From 9ead1b02411cf86b11a96ac1d29b46f4e1886d21 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Wed, 22 Mar 2023 11:30:52 +0000 Subject: [PATCH] Auto Generated cves.json [Wed Mar 22 11:30:52 UTC 2023] :robot: --- cves.json | 5 +++-- cves.json-checksum.txt | 2 +- 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/cves.json b/cves.json index 55132b98d9..64da930873 100644 --- a/cves.json +++ b/cves.json @@ -1166,7 +1166,7 @@ {"ID":"CVE-2021-32819","Info":{"Name":"Nodejs Squirrelly - Remote Code Execution","Severity":"high","Description":"Nodejs Squirrelly is susceptible to remote code execution. Squirrelly is a template engine implemented in JavaScript that works out of the box with ExpressJS. Squirrelly mixes pure template data with engine configuration options through the Express render API. By overwriting internal configuration options remote code execution may be triggered in downstream applications. There is currently no fix for these issues as of the publication of this CVE. The latest version of squirrelly is currently 8.0.8. For complete details refer to the referenced GHSL-2021-023.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2021/CVE-2021-32819.yaml"} {"ID":"CVE-2021-32820","Info":{"Name":"Express-handlebars - Local File Inclusion","Severity":"high","Description":"Express-handlebars is susceptible to local file inclusion because it mixes pure template data with engine configuration options through the Express render API. More specifically, the layout parameter may trigger file disclosure vulnerabilities in downstream applications. This potential vulnerability is somewhat restricted in that only files with existing extensions (i.e., file.extension) can be included. Files that lack an extension will have .handlebars appended to them. For complete details refer to the referenced GHSL-2021-018 report. Notes in documentation have been added to help users avoid this potential information exposure vulnerability.","Classification":{"CVSSScore":"8.6"}},"file_path":"cves/2021/CVE-2021-32820.yaml"} {"ID":"CVE-2021-32853","Info":{"Name":"Erxes \u003c0.23.0 - Cross-Site Scripting","Severity":"critical","Description":"Erxes before 0.23.0 contains a cross-site scripting vulnerability. The value of topicID parameter is not escaped and is triggered in the enclosing script tag.","Classification":{"CVSSScore":"9.6"}},"file_path":"cves/2021/CVE-2021-32853.yaml"} -{"ID":"CVE-2021-3293","Info":{"Name":"emlog 5.3.1 Path Disclosure","Severity":"high","Description":"emlog v5.3.1 is susceptible to full path disclosure via t/index.php, which allows an attacker to see the path to the webroot/file.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-3293.yaml"} +{"ID":"CVE-2021-3293","Info":{"Name":"emlog 5.3.1 Path Disclosure","Severity":"medium","Description":"emlog v5.3.1 is susceptible to full path disclosure via t/index.php, which allows an attacker to see the path to the webroot/file.","Classification":{"CVSSScore":"5.3"}},"file_path":"cves/2021/CVE-2021-3293.yaml"} {"ID":"CVE-2021-3297","Info":{"Name":"Zyxel NBG2105 V1.00(AAGU.2)C0 - Authentication Bypass","Severity":"high","Description":"Zyxel NBG2105 V1.00(AAGU.2)C0 devices are susceptible to authentication bypass vulnerabilities because setting the login cookie to 1 provides administrator access.","Classification":{"CVSSScore":"7.8"}},"file_path":"cves/2021/CVE-2021-3297.yaml"} {"ID":"CVE-2021-33044","Info":{"Name":"Dahua IPC/VTH/VTO - Authentication Bypass","Severity":"critical","Description":"Some Dahua products contain an authentication bypass during the login process. Attackers can bypass device identity authentication by constructing malicious data packets.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-33044.yaml"} {"ID":"CVE-2021-33221","Info":{"Name":"CommScope Ruckus IoT Controller - Information Disclosure","Severity":"critical","Description":"CommScope Ruckus IoT Controller is susceptible to information disclosure vulnerabilities because a 'service details' API endpoint discloses system and configuration information to an attacker without requiring authentication. This information includes DNS and NTP servers that the devices use for time and host resolution. It also includes the internal hostname and IoT Controller version. A fully configured device in production may leak other, more sensitive information (API keys and tokens).","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-33221.yaml"} @@ -1589,6 +1589,7 @@ {"ID":"CVE-2022-37153","Info":{"Name":"Artica Proxy 4.30.000000 - Cross-Site Scripting","Severity":"medium","Description":"Artica Proxy 4.30.000000 contains a cross-site scripting vulnerability via the password parameter in /fw.login.php.