Search criteria
3 vulnerabilities found for querytree by querytreeapp
FKIE_CVE-2019-19249
Vulnerability from fkie_nvd - Published: 2019-11-25 17:15 - Updated: 2024-11-21 04:34
Severity
Summary
Controllers/InvitationsController.cs in QueryTree before 3.0.99-beta mishandles invitations.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:querytreeapp:querytree:3.0.11:beta:*:*:*:*:*:*",
"matchCriteriaId": "BE044E4F-A82B-4281-A2B1-0441CA01BA0A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:querytreeapp:querytree:3.0.13:beta:*:*:*:*:*:*",
"matchCriteriaId": "E845AEF7-9F32-4D28-940F-8A7C5A46EF28",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:querytreeapp:querytree:3.0.15:beta:*:*:*:*:*:*",
"matchCriteriaId": "52671540-55F6-45F4-BD88-DB10FBA0DD3C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:querytreeapp:querytree:3.0.17:beta:*:*:*:*:*:*",
"matchCriteriaId": "94C5DE7B-31B6-4B1A-B057-0C8CB6D2CDCB",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:querytreeapp:querytree:3.0.19:beta:*:*:*:*:*:*",
"matchCriteriaId": "CBAEF7D7-0E89-4A37-892D-641A5E94CF71",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:querytreeapp:querytree:3.0.21:beta:*:*:*:*:*:*",
"matchCriteriaId": "8607862C-4D4A-46B9-A9B6-F00E4BA367C9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:querytreeapp:querytree:3.0.25:beta:*:*:*:*:*:*",
"matchCriteriaId": "649F5EB4-99BF-44D2-AF30-E8AE4464C266",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:querytreeapp:querytree:3.0.27:beta:*:*:*:*:*:*",
"matchCriteriaId": "1A4DDD13-DE67-4528-97D5-B2361512190E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:querytreeapp:querytree:3.0.29:beta:*:*:*:*:*:*",
"matchCriteriaId": "4B1E88E9-0A7D-483A-8049-DA2EDBD73450",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:querytreeapp:querytree:3.0.31:beta:*:*:*:*:*:*",
"matchCriteriaId": "69027D6B-1699-4518-8054-DCA774BE3C1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:querytreeapp:querytree:3.0.36:beta:*:*:*:*:*:*",
"matchCriteriaId": "D53F0638-2334-4C71-ABF1-80F8FAB67E37",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:querytreeapp:querytree:3.0.39:beta:*:*:*:*:*:*",
"matchCriteriaId": "06B14047-2F27-4A42-8325-2F06A5FC70B1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:querytreeapp:querytree:3.0.41:beta:*:*:*:*:*:*",
"matchCriteriaId": "AF9DED87-E033-48F0-AF5E-4ADD5472093E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:querytreeapp:querytree:3.0.43:beta:*:*:*:*:*:*",
"matchCriteriaId": "BD46A2C7-7669-445B-BDBB-BC1EDD4DF999",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:querytreeapp:querytree:3.0.45:beta:*:*:*:*:*:*",
"matchCriteriaId": "DA7A984C-6583-4902-ADE2-FE04F3ABEF64",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:querytreeapp:querytree:3.0.49:beta:*:*:*:*:*:*",
"matchCriteriaId": "67AED30C-10F5-49ED-B1CD-BA1896B9739C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:querytreeapp:querytree:3.0.51:beta:*:*:*:*:*:*",
"matchCriteriaId": "60E43823-A99E-495D-B6C4-196580A56054",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:querytreeapp:querytree:3.0.53:beta:*:*:*:*:*:*",
"matchCriteriaId": "E1268572-69A5-464F-B593-5286AB7284EC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:querytreeapp:querytree:3.0.55:beta:*:*:*:*:*:*",
"matchCriteriaId": "3ACCAB9C-CB42-4707-A988-1F9D4D1FD4EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:querytreeapp:querytree:3.0.57:beta:*:*:*:*:*:*",
"matchCriteriaId": "9A3108B6-2DCF-4326-B87B-CABBBDDA620B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:querytreeapp:querytree:3.0.59:beta:*:*:*:*:*:*",
"matchCriteriaId": "2EB89C9C-B804-49A3-AAAF-091FD9C5A839",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:querytreeapp:querytree:3.0.61:beta:*:*:*:*:*:*",
