From d8379a176b97ea9993440230fe1f6260efab9aca Mon Sep 17 00:00:00 2001 From: cvelistV5 Github Action Date: Sun, 7 Jan 2024 00:00:41 +0000 Subject: [PATCH] 1 changes (1 new | 0 updated): - 1 new CVEs: CVE-2024-0260 - 0 updated CVEs: --- cves/2024/0xxx/CVE-2024-0260.json | 130 +++++++++++++++ cves/delta.json | 22 +-- cves/deltaLog.json | 268 ++---------------------------- 3 files changed, 152 insertions(+), 268 deletions(-) create mode 100644 cves/2024/0xxx/CVE-2024-0260.json diff --git a/cves/2024/0xxx/CVE-2024-0260.json b/cves/2024/0xxx/CVE-2024-0260.json new file mode 100644 index 000000000000..6de9c95ec238 --- /dev/null +++ b/cves/2024/0xxx/CVE-2024-0260.json @@ -0,0 +1,130 @@ +{ + "dataType": "CVE_RECORD", + "dataVersion": "5.0", + "cveMetadata": { + "cveId": "CVE-2024-0260", + "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", + "state": "PUBLISHED", + "assignerShortName": "VulDB", + "dateReserved": "2024-01-06T08:29:19.086Z", + "datePublished": "2024-01-07T00:00:07.682Z", + "dateUpdated": "2024-01-07T00:00:07.682Z" + }, + "containers": { + "cna": { + "providerMetadata": { + "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", + "shortName": "VulDB", + "dateUpdated": "2024-01-07T00:00:07.682Z" + }, + "title": "SourceCodester Engineers Online Portal Password Change change_password_teacher.php session expiration", + "problemTypes": [ + { + "descriptions": [ + { + "type": "CWE", + "cweId": "CWE-613", + "lang": "en", + "description": "CWE-613 Session Expiration" + } + ] + } + ], + "affected": [ + { + "vendor": "SourceCodester", + "product": "Engineers Online Portal", + "versions": [ + { + "version": "1.0", + "status": "affected" + } + ], + "modules": [ + "Password Change" + ] + } + ], + "descriptions": [ + { + "lang": "en", + "value": "A vulnerability, which was classified as problematic, was found in SourceCodester Engineers Online Portal 1.0. Affected is an unknown function of the file change_password_teacher.php of the component Password Change. The manipulation leads to session expiration. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-249816." + }, + { + "lang": "de", + "value": "Es wurde eine Schwachstelle in SourceCodester Engineers Online Portal 1.0 gefunden. Sie wurde als problematisch eingestuft. Hiervon betroffen ist ein unbekannter Codeblock der Datei change_password_teacher.php der Komponente Password Change. Mittels Manipulieren mit unbekannten Daten kann eine session expiration-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk angegangen werden. Der Exploit steht zur öffentlichen Verfügung." + } + ], + "metrics": [ + { + "cvssV3_1": { + "version": "3.1", + "baseScore": 4.3, + "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseSeverity": "MEDIUM" + } + }, + { + "cvssV3_0": { + "version": "3.0", + "baseScore": 4.3, + "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", + "baseSeverity": "MEDIUM" + } + }, + { + "cvssV2_0": { + "version": "2.0", + "baseScore": 4, + "vectorString": "AV:N/AC:L/Au:S/C:N/I:P/A:N" + } + } + ], + "timeline": [ + { + "time": "2024-01-06T00:00:00.000Z", + "lang": "en", + "value": "Advisory disclosed" + }, + { + "time": "2024-01-06T01:00:00.000Z", + "lang": "en", + "value": "VulDB entry created" + }, + { + "time": "2024-01-06T09:35:03.000Z", + "lang": "en", + "value": "VulDB entry last update" + } + ], + "credits": [ + { + "lang": "en", + "value": "ahmed8199 (VulDB User)", + "type": "analyst" + } + ], + "references": [ + { + "url": "https://vuldb.com/?id.249816", + "tags": [ + "vdb-entry" + ] + }, + { + "url": "https://vuldb.com/?ctiid.249816", + "tags": [ + "signature", + "permissions-required" + ] + }, + { + "url": "https://mega.nz/file/yEsSwK6D#--ygVt0NtzhZdqVxvjaPLCYfnIeBSyf76KaRozOxfVo", + "tags": [ + "exploit" + ] + } + ] + } + } +} \ No newline at end of file diff --git a/cves/delta.json b/cves/delta.json index fe97c12a538d..84429fafd512 100644 --- a/cves/delta.json +++ b/cves/delta.json @@ -1,20 +1,14 @@ { - "fetchTime": "2024-01-06T21:07:18.543Z", - "numberOfChanges": 2, - "new": [], - "updated": [ + "fetchTime": "2024-01-07T00:00:38.131Z", + "numberOfChanges": 