diff --git a/cves/2024/0xxx/CVE-2024-0260.json b/cves/2024/0xxx/CVE-2024-0260.json new file mode 100644 index 000000000000..6de9c95ec238 --- /dev/null +++ b/cves/2024/0xxx/CVE-2024-0260.json @@ -0,0 +1,130 @@ +{ + "dataType": "CVE_RECORD", + "dataVersion": "5.0", + "cveMetadata": { + "cveId": "CVE-2024-0260", + "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", + "state": "PUBLISHED", + "assignerShortName": "VulDB", + "dateReserved": "2024-01-06T08:29:19.086Z", + "datePublished": "2024-01-07T00:00:07.682Z", + "dateUpdated": "2024-01-07T00:00:07.682Z" + }, + "containers": { + "cna": { + "providerMetadata": { + "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", + "shortName": "VulDB", + "dateUpdated": "2024-01-07T00:00:07.682Z" + }, + "title": "SourceCodester Engineers Online Portal Password Change change_password_teacher.php session expiration", + "problemTypes": [ + { + "descriptions": [ + { + "type": "CWE", + "cweId": "CWE-613", + "lang": "en", + "description": "CWE-613 Session Expiration" + } + ] + } + ], + "affected": [ + { + "vendor": "SourceCodester", + "product": "Engineers Online Portal", + "versions": [ + { + "version": "1.0", + "status": "affected" + } + ], + "modules": [ + "Password Change" + ] + } + ], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as problematic, was found in SourceCodester Engineers Online Portal 1.0. Affected is an unknown function of the file change_password_teacher.php of the component Password Change. The manipulation leads to session expiration. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249816." + }, + { + "lang": "de", + "value": "Es wurde eine Schwachstelle in SourceCodester Engineers Online Portal 1.0 gefunden. Sie wurde als problematisch eingestuft. Hiervon betroffen ist ein unbekannter Codeblock der Datei change_password_teacher.php der Komponente Password Change. Mittels Manipulieren mit unbekannten Daten kann eine session expiration-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung." + } + ], + "metrics": [ + { + "cvssV3_1": { + "version": "3.1", + "baseScore": 4.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseSeverity": "MEDIUM" + } + }, + { + "cvssV3_0": { + "version": "3.0", + "baseScore": 4.3, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseSeverity": "MEDIUM" + } + }, + { + "cvssV2_0": { + "version": "2.0", + "baseScore": 4, + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N" + } + } + ], + "timeline": [ + { + "time": "2024-01-06T00:00:00.000Z", + "lang": "en", + "value": "Advisory disclosed" + }, + { + "time": "2024-01-06T01:00:00.000Z", + "lang": "en", + "value": "VulDB entry created" + }, + { + "time": "2024-01-06T09:35:03.000Z", + "lang": "en", + "value": "VulDB entry last update" + } + ], + "credits": [ + { + "lang": "en", + "value": "ahmed8199 (VulDB User)", + "type": "analyst" + } + ], + "references": [ + { + "url": "https://vuldb.com/?id.249816", + "tags": [ + "vdb-entry" + ] + }, + { + "url": "https://vuldb.com/?ctiid.249816", + "tags": [ + "signature", + "permissions-required" + ] + }, + { + "url": "https://mega.nz/file/yEsSwK6D#--ygVt0NtzhZdqVxvjaPLCYfnIeBSyf76KaRozOxfVo", + "tags": [ + "exploit" + ] + } + ] + } + } +} \ No newline at end of file diff --git a/cves/delta.json b/cves/delta.json index fe97c12a538d..84429fafd512 100644 --- a/cves/delta.json +++ b/cves/delta.json @@ -1,20 +1,14 @@ { - "fetchTime": "2024-01-06T21:07:18.543Z", - "numberOfChanges": 2, - "new": [], - "updated": [ + "fetchTime": "2024-01-07T00:00:38.131Z", + "numberOfChanges": 1, + "new": [ { - "cveId": "CVE-2023-4255", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-4255", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/4xxx/CVE-2023-4255.json", - "dateUpdated": "2024-01-06T21:00:05.443Z" - }, - { - "cveId": "CVE-2023-4256", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-4256", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/4xxx/CVE-2023-4256.json", - "dateUpdated": "2024-01-06T21:00:14.989Z" + "cveId": "CVE-2024-0260", + "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-0260", + "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/0xxx/CVE-2024-0260.json", + "dateUpdated": "2024-01-07T00:00:07.682Z" } ], + "updated": [], "error": [] } \ No newline at end of file diff --git a/cves/deltaLog.json b/cves/deltaLog.json index 59c5f4a55f2d..1cedf84e2334 100644 --- a/cves/deltaLog.json +++ b/cves/deltaLog.json @@ -1,4 +1,18 @@ [ + { + "fetchTime": "2024-01-07T00:00:38.131Z", + "numberOfChanges": 1, + "new": [ + { + "cveId": "CVE-2024-0260", + "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-0260", + "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/0xxx/CVE-2024-0260.json", + "dateUpdated": "2024-01-07T00:00:07.682Z" + } + ], + "updated": [], + "error": [] + }, { "fetchTime": "2024-01-06T21:07:18.543Z", "numberOfChanges": 2, @@ -60050,259 +60064,5 @@ ], "updated": [], "error": [] - }, - { - "fetchTime": "2023-12-07T23:51:28.546Z", - "numberOfChanges": 1, - "new": [], - "updated": [ - { - "cveId": "CVE-2023-6061", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-6061", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/6xxx/CVE-2023-6061.json", - "dateUpdated": "2023-12-07T23:46:17.446Z" - } - ], - "error": [] - }, - { - "fetchTime": "2023-12-07T23:27:51.294Z", - "numberOfChanges": 1, - "new": [], - "updated": [ - { - "cveId": "CVE-2023-45849", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-45849", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/45xxx/CVE-2023-45849.json", - "dateUpdated": "2023-12-07T23:25:26.371Z" - } - ], - "error": [] - }, - { - "fetchTime": "2023-12-07T23:22:05.508Z", - "numberOfChanges": 2, - "new": [ - { - "cveId": "CVE-2023-5008", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-5008", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/5xxx/CVE-2023-5008.json", - "dateUpdated": "2023-12-07T23:16:52.700Z" - }, - { - "cveId": "CVE-2023-6061", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-6061", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/6xxx/CVE-2023-6061.json", - "dateUpdated": "2023-12-07T23:21:22.755Z" - } - ], - "updated": [], - "error": [] - }, - { - "fetchTime": "2023-12-07T23:14:29.694Z", - "numberOfChanges": 1, - "new": [ - { - "cveId": "CVE-2023-4122", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-4122", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/4xxx/CVE-2023-4122.json", - "dateUpdated": "2023-12-07T23:10:04.387Z" - } - ], - "updated": [], - "error": [] - }, - { - "fetchTime": "2023-12-07T22:52:51.409Z", - "numberOfChanges": 1, - "new": [], - "updated": [ - { - "cveId": "CVE-2023-5808", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-5808", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/5xxx/CVE-2023-5808.json", - "dateUpdated": "2023-12-07T22:48:31.562Z" - } - ], - "error": [] - }, - { - "fetchTime": "2023-12-07T22:29:39.770Z", - "numberOfChanges": 2, - "new": [ - { - "cveId": "CVE-2023-5058", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-5058", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/5xxx/CVE-2023-5058.json", - "dateUpdated": "2023-12-07T22:29:05.717Z" - } - ], - "updated": [ - { - "cveId": "CVE-2023-5808", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-5808", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/5xxx/CVE-2023-5808.json", - "dateUpdated": "2023-12-07T22:23:33.717Z" - } - ], - "error": [] - }, - { - "fetchTime": "2023-12-07T22:21:57.320Z", - "numberOfChanges": 1, - "new": [], - "updated": [ - { - "cveId": "CVE-2011-0448", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2011-0448", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2011/0xxx/CVE-2011-0448.json", - "dateUpdated": "2023-12-07T22:13:48.916887" - } - ], - "error": [] - }, - { - "fetchTime": "2023-12-07T22:12:50.822Z", - "numberOfChanges": 