daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

chore: generate CVEs metadata 🤖

patch-13
ghost 2024-11-04 05:40:57 +00:00
parent c6a65657db
commit e61a9c9ead
2 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
cves.json
View File

@ -2672,6 +2672,7 @@
{"ID":"CVE-2024-5947","Info":{"Name":"Deep Sea Electronics DSE855 - Authentication Bypass","Severity":"medium","Description":"Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web-based UI. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-22679.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-5947.yaml"} {"ID":"CVE-2024-5947","Info":{"Name":"Deep Sea Electronics DSE855 - Authentication Bypass","Severity":"medium","Description":"Deep Sea Electronics DSE855 Configuration Backup Missing Authentication Information Disclosure Vulnerability. This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Deep Sea Electronics DSE855 devices. Authentication is not required to exploit this vulnerability. The specific flaw exists within the web-based UI. The issue results from the lack of authentication prior to allowing access to functionality. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-22679.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-5947.yaml"}
{"ID":"CVE-2024-5975","Info":{"Name":"CZ Loan Management \u003c= 1.1 - SQL Injection","Severity":"critical","Description":"The CZ Loan Management WordPress plugin through 1.1 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection.\n","Classification":{"CVSSScore":"9.1"}},"file_path":"http/cves/2024/CVE-2024-5975.yaml"} {"ID":"CVE-2024-5975","Info":{"Name":"CZ Loan Management \u003c= 1.1 - SQL Injection","Severity":"critical","Description":"The CZ Loan Management WordPress plugin through 1.1 does not properly sanitise and escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users, leading to a SQL injection.\n","Classification":{"CVSSScore":"9.1"}},"file_path":"http/cves/2024/CVE-2024-5975.yaml"}
{"ID":"CVE-2024-6028","Info":{"Name":"Quiz Maker \u003c= 6.5.8.3 - SQL Injection","Severity":"critical","Description":"The Quiz Maker plugin for WordPress is vulnerable to time-based SQL Injection via the 'ays_questions' parameter in all versions up to, and including, 6.5.8.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-6028.yaml"} {"ID":"CVE-2024-6028","Info":{"Name":"Quiz Maker \u003c= 6.5.8.3 - SQL Injection","Severity":"critical","Description":"The Quiz Maker plugin for WordPress is vulnerable to time-based SQL Injection via the 'ays_questions' parameter in all versions up to, and including, 6.5.8.3 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-6028.yaml"}
{"ID":"CVE-2024-6049","Info":{"Name":"Lawo AG vsm LTC Time Sync (vTimeSync) - Path Traversal","Severity":"high","Description":"The web server of Lawo AG vsm LTC Time Sync (vTimeSync) is affected by a \"...\" (triple dot) path traversal vulnerability. By sending a specially crafted HTTP request, an unauthenticated remote attacker could download arbitrary files from the operating system. As a limitation, the exploitation is only possible if the requested file has some file extension, e. g. .exe or .txt.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2024/CVE-2024-6049.yaml"}
{"ID":"CVE-2024-6095","Info":{"Name":"LocalAI - Partial Local File Read","Severity":"medium","Description":"A vulnerability in the /models/apply endpoint of mudler/localai versions 2.15.0 allows for Server-Side Request Forgery (SSRF) and partial Local File Inclusion (LFI). The endpoint supports both http(s)-// and file-// schemes, where the latter can lead to LFI. However, the output is limited due to the length of the error message. This vulnerability can be exploited by an attacker with network access to the LocalAI instance, potentially allowing unauthorized access to internal HTTP(s) servers and partial reading of local files. The issue is fixed in version 2.17.\n","Classification":{"CVSSScore":"5.8"}},"file_path":"http/cves/2024/CVE-2024-6095.yaml"} {"ID":"CVE-2024-6095","Info":{"Name":"LocalAI - Partial Local File Read","Severity":"medium","Description":"A vulnerability in the /models/apply endpoint of mudler/localai versions 2.15.0 allows for Server-Side Request Forgery (SSRF) and partial Local File Inclusion (LFI). The endpoint supports both http(s)-// and file-// schemes, where the latter can lead to LFI. However, the output is limited due to the length of the error message. This vulnerability can be exploited by an attacker with network access to the LocalAI instance, potentially allowing unauthorized access to internal HTTP(s) servers and partial reading of local files. The issue is fixed in version 2.17.\n","Classification":{"CVSSScore":"5.8"}},"file_path":"http/cves/2024/CVE-2024-6095.yaml"}
{"ID":"CVE-2024-6159","Info":{"Name":"Push Notification for Post and BuddyPress \u003c= 1.93 - SQL Injection","Severity":"critical","Description":"Push Notification for Post and BuddyPress plugin for WordPress is vulnerable to SQL Injection via the 'onesignal_externalid' and 'onesignal_get_subscriptionoptions_id' paramters in all versions up to, and including, 1.93 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.\n","Classification":{"CVSSScore":"10"}},"file_path":"http/cves/2024/CVE-2024-6159.yaml"} {"ID":"CVE-2024-6159","Info":{"Name":"Push Notification for Post and BuddyPress \u003c= 1.93 - SQL Injection","Severity":"critical","Description":"Push Notification for Post and BuddyPress plugin for WordPress is vulnerable to SQL Injection via the 'onesignal_externalid' and 'onesignal_get_subscriptionoptions_id' paramters in all versions up to, and including, 1.93 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for unauthenticated attackers to append additional SQL queries into already existing queries that can be used to extract sensitive information from the database.\n","Classification":{"CVSSScore":"10"}},"file_path":"http/cves/2024/CVE-2024-6159.yaml"}
{"ID":"CVE-2024-6188","Info":{"Name":"TrakSYS 11.x.x - Sensitive Data Exposure","Severity":"medium","Description":"A vulnerability was found in Parsec Automation TrackSYS 11.x.x and classified as problematic. This issue affects some unknown processing of the file /TS/export/pagedefinition. The manipulation of the argument ID leads to direct request. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-6188.yaml"} {"ID":"CVE-2024-6188","Info":{"Name":"TrakSYS 11.x.x - Sensitive Data Exposure","Severity":"medium","Description":"A vulnerability was found in Parsec Automation TrackSYS 11.x.x and classified as problematic. This issue affects some unknown processing of the file /TS/export/pagedefinition. The manipulation of the argument ID leads to direct request. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-6188.yaml"}

2
cves.json-checksum.txt
View File

@ -1 +1 @@
834a3ed8fe3e7171d2135982772985b0 73ade358d14e08271bedc134c2015a38