-
Notifications
You must be signed in to change notification settings - Fork 16
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Auto-Update: 2024-11-28T19:03:07.794108+00:00
- Loading branch information
1 parent
ab5c37c
commit e289ea5
Showing
11 changed files
with
809 additions
and
346 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,145 @@ | ||
| { | ||
| "id": "CVE-2024-11964", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2024-11-28T17:15:18.500", | ||
| "lastModified": "2024-11-28T17:15:18.500", | ||
| "vulnStatus": "Received", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "A vulnerability, which was classified as critical, was found in PHPGurukul Complaint Management system 1.0. This affects an unknown part of the file /user/index.php. The manipulation of the argument emailid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used." | ||
| } | ||
| ], | ||
| "metrics": { | ||
| "cvssMetricV40": [ | ||
| { | ||
| "source": "[email protected]", | ||
| "type": "Secondary", | ||
| "cvssData": { | ||
| "version": "4.0", | ||
| "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", | ||
| "baseScore": 6.9, | ||
| "baseSeverity": "MEDIUM", | ||
| "attackVector": "NETWORK", | ||
| "attackComplexity": "LOW", | ||
| "attackRequirements": "NONE", | ||
| "privilegesRequired": "NONE", | ||
| "userInteraction": "NONE", | ||
| "vulnerableSystemConfidentiality": "LOW", | ||
| "vulnerableSystemIntegrity": "LOW", | ||
| "vulnerableSystemAvailability": "LOW", | ||
| "subsequentSystemConfidentiality": "NONE", | ||
| "subsequentSystemIntegrity": "NONE", | ||
| "subsequentSystemAvailability": "NONE", | ||
| "exploitMaturity": "NOT_DEFINED", | ||
| "confidentialityRequirements": "NOT_DEFINED", | ||
| "integrityRequirements": "NOT_DEFINED", | ||
| "availabilityRequirements": "NOT_DEFINED", | ||
| "modifiedAttackVector": "NOT_DEFINED", | ||
| "modifiedAttackComplexity": "NOT_DEFINED", | ||
| "modifiedAttackRequirements": "NOT_DEFINED", | ||
| "modifiedPrivilegesRequired": "NOT_DEFINED", | ||
| "modifiedUserInteraction": "NOT_DEFINED", | ||
| "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", | ||
| "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", | ||
| "modifiedVulnerableSystemAvailability": "NOT_DEFINED", | ||
| "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", | ||
| "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", | ||
| "modifiedSubsequentSystemAvailability": "NOT_DEFINED", | ||
| "safety": "NOT_DEFINED", | ||
| "automatable": "NOT_DEFINED", | ||
| "recovery": "NOT_DEFINED", | ||
| "valueDensity": "NOT_DEFINED", | ||
| "vulnerabilityResponseEffort": "NOT_DEFINED", | ||
| "providerUrgency": "NOT_DEFINED" | ||
| } | ||
| } | ||
| ], | ||
| "cvssMetricV31": [ | ||
| { | ||
| "source": "[email protected]", | ||
| "type": "Secondary", | ||
| "cvssData": { | ||
| "version": "3.1", | ||
| "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", | ||
| "baseScore": 7.3, | ||
| "baseSeverity": "HIGH", | ||
| "attackVector": "NETWORK", | ||
| "attackComplexity": "LOW", | ||
| "privilegesRequired": "NONE", | ||
| "userInteraction": "NONE", | ||
| "scope": "UNCHANGED", | ||
| "confidentialityImpact": "LOW", | ||
| "integrityImpact": "LOW", | ||
| "availabilityImpact": "LOW" | ||
| }, | ||
| "exploitabilityScore": 3.9, | ||
| "impactScore": 3.4 | ||
| } | ||
| ], | ||
| "cvssMetricV2": [ | ||
| { | ||
| "source": "[email protected]", | ||
| "type": "Secondary", | ||
| "cvssData": { | ||
| "version": "2.0", | ||
| "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", | ||
| "baseScore": 7.5, | ||
| "accessVector": "NETWORK", | ||
| "accessComplexity": "LOW", | ||
| "authentication": "NONE", | ||
| "confidentialityImpact": "PARTIAL", | ||
| "integrityImpact": "PARTIAL", | ||
| "availabilityImpact": "PARTIAL" | ||
| }, | ||
| "baseSeverity": "HIGH", | ||
| "exploitabilityScore": 10.0, | ||
| "impactScore": 6.4, | ||
| "acInsufInfo": false, | ||
| "obtainAllPrivilege": false, | ||
| "obtainUserPrivilege": false, | ||
| "obtainOtherPrivilege": false, | ||
| "userInteractionRequired": false | ||
| } | ||
| ] | ||
| }, | ||
| "weaknesses": [ | ||
| { | ||
| "source": "[email protected]", | ||
| "type": "Primary", | ||
| "description": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "CWE-74" | ||
| }, | ||
| { | ||
| "lang": "en", | ||
| "value": "CWE-89" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "references": [ | ||
| { | ||
| "url": "https://github.com/Aurora0x1/CVE/issues/1", | ||
| "source": "[email protected]" | ||
| }, | ||
| { | ||
| "url": "https://phpgurukul.com/", | ||
| "source": "[email protected]" | ||
| }, | ||
| { | ||
| "url": "https://vuldb.com/?ctiid.286347", | ||
| "source": "[email protected]" | ||
| }, | ||
| { | ||
| "url": "https://vuldb.com/?id.286347", | ||
| "source": "[email protected]" | ||
| }, | ||
| { | ||
