chore: generate CVEs metadata 🤖
ghost
parent
3ba106c208
commit
6334346758
|
|
@ -2295,6 +2295,7 @@
|
||||||
{"ID":"CVE-2023-40504","Info":{"Name":"LG Simple Editor \u003c= v3.21.0 - Command Injection","Severity":"critical","Description":"LG Simple Editor readVideoInfo Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the readVideoInfo method. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of SYSTEM.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-40504.yaml"}
|
{"ID":"CVE-2023-40504","Info":{"Name":"LG Simple Editor \u003c= v3.21.0 - Command Injection","Severity":"critical","Description":"LG Simple Editor readVideoInfo Command Injection Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. The specific flaw exists within the readVideoInfo method. The issue results from the lack of proper validation of a user-supplied string before using it to execute a system call. An attacker can leverage this vulnerability to execute code in the context of SYSTEM.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-40504.yaml"}
|
||||||
{"ID":"CVE-2023-40749","Info":{"Name":"PHPJabbers Food Delivery Script v3.0 - SQL Injection","Severity":"critical","Description":"PHPJabbers Food Delivery Script v3.0 is vulnerable to SQL Injection in the \"column\" parameter of index.php.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-40749.yaml"}
|
{"ID":"CVE-2023-40749","Info":{"Name":"PHPJabbers Food Delivery Script v3.0 - SQL Injection","Severity":"critical","Description":"PHPJabbers Food Delivery Script v3.0 is vulnerable to SQL Injection in the \"column\" parameter of index.php.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-40749.yaml"}
|
||||||
{"ID":"CVE-2023-40750","Info":{"Name":"PHPJabbers Yacht Listing Script v1.0 - Cross-Site Scripting","Severity":"medium","Description":"There is a Cross Site Scripting (XSS) vulnerability in the \"action\" parameter of index.php in PHPJabbers Yacht Listing Script v1.0.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-40750.yaml"}
|
{"ID":"CVE-2023-40750","Info":{"Name":"PHPJabbers Yacht Listing Script v1.0 - Cross-Site Scripting","Severity":"medium","Description":"There is a Cross Site Scripting (XSS) vulnerability in the \"action\" parameter of index.php in PHPJabbers Yacht Listing Script v1.0.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-40750.yaml"}
|
||||||
|
{"ID":"CVE-2023-40755","Info":{"Name":"PHPJabbers Callback Widget v1.0 - Cross-Site Scripting","Severity":"medium","Description":"There is a Cross Site Scripting (XSS) vulnerability in the \"theme\" parameter of preview.php in PHPJabbers Callback Widget v1.0.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-40755.yaml"}
|
||||||
{"ID":"CVE-2023-40779","Info":{"Name":"IceWarp Mail Server Deep Castle 2 v.13.0.1.2 - Open Redirect","Severity":"medium","Description":"An issue in IceWarp Mail Server Deep Castle 2 v.13.0.1.2 allows a remote attacker to execute arbitrary code via a crafted request to the URL.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-40779.yaml"}
|
{"ID":"CVE-2023-40779","Info":{"Name":"IceWarp Mail Server Deep Castle 2 v.13.0.1.2 - Open Redirect","Severity":"medium","Description":"An issue in IceWarp Mail Server Deep Castle 2 v.13.0.1.2 allows a remote attacker to execute arbitrary code via a crafted request to the URL.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-40779.yaml"}
|
||||||
{"ID":"CVE-2023-4110","Info":{"Name":"PHPJabbers Availability Booking Calendar 5.0 - Cross-Site Scripting","Severity":"medium","Description":"A vulnerability has been found in PHP Jabbers Availability Booking Calendar 5.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument session_id leads to cross site scripting. The attack can be launched remotely.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-4110.yaml"}
|
{"ID":"CVE-2023-4110","Info":{"Name":"PHPJabbers Availability Booking Calendar 5.0 - Cross-Site Scripting","Severity":"medium","Description":"A vulnerability has been found in PHP Jabbers Availability Booking Calendar 5.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /index.php. The manipulation of the argument session_id leads to cross site scripting. The attack can be launched remotely.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-4110.yaml"}
|
||||||
{"ID":"CVE-2023-41109","Info":{"Name":"SmartNode SN200 Analog Telephone Adapter (ATA) \u0026 VoIP Gateway - Command Injection","Severity":"critical","Description":"The SmartNode SN200 Analog Telephone Adapter (ATA) \u0026 VoIP Gateway is vulnerable to command injection.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-41109.yaml"}
|
{"ID":"CVE-2023-41109","Info":{"Name":"SmartNode SN200 Analog Telephone Adapter (ATA) \u0026 VoIP Gateway - Command Injection","Severity":"critical","Description":"The SmartNode SN200 Analog Telephone Adapter (ATA) \u0026 VoIP Gateway is vulnerable to command injection.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-41109.yaml"}
|
||||||
|
|
|
||||||
|
|
@ -1 +1 @@
|
||||||
0f6d0bd7b4ac6a609cd9ffc5769d50a7
|
d00101c2afe2922d27964e24564f8d15
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue