Auto Generated CVE annotations [Tue Jun 7 21:01:47 UTC 2022] 🤖

cves/2002/CVE-2002-1131.yaml

@@ -9,6 +9,7 @@ info:
     - https://www.exploit-db.com/exploits/21811
     - https://web.archive.org/web/20051124131714/http://archives.neohapsis.com/archives/bugtraq/2002-09/0246.html
     - http://web.archive.org/web/20210129020617/https://www.securityfocus.com/bid/5763/
+    - http://archives.neohapsis.com/archives/bugtraq/2002-09/0246.html
   classification:
     cve-id: CVE-2002-1131
   tags: xss,squirrelmail,cve,cve2002

cves/2005/CVE-2005-4385.yaml

@@ -9,6 +9,7 @@ info:
     - http://pridels0.blogspot.com/2005/12/cofax-xss-vuln.html
     - https://nvd.nist.gov/vuln/detail/CVE-2005-4385
     - http://web.archive.org/web/20210121165100/https://www.securityfocus.com/bid/15940/
+    - http://www.securityfocus.com/bid/15940
   classification:
     cve-id: CVE-2005-4385
   tags: cofax,xss,cve,cve2005

cves/2006/CVE-2006-1681.yaml

@@ -9,7 +9,6 @@ info:
     - http://web.archive.org/web/20210217161726/https://www.securityfocus.com/bid/17408/
     - https://nvd.nist.gov/vuln/detail/CVE-2006-1681
     - http://secunia.com/advisories/19587
-    - http://web.archive.org/web/20210217161726/https://www.securityfocus.com/bid/17408/
   classification:
     cve-id: CVE-2006-1681
   tags: cherokee,httpd,xss,cve,cve2006

cves/2007/CVE-2007-0885.yaml

@@ -9,6 +9,7 @@ info:
     - http://web.archive.org/web/20201208220614/https://www.securityfocus.com/archive/1/459590/100/0/threaded
     - https://web.archive.org/web/20210119080228/http://www.securityfocus.com/bid/22503
     - https://exchange.xforce.ibmcloud.com/vulnerabilities/32418
+    - http://www.securityfocus.com/bid/22503
   classification:
     cve-id: CVE-2007-0885
   tags: cve,cve2007,jira,xss

cves/2009/CVE-2009-1496.yaml

@@ -9,6 +9,7 @@ info:
     - https://www.exploit-db.com/exploits/8367
     - https://www.cvedetails.com/cve/CVE-2009-1496
     - http://web.archive.org/web/20210121190149/https://www.securityfocus.com/bid/34431/
+    - http://www.securityfocus.com/bid/34431
   classification:
     cve-id: CVE-2009-1496
   tags: cve,cve2009,joomla,lfi

cves/2009/CVE-2009-2100.yaml

@@ -9,6 +9,7 @@ info:
     - https://www.exploit-db.com/exploits/8946
     - https://www.cvedetails.com/cve/CVE-2009-2100
     - http://web.archive.org/web/20210121191226/https://www.securityfocus.com/bid/35378/
+    - http://www.securityfocus.com/bid/35378
   classification:
     cve-id: CVE-2009-2100
   tags: cve,cve2009,joomla,lfi

cves/2009/CVE-2009-3318.yaml

@@ -9,6 +9,7 @@ info:
     - https://www.exploit-db.com/exploits/9706
     - https://www.cvedetails.com/cve/CVE-2009-3318
     - https://web.archive.org/web/20210121192413/https://www.securityfocus.com/bid/36441/
+    - http://www.securityfocus.com/bid/36441
   classification:
     cve-id: CVE-2009-3318
   tags: cve,cve2009,joomla,lfi

cves/2010/CVE-2010-0985.yaml

@@ -9,6 +9,7 @@ info:
     - https://www.exploit-db.com/exploits/10948
     - https://www.cvedetails.com/cve/CVE-2010-0985
     - http://web.archive.org/web/20210623092041/https://www.securityfocus.com/bid/37560
+    - http://www.securityfocus.com/bid/37560
   remediation: Apply all relevant security patches and product upgrades.
   classification:
     cve-id: CVE-2010-0985

