Skip to content

Commit

Permalink
Auto-Update: 2024-08-18T22:00:16.698210+00:00
Browse files Browse the repository at this point in the history
  • Loading branch information
@cad-safe-bot
cad-safe-bot committed Aug 18, 2024
1 parent 22f7f4a commit 908c63e
Show file tree
Hide file tree
Showing 5 changed files with 261 additions and 9 deletions.
56 changes: 56 additions & 0 deletions CVE-2024/CVE-2024-433xx/CVE-2024-43303.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
{
"id": "CVE-2024-43303",
"sourceIdentifier": "[email protected]",
"published": "2024-08-18T21:15:03.647",
"lastModified": "2024-08-18T21:15:03.647",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in videousermanuals.Com White Label CMS allows Reflected XSS.This issue affects White Label CMS: from n/a through 2.7.4."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "[email protected]",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "[email protected]",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/white-label-cms/wordpress-white-label-cms-plugin-2-7-4-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "[email protected]"
}
]
}
56 changes: 56 additions & 0 deletions CVE-2024/CVE-2024-433xx/CVE-2024-43304.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,56 @@
{
"id": "CVE-2024-43304",
"sourceIdentifier": "[email protected]",
"published": "2024-08-18T21:15:03.860",
"lastModified": "2024-08-18T21:15:03.860",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Cool Plugins Cryptocurrency Widgets \u2013 Price Ticker & Coins List allows Reflected XSS.This issue affects Cryptocurrency Widgets \u2013 Price Ticker & Coins List: from n/a through 2.8.0."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "[email protected]",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "NONE",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH"
},
"exploitabilityScore": 2.8,
"impactScore": 3.7
}
]
},
"weaknesses": [
{
"source": "[email protected]",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://patchstack.com/database/vulnerability/cryptocurrency-price-ticker-widget/wordpress-cryptocurrency-widgets-plugin-2-8-0-reflected-cross-site-scripting-xss-vulnerability?_s_id=cve",
"source": "[email protected]"
}
]
}
137 changes: 137 additions & 0 deletions CVE-2024/CVE-2024-79xx/CVE-2024-7911.json
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,137 @@
{
"id": "CVE-2024-7911",
"sourceIdentifier": "[email protected]",
"published": "2024-08-18T20:15:04.260",
"lastModified": "2024-08-18T20:15:04.260",
"vulnStatus": "Received",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A vulnerability was found in SourceCodester Simple Online Bidding System 1.0. It has been classified as critical. This affects an unknown part of the file /simple-online-bidding-system/bidding/index.php. The manipulation of the argument page leads to file inclusion. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used."
}
],
"metrics": {
"cvssMetricV40": [
{
"source": "[email protected]",
"type": "Secondary",
"cvssData": {
"version": "4.0",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"vulnerableSystemConfidentiality": "LOW",
"vulnerableSystemIntegrity": "LOW",
"vulnerableSystemAvailability": "LOW",
"subsequentSystemConfidentiality": "NONE",
"subsequentSystemIntegrity": "NONE",
"subsequentSystemAvailability": "NONE",
"exploitMaturity": "NOT_DEFINED",
"confidentialityRequirements": "NOT_DEFINED",
"integrityRequirements": "NOT_DEFINED",
"availabilityRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnerableSystemConfidentiality": "NOT_DEFINED",
"modifiedVulnerableSystemIntegrity": "NOT_DEFINED",
"modifiedVulnerableSystemAvailability": "NOT_DEFINED",
"modifiedSubsequentSystemConfidentiality": "NOT_DEFINED",
"modifiedSubsequentSystemIntegrity": "NOT_DEFINED",
"modifiedSubsequentSystemAvailability": "NOT_DEFINED",
"safety": "NOT_DEFINED",
"automatable": "NOT_DEFINED",
"recovery": "NOT_DEFINED",
"valueDensity": "NOT_DEFINED",
"vulnerabilityResponseEffort": "NOT_DEFINED",
"providerUrgency": "NOT_DEFINED",
"baseScore": 5.3,
"baseSeverity": "MEDIUM"
}
}
],
"cvssMetricV31": [
{
"source": "[email protected]",
"type": "Secondary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "NONE",
"scope": "UNCHANGED",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"availabilityImpact": "LOW",
"baseScore": 6.3,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.8,
"impactScore": 3.4
}
],
"cvssMetricV2": [
{
"source": "[email protected]",
"type": "Secondary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"accessVector": "NETWORK",
"accessComplexity": "LOW",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5
},
"baseSeverity": "MEDIUM",
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": false
}
]
},
"weaknesses": [
{
"source": "[email protected]",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-73"
}
]
}
],
"references": [
{
"url": "https://github.com/Wsstiger/cve/blob/main/simple_include.md",
"source": "[email protected]"
},
{
"url": "https://vuldb.com/?ctiid.275037",
"source": "[email protected]"
},
{
"url": "https://vuldb.com/?id.275037",
"source": "[email protected]"
},
{
"url": "https://vuldb.com/?submit.391657",
"source": "[email protected]"
}
]
}
12 changes: 6 additions & 6 deletions README.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,13 +13,13 @@ Repository synchronizes with the NVD every 2 hours.
### Last Repository Update

```plain
2024-08-18T20:00:16.841761+00:00
2024-08-18T22:00:16.698210+00:00
```

