025-2648](CVE-2025/CVE-2025-26xx/CVE-2025-2648.json) (`2025-03-23T12:15:12.110`)
-- [CVE-2025-2649](CVE-2025/CVE-2025-26xx/CVE-2025-2649.json) (`2025-03-23T12:15:13.083`)
+- [CVE-2025-2650](CVE-2025/CVE-2025-26xx/CVE-2025-2650.json) (`2025-03-23T14:15:13.797`)
 
 
 ### CVEs modified in the last Commit

_state.csv

@@ -285443,19 +285443,20 @@ CVE-2025-2645,0,0,8d73de360e25baafe444d070f4d907abbc17e9dd640dd760dce92ff0a1ddbe
 CVE-2025-2646,0,0,49e88a4168caa534ea466ca215f11cabee5282d4f780cdcf983eac3333d6df4c,2025-03-23T10:15:12.810000
 CVE-2025-26465,0,0,10ca81b0503bc2056f51aff42b836da7e13cef94fb05326f3b97cc95851c9520,2025-03-06T17:20:00.520000
 CVE-2025-26466,0,0,7e41d5cb0f04df9b23d47e085939285815b80db61162a3634dbd18c39c71ef9f,2025-03-21T16:15:18.677000
-CVE-2025-2647,1,1,067ff974516c511a5a2b618cbf128ddacd24f79b5ebcd065d2dad19db4eac3fc,2025-03-23T11:15:34.133000
+CVE-2025-2647,0,0,067ff974516c511a5a2b618cbf128ddacd24f79b5ebcd065d2dad19db4eac3fc,2025-03-23T11:15:34.133000
 CVE-2025-26473,0,0,41b0bd46f32c6729eefb29a2666cce546dde395dd2362800539aebed7d4bc19a,2025-03-19T10:34:55.550000
 CVE-2025-26475,0,0,4c11595a9f53aaa25545570dfec450fa96951cf66b685488bd2989725dd8947f,2025-03-19T16:15:31.030000
-CVE-2025-2648,1,1,7f35903a6068358b784043beebe9ed5e303e8680947abc085ade3b107899cce1,2025-03-23T12:15:12.110000
+CVE-2025-2648,0,0,7f35903a6068358b784043beebe9ed5e303e8680947abc085ade3b107899cce1,2025-03-23T12:15:12.110000
 CVE-2025-26485,0,0,1606c27211335fac5bd91d62ee9c69aaf84877e83ad554d60c27495ea9c75e60,2025-03-19T16:15:31.257000
 CVE-2025-26486,0,0,840914b82b00c0f3670423b9968b421b887ef974d79fc9288bc628a5718ff5ce,2025-03-19T16:15:31.457000
-CVE-2025-2649,1,1,9bb64dd175a1115ef157186fe3b95b0be9349706d7d0219fc647ff0d37bd3057,2025-03-23T12:15:13.083000
+CVE-2025-2649,0,0,9bb64dd175a1115ef157186fe3b95b0be9349706d7d0219fc647ff0d37bd3057,2025-03-23T12:15:13.083000
 CVE-2025-26490,0,0,b8bc76b2be7d18c514587d66cef4d0bee94c01d7b29c32dae10138139a41dc50,2025-02-14T20:15:37.847000
 CVE-2025-26491,0,0,7c0d222179eba4a77c32c46173122e282947b63a6de5118491e2b730e6dd9271,2025-02-14T20:15:37.930000
 CVE-2025-26492,0,0,10f610a7afe531efeeb1575e93a64c84a3a6f9453498a7cd0479c1add3e10654,2025-02-11T14:15:31.260000
 CVE-2025-26493,0,0,f799a8cc0e301789ed68586a5557695a6ad2df626328779fd09deada6e66bea3,2025-02-11T14:15:31.473000
 CVE-2025-26494,0,0,9fa7dddcdaa3cd38f994e8d5f44807b1011184fd2f20f9f1171b97bd05f68ad5,2025-02-19T22:15:24.083000
 CVE-2025-26495,0,0,983e2fd32f57fd04049b2b771442705c11716769548e3c408ea9243e53d33e3b,2025-03-04T21:15:14.020000
+CVE-2025-2650,1,1,df058f4536194eb3c6dacaddd7549c5a7ad62056b8efd02826b96f103f75f3ce,2025-03-23T14:15:13.797000
 CVE-2025-26500,0,0,476e36bea575ec0f48bccd9f90b81b0779f14f9f3be6366ed83ebedcdfc30e59,2025-03-21T23:15:21.327000
 CVE-2025-26506,0,0,fbc7fbe48e89907d7f54c9d44bbfddf8def7e8f962f2da16afa56ece7168f990,2025-02-14T17:15:22.747000
 CVE-2025-26507,0,0,95b908cc64a72128294640690e70f9b52cb7f86d46bb5d8b6708727a9b7abcf3,2025-02-14T17:15:22.863000