cves/2010/CVE-2010-1081.yaml

@@ -9,6 +9,7 @@ info:
     - https://www.exploit-db.com/exploits/11511
     - https://www.cvedetails.com/cve/CVE-2010-1081
     - http://www.corejoomla.com/component/content/article/1-corejoomla-updates/40-community-polls-v153-security-release.html
+    - http://osvdb.org/62506
   remediation: Apply all relevant security patches and product upgrades.
   classification:
     cve-id: CVE-2010-1081

cves/2010/CVE-2010-1304.yaml

@@ -9,6 +9,7 @@ info:
     - https://www.exploit-db.com/exploits/11998
     - https://www.cvedetails.com/cve/CVE-2010-1304
     - http://web.archive.org/web/20210518080735/https://www.securityfocus.com/bid/39174
+    - http://www.securityfocus.com/bid/39174
   remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1304

cves/2010/CVE-2010-1313.yaml

@@ -9,6 +9,7 @@ info:
     - https://www.exploit-db.com/exploits/12082
     - https://www.cvedetails.com/cve/CVE-2010-1313
     - http://web.archive.org/web/20210121195302/https://www.securityfocus.com/bid/39237/
+    - http://www.securityfocus.com/bid/39237
   remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1313

cves/2010/CVE-2010-1461.yaml

@@ -9,6 +9,7 @@ info:
     - https://www.exploit-db.com/exploits/12232
     - https://www.cvedetails.com/cve/CVE-2010-1461
     - http://web.archive.org/web/20210518110953/https://www.securityfocus.com/bid/39504
+    - http://www.securityfocus.com/bid/39504
   remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-1461

cves/2010/CVE-2010-1715.yaml

@@ -9,6 +9,7 @@ info:
     - https://www.exploit-db.com/exploits/12174
     - https://www.cvedetails.com/cve/CVE-2010-1715
     - http://packetstormsecurity.org/1004-exploits/joomlaonlineexam-lfi.txt
+    - http://www.osvdb.org/63659
   classification:
     cve-id: CVE-2010-1715
   tags: cve,cve2010,joomla,lfi

cves/2010/CVE-2010-2307.yaml

@@ -9,6 +9,7 @@ info:
     - http://web.archive.org/web/20210120195654/https://www.securityfocus.com/bid/40550/info
     - https://nvd.nist.gov/vuln/detail/CVE-2010-2307
     - https://www.exploit-db.com/exploits/12865
+    - http://www.osvdb.org/65249
   remediation: Upgrade to a supported product version.
   classification:
     cve-id: CVE-2010-2307

cves/2010/CVE-2010-2507.yaml

@@ -9,6 +9,7 @@ info:
     - https://www.exploit-db.com/exploits/13981
     - https://www.cvedetails.com/cve/CVE-2010-2507
     - http://secunia.com/advisories/40297
+    - http://osvdb.org/65674
   remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2010-2507

cves/2011/CVE-2011-1669.yaml

@@ -9,6 +9,7 @@ info:
     - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1669
     - https://www.exploit-db.com/exploits/17119
     - http://web.archive.org/web/20210121212348/https://www.securityfocus.com/bid/47146/
+    - http://www.securityfocus.com/bid/47146
   remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2011-1669

cves/2011/CVE-2011-2780.yaml

@@ -15,9 +15,9 @@ info:
     - http://securityreason.com/securityalert/8312
     - https://exchange.xforce.ibmcloud.com/vulnerabilities/68565
     - http://web.archive.org/web/20201207104106/https://www.securityfocus.com/archive/1/518890/100/0/threaded
+  remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2011-2780
-  remediation: Upgrade to a supported version.
   tags: cve,cve2011,lfi,chyrp
 
 requests:

