-
Notifications
You must be signed in to change notification settings - Fork 211
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- 1 new CVEs: CVE-2025-0408 - 0 updated CVEs:
- Loading branch information
cvelistV5 Github Action
committed
Jan 13, 2025
1 parent
3f95bf5
commit a16b63c
Showing
3 changed files
with
182 additions
and
26 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,162 @@ | ||
| { | ||
| "dataType": "CVE_RECORD", | ||
| "dataVersion": "5.1", | ||
| "cveMetadata": { | ||
| "cveId": "CVE-2025-0408", | ||
| "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", | ||
| "state": "PUBLISHED", | ||
| "assignerShortName": "VulDB", | ||
| "dateReserved": "2025-01-12T18:37:28.940Z", | ||
| "datePublished": "2025-01-13T02:00:12.582Z", | ||
| "dateUpdated": "2025-01-13T02:00:12.582Z" | ||
| }, | ||
| "containers": { | ||
| "cna": { | ||
| "providerMetadata": { | ||
| "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", | ||
| "shortName": "VulDB", | ||
| "dateUpdated": "2025-01-13T02:00:12.582Z" | ||
| }, | ||
| "title": "liujianview gymxmjpa LoosController.java LoosDaoImpl sql injection", | ||
| "problemTypes": [ | ||
| { | ||
| "descriptions": [ | ||
| { | ||
| "type": "CWE", | ||
| "cweId": "CWE-89", | ||
| "lang": "en", | ||
| "description": "SQL Injection" | ||
| } | ||
| ] | ||
| }, | ||
| { | ||
| "descriptions": [ | ||
| { | ||
| "type": "CWE", | ||
| "cweId": "CWE-74", | ||
| "lang": "en", | ||
| "description": "Injection" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "affected": [ | ||
| { | ||
| "vendor": "liujianview", | ||
| "product": "gymxmjpa", | ||
| "versions": [ | ||
| { | ||
| "version": "1.0", | ||
| "status": "affected" | ||
| } | ||
| ] | ||
| } | ||
| ], | ||
| "descriptions": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "A vulnerability was found in liujianview gymxmjpa 1.0. It has been rated as critical. Affected by this issue is the function LoosDaoImpl of the file src/main/java/com/liujian/gymxmjpa/controller/LoosController.java. The manipulation of the argument loosName leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used." | ||
| }, | ||
| { | ||
| "lang": "de", | ||
| "value": "Eine kritische Schwachstelle wurde in liujianview gymxmjpa 1.0 ausgemacht. Hierbei geht es um die Funktion LoosDaoImpl der Datei src/main/java/com/liujian/gymxmjpa/controller/LoosController.java. Durch Manipulation des Arguments loosName mit unbekannten Daten kann eine sql injection-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Der Exploit steht zur öffentlichen Verfügung." | ||
| } | ||
| ], | ||
| "metrics": [ | ||
| { | ||
| "cvssV4_0": { | ||
| "version": "4.0", | ||
| "baseScore": 5.3, | ||
| "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N", | ||
| "baseSeverity": "MEDIUM" | ||
| } | ||
| }, | ||
| { | ||
| "cvssV3_1": { | ||
| "version": "3.1", | ||
| "baseScore": 6.3, | ||
| "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", | ||
| "baseSeverity": "MEDIUM" | ||
| } | ||
| }, | ||
| { | ||
| "cvssV3_0": { | ||
| "version": "3.0", | ||
| "baseScore": 6.3, | ||
| "vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", | ||
| "baseSeverity": "MEDIUM" | ||
| } | ||
| }, | ||
| { | ||
| "cvssV2_0": { | ||
| "version": "2.0", | ||
| "baseScore": 6.5, | ||
| "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P" | ||
| } | ||
| } | ||
| ], | ||
| "timeline": [ | ||
| { | ||
| "time": "2025-01-12T00:00:00.000Z", | ||
| "lang": "en", | ||
| "value": "Advisory disclosed" | ||
| }, | ||
| { | ||
| "time": "2025-01-12T01:00:00.000Z", | ||
| "lang": "en", | ||
| "value": "VulDB entry created" | ||
| }, | ||
| { | ||
| "time": "2025-01-12T19:42:31.000Z", | ||
| "lang": "en", | ||
| "value": "VulDB entry last update" | ||
| } | ||
| ], | ||
| "credits": [ | ||
| { | ||
| "lang": "en", | ||
| "value": "LVZC3 (VulDB User)", | ||
| "type": "reporter" | ||
| } | ||
| ], | ||
| "references": [ | ||
| { | ||
| "url": "https://vuldb.com/?id.291284", | ||
| "name": "VDB-291284 | liujianview gymxmjpa LoosController.java LoosDaoImpl sql injection", | ||
| "tags": [ | ||
| "vdb-entry", | ||
| "technical-description" | ||
| ] | ||
| }, | ||
| { | ||
| "url": "https://vuldb.com/?ctiid.291284", | ||
| "name": "VDB-291284 | CTI Indicators (IOB, IOC, TTP, IOA)", | ||
| "tags": [ | ||
| "signature", | ||
| "permissions-required" | ||
| ] | ||
| }, | ||
| { | ||
| "url": "https://vuldb.com/?submit.473423", | ||
| "name": "Submit #473423 | liujianview gymxmjpa 1.0 SQL Injection", | ||
| "tags": [ | ||
| "third-party-advisory" | ||
| ] | ||
| }, | ||
| { | ||
| "url": "https://github.com/liujianview/gymxmjpa/issues/8", | ||
| "tags": [ | ||
| "issue-tracking" | ||
| ] | ||
| }, | ||
| { | ||
| "url": "https://github.com/liujianview/gymxmjpa/issues/8#issue-2765807702", | ||
| "tags": [ | ||
| "exploit", | ||
| "issue-tracking" | ||
| ] | ||
| } | ||
| ] | ||
| } | ||
| } | ||
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters