hao/websafe-kb
1
0
派生 0
代码 工单 合并请求 1 工作流 软件包 项目 发布 百科 活动

更新: 2933 个文件 - 2026-03-18 11:36:11

浏览代码
这个提交包含在:
hao
2026-03-18 11:36:12 -07:00
父节点 1e9522e1a8
当前提交 13d341e71f
修改 2933 个文件,包含 115508 行新增1353 行删除
下载 Patch 文件 下载 Diff 文件 展开所有文件 折叠所有文件

65
08-threat-intel/registry/advisories/apache-httpd--CVE-2004-2115.json 普通文件
查看文件

@@ -0,0 +1,65 @@
{
"canonical_id": "apache-httpd--CVE-2004-2115",
"system_id": "apache-httpd",
"display_name": "Apache HTTP Server",
"category": "servers",
"advisory_mode": "server",
"title": "CVE-2004-2115",
"summary": "Multiple cross-site scripting (XSS) vulnerabilities in Oracle HTTP Server 1.3.22, based on Apache, allow remote attackers to execute arbitrary script as other users via the (1) action, (2) username, or (3) password parameters in an isqlplus request.",
"published_at": "2004-12-31T05:00:00.000",
"updated_at": "2025-04-03T01:03:51.193",
"severity": "medium",
"cvss_score": 6.8,
"exploit_status": "unknown",
"source_confidence": "official",
"official_source_url": "http://marc.info/?l=bugtraq&m=107496560106967&w=2",
"secondary_source_urls": [
"http://www.securityfocus.com/bid/9484",
"https://exchange.xforce.ibmcloud.com/vulnerabilities/14930"
],
"aliases": [
"CVE-2004-2115"
],
"cve_ids": [
"CVE-2004-2115"
],
"ghsa_ids": [],
"osv_ids": [],
"affected_versions": [],
"fixed_versions": [],
"package_name": null,
"render_markdown": false,
"case_path": null,
"secure_code_topics": [
"request-smuggling-boundary",
"proxy-trust-boundary",
"path-traversal-guard",
"xss-output-encoding"
],
"status": "triage",
"triage_reasons": [
"missing affected/fixed version details"
],
"verification_status": "triage-manual",
"verification_mode": "synthetic",
"last_verified_at": null,
"last_run_id": null,
"evidence_bundle": null,
"browser_evidence": {
"required": false,
"present": false,
"refs": []
},
"repro_profile_id": "xss-generic",
"artifact_mode": "official-image",
"blocked_reason": null,
"metadata": {
"source_names": [
"NVD Apache HTTP Server"
],
"source_kinds": [
"nvd-search"
],
"candidate_count": 1
}
}