Auto Generated cves.json [Wed Aug 2 05:27:29 UTC 2023] :robot:

projectdiscovery · Aug 2, 2023 · e9a55cc · e9a55cc
1 parent 6fa4143
commit e9a55cc
Show file tree

Hide file tree

Showing 2 changed files with 3 additions and 1 deletion.
diff --git a/cves.json b/cves.json
@@ -636,6 +636,7 @@
 {"ID":"CVE-2019-14470","Info":{"Name":"WordPress UserPro 4.9.32 - Cross-Site Scripting","Severity":"medium","Description":"WordPress UserPro 4.9.32 is vulnerable to reflected cross-site scripting because the Instagram PHP API (v2) it relies on allows it via the example/success.php error_description parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2019/CVE-2019-14470.yaml"}
 {"ID":"CVE-2019-14530","Info":{"Name":"OpenEMR \u003c5.0.2 - Local File Inclusion","Severity":"high","Description":"OpenEMR before 5.0.2 is vulnerable to local file inclusion via the fileName parameter in custom/ajax_download.php. An attacker can download any file (that is readable by the web server user) from server storage. If the requested file is writable for the web server user and the directory /var/www/openemr/sites/default/documents/cqm_qrda/ exists, the file will be deleted from server.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"http/cves/2019/CVE-2019-14530.yaml"}
 {"ID":"CVE-2019-14696","Info":{"Name":"Open-School 3.0/Community Edition 2.3 - Cross-Site Scripting","Severity":"medium","Description":"Open-School 3.0, and Community Edition 2.3, allows cross-site scripting via the osv/index.php?r=students/guardians/create id parameter.","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2019/CVE-2019-14696.yaml"}
+{"ID":"CVE-2019-14750","Info":{"Name":"osTicket \u003c 1.12.1 - Cross-Site Scripting","Severity":"medium","Description":"An issue was discovered in osTicket before 1.10.7 and 1.12.x before 1.12.1. Stored XSS exists in setup/install.php. It was observed that no input sanitization was provided in the firstname and lastname fields of the application. The insertion of malicious queries in those fields leads to the execution of those queries. This can further lead to cookie stealing or other malicious actions.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2019/CVE-2019-14750.yaml"}
 {"ID":"CVE-2019-14789","Info":{"Name":"Custom 404 Pro \u003c 3.2.8 - Cross-Site Scripting","Severity":"medium","Description":"Custom 404 Pro before 3.2.9 is susceptible to cross-site scripting via the title parameter due to insufficient input sanitization and output escaping. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2019/CVE-2019-14789.yaml"}
 {"ID":"CVE-2019-14974","Info":{"Name":"SugarCRM Enterprise 9.0.0 - Cross-Site Scripting","Severity":"medium","Description":"SugarCRM Enterprise 9.0.0 contains a cross-site scripting vulnerability via mobile/error-not-supported-platform.html?desktop_url.","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2019/CVE-2019-14974.yaml"}
 {"ID":"CVE-2019-15043","Info":{"Name":"Grafana - Improper Access Control","Severity":"high","Description":"Grafana 2.x through 6.x before 6.3.4 is susceptible to improper access control. An attacker can delete and create arbitrary snapshots, leading to denial of service.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2019/CVE-2019-15043.yaml"}
@@ -1747,6 +1748,7 @@
 {"ID":"CVE-2022-4063","Info":{"Name":"WordPress InPost Gallery \u003c2.1.4.1 - Local File Inclusion","Severity":"critical","Description":"WordPress InPost Gallery plugin before 2.1.4.1 is susceptible to local file inclusion. The plugin insecurely uses PHP's extract() function when rendering HTML views, which can allow attackers to force inclusion of malicious files and URLs. This, in turn, can enable them to execute code remotely on servers.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2022/CVE-2022-4063.yaml"}
 {"ID":"CVE-2022-40684","Info":{"Name":"Fortinet - Authentication Bypass","Severity":"critical","Description":"Fortinet contains an authentication bypass vulnerability via using an alternate path or channel in FortiOS 7.2.0 through 7.2.1 and 7.0.0 through 7.0.6, FortiProxy 7.2.0 and 7.0.0 through 7.0.6, and FortiSwitchManager 7.2.0 and 7.0.0. An attacker can perform operations on the administrative interface via specially crafted HTTP or HTTPS requests, thus making it possible to obtain sensitive information, modify data, and/or execute unauthorized operations.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2022/CVE-2022-40684.yaml"}
 {"ID":"CVE-2022-40734","Info":{"Name":"Laravel Filemanager v2.5.1 - Local File Inclusion","Severity":"medium","Description":"Laravel Filemanager (aka UniSharp) through version 2.5.1 is vulnerable to local file inclusion via download?working_dir=%2F.\n","Classification":{"CVSSScore":"6.5"}},"file_path":"http/cves/2022/CVE-2022-40734.yaml"}
+{"ID":"CVE-2022-40843","Info":{"Name":"Tenda AC1200 V-W15Ev2 - Authentication Bypass","Severity":"critical","Description":"The Tenda AC1200 V-W15Ev2 router is affected by improper authorization/improper session management. The software does not perform or incorrectly perform an authorization check when a user attempts to access a resource or perform an action. This allows the router's login page to be bypassed. The improper validation of user sessions/authorization can lead to unauthenticated attackers having the ability to read the router's file, which contains the MD5 password of the Administrator's user account. This vulnerability exists within the local web and hosted remote management console.\n","Classification":{"CVSSScore":"9.9"}},"file_path":"http/cves/2022/CVE-2022-40843.yaml"}
 {"ID":"CVE-2022-40879","Info":{"Name":"kkFileView 4.1.0 - Cross-Site Scripting","Severity":"medium","Description":"kkFileView 4.1.0 contains multiple cross-site scripting vulnerabilities via the errorMsg parameter. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2022/CVE-2022-40879.yaml"}
 {"ID":"CVE-2022-40881","Info":{"Name":"SolarView 6.00 - Remote Command Execution","Severity":"critical","Description":"SolarView Compact 6.00 is vulnerable to a command injection via network_test.php.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2022/CVE-2022-40881.yaml"}
 {"ID":"CVE-2022-4117","Info":{"Name":"WordPress IWS Geo Form Fields \u003c=1.0 - SQL Injection","Severity":"critical","Description":"WordPress IWS Geo Form Fields plugin through 1.0 contains a SQL injection vulnerability. The plugin does not properly escape a parameter before using it in a SQL statement via an AJAX action available to unauthenticated users. An attacker can possibly obtain sensitive information, modify data, and/or execute unauthorized administrative operations in the context of the affected site.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2022/CVE-2022-4117.yaml"}

diff --git a/cves.json-checksum.txt b/cves.json-checksum.txt
@@ -1 +1 @@
-6d0baeb22bf4e4bcc14acfcaa865ee09
+e16c93b8e43efe0e3c4be07d48492060