Auto Generated cves.json [Fri Oct 13 09:42:54 UTC 2023] 🤖

cves.json

@@ -1357,6 +1357,7 @@
 {"ID":"CVE-2021-41649","Info":{"Name":"PuneethReddyHC Online Shopping System homeaction.php SQL Injection","Severity":"critical","Description":"An unauthenticated SQL injection vulnerability exists in PuneethReddyHC Online Shopping System through the /homeaction.php cat_id parameter. Using a post request does not sanitize the user input.","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2021/CVE-2021-41649.yaml"}
 {"ID":"CVE-2021-41653","Info":{"Name":"TP-Link - OS Command Injection","Severity":"critical","Description":"The PING function on the TP-Link TL-WR840N EU v5 router with firmware through TL-WR840N(EU)_V5_171211 is vulnerable to remote code execution via a specially crafted payload in an IP address input field.","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2021/CVE-2021-41653.yaml"}
 {"ID":"CVE-2021-41691","Info":{"Name":"openSIS Student Information System 8.0 SQL Injection","Severity":"high","Description":"openSIS Student Information System version 8.0 is susceptible to SQL injection via the student_id and TRANSFER[SCHOOL] parameters in POST request sent to /TransferredOutModal.php.","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2021/CVE-2021-41691.yaml"}
+{"ID":"CVE-2021-41749","Info":{"Name":"CraftCMS SEOmatic - Server-Side Template Injection","Severity":"critical","Description":"In the SEOmatic plugin up to 3.4.11 for Craft CMS 3, it is possible for unauthenticated attackers to perform a Server-Side. Template Injection, allowing for remote code execution.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2021/CVE-2021-41749.yaml"}
 {"ID":"CVE-2021-41773","Info":{"Name":"Apache 2.4.49 - Path Traversal and Remote Code Execution","Severity":"high","Description":"A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the expected document root. If files outside of the document root are not protected by \"require all denied\" these requests can succeed. Additionally, this flaw could leak the source of interpreted files like CGI scripts. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2021/CVE-2021-41773.yaml"}
 {"ID":"CVE-2021-41826","Info":{"Name":"PlaceOS 1.2109.1 - Open Redirection","Severity":"medium","Description":"PlaceOS Authentication Service before 1.29.10.0 allows app/controllers/auth/sessions_controller.rb open redirect.","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2021/CVE-2021-41826.yaml"}
 {"ID":"CVE-2021-41878","Info":{"Name":"i-Panel Administration System 2.0 - Cross-Site Scripting","Severity":"medium","Description":"i-Panel Administration System 2.0 contains a cross-site scripting vulnerability that enables an attacker to execute arbitrary JavaScript code in the browser-based web console.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2021/CVE-2021-41878.yaml"}
@@ -1611,6 +1612,7 @@
 {"ID":"CVE-2022-25489","Info":{"Name":"Atom CMS v2.0 - Cross-Site Scripting","Severity":"medium","Description":"Atom CMS v2.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the \"A\" parameter in /widgets/debug.php.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"http/cves/2022/CVE-2022-25489.yaml"}
 {"ID":"CVE-2022-25497","Info":{"Name":"Cuppa CMS v1.0 - Local File Inclusion","Severity":"medium","Description":"CuppaCMS v1.0 was discovered to contain an arbitrary file read via the copy function.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2022/CVE-2022-25497.yaml"}
 {"ID":"CVE-2022-2551","Info":{"Name":"WordPress Duplicator \u003c1.4.7 - Authentication Bypass","Severity":"high","Description":"WordPress Duplicator plugin before 1.4.7 is susceptible to authentication bypass. The plugin discloses the URL of the backup to unauthenticated visitors accessing the main installer endpoint. If the installer script has been run once by an administrator, this allows download of the full site backup without proper authentication.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2022/CVE-2022-2551.yaml"}
+{"ID":"CVE-2022-25568","Info":{"Name":"MotionEye Config Info Disclosure","Severity":"high","Description":"MotionEye v0.42.1 and below allows attackers to access sensitive information via a GET request to /config/list. To exploit this vulnerability, a regular user password must be unconfigured.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2022/CVE-2022-25568.yaml"}
