Auto Generated cves.json [Sat Apr 15 12:38:39 UTC 2023] 🤖

patch-1
GitHub Action 2023-04-15 12:38:39 +00:00
parent bc2a56568e
commit e2abf12dc2
2 changed files with 2 additions and 1 deletions

View File

@ -1206,6 +1206,7 @@
{"ID":"CVE-2021-34640","Info":{"Name":"WordPress Securimage-WP-Fixed \u003c=3.5.4 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Securimage-WP-Fixed plugin 3.5.4 and prior contains a cross-site scripting vulnerability due to the use of $_SERVER['PHP_SELF'] in the ~/securimage-wp.php file, which allows attackers to inject arbitrary web scripts.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-34640.yaml"}
{"ID":"CVE-2021-34643","Info":{"Name":"WordPress Skaut Bazar \u003c1.3.3 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Skaut Bazar plugin before 1.3.3 contains a reflected cross-site scripting vulnerability due to the use of $_SERVER['PHP_SELF'] in the ~/skaut-bazar.php file, which allows attackers to inject arbitrary web scripts.","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-34643.yaml"}
{"ID":"CVE-2021-34805","Info":{"Name":"FAUST iServer 9.0.018.018.4 - Local File Inclusion","Severity":"high","Description":"FAUST iServer before 9.0.019.019.7 is susceptible to local file inclusion because for each URL request it accesses the corresponding .fau file on the operating system without preventing %2e%2e%5c directory traversal.","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-34805.yaml"}
{"ID":"CVE-2021-35250","Info":{"Name":"SolarWinds Serv-U 15.3 - Directory Traversal","Severity":"high","Description":"A researcher reported a Directory Traversal Vulnerability in Serv-U 15.3. This may allow access to files relating to the Serv-U installation and server files. This issue has been resolved in Serv-U 15.3 Hotfix 1.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-35250.yaml"}
{"ID":"CVE-2021-35265","Info":{"Name":"MaxSite CMS Cross-Site Scripting","Severity":"medium","Description":"A reflected cross-site scripting vulnerability in MaxSite CMS before V106 via product/page/* allows remote attackers to inject arbitrary web script to a page.\"","Classification":{"CVSSScore":"6.1"}},"file_path":"cves/2021/CVE-2021-35265.yaml"}
{"ID":"CVE-2021-35336","Info":{"Name":"Tieline IP Audio Gateway \u003c=2.6.4.8 - Unauthorized Remote Admin Panel Access","Severity":"critical","Description":"Tieline IP Audio Gateway 2.6.4.8 and below is affected by a vulnerability in the web administrative interface that could allow an unauthenticated user to access a sensitive part of the system with a high privileged account.","Classification":{"CVSSScore":"9.8"}},"file_path":"cves/2021/CVE-2021-35336.yaml"}
{"ID":"CVE-2021-35380","Info":{"Name":"TermTalk Server 3.24.0.2 - Local File Inclusion","Severity":"high","Description":"TermTalk Server (TTServer) 3.24.0.2 is vulnerable to file inclusion which allows unauthenticated malicious user to gain access to the files on the remote system by providing the relative path of the file they want to retrieve.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"cves/2021/CVE-2021-35380.yaml"}

View File

@ -1 +1 @@
93fb9791c9f667bd3fcf5b5f4506c3bd
c3dd4af61be7fa6b1acd9c074befe28d