From 8eaf88d2d982dd7f9eb72b156dec0d7f811efd61 Mon Sep 17 00:00:00 2001
From: "advisory-database[bot]"
 <45398580+advisory-database[bot]@users.noreply.github.com>
Date: Sun, 3 Nov 2024 21:31:51 +0000
Subject: [PATCH] Publish Advisories

GHSA-pmw3-7p49-23v9
GHSA-qr97-4x44-xx2v
GHSA-v84r-7jvm-h7hq
---
 .../GHSA-pmw3-7p49-23v9.json                  | 58 +++++++++++++++++++
 .../GHSA-qr97-4x44-xx2v.json                  | 58 +++++++++++++++++++
 .../GHSA-v84r-7jvm-h7hq.json                  | 58 +++++++++++++++++++
 3 files changed, 174 insertions(+)
 create mode 100644 advisories/unreviewed/2024/11/GHSA-pmw3-7p49-23v9/GHSA-pmw3-7p49-23v9.json
 create mode 100644 advisories/unreviewed/2024/11/GHSA-qr97-4x44-xx2v/GHSA-qr97-4x44-xx2v.json
 create mode 100644 advisories/unreviewed/2024/11/GHSA-v84r-7jvm-h7hq/GHSA-v84r-7jvm-h7hq.json

diff --git a/advisories/unreviewed/2024/11/GHSA-pmw3-7p49-23v9/GHSA-pmw3-7p49-23v9.json b/advisories/unreviewed/2024/11/GHSA-pmw3-7p49-23v9/GHSA-pmw3-7p49-23v9.json
new file mode 100644
index 0000000000000..3c0c217df1919
--- /dev/null
+++ b/advisories/unreviewed/2024/11/GHSA-pmw3-7p49-23v9/GHSA-pmw3-7p49-23v9.json
@@ -0,0 +1,58 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-pmw3-7p49-23v9",
+  "modified": "2024-11-03T21:30:29Z",
+  "published": "2024-11-03T21:30:29Z",
+  "aliases": [
+    "CVE-2024-10742"
+  ],
+  "details": "A vulnerability was found in code-projects Wazifa System 1.0 and classified as critical. This issue affects some unknown processing of the file /controllers/control.php. The manipulation of the argument to leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [
+
+  ],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10742"
+    },
+    {
+      "type": "WEB",
+      "url": "https://code-projects.org"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/xiaokka/cve/blob/main/sql.md"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?ctiid.282911"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?id.282911"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?submit.436030"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-89"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2024-11-03T21:15:03Z"
+  }
+}
\ No newline at end of file
diff --git a/advisories/unreviewed/2024/11/GHSA-qr97-4x44-xx2v/GHSA-qr97-4x44-xx2v.json b/advisories/unreviewed/2024/11/GHSA-qr97-4x44-xx2v/GHSA-qr97-4x44-xx2v.json
new file mode 100644
index 0000000000000..a9748a7bf096f
--- /dev/null
+++ b/advisories/unreviewed/2024/11/GHSA-qr97-4x44-xx2v/GHSA-qr97-4x44-xx2v.json
@@ -0,0 +1,58 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-qr97-4x44-xx2v",
+  "modified": "2024-11-03T21:30:29Z",
+  "published": "2024-11-03T21:30:29Z",
+  "aliases": [
+    "CVE-2024-10741"
+  ],
+  "details": "A vulnerability has been found in code-projects E-Health Care System 1.0 and classified as critical. This vulnerability affects unknown code of the file /Users/registration.php. The manipulation of the argument f_name leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. Other parameters might be affected as well.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [
+
+  ],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10741"
+    },
+    {
+      "type": "WEB",
+      "url": "https://code-projects.org"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/maxihongtatum/cve/blob/main/sql14.md"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?ctiid.282910"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?id.282910"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?submit.436319"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-89"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2024-11-03T21:15:03Z"
+  }
+}
\ No newline at end of file
diff --git a/advisories/unreviewed/2024/11/GHSA-v84r-7jvm-h7hq/GHSA-v84r-7jvm-h7hq.json b/advisories/unreviewed/2024/11/GHSA-v84r-7jvm-h7hq/GHSA-v84r-7jvm-h7hq.json
new file mode 100644
index 0000000000000..5084b47e91d87
--- /dev/null
+++ b/advisories/unreviewed/2024/11/GHSA-v84r-7jvm-h7hq/GHSA-v84r-7jvm-h7hq.json
@@ -0,0 +1,58 @@
+{
+  "schema_version": "1.4.0",
+  "id": "GHSA-v84r-7jvm-h7hq",
+  "modified": "2024-11-03T21:30:29Z",
+  "published": "2024-11-03T21:30:29Z",
+  "aliases": [
+    "CVE-2024-10740"
+  ],
+  "details": "A vulnerability, which was classified as critical, was found in code-projects E-Health Care System up to 1.0. This affects an unknown part of the file /Admin/consulting_detail.php. The manipulation of the argument consulting_id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.",
+  "severity": [
+    {
+      "type": "CVSS_V3",
+      "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L"
+    },
+    {
+      "type": "CVSS_V4",
+      "score": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X"
+    }
+  ],
+  "affected": [
+
+  ],
+  "references": [
+    {
+      "type": "ADVISORY",
+      "url": "https://nvd.nist.gov/vuln/detail/CVE-2024-10740"
+    },
+    {
+      "type": "WEB",
+      "url": "https://code-projects.org"
+    },
+    {
+      "type": "WEB",
+      "url": "https://github.com/1270512529/cve/blob/main/sql.md"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?ctiid.282909"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?id.282909"
+    },
+    {
+      "type": "WEB",
+      "url": "https://vuldb.com/?submit.436311"
+    }
+  ],
+  "database_specific": {
+    "cwe_ids": [
+      "CWE-89"
+    ],
+    "severity": "MODERATE",
+    "github_reviewed": false,
+    "github_reviewed_at": null,
+    "nvd_published_at": "2024-11-03T20:15:14Z"
+  }
+}
\ No newline at end of file