 {"ID":"CVE-2022-2599","Info":{"Name":"WordPress Anti-Malware Security and Brute-Force Firewall \u003c4.21.83 - Cross-Site Scripting","Severity":"medium","Description":"WordPress Anti-Malware Security and Brute-Force Firewall plugin before 4.21.83 contains a cross-site scripting vulnerability. The plugin does not sanitize and escape some parameters before outputting them back in an admin dashboard.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2022/CVE-2022-2599.yaml"}
 {"ID":"CVE-2022-26134","Info":{"Name":"Confluence - Remote Code Execution","Severity":"critical","Description":"Confluence Server and Data Center is susceptible to an unauthenticated remote code execution vulnerability.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2022/CVE-2022-26134.yaml"}
 {"ID":"CVE-2022-26138","Info":{"Name":"Atlassian Questions For Confluence - Hardcoded Credentials","Severity":"critical","Description":"Atlassian Questions For Confluence contains a hardcoded credentials vulnerability. When installing versions 2.7.34, 2.7.35, and 3.0.2, a Confluence user account is created in the confluence-users group with the username disabledsystemuser and a hardcoded password. A remote, unauthenticated attacker with knowledge of the hardcoded password can exploit this vulnerability to log into Confluence and access all content accessible to users in the confluence-users group.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2022/CVE-2022-26138.yaml"}
@@ -2020,6 +2022,7 @@
 {"ID":"CVE-2023-37266","Info":{"Name":"CasaOS  \u003c 0.4.4 - Authentication Bypass via Random JWT Token","Severity":"critical","Description":"CasaOS is an open-source Personal Cloud system. Unauthenticated attackers can craft arbitrary JWTs and access features that usually require authentication and execute arbitrary commands as `root` on CasaOS instances. This problem was addressed by improving the validation of JWTs in commit `705bf1f`. This patch is part of CasaOS 0.4.4. Users should upgrade to CasaOS 0.4.4. If they can't, they should temporarily restrict access to CasaOS to untrusted users, for instance by not exposing it publicly.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-37266.yaml"}
 {"ID":"CVE-2023-37270","Info":{"Name":"Piwigo 13.7.0 - SQL Injection","Severity":"high","Description":"Piwigo is open source photo gallery software. Prior to version 13.8.0, there is a SQL Injection vulnerability in the login of the administrator screen. The SQL statement that acquires the HTTP Header `User-Agent` is vulnerable at the endpoint that records user information when logging in to the administrator screen. It is possible to execute arbitrary SQL statements. Someone who wants to exploit the vulnerability must be log in to the administrator screen, even with low privileges. Any SQL statement can be executed. Doing so may leak information from the database. Version 13.8.0 contains a fix for this issue. As another mitigation, those who want to execute a SQL statement verbatim with user-enterable parameters should be sure to escape the parameter contents appropriately.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"http/cves/2023/CVE-2023-37270.yaml"}
 {"ID":"CVE-2023-37462","Info":{"Name":"XWiki Platform - Remote Code Execution","Severity":"high","Description":"XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Improper escaping in the document `SkinsCode.XWikiSkinsSheet` leads to an injection vector from view right on that document to programming rights, or in other words, it is possible to execute arbitrary script macros including Groovy and Python macros that allow remote code execution including unrestricted read and write access to all wiki contents. The attack works by opening a non-existing page with a name crafted to contain a dangerous payload. It is possible to check if an existing installation is vulnerable\n","Classification":{"CVSSScore":"8.8"}},"file_path":"http/cves/2023/CVE-2023-37462.yaml"}
+{"ID":"CVE-2023-37474","Info":{"Name":"Copyparty \u003c= 1.8.2 - Directory Traversal","Severity":"high","Description":"Copyparty is a portable file server. Versions prior to 1.8.2 are subject to a path traversal vulnerability detected in the `.cpr` subfolder. The Path Traversal attack technique allows an attacker access to files, directories, and commands that reside outside the web document root directory. This issue has been addressed in commit `043e3c7d` which has been included in release 1.8.2. Users are advised to upgrade. There are no known workarounds for this vulnerability.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-37474.yaml"}
 {"ID":"CVE-2023-37580","Info":{"Name":"Zimbra Collaboration Suite (ZCS) v.8.8.15 - Cross-Site Scripting","Severity":"medium","Description":"Zimbra Collaboration (ZCS) 8 before 8.8.15 Patch 41 allows XSS in the Zimbra Classic Web Client.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-37580.yaml"}
