Auto-Update: 2024-09-28T22:00:17.441432+00:00

2025-05-08 11:37:26 +00:00 · 2024-09-28 22:03:19 +00:00 · 2024-09-28 22:03:19 +00:00 · fb30d2c5d5
commit fb30d2c5d5
parent ab5192cc63
4 changed files with 294 additions and 11 deletions
--- a/CVE-2024/CVE-2024-93xx/CVE-2024-9316.json
+++ b/CVE-2024/CVE-2024-93xx/CVE-2024-9316.json
@ -0,0 +1,141 @@
+{
+  "id": "CVE-2024-9316",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2024-09-28T20:15:02.280",
+  "lastModified": "2024-09-28T20:15:02.280",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability classified as critical has been found in code-projects Blood Bank Management System 1.0. Affected is an unknown function of the file /admin/blood/update/B+.php. The manipulation of the argument Bloodname leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "vulnerableSystemConfidentiality": "LOW",
+          "vulnerableSystemIntegrity": "LOW",
+          "vulnerableSystemAvailability": "LOW",
+          "subsequentSystemConfidentiality": "NONE",
+          "subsequentSystemIntegrity": "NONE",
+          "subsequentSystemAvailability": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirements": "NOT_DEFINED",
+          "integrityRequirements": "NOT_DEFINED",
+          "availabilityRequirements": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
+          "modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
+          "modifiedVulnerableSystemAvailability": "NOT_DEFINED",
+          "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
+          "modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
+          "modifiedSubsequentSystemAvailability": "NOT_DEFINED",
+          "safety": "NOT_DEFINED",
+          "automatable": "NOT_DEFINED",
+          "recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED",
+          "baseScore": 5.3,
+          "baseSeverity": "MEDIUM"
+        }
+      }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 6.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "PARTIAL",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "PARTIAL",
+          "baseScore": 6.5
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 8.0,
+        "impactScore": 6.4,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://code-projects.org/",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://github.com/cookie5201314/CVE/blob/main/sql2.md",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.278820",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.278820",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.412584",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}
--- a/CVE-2024/CVE-2024-93xx/CVE-2024-9317.json
+++ b/CVE-2024/CVE-2024-93xx/CVE-2024-9317.json
@ -0,0 +1,141 @@
+{
+  "id": "CVE-2024-9317",
+  "sourceIdentifier": "cna@vuldb.com",
+  "published": "2024-09-28T21:15:10.783",
+  "lastModified": "2024-09-28T21:15:10.783",
+  "vulnStatus": "Received",
+  "cveTags": [],
+  "descriptions": [
+    {
+      "lang": "en",
+      "value": "A vulnerability classified as critical was found in SourceCodester Online Eyewear Shop 1.0. Affected by this vulnerability is the function delete_category of the file /classes/Master.php?f=delete_category. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used."
+    }
+  ],
+  "metrics": {
+    "cvssMetricV40": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "4.0",
+          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "attackRequirements": "NONE",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "vulnerableSystemConfidentiality": "LOW",
+          "vulnerableSystemIntegrity": "LOW",
+          "vulnerableSystemAvailability": "LOW",
+          "subsequentSystemConfidentiality": "NONE",
+          "subsequentSystemIntegrity": "NONE",
+          "subsequentSystemAvailability": "NONE",
+          "exploitMaturity": "NOT_DEFINED",
+          "confidentialityRequirements": "NOT_DEFINED",
+          "integrityRequirements": "NOT_DEFINED",
+          "availabilityRequirements": "NOT_DEFINED",
+          "modifiedAttackVector": "NOT_DEFINED",
+          "modifiedAttackComplexity": "NOT_DEFINED",
+          "modifiedAttackRequirements": "NOT_DEFINED",
+          "modifiedPrivilegesRequired": "NOT_DEFINED",
+          "modifiedUserInteraction": "NOT_DEFINED",
+          "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
+          "modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
+          "modifiedVulnerableSystemAvailability": "NOT_DEFINED",
+          "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
+          "modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
+          "modifiedSubsequentSystemAvailability": "NOT_DEFINED",
+          "safety": "NOT_DEFINED",
+          "automatable": "NOT_DEFINED",
+          "recovery": "NOT_DEFINED",
+          "valueDensity": "NOT_DEFINED",
+          "vulnerabilityResponseEffort": "NOT_DEFINED",
+          "providerUrgency": "NOT_DEFINED",
+          "baseScore": 5.3,
+          "baseSeverity": "MEDIUM"
+        }
+      }
+    ],
+    "cvssMetricV31": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "3.1",
+          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
+          "attackVector": "NETWORK",
+          "attackComplexity": "LOW",
+          "privilegesRequired": "LOW",
+          "userInteraction": "NONE",
+          "scope": "UNCHANGED",
+          "confidentialityImpact": "LOW",
+          "integrityImpact": "LOW",
+          "availabilityImpact": "LOW",
+          "baseScore": 6.3,
+          "baseSeverity": "MEDIUM"
+        },
+        "exploitabilityScore": 2.8,
+        "impactScore": 3.4
+      }
+    ],
+    "cvssMetricV2": [
+      {
+        "source": "cna@vuldb.com",
+        "type": "Secondary",
+        "cvssData": {
+          "version": "2.0",
+          "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
+          "accessVector": "NETWORK",
+          "accessComplexity": "LOW",
+          "authentication": "SINGLE",
+          "confidentialityImpact": "PARTIAL",
+          "integrityImpact": "PARTIAL",
+          "availabilityImpact": "PARTIAL",
+          "baseScore": 6.5
+        },
+        "baseSeverity": "MEDIUM",
+        "exploitabilityScore": 8.0,
+        "impactScore": 6.4,
+        "acInsufInfo": false,
+        "obtainAllPrivilege": false,
+        "obtainUserPrivilege": false,
+        "obtainOtherPrivilege": false,
+        "userInteractionRequired": false
+      }
+    ]
+  },
+  "weaknesses": [
+    {
+      "source": "cna@vuldb.com",
+      "type": "Primary",
+      "description": [
+        {
+          "lang": "en",
+          "value": "CWE-89"
+        }
+      ]
+    }
+  ],
+  "references": [
+    {
+      "url": "https://github.com/o0wll/cve/blob/main/sql.md",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?ctiid.278821",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?id.278821",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://vuldb.com/?submit.412748",
+      "source": "cna@vuldb.com"
+    },
+    {
+      "url": "https://www.sourcecodester.com/",
+      "source": "cna@vuldb.com"
+    }
+  ]
+}
--- a/README.md
+++ b/README.md
@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
 ### Last Repository Update

 ```plain
-2024-09-28T20:00:17.588846+00:00
+2024-09-28T22:00:17.441432+00:00
 ```

