generated content from 2025-01-11

mapping.csv

@@ -262844,3 +262844,75 @@ vulnerability,CVE-2025-22594,vulnerability--7bf7369a-61e5-4b7a-abae-65cadea2eaac
 vulnerability,CVE-2025-22521,vulnerability--ca1ddc44-0ad7-4093-9914-cca795b751a3
 vulnerability,CVE-2025-22595,vulnerability--935ddd12-ada4-4b08-a0eb-47e5d8108105
 vulnerability,CVE-2025-20033,vulnerability--6d7bb56a-b1fb-4a2f-8f9a-b0d50baebd66
+vulnerability,CVE-2024-5872,vulnerability--8786799c-e096-43fa-8401-7d708866a5c6
+vulnerability,CVE-2024-56511,vulnerability--d81c54d2-a86b-4e92-bbbd-d7320af92d36
+vulnerability,CVE-2024-7142,vulnerability--23a7812b-de69-41fd-8614-550a5eb42aeb
+vulnerability,CVE-2024-7095,vulnerability--740f1e19-a4f4-41a0-86f1-1bccd0211e46
+vulnerability,CVE-2024-6880,vulnerability--7b41edfb-8aa1-4f19-8678-78e7fd99a722
+vulnerability,CVE-2024-6437,vulnerability--30f506cd-df74-40a8-bf2c-0d40f7e11146
+vulnerability,CVE-2024-6662,vulnerability--b19bcf2a-313f-472b-8cd9-9ca787a10c70
+vulnerability,CVE-2024-9132,vulnerability--d7f49736-0d10-4261-9264-3d71ebc19e57
+vulnerability,CVE-2024-9188,vulnerability--9bbaa485-91ff-4aa9-8d96-6da1de17e094
+vulnerability,CVE-2024-9131,vulnerability--7af69bf8-d2fe-4713-b874-03e0f37f6619
+vulnerability,CVE-2024-9134,vulnerability--4d65011c-1f9c-43f1-ac76-fafc40b00c69
+vulnerability,CVE-2024-9133,vulnerability--3ef0aedc-42e1-4919-bf02-fc957cf207e0
+vulnerability,CVE-2024-57226,vulnerability--a2db6a63-283d-4cee-8da7-85e3159d1dad
+vulnerability,CVE-2024-57686,vulnerability--11c47e9e-e609-421e-9d73-52cdc95951b8
+vulnerability,CVE-2024-57222,vulnerability--d132f40c-5ec6-46ac-8a7e-45212298bb4e
+vulnerability,CVE-2024-57223,vulnerability--31a4a314-4a71-4a10-8824-5ff5c08da4d1
+vulnerability,CVE-2024-57822,vulnerability--8022ea19-c2ad-42e9-ba80-2a86c1a8d16f
+vulnerability,CVE-2024-57213,vulnerability--6f28a6af-b104-40d9-81ff-6c87ea65c2e0
+vulnerability,CVE-2024-57823,vulnerability--4ee0e208-af04-4cb9-9877-c2b0460ca39a
+vulnerability,CVE-2024-57225,vulnerability--fa2cbcc4-cb53-4254-a0b6-c6fc99e1de86
+vulnerability,CVE-2024-57687,vulnerability--76212e41-e0b8-416c-b2fc-d5e77136f2cc
+vulnerability,CVE-2024-57212,vulnerability--3b40373b-c7fb-4b45-ade3-77b365afd54d
+vulnerability,CVE-2024-57211,vulnerability--ea14797e-e4da-46dd-b5b1-6983dcb03023
+vulnerability,CVE-2024-57228,vulnerability--9ddf62b4-9f3a-453c-a00a-07add99ca3e9
+vulnerability,CVE-2024-57227,vulnerability--e81e048e-862f-49bd-a0ca-a2e70963a62d
+vulnerability,CVE-2024-57214,vulnerability--4b744a0f-d2b0-4be2-9f67-06c5d36c86fa
+vulnerability,CVE-2024-57224,vulnerability--23b62624-9674-47c0-8e6a-03d1779e88e9
+vulnerability,CVE-2024-50807,vulnerability--f83c66d6-36c4-4ea4-8e49-6e2c49cebe21
+vulnerability,CVE-2024-47517,vulnerability--b1a2267a-a9e7-4ebe-9f0c-9be779c54ce1
+vulnerability,CVE-2024-47520,vulnerability--56ebbc7e-424f-46d5-b433-7da63a2afa3e
+vulnerability,CVE-2024-47518,vulnerability--27fd4056-d360-43c2-9700-a03aa85c5eb9
+vulnerability,CVE-2024-47519,vulnerability--5c372a0c-4a78-4b60-8723-759b2fba3460
+vulnerability,CVE-2024-13183,vulnerability--1553ca5c-fc0c-4f96-9394-255c225dfb44
+vulnerability,CVE-2024-13318,vulnerability--1d874e5d-90fe-439b-b148-bc6a9f136c18
+vulnerability,CVE-2024-12606,vulnerability--dd4d6764-72a3-49d5-843d-ed4d2d42d2f2
+vulnerability,CVE-2024-12473,vulnerability--70f9ec04-5554-4029-8e51-1aeb520add02
+vulnerability,CVE-2024-12847,vulnerability--a79eb640-e813-49b1-a957-fa8990fc08ac
+vulnerability,CVE-2024-54687,vulnerability--3f0b43a0-ee31-4284-bfe0-20084850d723
+vulnerability,CVE-2024-54848,vulnerability--6ca16cd6-f4bd-4ec8-9042-99f9b24f11dc
+vulnerability,CVE-2024-54996,vulnerability--37aac901-1876-4022-ab2a-266156cd4744
+vulnerability,CVE-2024-54849,vulnerability--34b42738-afd9-489e-be5d-a2d7f1301d38
+vulnerability,CVE-2024-54846,vulnerability--2c37d7b2-1736-48b4-8c7a-5e67c509b30c
+vulnerability,CVE-2024-54847,vulnerability--548192e3-6bcb-43ff-aaca-94907eb53a22
+vulnerability,CVE-2024-54997,vulnerability--4b274b74-2a2f-4e68-a518-b2e90aaca60c
+vulnerability,CVE-2024-54998,vulnerability--114c3b40-e8e4-4ee9-95dc-e786f2dc0678
+vulnerability,CVE-2024-54910,vulnerability--74d1fd5a-e877-4096-beb3-28c6b169bb34
