mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-29 01:31:20 +00:00
97 lines
3.2 KiB
JSON
97 lines
3.2 KiB
JSON
{
|
|
"id": "CVE-2024-3376",
|
|
"sourceIdentifier": "cna@vuldb.com",
|
|
"published": "2024-04-06T12:15:08.603",
|
|
"lastModified": "2024-05-17T02:39:53.447",
|
|
"vulnStatus": "Awaiting Analysis",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "A vulnerability classified as critical has been found in SourceCodester Computer Laboratory Management System 1.0. This affects an unknown part of the file config.php. The manipulation of the argument url leads to execution after redirect. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-259497 was assigned to this vulnerability."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Una vulnerabilidad ha sido encontrada en SourceCodester Computer Laboratory Management System 1.0 y clasificada como cr\u00edtica. Una parte desconocida del archivo config.php afecta a esta vulnerabilidad. La manipulaci\u00f3n del argumento URL conduce a la ejecuci\u00f3n despu\u00e9s de la redirecci\u00f3n. Es posible iniciar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede utilizarse. A esta vulnerabilidad se le asign\u00f3 el identificador VDB-259497."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "cna@vuldb.com",
|
|
"type": "Secondary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "LOW",
|
|
"integrityImpact": "LOW",
|
|
"availabilityImpact": "LOW",
|
|
"baseScore": 7.3,
|
|
"baseSeverity": "HIGH"
|
|
},
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 3.4
|
|
}
|
|
],
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "cna@vuldb.com",
|
|
"type": "Secondary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "PARTIAL",
|
|
"baseScore": 7.5
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 6.4,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "cna@vuldb.com",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-698"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://github.com/Sospiro014/zday1/blob/main/Execution_After_Redirect.md",
|
|
"source": "cna@vuldb.com"
|
|
},
|
|
{
|
|
"url": "https://vuldb.com/?ctiid.259497",
|
|
"source": "cna@vuldb.com"
|
|
},
|
|
{
|
|
"url": "https://vuldb.com/?id.259497",
|
|
"source": "cna@vuldb.com"
|
|
},
|
|
{
|
|
"url": "https://vuldb.com/?submit.311154",
|
|
"source": "cna@vuldb.com"
|
|
}
|
|
]
|
|
} |