admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-28 09:11:28 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-448xx/CVE-2024-44821.json
cad-safe-bot 9beb3d536d Auto-Update: 2024-09-05T14:00:47.241852+00:00
2024-09-05 14:03:46 +00:00

60 lines
2.3 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-44821",
"sourceIdentifier": "cve@mitre.org",
"published": "2024-09-04T16:15:07.320",
"lastModified": "2024-09-05T12:53:21.110",
"vulnStatus": "Awaiting Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ZZCMS 2023 contains a vulnerability in the captcha reuse logic located in /inc/function.php. The checkyzm function does not properly refresh the captcha value after a failed validation attempt. As a result, an attacker can exploit this flaw by repeatedly submitting the same incorrect captcha response, allowing them to capture the correct captcha value through error messages."
},
{
"lang": "es",
"value": "ZZCMS 2023 contiene una vulnerabilidad en la l\u00f3gica de reutilizaci\u00f3n de captcha ubicada en /inc/function.php. La funci\u00f3n checkyzm no actualiza correctamente el valor del captcha despu\u00e9s de un intento de validaci\u00f3n fallido. Como resultado, un atacante puede aprovechar esta falla enviando repetidamente la misma respuesta de captcha incorrecta, lo que le permite capturar el valor de captcha correcto a trav\u00e9s de mensajes de error."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 3.9,
"impactScore": 1.4
}
]
},
"weaknesses": [
{
"source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-287"
}
]
}
],
"references": [
{
"url": "https://github.com/gkdgkd123/codeAudit/blob/main/CVE-2024-44821%20ZZCMS2023%20%E9%AA%8C%E8%AF%81%E7%A0%81%E5%A4%8D%E7%94%A8%E9%80%BB%E8%BE%91%E6%BC%8F%E6%B4%9E.md",
"source": "cve@mitre.org"
}
]
}
Reference in New Issue View Git Blame Copy Permalink