daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

chore: generate CVEs metadata 🤖

patch-12
ghost 2024-10-16 06:45:47 +00:00
parent 54cb81a5b1
commit f512322ba5
2 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
cves.json
View File

@ -2540,6 +2540,7 @@
{"ID":"CVE-2024-32735","Info":{"Name":"CyberPower - Missing Authentication","Severity":"critical","Description":"An issue regarding missing authentication for certain utilities exists in CyberPower PowerPanel Enterprise prior to v2.8.3.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2024/CVE-2024-32735.yaml"}
{"ID":"CVE-2024-32736","Info":{"Name":"CyberPower \u003c v2.8.3 - SQL Injection","Severity":"high","Description":"A sql injection vulnerability exists in CyberPower PowerPanel Enterprise prior to .\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2024/CVE-2024-32736.yaml"}
{"ID":"CVE-2024-32737","Info":{"Name":"CyberPower - SQL Injection","Severity":"high","Description":"A sql injection vulnerability exists in CyberPower PowerPanel Enterprise prior to v2.8.3.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2024/CVE-2024-32737.yaml"}
{"ID":"CVE-2024-32738","Info":{"Name":"CyberPower - SQL Injection","Severity":"high","Description":"A sql injection vulnerability exists in CyberPower PowerPanel Enterprise prior to v2.8.3.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2024/CVE-2024-32738.yaml"}
{"ID":"CVE-2024-3274","Info":{"Name":"D-LINK DNS-320L,DNS-320LW and DNS-327L - Information Disclosure","Severity":"medium","Description":"A vulnerability has been found in D-Link DNS-320L, DNS-320LW and DNS-327L up to 20240403 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /cgi-bin/info.cgi of the component HTTP GET Request Handler.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2024/CVE-2024-3274.yaml"}
{"ID":"CVE-2024-32964","Info":{"Name":"Lobe Chat \u003c= v0.150.5 - Server-Side Request Forgery","Severity":"critical","Description":"Lobe Chat is a chatbot framework that supports speech synthesis, multimodal, and extensible Function Call plugin system. Prior to 0.150.6, lobe-chat had an unauthorized Server-Side Request Forgery vulnerability in the /api/proxy endpoint. An attacker can construct malicious requests to cause Server-Side Request Forgery without logging in, attack intranet services, and leak sensitive information.\n","Classification":{"CVSSScore":"9"}},"file_path":"http/cves/2024/CVE-2024-32964.yaml"}
{"ID":"CVE-2024-33113","Info":{"Name":"D-LINK DIR-845L bsc_sms_inbox.php file - Information Disclosure","Severity":"medium","Description":"D-LINK DIR-845L \u003c=v1.01KRb03 is vulnerable to Information disclosurey via bsc_sms_inbox.php.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2024/CVE-2024-33113.yaml"}

2
cves.json-checksum.txt
View File

@ -1 +1 @@
89d1dd2589d502323581be959b33de02
df9be3b3a1bd2d6a09caf1e6e91b079a