admin/nuclei-templates
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei-templates.git synced 2026-01-31 15:53:33 +08:00
Code Issues Packages Projects Releases Wiki Activity

chore: generate CVEs metadata 🤖

Browse Source
This commit is contained in:
ghost
2026-01-07 12:52:34 +00:00
parent 672c20116a
commit f9902795cd
2 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
cves.json
View File

@@ -784,6 +784,7 @@
{"ID":"CVE-2019-15713","Info":{"Name":"WordPress My Calendar \u003c= 3.1.9 - Cross-Site Scripting","Severity":"medium","Description":"WordPress plugin My Calendar \u003c= 3.1.9 is susceptible to reflected cross-site scripting which can be triggered via unescaped usage of URL parameters in multiple locations throughout the site.","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2019/CVE-2019-15713.yaml"}
{"ID":"CVE-2019-15774","Info":{"Name":"ND Booking \u003c 2.5 - Unauthenticated Options Change","Severity":"medium","Description":"The Hotel Booking WordPress plugin ND Booking \u003c 2.5 was affected by an Unauthenticated Options Change security vulnerability.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2019/CVE-2019-15774.yaml"}
{"ID":"CVE-2019-15811","Info":{"Name":"DomainMOD \u003c=4.13.0 - Cross-Site Scripting","Severity":"medium","Description":"DomainMOD through 4.13.0 contains a cross-site scripting vulnerability via /reporting/domains/cost-by-month.php in Daterange parameters.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2019/CVE-2019-15811.yaml"}
{"ID":"CVE-2019-15823","Info":{"Name":"WPS Hide Login \u003c= 1.5.2.2 - Login Page Bypass","Severity":"high","Description":"WPS-Hide-Login plugin before 1.5.3 for WordPress contains an action=confirmaction protection bypass, letting attackers bypass security checks, exploit requires sending crafted requests.\n","Classification":{"CVSSScore":"N/A"}},"file_path":"http/cves/2019/CVE-2019-15823.yaml"}
{"ID":"CVE-2019-15829","Info":{"Name":"Gallery Photoblocks \u003c 1.1.43 - Cross-Site Scripting","Severity":"medium","Description":"The Gallery PhotoBlocks WordPress plugin was affected by an Authenticated Reflected XSS security vulnerability.\n","Classification":{"CVSSScore":"4.8"}},"file_path":"http/cves/2019/CVE-2019-15829.yaml"}
{"ID":"CVE-2019-15858","Info":{"Name":"WordPress Woody Ad Snippets \u003c2.2.5 - Cross-Site Scripting/Remote Code Execution","Severity":"high","Description":"WordPress Woody Ad Snippets prior to 2.2.5 is susceptible to cross-site scripting and remote code execution via admin/includes/class.import.snippet.php, which allows unauthenticated options import as demonstrated by storing a cross-site scripting payload for remote code execution.\n","Classification":{"CVSSScore":"8.8"}},"file_path":"http/cves/2019/CVE-2019-15858.yaml"}
{"ID":"CVE-2019-15859","Info":{"Name":"Socomec DIRIS A-40 Devices Password Disclosure","Severity":"critical","Description":"Socomec DIRIS A-40 devices before 48250501 are susceptible to a password disclosure vulnerability in the web interface that could allow remote attackers to get full access to a device via the /password.jsn URI.","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2019/CVE-2019-15859.yaml"}

2
cves.json-checksum.txt
View File

@@ -1 +1 @@
83f90acf5d0c18ed6d7800a55f4f21b4
6e14f3801af894b0a5801e953e0093c3