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-37153.yaml"} {"ID":"CVE-2022-37299","Info":{"Name":"Shirne CMS 1.2.0 - Local File Inclusion","Severity":"medium","Description":"Shirne CMS 1.2.0 is vulnerable to local file inclusion which could cause arbitrary file read via /static/ueditor/php/controller.php.","Classification":{"CVSSScore":"6.5"}},"file_path":"cves/2022/CVE-2022-37299.yaml"} {"ID":"CVE-2022-3768","Info":{"Name":"WordPress WPSmartContracts \u003c1.3.12 - SQL Injection","Severity":"high","Description":"WordPress WPSmartContracts plugin before 1.3.12 contains a SQL injection vulnerability. The plugin does not properly sanitize and escape a parameter before using it in a SQL statement. An attacker with a role as low as author can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2022/CVE-2022-3768.yaml"} +{"ID":"CVE-2022-3800","Info":{"Name":"IBAX go-ibax - SQL Injection","Severity":"high","Description":"A vulnerability, which was classified as critical, has been found in IBAX go-ibax. Affected by this issue is some unknown functionality of the file /api/v2/open/rowsInfo. The manipulation of the argument table_name leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used\n","Classification":{"CVSSScore":"8.8"}},"file_path":"cves/2022/CVE-2022-3800.yaml"} {"ID":"CVE-2022-38463","Info":{"Name":"ServiceNow - Cross-Site Scripting","Severity":"medium","Description":"ServiceNow through San Diego Patch 4b and Patch 6 contains a cross-site scripting vulnerability in the logout functionality, which can enable an unauthenticated remote attacker to execute arbitrary JavaScript.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-38463.yaml"} {"ID":"CVE-2022-38553","Info":{"Name":"Academy Learning Management System \u003c5.9.1 - Cross-Site Scripting","Severity":"medium","Description":"Academy Learning Management System before 5.9.1 contains a cross-site scripting vulnerability via the Search parameter. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2022/CVE-2022-38553.yaml"} {"ID":"CVE-2022-38637","Info":{"Name":"Hospital Management System 1.0 - SQL Injection","Severity":"critical","Description":"Hospital Management System 1.0 contains a SQL injection vulnerability via the editid parameter in /HMS/user-login.php. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2022/CVE-2022-38637.yaml"} @@ -1656,4 +1657,4 @@ {"ID":"CVE-2023-26255","Info":{"Name":"STAGIL Navigation for Jira - Menu \u0026 Themes - Local File Inclusion","Severity":"high","Description":"An unauthenticated path traversal vulnerability affects the \"STAGIL Navigation for Jira - Menu \u0026 Themes\" plugin before 2.0.52 for Jira. By modifying the fileName parameter to the snjCustomDesignConfig endpoint, it is possible to traverse and read the file system.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2023/CVE-2023-26255.yaml"} {"ID":"CVE-2023-26256","Info":{"Name":"STAGIL Navigation for Jira - Menu \u0026 Themes - Local File Inclusion","Severity":"high","Description":"An unauthenticated path traversal vulnerability affects the \"STAGIL Navigation for Jira - Menu \u0026 Themes\" plugin before 2.0.52 for Jira. By modifying the fileName parameter to the snjFooterNavigationConfig endpoint, it is possible to traverse and read the file system.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2023/CVE-2023-26256.yaml"} {"ID":"CVE-2023-27292","Info":{"Name":"OpenCATS - Open Redirect","Severity":"medium","Description":"An open redirect vulnerability exposes OpenCATS to template injection due to improper validation of user-supplied GET parameters.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"cves/2023/CVE-2023-27292.yaml"} -{"ID":"CVE-2023-27587","Info":{"Name":"ReadToMyShoe - Google Cloud API Disclosure","Severity":"high","Description":"If an error occurs when adding an article, the website shows the user an error message. If the error originates from the Google Cloud TTS request, then it will include the full URL of the request. The request URL contains the Google Cloud API key.\n","Classification":{"CVSSScore":"7.4"}},"file_path":"cves/2023/CVE-2023-27587.yaml"} +{"ID":"CVE-2023-27587","Info":{"Name":"ReadToMyShoe - Google Cloud API Disclosure","Severity":"medium","Description":"If an error occurs when adding an article, the website shows the user an error message. If the error originates from the Google Cloud TTS request, then it will include the full URL of the request. The request URL contains the Google Cloud API key.\n","Classification":{"CVSSScore":"6.5"}},"file_path":"cves/2023/CVE-2023-27587.yaml"} diff --git a/cves.json-checksum.txt b/cves.json-checksum.txt index ab6e6c16d0..b29dbc0a37 100644 --- a/cves.json-checksum.txt +++ b/cves.json-checksum.txt @@ -1 +1 @@ -baad712af09b7dd4a483352a108ac08e +3cb8582a9322015e2e445f2958afd4bb