cves/2011/CVE-2011-4336.yaml

@@ -9,12 +9,13 @@ info:
     - https://nvd.nist.gov/vuln/detail/CVE-2011-4336
     - http://web.archive.org/web/20210328232945/https://www.securityfocus.com/bid/48806/info
     - https://seclists.org/bugtraq/2011/Nov/140
+    - https://www.securityfocus.com/bid/48806/info
+  remediation: Upgrade to a supported version.
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1
     cve-id: CVE-2011-4336
     cwe-id: CWE-79
-  remediation: Upgrade to a supported version.
   tags: cve,cve2011,xss,tikiwiki
 
 requests:

cves/2011/CVE-2011-4618.yaml

@@ -9,6 +9,7 @@ info:
     - https://nvd.nist.gov/vuln/detail/CVE-2011-4618
     - http://web.archive.org/web/20210121070605/https://www.securityfocus.com/archive/1/520589
     - http://wordpress.org/support/topic/wordpress-advanced-text-widget-plugin-cross-site-scripting-vulnerabilities
+    - http://www.securityfocus.com/archive/1/520589
   remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2011-4618

cves/2011/CVE-2011-4624.yaml

@@ -9,6 +9,7 @@ info:
     - https://nvd.nist.gov/vuln/detail/CVE-2011-4624
     - http://www.openwall.com/lists/oss-security/2011/12/23/2
     - http://plugins.trac.wordpress.org/changeset/469785
+    - http://archives.neohapsis.com/archives/bugtraq/2011-12/0180.html
   remediation: Upgrade to a supported version.
   classification:
     cve-id: CVE-2011-4624

cves/2011/CVE-2011-5181.yaml

@@ -9,6 +9,7 @@ info:
     - https://nvd.nist.gov/vuln/detail/CVE-2011-5181
     - http://web.archive.org/web/20210123155244/https://www.securityfocus.com/bid/50778/
     - http://wordpress.org/extend/plugins/clickdesk-live-support-chat-plugin/changelog/
+    - http://www.securityfocus.com/bid/50778
   classification:
     cve-id: CVE-2011-5181
   tags: cve,cve2011,wordpress,xss,wp-plugin

cves/2011/CVE-2011-5265.yaml

@@ -8,6 +8,8 @@ info:
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2011-5265
     - http://web.archive.org/web/20210123103000/https://www.securityfocus.com/bid/50779/
+    - http://osvdb.org/77337
+    - http://www.securityfocus.com/bid/50779
   classification:
     cve-id: CVE-2011-5265
   tags: cve,cve2011,wordpress,xss,wp-plugin

cves/2012/CVE-2012-0991.yaml

@@ -9,6 +9,7 @@ info:
     - https://www.exploit-db.com/exploits/36650
     - https://www.cvedetails.com/cve/CVE-2012-0991
     - http://web.archive.org/web/20210121221715/https://www.securityfocus.com/bid/51788/
+    - http://osvdb.org/78729
   classification:
     cve-id: CVE-2012-0991
   tags: cve,cve2012,lfi,openemr,traversal

cves/2012/CVE-2012-4253.yaml

@@ -8,6 +8,8 @@ info:
   reference:
     - https://www.exploit-db.com/exploits/37129
     - https://www.cvedetails.com/cve/CVE-2012-4253
+    - http://www.osvdb.org/81609
+    - http://www.osvdb.org/81615
   classification:
     cve-id: CVE-2012-4253
   tags: cve,cve2012,lfi

cves/2012/CVE-2012-4889.yaml

@@ -8,6 +8,8 @@ info:
   reference:
     - http://web.archive.org/web/20210121082432/https://www.securityfocus.com/bid/52841/info
     - https://nvd.nist.gov/vuln/detail/CVE-2012-4889
+    - http://osvdb.org/80873
+    - http://osvdb.org/80872
   classification:
     cve-id: CVE-2012-4889
   tags: cve,cve2012,xss,manageengine

cves/2013/CVE-2013-2287.yaml

@@ -8,6 +8,7 @@ info:
   reference:
     - https://nvd.nist.gov/vuln/detail/CVE-2013-2287
     - https://www.dognaedis.com/vulns/DGS-SEC-16.html
+    - http://osvdb.org/90840
   classification:
     cve-id: CVE-2013-2287
   tags: cve,cve2013,wordpress,xss,wp-plugin