 {"ID":"CVE-2023-37629","Info":{"Name":"Online Piggery Management System v1.0 - Unauthenticated File Upload","Severity":"critical","Description":"Online Piggery Management System 1.0 is vulnerable to File Upload. An unauthenticated user can upload a php file by sending a POST request to add-pig.php.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-37629.yaml"}
 {"ID":"CVE-2023-3765","Info":{"Name":"MLflow Absolute Path Traversal","Severity":"critical","Description":"Absolute Path Traversal in GitHub repository mlflow/mlflow prior to 2.5.0.\n","Classification":{"CVSSScore":"10"}},"file_path":"http/cves/2023/CVE-2023-3765.yaml"}
@@ -2046,6 +2049,7 @@
 {"ID":"CVE-2023-42442","Info":{"Name":"JumpServer \u003e 3.6.4 - Information Disclosure","Severity":"high","Description":"JumpServer is an open source bastion host and a professional operation and maintenance security audit system. Starting in version 3.0.0 and prior to versions 3.5.5 and 3.6.4, session replays can download without authentication. Session replays stored in S3, OSS, or other cloud storage are not affected. The api `/api/v1/terminal/sessions/` permission control is broken and can be accessed anonymously. SessionViewSet permission classes set to `[RBACPermission | IsSessionAssignee]`, relation is or, so any permission matched will be allowed. Versions 3.5.5 and 3.6.4 have a fix. After upgrading, visit the api `$HOST/api/v1/terminal/sessions/?limit=1`. The expected http response code is 401 (`not_authenticated`).\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2023/CVE-2023-42442.yaml"}
 {"ID":"CVE-2023-42793","Info":{"Name":"JetBrains TeamCity \u003c 2023.05.4 - Remote Code Execution","Severity":"critical","Description":"In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possible\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2023/CVE-2023-42793.yaml"}
 {"ID":"CVE-2023-43261","Info":{"Name":"Milesight Routers - Information Disclosure","Severity":"high","Description":"A critical security vulnerability has been identified in Milesight Industrial Cellular Routers, compromising the security of sensitive credentials and permitting unauthorized access. This vulnerability stems from a misconfiguration that results in directory listing being enabled on the router systems, rendering log files publicly accessible. These log files, while containing sensitive information such as admin and other user passwords (encrypted as a security measure), can be exploited by attackers via the router's web interface. The presence of a hardcoded AES secret key and initialization vector (IV) in the JavaScript code further exacerbates the situation, facilitating the decryption of these passwords. This chain of vulnerabilities allows malicious actors to gain unauthorized access to the router.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2023/CVE-2023-43261.yaml"}
+{"ID":"CVE-2023-4451","Info":{"Name":"Cockpit - Cross-Site Scripting","Severity":"medium","Description":"Cross-site Scripting (XSS) - Reflected in GitHub repository cockpit-hq/cockpit prior to 2.6.4.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2023/CVE-2023-4451.yaml"}
 {"ID":"CVE-2023-4568","Info":{"Name":"PaperCut NG Unauthenticated XMLRPC Functionality","Severity":"medium","Description":"PaperCut NG allows for unauthenticated XMLRPC commands to be run by default. Versions 22.0.12 and below are confirmed to be affected, but later versions may also be affected due to lack of a vendor supplied patch.\n","Classification":{"CVSSScore":"6.5"}},"file_path":"http/cves/2023/CVE-2023-4568.yaml"}
 {"ID":"CVE-2023-4634","Info":{"Name":"Media Library Assistant \u003c 3.09 - Remote Code Execution/Local File Inclusion","Severity":"critical","Description":"A vulnerability in the Wordpress Media-Library-Assistant plugins in version \u003c 3.09 is vulnerable to a local file inclusion which leading to RCE on default Imagegick installation/configuration.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2023/CVE-2023-4634.yaml"}
 {"ID":"CVE-2023-4714","Info":{"Name":"PlayTube 3.0.1 - Information Disclosure","Severity":"high","Description":"A vulnerability was found in PlayTube 3.0.1 and classified as problematic. This issue affects some unknown processing of the component Redirect Handler. The manipulation leads to information disclosure. The attack may be initiated remotely.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2023/CVE-2023-4714.yaml"}

cves.json-checksum.txt

@@ -1 +1 @@
-2e04bc481920079aa05bc506af907f8a
+d075f81058a2f85a9dc9fb3cbac58ec9