chore: generate CVEs metadata 🤖

patch-11
ghost 2024-09-06 12:09:06 +00:00
parent 5df83a35e0
commit 00ba5195ec
2 changed files with 2 additions and 1 deletions

View File

@ -239,6 +239,7 @@
{"ID":"CVE-2014-4940","Info":{"Name":"WordPress Plugin Tera Charts - Local File Inclusion","Severity":"medium","Description":"Multiple local file inclusion vulnerabilities in Tera Charts (tera-charts) plugin 0.1 for WordPress allow remote attackers to read arbitrary files via a .. (dot dot) in the fn parameter to (1) charts/treemap.php or (2) charts/zoomabletreemap.php.","Classification":{"CVSSScore":"5"}},"file_path":"http/cves/2014/CVE-2014-4940.yaml"} {"ID":"CVE-2014-4940","Info":{"Name":"WordPress Plugin Tera Charts - Local File Inclusion","Severity":"medium","Description":"Multiple local file inclusion vulnerabilities in Tera Charts (tera-charts) plugin 0.1 for WordPress allow remote attackers to read arbitrary files via a .. (dot dot) in the fn parameter to (1) charts/treemap.php or (2) charts/zoomabletreemap.php.","Classification":{"CVSSScore":"5"}},"file_path":"http/cves/2014/CVE-2014-4940.yaml"}
{"ID":"CVE-2014-4942","Info":{"Name":"WordPress EasyCart \u003c2.0.6 - Information Disclosure","Severity":"medium","Description":"WordPress EasyCart plugin before 2.0.6 contains an information disclosure vulnerability. An attacker can obtain configuration information via a direct request to inc/admin/phpinfo.php, which calls the phpinfo function.\n","Classification":{"CVSSScore":"5"}},"file_path":"http/cves/2014/CVE-2014-4942.yaml"} {"ID":"CVE-2014-4942","Info":{"Name":"WordPress EasyCart \u003c2.0.6 - Information Disclosure","Severity":"medium","Description":"WordPress EasyCart plugin before 2.0.6 contains an information disclosure vulnerability. An attacker can obtain configuration information via a direct request to inc/admin/phpinfo.php, which calls the phpinfo function.\n","Classification":{"CVSSScore":"5"}},"file_path":"http/cves/2014/CVE-2014-4942.yaml"}
{"ID":"CVE-2014-5111","Info":{"Name":"Fonality trixbox - Local File Inclusion","Severity":"medium","Description":"Multiple local file inclusion vulnerabilities in Fonality trixbox allow remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter to (1) home/index.php, (2) asterisk_info/asterisk_info.php, (3) repo/repo.php, or (4) endpointcfg/endpointcfg.php in maint/modules/.","Classification":{"CVSSScore":"5"}},"file_path":"http/cves/2014/CVE-2014-5111.yaml"} {"ID":"CVE-2014-5111","Info":{"Name":"Fonality trixbox - Local File Inclusion","Severity":"medium","Description":"Multiple local file inclusion vulnerabilities in Fonality trixbox allow remote attackers to read arbitrary files via a .. (dot dot) in the lang parameter to (1) home/index.php, (2) asterisk_info/asterisk_info.php, (3) repo/repo.php, or (4) endpointcfg/endpointcfg.php in maint/modules/.","Classification":{"CVSSScore":"5"}},"file_path":"http/cves/2014/CVE-2014-5111.yaml"}
{"ID":"CVE-2014-5187","Info":{"Name":"Tom M8te (tom-m8te) Plugin 1.5.3 - Directory Traversal","Severity":"medium","Description":"Directory traversal vulnerability in the Tom M8te (tom-m8te) plugin 1.5.3 for WordPress allows remote attackers to read arbitrary files via the file parameter to tom-download-file.php.\n","Classification":{"CVSSScore":"5"}},"file_path":"http/cves/2014/CVE-2014-5187.yaml"}
{"ID":"CVE-2014-5258","Info":{"Name":"webEdition 6.3.8.0 - Directory Traversal","Severity":"medium","Description":"A directory traversal vulnerability in showTempFile.php in webEdition CMS before 6.3.9.0 Beta allows remote authenticated users to read arbitrary files via a .. (dot dot) in the file parameter.","Classification":{"CVSSScore":"4"}},"file_path":"http/cves/2014/CVE-2014-5258.yaml"} {"ID":"CVE-2014-5258","Info":{"Name":"webEdition 6.3.8.0 - Directory Traversal","Severity":"medium","Description":"A directory traversal vulnerability in showTempFile.php in webEdition CMS before 6.3.9.0 Beta allows remote authenticated users to read arbitrary files via a .. (dot dot) in the file parameter.","Classification":{"CVSSScore":"4"}},"file_path":"http/cves/2014/CVE-2014-5258.yaml"}
{"ID":"CVE-2014-5368","Info":{"Name":"WordPress Plugin WP Content Source Control - Directory Traversal","Severity":"medium","Description":"A directory traversal vulnerability in the file_get_contents function in downloadfiles/download.php in the WP Content Source Control (wp-source-control) plugin 3.0.0 and earlier for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the path parameter.","Classification":{"CVSSScore":"5"}},"file_path":"http/cves/2014/CVE-2014-5368.yaml"} {"ID":"CVE-2014-5368","Info":{"Name":"WordPress Plugin WP Content Source Control - Directory Traversal","Severity":"medium","Description":"A directory traversal vulnerability in the file_get_contents function in downloadfiles/download.php in the WP Content Source Control (wp-source-control) plugin 3.0.0 and earlier for WordPress allows remote attackers to read arbitrary files via a .. (dot dot) in the path parameter.","Classification":{"CVSSScore":"5"}},"file_path":"http/cves/2014/CVE-2014-5368.yaml"}
{"ID":"CVE-2014-6271","Info":{"Name":"ShellShock - Remote Code Execution","Severity":"critical","Description":"GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka ShellShock.","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2014/CVE-2014-6271.yaml"} {"ID":"CVE-2014-6271","Info":{"Name":"ShellShock - Remote Code Execution","Severity":"critical","Description":"GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka ShellShock.","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2014/CVE-2014-6271.yaml"}

View File

@ -1 +1 @@
1e6d8098cd4d9b0856a1e208cc1bed93 81470b22c51367393fa72c0f4e334c77