cves/2013/CVE-2013-4625.yaml

@@ -9,6 +9,7 @@ info:
     - https://nvd.nist.gov/vuln/detail/CVE-2013-4625
     - https://packetstormsecurity.com/files/122535/WordPress-Duplicator-0.4.4-Cross-Site-Scripting.html
     - https://seclists.org/bugtraq/2013/Jul/160
+    - http://osvdb.org/95627
   remediation: Upgrade to Duplicator 0.4.5 or later.
   classification:
     cve-id: CVE-2013-4625

cves/2013/CVE-2013-7091.yaml

@@ -9,6 +9,7 @@ info:
     - https://nvd.nist.gov/vuln/detail/CVE-2013-7091
     - https://www.exploit-db.com/exploits/30085
     - https://www.exploit-db.com/exploits/30472
+    - http://osvdb.org/100747
   classification:
     cve-id: CVE-2013-7091
   tags: cve,cve2013,zimbra,lfi

cves/2014/CVE-2014-10037.yaml

@@ -9,6 +9,7 @@ info:
     - https://www.exploit-db.com/exploits/30865
     - https://www.cvedetails.com/cve/CVE-2014-10037
     - https://nvd.nist.gov/vuln/detail/CVE-2014-10037
+    - http://osvdb.org/show/osvdb/102204
   classification:
     cve-id: CVE-2014-10037
   tags: cve,cve2014,lfi

cves/2017/CVE-2017-11512.yaml

@@ -18,7 +18,7 @@ info:
     cwe-id: CWE-22
   metadata:
     shodan-query: http.title:"ManageEngine"
-    verified: true
+    verified: "true"
   tags: cve,cve2017,manageengine,lfr,unauth
 
 requests:

cves/2018/CVE-2018-19439.yaml

@@ -9,6 +9,7 @@ info:
     - http://web.archive.org/web/20210124221313/https://www.securityfocus.com/bid/106006/
     - http://seclists.org/fulldisclosure/2018/Nov/58
     - http://packetstormsecurity.com/files/150444/Oracle-Secure-Global-Desktop-Administration-Console-4.4-Cross-Site-Scripting.html
+    - http://www.securityfocus.com/bid/106006
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
     cvss-score: 6.1

cves/2018/CVE-2018-2791.yaml

@@ -4,10 +4,7 @@ info:
   name: Oracle Fusion Middleware WebCenter Sites - Cross-Site Scripting
   author: madrobot,leovalcante
   severity: high
-  description: The Oracle WebCenter Sites component of Oracle Fusion Middleware is susceptible to multiple instances of cross-site scripting that could allow unauthenticated attackers with network access via HTTP
-    to compromise Oracle WebCenter Sites. Impacted versions that are affected are 11.1.1.8.0, 12.2.1.2.0 and 12.2.1.3.0. Successful attacks require human interaction from a person other than the attacker and while
-    the vulnerability is in Oracle WebCenter Sites, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access
-    to all Oracle WebCenter Sites accessible data as well as unauthorized update, insert or delete access to some of Oracle WebCenter Sites accessible data.
+  description: The Oracle WebCenter Sites component of Oracle Fusion Middleware is susceptible to multiple instances of cross-site scripting that could allow unauthenticated attackers with network access via HTTP to compromise Oracle WebCenter Sites. Impacted versions that are affected are 11.1.1.8.0, 12.2.1.2.0 and 12.2.1.3.0. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle WebCenter Sites, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle WebCenter Sites accessible data as well as unauthorized update, insert or delete access to some of Oracle WebCenter Sites accessible data.
   reference:
     - http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
     - http://www.securitytracker.com/id/1040695

cves/2019/CVE-2019-8442.yaml

@@ -8,6 +8,7 @@ info:
   reference:
     - https://jira.atlassian.com/browse/JRASERVER-69241
     - http://web.archive.org/web/20210125215006/https://www.securityfocus.com/bid/108460/
+    - http://www.securityfocus.com/bid/108460
   classification:
     cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
     cvss-score: 7.5