+vulnerability,CVE-2024-54994,vulnerability--e91628fb-2308-403d-befd-f943fad6ac15
+vulnerability,CVE-2024-25371,vulnerability--5734d309-ccab-4529-92b5-3bbd4140afe5
+vulnerability,CVE-2024-46210,vulnerability--2e97eeab-de1a-46e4-9d3a-24dd7baf9065
+vulnerability,CVE-2024-41787,vulnerability--454b3110-ed61-4233-a4df-13734f8e3f77
+vulnerability,CVE-2024-29971,vulnerability--fe3ea818-adc8-4129-aea9-eae423a0412b
+vulnerability,CVE-2024-29970,vulnerability--e4ff8fa0-f00f-4082-a940-b8370e6203e6
+vulnerability,CVE-2024-33298,vulnerability--684bceb7-3b1d-45f2-b24b-74b16e46d2dc
+vulnerability,CVE-2024-33299,vulnerability--a8d953b7-8a05-4721-a41b-eabf5668b584
+vulnerability,CVE-2024-33297,vulnerability--971adf99-d42b-4f29-905a-44bfb66091a6
+vulnerability,CVE-2025-0311,vulnerability--bd64d40f-5eb7-4575-8886-9b8d90acc64c
+vulnerability,CVE-2025-23110,vulnerability--4f2ced6d-3326-4601-914e-8a9d3aaa64b9
+vulnerability,CVE-2025-23112,vulnerability--3bd9e8b6-ecd5-4581-a39a-1eeadbd5638b
+vulnerability,CVE-2025-23022,vulnerability--bbf8666d-f535-4451-b055-81cf00704c1b
+vulnerability,CVE-2025-23078,vulnerability--6fb6e941-35d9-46f3-b683-dfd270ac8614
+vulnerability,CVE-2025-23079,vulnerability--5c431626-88e3-48fe-9c5f-af103019bf56
+vulnerability,CVE-2025-23113,vulnerability--acef4308-f6c1-42c5-b962-fe00bef2ec20
+vulnerability,CVE-2025-23111,vulnerability--0f570aba-9cc6-4aa9-b6ea-63dcb94312c3
+vulnerability,CVE-2025-23016,vulnerability--57ebbc5b-b57c-4227-b5af-c20fdb31ac1e
+vulnerability,CVE-2025-22599,vulnerability--3e1f595b-4c46-4aef-a9bd-da30651b7102
+vulnerability,CVE-2025-22946,vulnerability--867f5009-0280-427b-baeb-7a8e17be92dc
+vulnerability,CVE-2025-22152,vulnerability--6e5666a1-fb80-4997-96a0-ade9b4ce4d7b
+vulnerability,CVE-2025-22597,vulnerability--2e2814ab-1a36-4818-b9fe-a55a034bf8e9
+vulnerability,CVE-2025-22949,vulnerability--d90fabe9-ca85-4922-aec3-4aa73dec58d3
+vulnerability,CVE-2025-22600,vulnerability--2602215e-87dd-4d7a-8735-83dc17be74ac
+vulnerability,CVE-2025-22598,vulnerability--1ab0beff-3ec7-40f9-b8d5-7b82c94fb8cd
+vulnerability,CVE-2025-22596,vulnerability--f63818c5-0a0c-4f0d-bced-3dae8e1f8e18

objects/vulnerability/vulnerability--0f570aba-9cc6-4aa9-b6ea-63dcb94312c3.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--567f0ff7-9368-44a7-8a35-31fe2766fd3f",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--0f570aba-9cc6-4aa9-b6ea-63dcb94312c3",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-11T00:37:35.035035Z",
+            "modified": "2025-01-11T00:37:35.035035Z",
+            "name": "CVE-2025-23111",
+            "description": "An issue was discovered in REDCap 14.9.6. It allows HTML Injection via the Survey field name, exposing users to a redirection to a phishing website. An attacker can exploit this to trick the user that receives the survey into clicking on the field name, which redirects them to a phishing website. Thus, this allows malicious actions to be executed without user consent.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2025-23111"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--114c3b40-e8e4-4ee9-95dc-e786f2dc0678.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--49e42928-c764-4628-be6b-c61de17a8f47",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--114c3b40-e8e4-4ee9-95dc-e786f2dc0678",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-11T00:37:30.122797Z",
+            "modified": "2025-01-11T00:37:30.122797Z",
+            "name": "CVE-2024-54998",
+            "description": "MonicaHQ v4.1.2 was discovered to contain an authenticated Client-Side Injection vulnerability via the Reason parameter at /people/h:[id]/debts/create.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-54998"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--11c47e9e-e609-421e-9d73-52cdc95951b8.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--e5a9a056-b660-43f2-be18-111245ee2b1a",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--11c47e9e-e609-421e-9d73-52cdc95951b8",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-11T00:37:29.202514Z",
+            "modified": "2025-01-11T00:37:29.202514Z",
+            "name": "CVE-2024-57686",