### Most recent CVE Modification Timestamp synchronized with NVD

```plain
2024-08-18T19:15:05.003000+00:00
2024-08-18T21:15:03.860000+00:00
```

### Last Data Feed Release
Expand All @@ -33,16 +33,16 @@ Download and Changelog: [Click](https://github.com/fkie-cad/nvd-json-data-feeds/
### Total Number of included CVEs

```plain
260426
260429
```

### CVEs added in the last Commit

Recently added CVEs: `3`

- [CVE-2024-6221](CVE-2024/CVE-2024-62xx/CVE-2024-6221.json) (`2024-08-18T19:15:04.730`)
- [CVE-2024-7909](CVE-2024/CVE-2024-79xx/CVE-2024-7909.json) (`2024-08-18T18:15:04.290`)
- [CVE-2024-7910](CVE-2024/CVE-2024-79xx/CVE-2024-7910.json) (`2024-08-18T19:15:05.003`)
- [CVE-2024-43303](CVE-2024/CVE-2024-433xx/CVE-2024-43303.json) (`2024-08-18T21:15:03.647`)
- [CVE-2024-43304](CVE-2024/CVE-2024-433xx/CVE-2024-43304.json) (`2024-08-18T21:15:03.860`)
- [CVE-2024-7911](CVE-2024/CVE-2024-79xx/CVE-2024-7911.json) (`2024-08-18T20:15:04.260`)


