mirror of
https://github.com/fkie-cad/nvd-json-data-feeds.git
synced 2025-05-28 09:11:28 +00:00
202 lines
6.5 KiB
JSON
202 lines
6.5 KiB
JSON
{
|
|
"id": "CVE-2024-9811",
|
|
"sourceIdentifier": "cna@vuldb.com",
|
|
"published": "2024-10-10T21:15:05.383",
|
|
"lastModified": "2024-10-15T19:22:35.447",
|
|
"vulnStatus": "Analyzed",
|
|
"cveTags": [],
|
|
"descriptions": [
|
|
{
|
|
"lang": "en",
|
|
"value": "A vulnerability classified as critical has been found in code-projects Restaurant Reservation System 1.0. This affects an unknown part of the file filter3.php. The manipulation of the argument company leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
|
|
},
|
|
{
|
|
"lang": "es",
|
|
"value": "Se ha encontrado una vulnerabilidad clasificada como cr\u00edtica en code-projects Restaurant Reservation System 1.0. Afecta a una parte desconocida del archivo filter3.php. La manipulaci\u00f3n del argumento company provoca una inyecci\u00f3n SQL. Es posible iniciar el ataque de forma remota. El exploit ha sido divulgado al p\u00fablico y puede ser utilizado."
|
|
}
|
|
],
|
|
"metrics": {
|
|
"cvssMetricV40": [
|
|
{
|
|
"source": "cna@vuldb.com",
|
|
"type": "Secondary",
|
|
"cvssData": {
|
|
"version": "4.0",
|
|
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"attackRequirements": "NONE",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"vulnerableSystemConfidentiality": "LOW",
|
|
"vulnerableSystemIntegrity": "LOW",
|
|
"vulnerableSystemAvailability": "LOW",
|
|
"subsequentSystemConfidentiality": "NONE",
|
|
"subsequentSystemIntegrity": "NONE",
|
|
"subsequentSystemAvailability": "NONE",
|
|
"exploitMaturity": "NOT_DEFINED",
|
|
"confidentialityRequirements": "NOT_DEFINED",
|
|
"integrityRequirements": "NOT_DEFINED",
|
|
"availabilityRequirements": "NOT_DEFINED",
|
|
"modifiedAttackVector": "NOT_DEFINED",
|
|
"modifiedAttackComplexity": "NOT_DEFINED",
|
|
"modifiedAttackRequirements": "NOT_DEFINED",
|
|
"modifiedPrivilegesRequired": "NOT_DEFINED",
|
|
"modifiedUserInteraction": "NOT_DEFINED",
|
|
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
|
|
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
|
|
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
|
|
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
|
|
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
|
|
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
|
|
"safety": "NOT_DEFINED",
|
|
"automatable": "NOT_DEFINED",
|
|
"recovery": "NOT_DEFINED",
|
|
"valueDensity": "NOT_DEFINED",
|
|
"vulnerabilityResponseEffort": "NOT_DEFINED",
|
|
"providerUrgency": "NOT_DEFINED",
|
|
"baseScore": 6.9,
|
|
"baseSeverity": "MEDIUM"
|
|
}
|
|
}
|
|
],
|
|
"cvssMetricV31": [
|
|
{
|
|
"source": "nvd@nist.gov",
|
|
"type": "Primary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "HIGH",
|
|
"integrityImpact": "HIGH",
|
|
"availabilityImpact": "HIGH",
|
|
"baseScore": 9.8,
|
|
"baseSeverity": "CRITICAL"
|
|
},
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 5.9
|
|
},
|
|
{
|
|
"source": "cna@vuldb.com",
|
|
"type": "Secondary",
|
|
"cvssData": {
|
|
"version": "3.1",
|
|
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
|
|
"attackVector": "NETWORK",
|
|
"attackComplexity": "LOW",
|
|
"privilegesRequired": "NONE",
|
|
"userInteraction": "NONE",
|
|
"scope": "UNCHANGED",
|
|
"confidentialityImpact": "LOW",
|
|
"integrityImpact": "LOW",
|
|
"availabilityImpact": "LOW",
|
|
"baseScore": 7.3,
|
|
"baseSeverity": "HIGH"
|
|
},
|
|
"exploitabilityScore": 3.9,
|
|
"impactScore": 3.4
|
|
}
|
|
],
|
|
"cvssMetricV2": [
|
|
{
|
|
"source": "cna@vuldb.com",
|
|
"type": "Secondary",
|
|
"cvssData": {
|
|
"version": "2.0",
|
|
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
|
|
"accessVector": "NETWORK",
|
|
"accessComplexity": "LOW",
|
|
"authentication": "NONE",
|
|
"confidentialityImpact": "PARTIAL",
|
|
"integrityImpact": "PARTIAL",
|
|
"availabilityImpact": "PARTIAL",
|
|
"baseScore": 7.5
|
|
},
|
|
"baseSeverity": "HIGH",
|
|
"exploitabilityScore": 10.0,
|
|
"impactScore": 6.4,
|
|
"acInsufInfo": false,
|
|
"obtainAllPrivilege": false,
|
|
"obtainUserPrivilege": false,
|
|
"obtainOtherPrivilege": false,
|
|
"userInteractionRequired": false
|
|
}
|
|
]
|
|
},
|
|
"weaknesses": [
|
|
{
|
|
"source": "cna@vuldb.com",
|
|
"type": "Primary",
|
|
"description": [
|
|
{
|
|
"lang": "en",
|
|
"value": "CWE-89"
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"configurations": [
|
|
{
|
|
"nodes": [
|
|
{
|
|
"operator": "OR",
|
|
"negate": false,
|
|
"cpeMatch": [
|
|
{
|
|
"vulnerable": true,
|
|
"criteria": "cpe:2.3:a:code-projects:restaurant_reservation_system:1.0:*:*:*:*:*:*:*",
|
|
"matchCriteriaId": "EE12AD85-FC4C-4F66-82E3-7BDCB43D3903"
|
|
}
|
|
]
|
|
}
|
|
]
|
|
}
|
|
],
|
|
"references": [
|
|
{
|
|
"url": "https://code-projects.org/",
|
|
"source": "cna@vuldb.com",
|
|
"tags": [
|
|
"Product"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://github.com/ppp-src/a/issues/24",
|
|
"source": "cna@vuldb.com",
|
|
"tags": [
|
|
"Exploit",
|
|
"Third Party Advisory"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://vuldb.com/?ctiid.279963",
|
|
"source": "cna@vuldb.com",
|
|
"tags": [
|
|
"Permissions Required",
|
|
"Third Party Advisory",
|
|
"VDB Entry"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://vuldb.com/?id.279963",
|
|
"source": "cna@vuldb.com",
|
|
"tags": [
|
|
"Third Party Advisory",
|
|
"VDB Entry"
|
|
]
|
|
},
|
|
{
|
|
"url": "https://vuldb.com/?submit.418728",
|
|
"source": "cna@vuldb.com",
|
|
"tags": [
|
|
"Third Party Advisory",
|
|
"VDB Entry"
|
|
]
|
|
}
|
|
]
|
|
} |