1, + "new": [ { - "cveId": "CVE-2023-4255", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-4255", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/4xxx/CVE-2023-4255.json", - "dateUpdated": "2024-01-06T21:00:05.443Z" - }, - { - "cveId": "CVE-2023-4256", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-4256", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/4xxx/CVE-2023-4256.json", - "dateUpdated": "2024-01-06T21:00:14.989Z" + "cveId": "CVE-2024-0260", + "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-0260", + "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/0xxx/CVE-2024-0260.json", + "dateUpdated": "2024-01-07T00:00:07.682Z" } ], + "updated": [], "error": [] } \ No newline at end of file diff --git a/cves/deltaLog.json b/cves/deltaLog.json index 59c5f4a55f2d..1cedf84e2334 100644 --- a/cves/deltaLog.json +++ b/cves/deltaLog.json @@ -1,4 +1,18 @@ [ + { + "fetchTime": "2024-01-07T00:00:38.131Z", + "numberOfChanges": 1, + "new": [ + { + "cveId": "CVE-2024-0260", + "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2024-0260", + "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2024/0xxx/CVE-2024-0260.json", + "dateUpdated": "2024-01-07T00:00:07.682Z" + } + ], + "updated": [], + "error": [] + }, { "fetchTime": "2024-01-06T21:07:18.543Z", "numberOfChanges": 2, @@ -60050,259 +60064,5 @@ ], "updated": [], "error": [] - }, - { - "fetchTime": "2023-12-07T23:51:28.546Z", - "numberOfChanges": 1, - "new": [], - "updated": [ - { - "cveId": "CVE-2023-6061", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-6061", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/6xxx/CVE-2023-6061.json", - "dateUpdated": "2023-12-07T23:46:17.446Z" - } - ], - "error": [] - }, - { - "fetchTime": "2023-12-07T23:27:51.294Z", - "numberOfChanges": 1, - "new": [], - "updated": [ - { - "cveId": "CVE-2023-45849", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-45849", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/45xxx/CVE-2023-45849.json", - "dateUpdated": "2023-12-07T23:25:26.371Z" - } - ], - "error": [] - }, - { - "fetchTime": "2023-12-07T23:22:05.508Z", - "numberOfChanges": 2, - "new": [ - { - "cveId": "CVE-2023-5008", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-5008", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/5xxx/CVE-2023-5008.json", - "dateUpdated": "2023-12-07T23:16:52.700Z" - }, - { - "cveId": "CVE-2023-6061", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-6061", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/6xxx/CVE-2023-6061.json", - "dateUpdated": "2023-12-07T23:21:22.755Z" - } - ], - "updated": [], - "error": [] - }, - { - "fetchTime": "2023-12-07T23:14:29.694Z", - "numberOfChanges": 1, - "new": [ - { - "cveId": "CVE-2023-4122", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-4122", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/4xxx/CVE-2023-4122.json", - "dateUpdated": "2023-12-07T23:10:04.387Z" - } - ], - "updated": [], - "error": [] - }, - { - "fetchTime": "2023-12-07T22:52:51.409Z", - "numberOfChanges": 1, - "new": [], - "updated": [ - { - "cveId": "CVE-2023-5808", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-5808", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/5xxx/CVE-2023-5808.json", - "dateUpdated": "2023-12-07T22:48:31.562Z" - } - ], - "error": [] - }, - { - "fetchTime": "2023-12-07T22:29:39.770Z", - "numberOfChanges": 2, - "new": [ - { - "cveId": "CVE-2023-5058", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-5058", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/5xxx/CVE-2023-5058.json", - "dateUpdated": "2023-12-07T22:29:05.717Z" - } - ], - "updated": [ - { - "cveId": "CVE-2023-5808", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-5808", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/5xxx/CVE-2023-5808.json", - "dateUpdated": "2023-12-07T22:23:33.717Z" - } - ], - "error": [] - }, - { - "fetchTime": "2023-12-07T22:21:57.320Z", - "numberOfChanges": 1, - "new": [], - "updated": [ - { - "cveId": "CVE-2011-0448", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2011-0448", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2011/0xxx/CVE-2011-0448.json", - "dateUpdated": "2023-12-07T22:13:48.916887" - } - ], - "error": [] - }, - { - "fetchTime": "2023-12-07T22:12:50.822Z", - "numberOfChanges": 2, - "new": [], - "updated": [ - { - "cveId": "CVE-2018-7536", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2018-7536", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2018/7xxx/CVE-2018-7536.json", - "dateUpdated": "2023-12-07T22:05:43.713862" - }, - { - "cveId": "CVE-2021-33571", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2021-33571", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2021/33xxx/CVE-2021-33571.json", - "dateUpdated": "2023-12-07T22:09:18.547259" - } - ], - "error": [] - }, - { - "fetchTime": "2023-12-07T22:04:40.312Z", - "numberOfChanges": 2, - "new": [ - { - "cveId": "CVE-2023-6581", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-6581", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/6xxx/CVE-2023-6581.json", - "dateUpdated": "2023-12-07T22:00:07.244Z" - } - ], - "updated": [ - { - "cveId": "CVE-2021-31542", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2021-31542", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2021/31xxx/CVE-2021-31542.json", - "dateUpdated": "2023-12-07T21:59:18.604732" - } - ], - "error": [] - }, - { - "fetchTime": "2023-12-07T21:57:51.519Z", - "numberOfChanges": 1, - "new": [], - "updated": [ - { - "cveId": "CVE-2017-16877", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2017-16877", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2017/16xxx/CVE-2017-16877.json", - "dateUpdated": "2023-12-07T21:55:37.660177" - } - ], - "error": [] - }, - { - "fetchTime": "2023-12-07T21:52:04.128Z", - "numberOfChanges": 2, - "new": [], - "updated": [ - { - "cveId": "CVE-2016-5851", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2016-5851", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2016/5xxx/CVE-2016-5851.json", - "dateUpdated": "2023-12-07T21:51:56.834685" - }, - { - "cveId": "CVE-2020-35857", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2020-35857", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2020/35xxx/CVE-2020-35857.json", - "dateUpdated": "2023-12-07T21:48:16.374521" - } - ], - "error": [] - }, - { - "fetchTime": "2023-12-07T21:46:27.756Z", - "numberOfChanges": 1, - "new": [], - "updated": [ - { - "cveId": "CVE-2018-25023", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2018-25023", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2018/25xxx/CVE-2018-25023.json", - "dateUpdated": "2023-12-07T21:43:28.582638" - } - ], - "error": [] - }, - { - "fetchTime": "2023-12-07T21:40:27.276Z", - "numberOfChanges": 1, - "new": [], - "updated": [ - { - "cveId": "CVE-2021-43114", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2021-43114", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2021/43xxx/CVE-2021-43114.json", - "dateUpdated": "2023-12-07T21:38:01.311722" - } - ], - "error": [] - }, - { - "fetchTime": "2023-12-07T21:34:33.103Z", - "numberOfChanges": 3, - "new": [ - { - "cveId": "CVE-2023-46693", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-46693", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/46xxx/CVE-2023-46693.json", - "dateUpdated": "2023-12-07T21:29:52.217221" - }, - { - "cveId": "CVE-2023-6579", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-6579", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/6xxx/CVE-2023-6579.json", - "dateUpdated": "2023-12-07T21:31:04.204Z" - }, - { - "cveId": "CVE-2023-6580", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-6580", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/6xxx/CVE-2023-6580.json", - "dateUpdated": "2023-12-07T21:31:05.210Z" - } - ], - "updated": [], - "error": [] - }, - { - "fetchTime": "2023-12-07T21:08:26.321Z", - "numberOfChanges": 1, - "new": [], - "updated": [ - { - "cveId": "CVE-2023-5808", - "cveOrgLink": "https://www.cve.org/CVERecord?id=CVE-2023-5808", - "githubLink": "https://raw.githubusercontent.com/CVEProject/cvelistV5/main/cves/2023/5xxx/CVE-2023-5808.json", - "dateUpdated": "2023-12-07T21:01:36.519Z" - } - ], - "error": [] } ] \ No newline at end of file