admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 01:31:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-283xx/CVE-2024-28323.json
cad-safe-bot 6c8e82f5f9 Auto-Update: 2024-08-26T22:00:17.382498+00:00
2024-08-26 22:03:15 +00:00

64 lines
2.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-28323",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-03-14T14:15:08.123",
"lastModified": "2024-08-26T20:35:17.217",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The bwdates-report-result.php file in Phpgurukul User Registration & Login and User Management System 3.1 contains a potential security vulnerability related to user input validation. The script retrieves user-provided date inputs without proper validation, making it susceptible to SQL injection attacks."
},
{
"lang": "es",
"value": "El archivo bwdates-report-result.php en Phpgurukul User Registration & Login and User Management System 3.1 contiene una posible vulnerabilidad de seguridad relacionada con la validaci\u00f3n de las entradas del usuario. El script recupera entradas de fechas proporcionadas por el usuario sin la validaci\u00f3n adecuada, lo que lo hace susceptible a ataques de inyecci\u00f3n SQL."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 2.5
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-89"
}
]
}
],
"references": [
{
"url": "https://packetstormsecurity.com/files/177168/User-Registration-And-Login-And-User-Management-System-3.1-SQL-Injection.html",
"source": "cve@mitre.org"
},
{
"url": "https://sospiro014.github.io/User-Registration-And-Login-And-User-Management-System-3.1-SQL-Injection",
"source": "cve@mitre.org"
}
]
}
Reference in New Issue View Git Blame Copy Permalink