+            "description": "A Cross Site Scripting (XSS) vulnerability was found in /landrecordsys/admin/contactus.php in PHPGurukul Land Record System v1.0, which allows remote attackers to execute arbitrary code via the \"pagetitle\" parameter.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-57686"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--1553ca5c-fc0c-4f96-9394-255c225dfb44.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--ae15ab63-e48f-4eab-9efc-6a10ba169ea5",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--1553ca5c-fc0c-4f96-9394-255c225dfb44",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-11T00:37:30.005798Z",
+            "modified": "2025-01-11T00:37:30.005798Z",
+            "name": "CVE-2024-13183",
+            "description": "The Orbit Fox by ThemeIsle plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘title_tag’ parameter in all versions up to, and including, 2.10.43 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-13183"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--1ab0beff-3ec7-40f9-b8d5-7b82c94fb8cd.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--330355db-3459-4f0f-b984-66657a24fbde",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--1ab0beff-3ec7-40f9-b8d5-7b82c94fb8cd",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-11T00:37:35.073066Z",
+            "modified": "2025-01-11T00:37:35.073066Z",
+            "name": "CVE-2025-22598",
+            "description": "WeGIA is a web manager for charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the cadastrarSocio.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the local_recepcao parameter. The injected scripts are stored on the server and executed automatically whenever the affected page is accessed by users, posing a significant security risk. This vulnerability is fixed in 3.2.8.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2025-22598"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--1d874e5d-90fe-439b-b148-bc6a9f136c18.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--4881a0ca-a0b6-424c-864f-770f685cc7f0",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--1d874e5d-90fe-439b-b148-bc6a9f136c18",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-11T00:37:30.010512Z",
+            "modified": "2025-01-11T00:37:30.010512Z",
+            "name": "CVE-2024-13318",
+            "description": "The Essential WP Real Estate plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the cl_delete_listing_func() function in all versions up to, and including, 1.1.3. This makes it possible for unauthenticated attackers to delete arbitrary pages and posts.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-13318"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--23a7812b-de69-41fd-8614-550a5eb42aeb.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--b88cc474-edd4-438f-8f55-0f9298489876",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--23a7812b-de69-41fd-8614-550a5eb42aeb",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-11T00:37:28.398942Z",
+            "modified": "2025-01-11T00:37:28.398942Z",
+            "name": "CVE-2024-7142",
+            "description": "On Arista CloudVision Appliance (CVA) affected releases running on appliances that support hardware disk encryption (DCA-350E-CV only), the disk encryption might not be successfully performed. This results in the disks remaining unsecured and data on them",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-7142"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--23b62624-9674-47c0-8e6a-03d1779e88e9.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--0e808f13-ae11-47fd-80cc-2f585549f308",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--23b62624-9674-47c0-8e6a-03d1779e88e9",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-11T00:37:29.241362Z",
+            "modified": "2025-01-11T00:37:29.241362Z",
+            "name": "CVE-2024-57224",
+            "description": "Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the ifname parameter in the apcli_do_enr_pin_wps function.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-57224"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--2602215e-87dd-4d7a-8735-83dc17be74ac.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--0d25d006-9608-4d4f-a49a-35ec63641edf",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--2602215e-87dd-4d7a-8735-83dc17be74ac",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-11T00:37:35.071303Z",
+            "modified": "2025-01-11T00:37:35.071303Z",
+            "name": "CVE-2025-22600",
+            "description": "WeGIA is a web manager for charitable institutions. A Reflected Cross-Site Scripting (XSS) vulnerability was identified in the configuracao_doacao.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts in the avulso parameter. This vulnerability is fixed in 3.2.8.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2025-22600"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--27fd4056-d360-43c2-9700-a03aa85c5eb9.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--268a981d-6928-4010-996f-ca343f11356e",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--27fd4056-d360-43c2-9700-a03aa85c5eb9",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-11T00:37:29.792885Z",
+            "modified": "2025-01-11T00:37:29.792885Z",
+            "name": "CVE-2024-47518",
+            "description": "Specially constructed queries targeting ETM could discover active remote access sessions",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-47518"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--2c37d7b2-1736-48b4-8c7a-5e67c509b30c.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--e318d699-fc5b-4d9d-8105-48ccab61194b",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--2c37d7b2-1736-48b4-8c7a-5e67c509b30c",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-11T00:37:30.092271Z",
+            "modified": "2025-01-11T00:37:30.092271Z",
+            "name": "CVE-2024-54846",
+            "description": "An issue in CP Plus CP-VNR-3104 B3223P22C02424 allows attackers to obtain the EC private key and access sensitive data or execute a man-in-the-middle attack.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-54846"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--2e2814ab-1a36-4818-b9fe-a55a034bf8e9.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--693d0206-570b-4ce2-8323-010dff78970e",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--2e2814ab-1a36-4818-b9fe-a55a034bf8e9",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-11T00:37:35.060579Z",
+            "modified": "2025-01-11T00:37:35.060579Z",
+            "name": "CVE-2025-22597",
+            "description": "WeGIA is a web manager for charitable institutions. A Stored Cross-Site Scripting (XSS) vulnerability was identified in the CobrancaController.php endpoint of the WeGIA application. This vulnerability allows attackers to inject malicious scripts into the local_recepcao parameter. The injected scripts are stored on the server and executed automatically whenever the affected page is accessed by users, posing a significant security risk. This vulnerability is fixed in 3.2.8.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2025-22597"
+                }
+            ]
+        }
+    ]
+}

objects/vulnerability/vulnerability--2e97eeab-de1a-46e4-9d3a-24dd7baf9065.json

@@ -0,0 +1,22 @@
+{
+    "type": "bundle",
+    "id": "bundle--8de53845-0fc3-4e53-be71-33f3f9c66d8a",
+    "objects": [
+        {
+            "type": "vulnerability",
+            "spec_version": "2.1",
+            "id": "vulnerability--2e97eeab-de1a-46e4-9d3a-24dd7baf9065",
+            "created_by_ref": "identity--8ce3f695-d5a4-4dc8-9e93-a65af453a31a",
+            "created": "2025-01-11T00:37:30.397094Z",
+            "modified": "2025-01-11T00:37:30.397094Z",
+            "name": "CVE-2024-46210",
+            "description": "An arbitrary file upload vulnerability in the MediaPool module of Redaxo CMS v5.17.1 allows attackers to execute arbitrary code via uploading a crafted file.",
+            "external_references": [
+                {
+                    "source_name": "cve",
+                    "external_id": "CVE-2024-46210"
+                }
+            ]
+        }
+    ]
+}