Auto-Update: 2024-01-13T07:00:24.678184+00:00

2025-05-09 03:57:14 +00:00 · 2024-01-13 07:00:28 +00:00 · 2024-01-13 07:00:28 +00:00 · e683da3b9e
commit e683da3b9e
parent 3e4fd98225
3 changed files with 183 additions and 33 deletions
--- a/CVE-2024/CVE-2024-04xx/CVE-2024-0476.json
+++ b/CVE-2024/CVE-2024-04xx/CVE-2024-0476.json
@ -0,0 +1,88 @@
+{
+  "id": "CVE-2024-0476",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2024-01-13T06:15:48.790",
+  "lastModified": "2024-01-13T06:15:48.790",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability, which was classified as problematic, was found in Blood Bank & Donor Management 1.0. This affects an unknown part of the file request-received-bydonar.php. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-250581 was assigned to this vulnerability."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "HIGH",
+          "userInteraction": "REQUIRED",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "NONE",
+          "baseScore": 2.4,
+          "baseSeverity": "LOW"
+        },
+        "exploitabilityScore": 0.9,
+        "impactScore": 1.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N",
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "MULTIPLE",
+          "confidentialityImpact": "NONE",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "NONE",
+          "baseScore": 3.3
+        },
+        "baseSeverity": "LOW",
+        "exploitabilityScore": 6.4,
+        "impactScore": 2.9,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Secondary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-79"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://drive.google.com/file/d/1Hvv_oKuEplp4DTcOf9xImgyPt58a8jGz/view?usp=sharing",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.250581",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.250581",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-04xx/CVE-2024-0477.json
+++ b/CVE-2024/CVE-2024-04xx/CVE-2024-0477.json
@ -0,0 +1,88 @@
+{
+  "id": "CVE-2024-0477",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2024-01-13T06:15:49.150",
+  "lastModified": "2024-01-13T06:15:49.150",
+  "vulnStatus": "Received",
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability has been found in code-projects Fighting Cock Information System 1.0 and classified as critical. This vulnerability affects unknown code of the file /admin/action/update-deworm.php. The manipulation of the argument usage_deworm leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-250582 is the identifier assigned to this vulnerability."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 6.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "PARTIAL",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "PARTIAL",
+          "baseScore": 6.5
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 8.0,
+        "impactScore": 6.4,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/yingqian1984/FirePunch/blob/main/Fighting%20Cock%20Information%20System/FIGHTING_COCK_INFORMATION_SYSTEM_SQL5.pdf",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.250582",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.250582",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -9,13 +9,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-01-13T05:00:25.073681+00:00
+2024-01-13T07:00:24.678184+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-01-13T04:43:44.307000+00:00
+2024-01-13T06:15:49.150000+00:00
 ```

 ### Last Data Feed Release
@ -29,47 +29,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-235832
+235834
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `11`
+Recently added CVEs: `2`

-* [CVE-2023-51062](CVE-2023/CVE-2023-510xx/CVE-2023-51062.json) (`2024-01-13T04:15:07.757`)
-* [CVE-2023-51063](CVE-2023/CVE-2023-510xx/CVE-2023-51063.json) (`2024-01-13T04:15:07.820`)
-* [CVE-2023-51064](CVE-2023/CVE-2023-510xx/CVE-2023-51064.json) (`2024-01-13T04:15:07.870`)
-* [CVE-2023-51065](CVE-2023/CVE-2023-510xx/CVE-2023-51065.json) (`2024-01-13T04:15:07.913`)
-* [CVE-2023-51066](CVE-2023/CVE-2023-510xx/CVE-2023-51066.json) (`2024-01-13T04:15:07.957`)
-* [CVE-2023-51067](CVE-2023/CVE-2023-510xx/CVE-2023-51067.json) (`2024-01-13T04:15:08.000`)
-* [CVE-2023-51068](CVE-2023/CVE-2023-510xx/CVE-2023-51068.json) (`2024-01-13T04:15:08.053`)
-* [CVE-2023-51070](CVE-2023/CVE-2023-510xx/CVE-2023-51070.json) (`2024-01-13T04:15:08.100`)
-* [CVE-2023-51071](CVE-2023/CVE-2023-510xx/CVE-2023-51071.json) (`2024-01-13T04:15:08.143`)
-* [CVE-2023-52288](CVE-2023/CVE-2023-522xx/CVE-2023-52288.json) (`2024-01-13T04:15:08.193`)
-* [CVE-2023-52289](CVE-2023/CVE-2023-522xx/CVE-2023-52289.json) (`2024-01-13T04:15:08.240`)
+* [CVE-2024-0476](CVE-2024/CVE-2024-04xx/CVE-2024-0476.json) (`2024-01-13T06:15:48.790`)
+* [CVE-2024-0477](CVE-2024/CVE-2024-04xx/CVE-2024-0477.json) (`2024-01-13T06:15:49.150`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `17`
+Recently modified CVEs: `0`

-* [CVE-2020-12880](CVE-2020/CVE-2020-128xx/CVE-2020-12880.json) (`2024-01-13T04:43:44.307`)
-* [CVE-2020-8204](CVE-2020/CVE-2020-82xx/CVE-2020-8204.json) (`2024-01-13T04:43:44.307`)
-* [CVE-2020-8206](CVE-2020/CVE-2020-82xx/CVE-2020-8206.json) (`2024-01-13T04:43:44.307`)
-* [CVE-2020-8216](CVE-2020/CVE-2020-82xx/CVE-2020-8216.json) (`2024-01-13T04:43:44.307`)
-* [CVE-2020-8217](CVE-2020/CVE-2020-82xx/CVE-2020-8217.json) (`2024-01-13T04:43:44.307`)
-* [CVE-2020-8218](CVE-2020/CVE-2020-82xx/CVE-2020-8218.json) (`2024-01-13T04:43:44.307`)
-* [CVE-2020-8219](CVE-2020/CVE-2020-82xx/CVE-2020-8219.json) (`2024-01-13T04:43:44.307`)
-* [CVE-2020-8220](CVE-2020/CVE-2020-82xx/CVE-2020-8220.json) (`2024-01-13T04:43:44.307`)
-* [CVE-2020-8221](CVE-2020/CVE-2020-82xx/CVE-2020-8221.json) (`2024-01-13T04:43:44.307`)
-* [CVE-2020-8222](CVE-2020/CVE-2020-82xx/CVE-2020-8222.json) (`2024-01-13T04:43:44.307`)
-* [CVE-2020-8238](CVE-2020/CVE-2020-82xx/CVE-2020-8238.json) (`2024-01-13T04:43:44.307`)
-* [CVE-2020-8243](CVE-2020/CVE-2020-82xx/CVE-2020-8243.json) (`2024-01-13T04:43:44.307`)
-* [CVE-2020-15352](CVE-2020/CVE-2020-153xx/CVE-2020-15352.json) (`2024-01-13T04:43:44.307`)
-* [CVE-2020-8261](CVE-2020/CVE-2020-82xx/CVE-2020-8261.json) (`2024-01-13T04:43:44.307`)
-* [CVE-2020-8262](CVE-2020/CVE-2020-82xx/CVE-2020-8262.json) (`2024-01-13T04:43:44.307`)
-* [CVE-2022-35254](CVE-2022/CVE-2022-352xx/CVE-2022-35254.json) (`2024-01-13T04:43:44.307`)
-* [CVE-2022-35258](CVE-2022/CVE-2022-352xx/CVE-2022-35258.json) (`2024-01-13T04:43:44.307`)


 ## Download and Usage