Publish Advisories

GHSA-w6ww-869j-cgm6
GHSA-hvx4-hc73-9pp7

advisories/unreviewed/2023/12/GHSA-w6ww-869j-cgm6/GHSA-w6ww-869j-cgm6.json

@@ -69,6 +69,10 @@
     {
       "type": "WEB",
       "url": "http://www.openwall.com/lists/oss-security/2024/01/01/1"
+    },
+    {
+      "type": "WEB",
+      "url": "http://www.openwall.com/lists/oss-security/2024/01/01/2"
     }
   ],
   "database_specific": {

advisories/unreviewed/2024/01/GHSA-hvx4-hc73-9pp7/GHSA-hvx4-hc73-9pp7.json

@@ -0,0 +1,42 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-hvx4-hc73-9pp7",
+  "modified": "2024-01-01T21:30:37Z",
+  "published": "2024-01-01T21:30:37Z",
+  "aliases": [
+    "CVE-2024-0182"
+  ],
+  "details": "A vulnerability was found in SourceCodester Engineers Online Portal 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/ of the component Admin Login. The manipulation of the argument username/password leads to sql injection. The attack may be launched remotely. The identifier of this vulnerability is VDB-249440.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
+    }
+  ],
+  "affected": [
+
+  ],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-0182"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?ctiid.249440"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?id.249440"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-89"
+    ],
+    "severity": "HIGH",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2024-01-01T21:15:24Z"
+  }
+}