Update CVE sources 2024-06-08 09:32

2026-02-12 18:42:46 +00:00 · 2024-06-08 09:32:58 +00:00
parent f434f26441
commit 8932a8488d
368 changed files with 6184 additions and 50 deletions
--- a/2012/CVE-2012-1156.md
+++ b/2012/CVE-2012-1156.md
@@ -0,0 +1,17 @@
+### [CVE-2012-1156](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-1156)
+![](https://img.shields.io/static/v1?label=Product&message=Moodle&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=%3D%202.2%20to%202.2.1%2B%20&color=brighgreen)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=UNKNOWN_TYPE&color=brighgreen)
+
+### Description
+
+Moodle before 2.2.2 has users' private files included in course backups
+
+### POC
+
+#### Reference
+- https://moodle.org/mod/forum/discuss.php?d=198623
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2012/CVE-2012-4567.md
+++ b/2012/CVE-2012-4567.md
@@ -0,0 +1,17 @@
+### [CVE-2012-4567](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4567)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Multiple cross-site scripting (XSS) vulnerabilities in LetoDMS (formerly MyDMS) before 3.3.8 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters in (1) inc/inc.ClassUI.php or (2) out/out.DocumentNotify.php.
+
+### POC
+
+#### Reference
+- http://sourceforge.net/p/mydms/code/HEAD/tree/trunk/CHANGELOG
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2012/CVE-2012-4568.md
+++ b/2012/CVE-2012-4568.md
@@ -0,0 +1,17 @@
+### [CVE-2012-4568](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4568)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Multiple cross-site request forgery (CSRF) vulnerabilities in LetoDMS (formerly MyDMS) before 3.3.8 allow remote attackers to hijack the authentication of unspecified victims via unknown vectors.
+
+### POC
+
+#### Reference
+- http://sourceforge.net/p/mydms/code/HEAD/tree/trunk/CHANGELOG
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2012/CVE-2012-4569.md
+++ b/2012/CVE-2012-4569.md
@@ -0,0 +1,17 @@
+### [CVE-2012-4569](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4569)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+Multiple cross-site scripting (XSS) vulnerabilities in out/out.UsrMgr.php in LetoDMS (formerly MyDMS) before 3.3.9 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
+
+### POC
+
+#### Reference
+- http://sourceforge.net/p/mydms/code/HEAD/tree/trunk/CHANGELOG
+
+#### Github
+No PoCs found on GitHub currently.
+
--- a/2012/CVE-2012-4570.md
+++ b/2012/CVE-2012-4570.md
@@ -0,0 +1,17 @@
+### [CVE-2012-4570](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4570)
+![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
+![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)
+
+### Description
+
+SQL injection vulnerability in LetoDMS_Core/Core/inc.ClassDMS.php in LetoDMS (formerly MyDMS) before 3.3.8 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.
+
+### POC
+
+#### Reference
+- http://sourceforge.net/p/mydms/code/HEAD/tree/trunk/CHANGELOG
+
+#### Github
+No PoCs found on GitHub currently.
+