### CVEs modified in the last Commit
Expand Down
9 changes: 6 additions & 3 deletions _state.csv
View file
Original file line number Diff line number Diff line change
Expand Up @@ -257760,6 +257760,8 @@ CVE-2024-43276,0,0,1327b07b07996c9ea2c2148b4a57bbf83cde40df49695242a6b4d52226e84
CVE-2024-4328,0,0,243566e1cc6bca4cb71823d7b7f30591e3ccaa89bb4c9ba718cf8de1f025e822,2024-06-12T19:33:00.527000
CVE-2024-4329,0,0,915fdd462793e35dddcb6a188ef6774a9ebc56a526b1b0698bddaf3c23ba3b77,2024-05-14T16:11:39.510000
CVE-2024-4330,0,0,fc15b5e6e8f2f0c0d6f88562ddea62a293dcb49ee86f17536355ec11fc8680c3,2024-05-30T18:19:11.743000
CVE-2024-43303,1,1,519b513483e722de876e8c5cc38a1fdc3c50dad8a8e6e2e6d61c6e45bbc333cf,2024-08-18T21:15:03.647000
CVE-2024-43304,1,1,33c756a9b95351263e96765f2269c64aca0a7c8286663f51a1cc9408dc987899,2024-08-18T21:15:03.860000
CVE-2024-43305,0,0,9fd98bb7d48477ddbf9f1b10a6ec28752b423d821908baff2191f5d92b81ba9f,2024-08-18T15:15:03.320000
CVE-2024-43306,0,0,c162cc879c38af0ff6ff430290e806b67f6106e77f71856ef233366846e5edda,2024-08-18T15:15:03.523000
CVE-2024-43307,0,0,28f6bcbe7ef6126b298409cdbb1de3962dd527765ec65de7dfbaa9be794b5105,2024-08-18T15:15:03.720000
Expand Down Expand Up @@ -259426,7 +259428,7 @@ CVE-2024-6216,0,0,99a638bb9b091862ee1125e5c2af18142e9f2a446dc1f5e54add6d69d774b8
CVE-2024-6217,0,0,caeef107ec037a20535b69bf461e75c9da91ce4fd887edb01336f60c235444b1,2024-06-21T11:22:01.687000
CVE-2024-6218,0,0,3cb8a30d4ddfe61bdea61d401bfb5f7d243e9ab40309c0377a9f4fcd89ff6826,2024-06-21T15:15:16.547000
CVE-2024-6220,0,0,e02b2d21f9831e678f98a588025ea8ceab0b9f96191557805441514ff6bc987f,2024-08-01T22:15:41.733000
CVE-2024-6221,1,1,8fba60b4802892a345055663e47a1fd23179e2012b478980c78407ae56d15866,2024-08-18T19:15:04.730000
CVE-2024-6221,0,0,8fba60b4802892a345055663e47a1fd23179e2012b478980c78407ae56d15866,2024-08-18T19:15:04.730000
CVE-2024-6222,0,0,7da69ce6fbc5989cf8dc00c0967cc47c0670f03447330ea36d4de40ed4ce08ae,2024-07-12T17:05:39.070000
CVE-2024-6223,0,0,c2a5a51fdbbd77355d74c750a6e6733ae6781c6b296fb53463ed7d53ba9a3395,2024-08-01T14:00:15.830000
CVE-2024-6224,0,0,254379a5da630d5f422fd8da5211494e4e22117328ba82ab9e812041fec1026b,2024-08-01T14:00:16.047000
Expand Down Expand Up @@ -260423,5 +260425,6 @@ CVE-2024-7905,0,0,83bd74ff7f9a0d327aa4b77d2021933a8729049dacae0baa5dce168c40c2a1
CVE-2024-7906,0,0,7b5af4f9a5ce556bb7ea2828ad0737ab7becadf15cc6307b3c18c76423443d69,2024-08-18T14:15:09.593000
CVE-2024-7907,0,0,5bd33617054e621be930cb2c35c92b8532c16eb2e040b69ae37e2ca570c5a262,2024-08-18T16:15:04.193000
CVE-2024-7908,0,0,133a52c6ebfb4ea2c1f15ca6a2d6f8c429c4c93fd4d765a6aecaafe6d76bfecb,2024-08-18T17:15:03.557000
CVE-2024-7909,1,1,15ed970d3c5bd799326dadec69a0260bcf483327873a398cf1647a5dfde46cd9,2024-08-18T18:15:04.290000
CVE-2024-7910,1,1,ca5afb1cb656577865c0466038bc9fbbe19513240326cee97766752e4b67f30e,2024-08-18T19:15:05.003000
CVE-2024-7909,0,0,15ed970d3c5bd799326dadec69a0260bcf483327873a398cf1647a5dfde46cd9,2024-08-18T18:15:04.290000
CVE-2024-7910,0,0,ca5afb1cb656577865c0466038bc9fbbe19513240326cee97766752e4b67f30e,2024-08-18T19:15:05.003000
CVE-2024-7911,1,1,29bc2e1d3c2f679a026cf5addc4bd652ca6c6f74f0de43a212e31351b68eb5e9,2024-08-18T20:15:04.260000

0 comments on commit 908c63e

Please sign in to comment.