 ### Most recent CVE Modification Timestamp synchronized with NVD

 ```plain
-2024-09-28T19:15:12.353000+00:00
+2024-09-28T21:15:10.783000+00:00
 ```

 ### Last Data Feed Release
@ -33,22 +33,21 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
 ### Total Number of included CVEs

 ```plain
-264096
+264098
 ```

 ### CVEs added in the last Commit

-Recently added CVEs: `1`
+Recently added CVEs: `2`

- [CVE-2024-9315](CVE-2024/CVE-2024-93xx/CVE-2024-9315.json) (`2024-09-28T19:15:12.353`)
+- [CVE-2024-9316](CVE-2024/CVE-2024-93xx/CVE-2024-9316.json) (`2024-09-28T20:15:02.280`)
+- [CVE-2024-9317](CVE-2024/CVE-2024-93xx/CVE-2024-9317.json) (`2024-09-28T21:15:10.783`)


 ### CVEs modified in the last Commit

-Recently modified CVEs: `2`
+Recently modified CVEs: `0`

- [CVE-2023-32824](CVE-2023/CVE-2023-328xx/CVE-2023-32824.json) (`2024-09-28T18:35:00.510`)
- [CVE-2024-42025](CVE-2024/CVE-2024-420xx/CVE-2024-42025.json) (`2024-09-28T18:35:02.277`)


