admin/nuclei-templates
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei-templates.git synced 2026-01-31 07:43:27 +08:00
Code Issues Packages Projects Releases Wiki Activity

chore: generate CVEs metadata 🤖

Browse Source
This commit is contained in:
ghost
2026-01-13 05:42:22 +00:00
parent 8b233b9583
commit 34be00ea89
2 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
cves.json
View File

@@ -1040,6 +1040,7 @@
{"ID":"CVE-2020-19283","Info":{"Name":"Jeesns 1.4.2 - Cross-Site Scripting","Severity":"medium","Description":"Jeesns 1.4.2 is vulnerable to reflected cross-site scripting in the /newVersion component and allows attackers to execute arbitrary web scripts or HTML.","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2020/CVE-2020-19283.yaml"}
{"ID":"CVE-2020-19295","Info":{"Name":"Jeesns 1.4.2 - Cross-Site Scripting","Severity":"medium","Description":"Jeesns 1.4.2 is vulnerable to reflected cross-site scripting in the /weibo/topic component and allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the system error message's text field.","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2020/CVE-2020-19295.yaml"}
{"ID":"CVE-2020-19360","Info":{"Name":"FHEM 6.0 - Local File Inclusion","Severity":"high","Description":"FHEM version 6.0 suffers from a local file inclusion vulnerability.","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2020/CVE-2020-19360.yaml"}
{"ID":"CVE-2020-19363","Info":{"Name":"Vtiger CRM v7.2.0 - Directory Listing","Severity":"medium","Description":"Vtiger CRM v7.2.0 contains a directory traversal vulnerability caused by improper access controls in /libraries and /layout directories, letting attackers display hidden files and list directories, exploit requires no authentication.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2020/CVE-2020-19363.yaml"}
{"ID":"CVE-2020-1943","Info":{"Name":"Apache OFBiz \u003c=16.11.07 - Cross-Site Scripting","Severity":"medium","Description":"Apache OFBiz 16.11.01 to 16.11.07 is vulnerable to cross-site scripting because data sent with contentId to /control/stream is not sanitized.","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2020/CVE-2020-1943.yaml"}
{"ID":"CVE-2020-19515","Info":{"Name":"qdPM 9.1 - Cross-site Scripting","Severity":"medium","Description":"qdPM V9.1 is vulnerable to Cross Site Scripting (XSS) via qdPM\\install\\modules\\database_config.php.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2020/CVE-2020-19515.yaml"}
{"ID":"CVE-2020-1956","Info":{"Name":"Apache Kylin 3.0.1 - Command Injection Vulnerability","Severity":"high","Description":"Apache Kylin 2.3.0, and releases up to 2.6.5 and 3.0.1 has some restful apis which will concatenate os command with the user input string, a user is likely to be able to execute any os command without any protection or validation.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"http/cves/2020/CVE-2020-1956.yaml"}

2
cves.json-checksum.txt
View File

@@ -1 +1 @@
4ef6225bc58b11c71969f5bf922ab20f
e5caa1f30210d6c968609379f5fb1e27