| "url": "https://vuldb.com/?submit.452471", | ||
| "source": "[email protected]" | ||
| } | ||
| ] | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,145 @@ | ||
| { | ||
| "id": "CVE-2024-11965", | ||
| "sourceIdentifier": "[email protected]", | ||
| "published": "2024-11-28T17:15:19.383", | ||
| "lastModified": "2024-11-28T17:15:19.383", | ||
| "vulnStatus": "Received", | ||
| "cveTags": [], | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "A vulnerability has been found in PHPGurukul Complaint Management system 1.0 and classified as critical. This vulnerability affects unknown code of the file /user/reset-password.php. The manipulation of the argument email leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used." | ||
| } | ||
| ], | ||
| "metrics": { | ||
| "cvssMetricV40": [ | ||
| { | ||
| "source": "[email protected]", | ||
| "type": "Secondary", | ||
| "cvssData": { | ||
| "version": "4.0", | ||
| "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", | ||
| "baseScore": 6.9, | ||
| "baseSeverity": "MEDIUM", | ||
| "attackVector": "NETWORK", | ||
| "attackComplexity": "LOW", | ||
| "attackRequirements": "NONE", | ||
| "privilegesRequired": "NONE", | ||
| "userInteraction": "NONE", | ||
| "vulnerableSystemConfidentiality": "LOW", | ||
| "vulnerableSystemIntegrity": "LOW", | ||
| "vulnerableSystemAvailability": "LOW", | ||
| "subsequentSystemConfidentiality": "NONE", | ||
| "subsequentSystemIntegrity": "NONE", | ||
| "subsequentSystemAvailability": "NONE", | ||
| "exploitMaturity": "NOT_DEFINED", | ||
| "confidentialityRequirements": "NOT_DEFINED", | ||
| "integrityRequirements": "NOT_DEFINED", | ||
| "availabilityRequirements": "NOT_DEFINED", | ||
| "modifiedAttackVector": "NOT_DEFINED", | ||
| "modifiedAttackComplexity": "NOT_DEFINED", | ||
| "modifiedAttackRequirements": "NOT_DEFINED", | ||
| "modifiedPrivilegesRequired": "NOT_DEFINED", | ||
| "modifiedUserInteraction": "NOT_DEFINED", | ||
| "modifiedVulnerableSystemConfidentiality": "NOT_DEFINED", | ||
| "modifiedVulnerableSystemIntegrity": "NOT_DEFINED", | ||
| "modifiedVulnerableSystemAvailability": "NOT_DEFINED", | ||
| "modifiedSubsequentSystemConfidentiality": "NOT_DEFINED", | ||
| "modifiedSubsequentSystemIntegrity": "NOT_DEFINED", | ||
| "modifiedSubsequentSystemAvailability": "NOT_DEFINED", | ||
| "safety": "NOT_DEFINED", | ||
| "automatable": "NOT_DEFINED", | ||
| "recovery": "NOT_DEFINED", | ||
| "valueDensity": "NOT_DEFINED", | ||
| "vulnerabilityResponseEffort": "NOT_DEFINED", | ||
| "providerUrgency": "NOT_DEFINED" | ||
| } | ||
| } | ||
| ], | ||
| "cvssMetricV31": [ | ||
| { | ||
| "source": "[email protected]", | ||
| "type": "Secondary", | ||
| "cvssData": { | ||
| "version": "3.1", | ||
| "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L", | ||
| "baseScore": 7.3, | ||
| "baseSeverity": "HIGH", | ||
| "attackVector": "NETWORK", | ||
| "attackComplexity": "LOW", | ||
| "privilegesRequired": "NONE", | ||
| "userInteraction": "NONE", | ||
| "scope": "UNCHANGED", | ||
| "confidentialityImpact": "LOW", | ||
| "integrityImpact": "LOW", | ||
| "availabilityImpact": "LOW" | ||
| }, | ||
| "exploitabilityScore": 3.9, | ||
| "impactScore": 3.4 | ||
| } | ||
| ], | ||
| "cvssMetricV2": [ | ||
| { | ||
| "source": "[email protected]", | ||
| "type": "Secondary", | ||
| "cvssData": { | ||
| "version": "2.0", | ||
| "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", | ||
| "baseScore": 7.5, | ||
| "accessVector": "NETWORK", | ||
| "accessComplexity": "LOW", | ||
| "authentication": "NONE", | ||
| "confidentialityImpact": "PARTIAL", | ||
| "integrityImpact": "PARTIAL", | ||
| "availabilityImpact": "PARTIAL" | ||
| }, | ||
| "baseSeverity": "HIGH", | ||
| "exploitabilityScore": 10.0, | ||
| "impactScore": 6.4, | ||
| "acInsufInfo": false, | ||
| "obtainAllPrivilege": false, | ||
| "obtainUserPrivilege": false, | ||
| "obtainOtherPrivilege": false, | ||
| "userInteractionRequired": false | ||
| } | ||
| ] | ||
| }, | ||
| "weaknesses": [ | ||
| { | ||
| "source": "[email protected]", | ||
| "type": "Primary", | ||
| "description": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "CWE-74" | ||
| }, | ||
| { | ||
| "lang": "en", | ||
| "value": "CWE-89" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "references": [ | ||
| { | ||
| "url": "https://github.com/Aurora0x1/CVE/issues/2", | ||
| "source": "[email protected]" | ||
| }, | ||
| { | ||
| "url": "https://phpgurukul.com/", | ||
| "source": "[email protected]" | ||
| }, | ||
| { | ||
| "url": "https://vuldb.com/?ctiid.286348", | ||
| "source": "[email protected]" | ||
| }, | ||
| { | ||
| "url": "https://vuldb.com/?id.286348", | ||
| "source": "[email protected]" | ||
| }, | ||
| { | ||
| "url": "https://vuldb.com/?submit.452472", | ||
| "source": "[email protected]" | ||
| } | ||
| ] | ||
| } |
Oops, something went wrong.