2, - "new": [], - "updated": [ - { - "cveId": "CVE-2018-7536", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2018-7536", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2018/7xxx/CVE-2018-7536.json", - "dateUpdated": "2023-12-07T22:05:43.713862" - }, - { - "cveId": "CVE-2021-33571", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2021-33571", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2021/33xxx/CVE-2021-33571.json", - "dateUpdated": "2023-12-07T22:09:18.547259" - } - ], - "error": [] - }, - { - "fetchTime": "2023-12-07T22:04:40.312Z", - "numberOfChanges": 2, - "new": [ - { - "cveId": "CVE-2023-6581", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-6581", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/6xxx/CVE-2023-6581.json", - "dateUpdated": "2023-12-07T22:00:07.244Z" - } - ], - "updated": [ - { - "cveId": "CVE-2021-31542", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2021-31542", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2021/31xxx/CVE-2021-31542.json", - "dateUpdated": "2023-12-07T21:59:18.604732" - } - ], - "error": [] - }, - { - "fetchTime": "2023-12-07T21:57:51.519Z", - "numberOfChanges": 1, - "new": [], - "updated": [ - { - "cveId": "CVE-2017-16877", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2017-16877", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2017/16xxx/CVE-2017-16877.json", - "dateUpdated": "2023-12-07T21:55:37.660177" - } - ], - "error": [] - }, - { - "fetchTime": "2023-12-07T21:52:04.128Z", - "numberOfChanges": 2, - "new": [], - "updated": [ - { - "cveId": "CVE-2016-5851", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2016-5851", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2016/5xxx/CVE-2016-5851.json", - "dateUpdated": "2023-12-07T21:51:56.834685" - }, - { - "cveId": "CVE-2020-35857", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2020-35857", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2020/35xxx/CVE-2020-35857.json", - "dateUpdated": "2023-12-07T21:48:16.374521" - } - ], - "error": [] - }, - { - "fetchTime": "2023-12-07T21:46:27.756Z", - "numberOfChanges": 1, - "new": [], - "updated": [ - { - "cveId": "CVE-2018-25023", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2018-25023", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2018/25xxx/CVE-2018-25023.json", - "dateUpdated": "2023-12-07T21:43:28.582638" - } - ], - "error": [] - }, - { - "fetchTime": "2023-12-07T21:40:27.276Z", - "numberOfChanges": 1, - "new": [], - "updated": [ - { - "cveId": "CVE-2021-43114", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2021-43114", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2021/43xxx/CVE-2021-43114.json", - "dateUpdated": "2023-12-07T21:38:01.311722" - } - ], - "error": [] - }, - { - "fetchTime": "2023-12-07T21:34:33.103Z", - "numberOfChanges": 3, - "new": [ - { - "cveId": "CVE-2023-46693", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-46693", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/46xxx/CVE-2023-46693.json", - "dateUpdated": "2023-12-07T21:29:52.217221" - }, - { - "cveId": "CVE-2023-6579", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-6579", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/6xxx/CVE-2023-6579.json", - "dateUpdated": "2023-12-07T21:31:04.204Z" - }, - { - "cveId": "CVE-2023-6580", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-6580", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/6xxx/CVE-2023-6580.json", - "dateUpdated": "2023-12-07T21:31:05.210Z" - } - ], - "updated": [], - "error": [] - }, - { - "fetchTime": "2023-12-07T21:08:26.321Z", - "numberOfChanges": 1, - "new": [], - "updated": [ - { - "cveId": "CVE-2023-5808", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-5808", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/5xxx/CVE-2023-5808.json", - "dateUpdated": "2023-12-07T21:01:36.519Z" - } - ], - "error": [] } ] \ No newline at end of file