58 行
1.8 KiB
JSON
58 行
1.8 KiB
JSON
{
|
|
"canonical_id": "magento-open-source--da1a58eda2",
|
|
"system_id": "magento-open-source",
|
|
"display_name": "Magento Open Source",
|
|
"category": "ecommerce",
|
|
"advisory_mode": "extension",
|
|
"title": "PHP tool 'Adminer' leaks passwords 2019-01-17 Update 2019-01-20: the root cause is a protocol flaw in MySQL. Adminer is a popular PHP tool to administer MySQL and PostgreSQL databases. However, it can be lured to disclose arbitrary files. Attackers can abuse that to fetch passwords for popular apps such as Magento and Wordpress, and gain con... skimming",
|
|
"summary": "",
|
|
"published_at": null,
|
|
"updated_at": null,
|
|
"severity": "unknown",
|
|
"cvss_score": null,
|
|
"exploit_status": "unknown",
|
|
"source_confidence": "ecosystem-authority",
|
|
"official_source_url": "https://sansec.io/research/adminer-4.6.2-file-disclosure-vulnerability",
|
|
"secondary_source_urls": [],
|
|
"aliases": [],
|
|
"cve_ids": [],
|
|
"ghsa_ids": [],
|
|
"osv_ids": [],
|
|
"affected_versions": [],
|
|
"fixed_versions": [],
|
|
"package_name": null,
|
|
"render_markdown": false,
|
|
"case_path": null,
|
|
"secure_code_topics": [
|
|
"authz-server-side-recheck",
|
|
"file-upload-validation",
|
|
"plugin-extension-trust-policy"
|
|
],
|
|
"status": "triage",
|
|
"triage_reasons": [
|
|
"missing affected/fixed version details"
|
|
],
|
|
"verification_status": "triage-manual",
|
|
"verification_mode": "synthetic",
|
|
"last_verified_at": null,
|
|
"last_run_id": null,
|
|
"evidence_bundle": null,
|
|
"browser_evidence": {
|
|
"required": false,
|
|
"present": false,
|
|
"refs": []
|
|
},
|
|
"repro_profile_id": "plugin-extension-generic",
|
|
"artifact_mode": "synthetic",
|
|
"blocked_reason": null,
|
|
"metadata": {
|
|
"source_names": [
|
|
"Sansec Research"
|
|
],
|
|
"source_kinds": [
|
|
"html-links"
|
|
],
|
|
"candidate_count": 1
|
|
}
|
|
}
|