diff --git a/cves/2019/CVE-2019-10717.yaml b/cves/2019/CVE-2019-10717.yaml index 5b0c21a9b6..bf06eaac80 100644 --- a/cves/2019/CVE-2019-10717.yaml +++ b/cves/2019/CVE-2019-10717.yaml @@ -9,9 +9,15 @@ info: reference: - https://www.securitymetrics.com/blog/Blogenginenet-Directory-Traversal-Listing-Login-Page-Unvalidated-Redirect - https://nvd.nist.gov/vuln/detail/CVE-2019-10717 + - https://github.com/rxtur/BlogEngine.NET/commits/master + classification: + cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:H/A:N + cvss-score: 7.1 + cve-id: CVE-2019-10717 + cwe-id: CWE-22 metadata: - verified: true shodan-query: http.html:"Blogengine.net" + verified: "true" tags: cve,cve2019,blogengine,lfi,traversal requests: diff --git a/cves/2022/CVE-2022-32024.yaml b/cves/2022/CVE-2022-32024.yaml index 2a7cb8bd47..7aea1ed902 100644 --- a/cves/2022/CVE-2022-32024.yaml +++ b/cves/2022/CVE-2022-32024.yaml @@ -9,10 +9,15 @@ info: reference: - https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/car-rental-management-system/SQLi-4.md - https://nvd.nist.gov/vuln/detail/CVE-2022-32024 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H + cvss-score: 7.2 + cve-id: CVE-2022-32024 + cwe-id: CWE-89 metadata: - verified: true - shodan-query: http.html:"Car Rental Management System" comment: Login bypass is also possible using the payload- admin'+or+'1'%3D'1' in username. + shodan-query: http.html:"Car Rental Management System" + verified: "true" tags: cve,cve2022,carrental,cms,sqli,authenticated variables: diff --git a/cves/2022/CVE-2022-32025.yaml b/cves/2022/CVE-2022-32025.yaml index db9e702014..e99d7f0fe5 100644 --- a/cves/2022/CVE-2022-32025.yaml +++ b/cves/2022/CVE-2022-32025.yaml @@ -9,10 +9,15 @@ info: reference: - https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/car-rental-management-system/SQLi-6.md - https://nvd.nist.gov/vuln/detail/CVE-2022-32025 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H + cvss-score: 7.2 + cve-id: CVE-2022-32025 + cwe-id: CWE-89 metadata: - verified: true - shodan-query: http.html:"Car Rental Management System" comment: Login bypass is also possible using the payload - admin'+or+'1'%3D'1' in username. + shodan-query: http.html:"Car Rental Management System" + verified: "true" tags: cve,cve2022,carrental,cms,sqli,authenticated variables: diff --git a/cves/2022/CVE-2022-32026.yaml b/cves/2022/CVE-2022-32026.yaml index e67e76445b..4cfcb0a876 100644 --- a/cves/2022/CVE-2022-32026.yaml +++ b/cves/2022/CVE-2022-32026.yaml @@ -9,10 +9,15 @@ info: reference: - https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/car-rental-management-system/SQLi-8.md - https://nvd.nist.gov/vuln/detail/CVE-2022-32028 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H + cvss-score: 7.2 + cve-id: CVE-2022-32028 + cwe-id: CWE-89 metadata: - verified: true - shodan-query: http.html:"Car Rental Management System" comment: Login bypass is also possible using the payload- admin'+or+'1'%3D'1' in username. + shodan-query: http.html:"Car Rental Management System" + verified: "true" tags: cve,cve2022,carrental,cms,sqli,authenticated variables: diff --git a/cves/2022/CVE-2022-32028.yaml b/cves/2022/CVE-2022-32028.yaml index 3df3b33d91..7447956c3b 100644 --- a/cves/2022/CVE-2022-32028.yaml +++ b/cves/2022/CVE-2022-32028.yaml @@ -9,10 +9,15 @@ info: reference: - https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/car-rental-management-system/SQLi-8.md - https://nvd.nist.gov/vuln/detail/CVE-2022-32028 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H + cvss-score: 7.2 + cve-id: CVE-2022-32028 + cwe-id: CWE-89 metadata: - verified: true - shodan-query: http.html:"Car Rental Management System" comment: Login bypass is also possible using the payload - admin'+or+'1'%3D'1' in username. + shodan-query: http.html:"Car Rental Management System" + verified: "true" tags: cve,cve2022,carrental,cms,sqli,authenticated variables: