Auto-Update: 2025-02-23T11:00:20.255270+00:00

This commit is contained in:
cad-safe-bot 2025-02-23 11:03:47 +00:00
parent f61c05558b
commit f04cf5fcee
4 changed files with 301 additions and 10 deletions

View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-1579",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-02-23T09:15:09.393",
"lastModified": "2025-02-23T09:15:09.393",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in code-projects Blood Bank System 1.0 and classified as problematic. This issue affects some unknown processing of the file /admin/user.php. The manipulation of the argument email leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:P/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "HIGH",
"userInteraction": "PASSIVE",
"vulnerableSystemConfidentiality": "NONE",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "NONE",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:U/C:N/I:L/A:N",
"baseScore": 2.4,
"baseSeverity": "LOW",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "HIGH",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"availabilityImpact": "NONE"
},
"exploitabilityScore": 0.9,
"impactScore": 1.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:M/C:N/I:P/A:N",
"baseScore": 3.3,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "MULTIPLE",
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"availabilityImpact": "NONE"
},
"baseSeverity": "LOW",
"exploitabilityScore": 6.4,
"impactScore": 2.9,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
},
{
"lang": "en",
"value": "CWE-94"
}
]
}
],
"references": [
{
"url": "https://code-projects.org/",
"source": "cna@vuldb.com"
},
{
"url": "https://github.com/R2og/cve/blob/main/xss-r2og.md",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.296555",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.296555",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.502876",
"source": "cna@vuldb.com"
}
]
}

View File

@ -0,0 +1,145 @@
{
"id": "CVE-2025-1580",
"sourceIdentifier": "cna@vuldb.com",
"published": "2025-02-23T10:15:09.623",
"lastModified": "2025-02-23T10:15:09.623",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in PHPGurukul Nipah Virus Testing Management System 1.0. It has been classified as critical. Affected is an unknown function of the file /search-report-result.php. The manipulation of the argument searchdata leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The initial researcher advisory mentions contradicting parameter names to be affected."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED"
}
}
],
"cvssMetricV31": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"baseScore": 6.3,
"baseSeverity": "MEDIUM",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "cna@vuldb.com",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"baseScore": 6.5,
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "cna@vuldb.com",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-74"
},
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://github.com/wqywfvc/CVE/issues/5",
"source": "cna@vuldb.com"
},
{
"url": "https://phpgurukul.com/",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?ctiid.296556",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?id.296556",
"source": "cna@vuldb.com"
},
{
"url": "https://vuldb.com/?submit.504234",
"source": "cna@vuldb.com"
}
]
}

View File

@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update
```plain
2025-02-23T09:00:19.952724+00:00
2025-02-23T11:00:20.255270+00:00
```
### Most recent CVE Modification Timestamp synchronized with NVD
```plain
2025-02-23T08:15:09.213000+00:00
2025-02-23T10:15:09.623000+00:00
```
### Last Data Feed Release
@ -33,22 +33,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs
```plain
282093
282095
```
### CVEs added in the last Commit
Recently added CVEs: `2`
- [CVE-2025-1577](CVE-2025/CVE-2025-15xx/CVE-2025-1577.json) (`2025-02-23T07:15:08.970`)
- [CVE-2025-1578](CVE-2025/CVE-2025-15xx/CVE-2025-1578.json) (`2025-02-23T08:15:08.187`)
- [CVE-2025-1579](CVE-2025/CVE-2025-15xx/CVE-2025-1579.json) (`2025-02-23T09:15:09.393`)
- [CVE-2025-1580](CVE-2025/CVE-2025-15xx/CVE-2025-1580.json) (`2025-02-23T10:15:09.623`)
### CVEs modified in the last Commit
Recently modified CVEs: `1`
Recently modified CVEs: `0`
- [CVE-2025-21655](CVE-2025/CVE-2025-216xx/CVE-2025-21655.json) (`2025-02-23T08:15:09.213`)
## Download and Usage

