From fd24901a65e7d098c7114a39fc8f09efb3891d61 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Thu, 1 Sep 2022 17:35:22 +0000 Subject: [PATCH] Auto Generated CVE annotations [Thu Sep 1 17:35:22 UTC 2022] :robot: --- cves/2021/CVE-2021-46068.yaml | 36 ++++++++++++++++++----------------- cves/2021/CVE-2021-46071.yaml | 36 ++++++++++++++++++----------------- cves/2021/CVE-2021-46072.yaml | 36 ++++++++++++++++++----------------- cves/2021/CVE-2021-46073.yaml | 36 ++++++++++++++++++----------------- 4 files changed, 76 insertions(+), 68 deletions(-) diff --git a/cves/2021/CVE-2021-46068.yaml b/cves/2021/CVE-2021-46068.yaml index d909d13d09..519885df9f 100644 --- a/cves/2021/CVE-2021-46068.yaml +++ b/cves/2021/CVE-2021-46068.yaml @@ -1,22 +1,24 @@ id: CVE-2021-46068 -info: - name: Vehicle Service Management System - Stored Cross Site Scripting - author: TenBird - severity: medium - description: | - A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the My Account Section in login panel. - reference: - - https://github.com/plsanu/Vehicle-Service-Management-System-MyAccount-Stored-Cross-Site-Scripting-XSS - - https://www.plsanu.com/vehicle-service-management-system-myaccount-stored-cross-site-scripting-xss - - https://www.sourcecodester.com/php/14972/vehicle-service-management-system-php-free-source-code.html - - https://nvd.nist.gov/vuln/detail/CVE-2021-46068 - classification: - cve-id: CVE-2021-46068 - metadata: - verified: true - tags: cve,cve2021,xss,vms,authenticated - +info: + name: Vehicle Service Management System - Stored Cross Site Scripting + author: TenBird + severity: medium + description: | + A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the My Account Section in login panel. + reference: + - https://github.com/plsanu/Vehicle-Service-Management-System-MyAccount-Stored-Cross-Site-Scripting-XSS + - https://www.plsanu.com/vehicle-service-management-system-myaccount-stored-cross-site-scripting-xss + - https://www.sourcecodester.com/php/14972/vehicle-service-management-system-php-free-source-code.html + - https://nvd.nist.gov/vuln/detail/CVE-2021-46068 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N + cvss-score: 4.8 + cve-id: CVE-2021-46068 + cwe-id: CWE-79 + metadata: + verified: "true" + tags: cve,cve2021,xss,vms,authenticated requests: - raw: - | diff --git a/cves/2021/CVE-2021-46071.yaml b/cves/2021/CVE-2021-46071.yaml index aca13d4680..eea574ae3d 100644 --- a/cves/2021/CVE-2021-46071.yaml +++ b/cves/2021/CVE-2021-46071.yaml @@ -1,22 +1,24 @@ id: CVE-2021-46071 -info: - name: Vehicle Service Management System - Stored Cross Site Scripting - author: TenBird - severity: medium - description: | - A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Category List Section in login panel. - reference: - - https://github.com/plsanu/Vehicle-Service-Management-System-Category-List-Stored-Cross-Site-Scripting-XSS - - https://www.plsanu.com/vehicle-service-management-system-category-list-stored-cross-site-scripting-xss - - https://www.sourcecodester.com/php/14972/vehicle-service-management-system-php-free-source-code.html - - https://nvd.nist.gov/vuln/detail/CVE-2021-46071 - classification: - cve-id: CVE-2021-46071 - metadata: - verified: true - tags: cve,cve2021,xss,vms,authenticated - +info: + name: Vehicle Service Management System - Stored Cross Site Scripting + author: TenBird + severity: medium + description: | + A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Category List Section in login panel. + reference: + - https://github.com/plsanu/Vehicle-Service-Management-System-Category-List-Stored-Cross-Site-Scripting-XSS + - https://www.plsanu.com/vehicle-service-management-system-category-list-stored-cross-site-scripting-xss + - https://www.sourcecodester.com/php/14972/vehicle-service-management-system-php-free-source-code.html + - https://nvd.nist.gov/vuln/detail/CVE-2021-46071 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N + cvss-score: 4.8 + cve-id: CVE-2021-46071 + cwe-id: CWE-79 + metadata: + verified: "true" + tags: cve,cve2021,xss,vms,authenticated requests: - raw: - | diff --git a/cves/2021/CVE-2021-46072.yaml b/cves/2021/CVE-2021-46072.yaml index f24fa6f29c..992e54deb9 100644 --- a/cves/2021/CVE-2021-46072.yaml +++ b/cves/2021/CVE-2021-46072.yaml @@ -1,22 +1,24 @@ id: CVE-2021-46072 -info: - name: Vehicle Service Management System - Stored Cross Site Scripting - author: TenBird - severity: medium - description: | - A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service List Section in login panel. - reference: - - https://github.com/plsanu/Vehicle-Service-Management-System-Service-List-Stored-Cross-Site-Scripting-XSS - - https://www.plsanu.com/vehicle-service-management-system-service-list-stored-cross-site-scripting-xss - - https://www.sourcecodester.com/php/14972/vehicle-service-management-system-php-free-source-code.html - - https://nvd.nist.gov/vuln/detail/CVE-2021-46072 - classification: - cve-id: CVE-2021-46072 - metadata: - verified: true - tags: cve,cve2021,xss,vms,authenticated - +info: + name: Vehicle Service Management System - Stored Cross Site Scripting + author: TenBird + severity: medium + description: | + A Stored Cross Site Scripting (XSS) vulnerability exists in Vehicle Service Management System 1.0 via the Service List Section in login panel. + reference: + - https://github.com/plsanu/Vehicle-Service-Management-System-Service-List-Stored-Cross-Site-Scripting-XSS + - https://www.plsanu.com/vehicle-service-management-system-service-list-stored-cross-site-scripting-xss + - https://www.sourcecodester.com/php/14972/vehicle-service-management-system-php-free-source-code.html + - https://nvd.nist.gov/vuln/detail/CVE-2021-46072 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N + cvss-score: 4.8 + cve-id: CVE-2021-46072 + cwe-id: CWE-79 + metadata: + verified: "true" + tags: cve,cve2021,xss,vms,authenticated requests: - raw: - | diff --git a/cves/2021/CVE-2021-46073.yaml b/cves/2021/CVE-2021-46073.yaml index a3a483161a..60bef12a26 100644 --- a/cves/2021/CVE-2021-46073.yaml +++ b/cves/2021/CVE-2021-46073.yaml @@ -1,22 +1,24 @@ id: CVE-2021-46073 -info: - name: Vehicle Service Management System - Cross Site Scripting - author: TenBird - severity: medium - description: | - A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the User List Section in login panel. - reference: - - https://github.com/plsanu/Vehicle-Service-Management-System-User-List-Stored-Cross-Site-Scripting-XSS - - https://www.plsanu.com/vehicle-service-management-system-user-list-stored-cross-site-scripting-xss - - https://www.sourcecodester.com/php/14972/vehicle-service-management-system-php-free-source-code.html - - https://nvd.nist.gov/vuln/detail/CVE-2021-46073 - classification: - cve-id: CVE-2021-46073 - metadata: - verified: true - tags: cve,cve2021,xss,vms,authenticated - +info: + name: Vehicle Service Management System - Cross Site Scripting + author: TenBird + severity: medium + description: | + A Stored Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Vehicle Service Management System 1.0 via the User List Section in login panel. + reference: + - https://github.com/plsanu/Vehicle-Service-Management-System-User-List-Stored-Cross-Site-Scripting-XSS + - https://www.plsanu.com/vehicle-service-management-system-user-list-stored-cross-site-scripting-xss + - https://www.sourcecodester.com/php/14972/vehicle-service-management-system-php-free-source-code.html + - https://nvd.nist.gov/vuln/detail/CVE-2021-46073 + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N + cvss-score: 4.8 + cve-id: CVE-2021-46073 + cwe-id: CWE-79 + metadata: + verified: "true" + tags: cve,cve2021,xss,vms,authenticated requests: - raw: - |