 ## Download and Usage
--- a/_state.csv
+++ b/_state.csv
@ -224852,7 +224852,7 @@ CVE-2023-32820,0,0,c5b1a9492bae196afe19ae41b308e37d000eda1ca8589b7aaeb0da7b947ce
 CVE-2023-32821,0,0,d176157872121eed2781e61209c337e329a2c1fa5d013d18550ee5b088b97e72,2023-10-03T01:10:44.100000
 CVE-2023-32822,0,0,5eccf998d870e20487d82fbae50692e0f2b834c9094bb8239ca96608937b0a41,2024-09-23T16:35:06.840000
 CVE-2023-32823,0,0,c79648285cd024da0167d35d31f954a812139b3a880cd127a35a6b9daa0e4605,2024-09-23T16:35:07.743000
-CVE-2023-32824,0,1,6915ede2fa5bbcae480ab3f17c56d059e5ed4808bf71135dbcfc79451d8e3b0e,2024-09-28T18:35:00.510000
+CVE-2023-32824,0,0,6915ede2fa5bbcae480ab3f17c56d059e5ed4808bf71135dbcfc79451d8e3b0e,2024-09-28T18:35:00.510000
 CVE-2023-32825,0,0,4d951244a3034e7e148d958c4fde86bb8e3198d5c4adad847f95bad235aed891,2023-11-13T18:51:48.043000
 CVE-2023-32826,0,0,16c6cd1f14a315c0a20ae139a1ad19f2ce5feaa9b72eb7e640c67ad6da2f2ed6,2024-09-21T16:35:03.330000
 CVE-2023-32827,0,0,ef41d0f2c1c5cfc16ed9ec7554b5e76f64c7725bdc1ef4e38829af2a10e7b4ea,2024-09-21T16:35:04.183000
@ -258252,7 +258252,7 @@ CVE-2024-42021,0,0,92fcf0a329a30077e7207f0242d35213efc1d1dd2f8104ea65b7c53bf17c0
 CVE-2024-42022,0,0,9cf24962f372bb813f8c933991a85f958eb86110c2be996c8eb09086ce39756e,2024-09-09T15:35:09.917000
 CVE-2024-42023,0,0,53353d8a90b9dac8026225178af7324a7ea88240793050bf3d93683b0cc8146b,2024-09-09T14:35:05.330000
 CVE-2024-42024,0,0,eea273d7d39998984ace805bb73fbe19d77f000a62e0385bbb38378893265667,2024-09-09T14:35:06.053000
-CVE-2024-42025,0,1,8c1d228ed90571100df9823974eb0ba9e627f86789cc232c3042885df4b8d2fe,2024-09-28T18:35:02.277000
+CVE-2024-42025,0,0,8c1d228ed90571100df9823974eb0ba9e627f86789cc232c3042885df4b8d2fe,2024-09-28T18:35:02.277000
 CVE-2024-42029,0,0,b7c83a25bc8a9601f6f3c6ebb603ce94146556b10d1f548176b0b38619ce3b21,2024-08-01T13:59:17.407000
 CVE-2024-4203,0,0,52cf8a9be62388459acdc9c8c655685172127a00eca72ac9344c4d8920cfc78f,2024-05-02T18:00:37.360000
 CVE-2024-42030,0,0,59fa56f47f76e92b6c6c6a3fdcb37d68b092a6ac90822c136b288bb49e8250df,2024-08-20T16:55:16.100000
@ -264094,4 +264094,6 @@ CVE-2024-9298,0,0,2f4e6c82eec176574620d4340a003c33a2c20e43e1eb64c4140e5caefaeeb5
 CVE-2024-9299,0,0,799e3f49439baf2432b26834e94671a2c07ca8bcc110298b74e6fbc73a1e5279,2024-09-28T14:15:02.540000
 CVE-2024-9300,0,0,4aee81e48dbe8631e425ca1253bf1fefcd0e37e8736692eb326116d6964fe2c0,2024-09-28T15:15:14.263000
 CVE-2024-9301,0,0,f7d62ae99cd0d6877c5db63fcb4f2c0f8f043fbb8339f25415912b7f29acecf1,2024-09-27T18:15:06.163000
-CVE-2024-9315,1,1,1aaf0b25bc5db159a5983cc16616c1ec4eda1359782a55e5468dbd7b3fd618c0,2024-09-28T19:15:12.353000
+CVE-2024-9315,0,0,1aaf0b25bc5db159a5983cc16616c1ec4eda1359782a55e5468dbd7b3fd618c0,2024-09-28T19:15:12.353000
+CVE-2024-9316,1,1,885b5aadb6325a477167b023e058998d0e537cb489dccafe50b89208946e54a4,2024-09-28T20:15:02.280000
+CVE-2024-9317,1,1,690e444ec011bf1361fdd2bbc9cdec3497358092c2cc8cdf0f08f746b48adc8b,2024-09-28T21:15:10.783000