View File

@ -279698,8 +279698,10 @@ CVE-2025-1556,0,0,724b13759326d4daa23c48d02c1ce795525d880ae020ac09a68b1de9594640
CVE-2025-1557,0,0,49607b48e972d9fd5d215f054ea7353b084df75dff065ecc488af6c52d9e37af,2025-02-22T13:15:12.247000
CVE-2025-1575,0,0,4f36554ed6482f45b74d35521d78ee1f8257f79829174fda75a5bd3bf6296f94,2025-02-23T04:15:24.980000
CVE-2025-1576,0,0,1f104649f17b82a7de320595b093dfc1101ef45ab193119cf4c9a764ae0261d6,2025-02-23T05:15:11.853000
CVE-2025-1577,1,1,511daa570f9ea062413f2bed6b33eae352829c776630ae7166a5c1ba24874bf7,2025-02-23T07:15:08.970000
CVE-2025-1578,1,1,9663cb9a61689a740797a4de202f81544c2c3f2bf9e4fb29d5fb5a51628924ab,2025-02-23T08:15:08.187000
CVE-2025-1577,0,0,511daa570f9ea062413f2bed6b33eae352829c776630ae7166a5c1ba24874bf7,2025-02-23T07:15:08.970000
CVE-2025-1578,0,0,9663cb9a61689a740797a4de202f81544c2c3f2bf9e4fb29d5fb5a51628924ab,2025-02-23T08:15:08.187000
CVE-2025-1579,1,1,47f84216a9e36312caff9085c25b1754bae23eca9fa0ebf71bb86844e73f7fc4,2025-02-23T09:15:09.393000
CVE-2025-1580,1,1,6f6f51b8629fb2b91628569d15501b66d6e9cad6c386219f7f6f91a4bc91b70f,2025-02-23T10:15:09.623000
CVE-2025-20014,0,0,9692e5cd581a413def58e50a6734c5a89401a76673de37fc6a41ad824a4429cc,2025-01-29T20:15:35.207000
CVE-2025-20016,0,0,6fccb84eb01c2cd66b422e82777f9738bfe5004121e1b551d0ae454724543c0e,2025-01-14T10:15:07.500000
CVE-2025-20029,0,0,9b8781ac9a16d1f4940e1c86f8d87c8f1f8e66cb5b362950b6fdcd60c25126c4,2025-02-05T18:15:29.573000
@ -280191,7 +280193,7 @@ CVE-2025-21651,0,0,d057ff764ce31c4ac7e93c37cb4ba424635250ef668040e2530ccd52f14e8
CVE-2025-21652,0,0,20d739461f3527398cd43bd52a6f89c66a16cc1ddb96e5765be31fe2e5b35e8e,2025-02-10T18:15:34.883000
CVE-2025-21653,0,0,4054ad842aceda82766dc1a772620a2211cc9da6d0c6c3e3c2a1ffa9a7bf55f6,2025-02-02T11:15:15.557000
CVE-2025-21654,0,0,4ec90f1484bdb180e8872bd379989357ef5549f6f68655399ae0221a6a448c8e,2025-01-24T16:15:38.177000
CVE-2025-21655,0,1,6e9215916a7e9022c7ca7cf15b85806e97f4a400b6169b8f57fa0fabd676ccc4,2025-02-23T08:15:09.213000
CVE-2025-21655,0,0,6e9215916a7e9022c7ca7cf15b85806e97f4a400b6169b8f57fa0fabd676ccc4,2025-02-23T08:15:09.213000
CVE-2025-21656,0,0,a701e9e2df732a25c44be693e4bcc732f0353202bde61b2316a6229f867fa42c,2025-01-21T13:15:09.240000
CVE-2025-21657,0,0,1965d9c3d1118ed3d2f0e817295e796ed532b053adb84b7658e4c043ba09b4dd,2025-01-21T13:15:09.340000
CVE-2025-21658,0,0,49f4fb1da0e36dec3735688e008c1d1b6e11cd524605dedd795d9dba62770702,2025-01-22T23:02:59.383000

Can't render this file because it is too large.