Auto Generated cves.json [Mon Apr 8 11:37:20 UTC 2024] :robot:

projectdiscovery · Apr 8, 2024 · ed682e6 · ed682e6
1 parent abfd244
commit ed682e6
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/cves.json b/cves.json
@@ -351,7 +351,7 @@
 {"ID":"CVE-2016-10956","Info":{"Name":"WordPress Mail Masta 1.0 - Local File Inclusion","Severity":"high","Description":"WordPress Mail Masta 1.0 is susceptible to local file inclusion in count_of_send.php and csvexport.php.","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2016/CVE-2016-10956.yaml"}
 {"ID":"CVE-2016-10960","Info":{"Name":"WordPress wSecure Lite \u003c 2.4 - Remote Code Execution","Severity":"high","Description":"WordPress wsecure plugin before 2.4 is susceptible to remote code execution via shell metacharacters in the wsecure-config.php publish parameter.","Classification":{"CVSSScore":"8.8"}},"file_path":"http/cves/2016/CVE-2016-10960.yaml"}
 {"ID":"CVE-2016-10973","Info":{"Name":"Brafton WordPress Plugin \u003c 3.4.8 - Cross-Site Scripting","Severity":"medium","Description":"The Brafton plugin before 3.4.8 for WordPress has XSS via the wp-admin/admin.php?page=BraftonArticleLoader tab parameter to BraftonAdminPage.php.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2016/CVE-2016-10973.yaml"}
-{"ID":"CVE-2016-10993","Info":{"Name":"ScoreMe Theme - Cross-Site Scripting","Severity":"medium","Description":"WordPress ScoreMe theme through 2016-04-01 contains a reflected cross-site scripting vulnerability via the s parameter which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.","Classification":{"CVSSScore":"5.4"}},"file_path":"http/cves/2016/CVE-2016-10993.yaml"}
+{"ID":"CVE-2016-10993","Info":{"Name":"ScoreMe Theme - Cross-Site Scripting","Severity":"medium","Description":"WordPress ScoreMe theme through 2016-04-01 contains a reflected cross-site scripting vulnerability via the s parameter which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"5.4"}},"file_path":"http/cves/2016/CVE-2016-10993.yaml"}
 {"ID":"CVE-2016-1555","Info":{"Name":"NETGEAR WNAP320 Access Point Firmware - Remote Command Injection","Severity":"critical","Description":"NETGEAR WNAP320 Access Point Firmware version 2.0.3 could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device.","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2016/CVE-2016-1555.yaml"}
 {"ID":"CVE-2016-2389","Info":{"Name":"SAP xMII 15.0 for SAP NetWeaver 7.4 - Local File Inclusion","Severity":"high","Description":"SAP xMII 15.0 for SAP NetWeaver 7.4 is susceptible to a local file inclusion vulnerability in the GetFileList function. This can allow remote attackers to read arbitrary files via a .. (dot dot) in the path parameter to /Catalog, aka SAP Security Note 2230978.","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2016/CVE-2016-2389.yaml"}
 {"ID":"CVE-2016-3081","Info":{"Name":"Apache S2-032 Struts - Remote Code Execution","Severity":"high","Description":"Apache Struts 2.3.19 to 2.3.20.2, 2.3.21 to 2.3.24.1, and 2.3.25 to 2.3.28, when dynamic method invocation is enabled, allows remote attackers to execute arbitrary code via method: prefix (related to chained expressions).\n","Classification":{"CVSSScore":"8.1"}},"file_path":"http/cves/2016/CVE-2016-3081.yaml"}

diff --git a/cves.json-checksum.txt b/cves.json-checksum.txt
@@ -1 +1 @@
-70ec4e132bf5f0a5c3a4325d6a647f3a
+ceaa92ae30170d1f50df8be86bd9762d