"matchCriteriaId": "0A4D7A7B-B206-4158-984B-F6ED985B7AD6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:querytreeapp:querytree:3.0.63:beta:*:*:*:*:*:*",
"matchCriteriaId": "B575649B-B1F7-4D78-AEDF-2E5C9E0C2ED7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:querytreeapp:querytree:3.0.65:beta:*:*:*:*:*:*",
"matchCriteriaId": "C2A91470-28DC-4196-ABB7-4D130DF5BA0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:querytreeapp:querytree:3.0.69:beta:*:*:*:*:*:*",
"matchCriteriaId": "8A679FC1-3772-4D78-95B4-E8EBD0E76AD2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:querytreeapp:querytree:3.0.71:beta:*:*:*:*:*:*",
"matchCriteriaId": "12F38033-25B4-4203-81DB-ABC95CA7871F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:querytreeapp:querytree:3.0.73:beta:*:*:*:*:*:*",
"matchCriteriaId": "5FCC7C99-C3AF-48CE-AEA7-13218BE65BDD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:querytreeapp:querytree:3.0.76:beta:*:*:*:*:*:*",
"matchCriteriaId": "B2BBC8EB-8F92-4EF8-A335-0A7EA55094C1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:querytreeapp:querytree:3.0.79:beta:*:*:*:*:*:*",
"matchCriteriaId": "782A69B1-ABAA-4C87-BF44-EDD103275005",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:querytreeapp:querytree:3.0.83:beta:*:*:*:*:*:*",
"matchCriteriaId": "1CE2FF03-A81D-48E5-8CD4-F785905C1185",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:querytreeapp:querytree:3.0.85:beta:*:*:*:*:*:*",
"matchCriteriaId": "7BC435AD-AB9D-4A6F-842B-C3AD72E8C755",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:querytreeapp:querytree:3.0.88:beta:*:*:*:*:*:*",
"matchCriteriaId": "F0D6EF23-22BD-454F-B61E-43AF111E90B5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:querytreeapp:querytree:3.0.90:beta:*:*:*:*:*:*",
"matchCriteriaId": "1E1F9857-1D62-4DDF-97B4-90D980EBCDD3",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:querytreeapp:querytree:3.0.92:beta:*:*:*:*:*:*",
"matchCriteriaId": "16964FA5-0107-4B06-9B23-5401A93B00D7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:querytreeapp:querytree:3.0.95:beta:*:*:*:*:*:*",
"matchCriteriaId": "D1535DB6-282A-4079-A6A3-5153E2995978",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:querytreeapp:querytree:3.0.97:beta:*:*:*:*:*:*",
"matchCriteriaId": "0ACC6F58-93C4-45D9-90AA-36C63AC77D7A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:querytreeapp:querytree:3.0.99:beta:*:*:*:*:*:*",
"matchCriteriaId": "99B41850-732B-4EF5-91A4-5DB8EA65B351",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Controllers/InvitationsController.cs in QueryTree before 3.0.99-beta mishandles invitations."
},
{
"lang": "es",
"value": "El archivo Controllers/InvitationsController.cs en QueryTree versiones anteriores a 3.0.99-beta, maneja inapropiadamente las invitaciones."
}
],
"id": "CVE-2019-19249",
"lastModified": "2024-11-21T04:34:24.977",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2019-11-25T17:15:11.993",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "https://github.com/d4software/QueryTree/commit/57b700823f8eb1a42eb3bc0c706fbe5e5f5e766f"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/d4software/QueryTree/compare/3.0.97-beta...3.0.99-beta"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "https://github.com/d4software/QueryTree/commit/57b700823f8eb1a42eb3bc0c706fbe5e5f5e766f"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/d4software/QueryTree/compare/3.0.97-beta...3.0.99-beta"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2019-19249 (GCVE-0-2019-19249)
Vulnerability from cvelistv5 – Published: 2019-11-25 16:47 – Updated: 2024-08-05 02:09
VLAI
Summary
Controllers/InvitationsController.cs in QueryTree before 3.0.99-beta mishandles invitations.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/d4software/QueryTree/commit/57… | x_refsource_MISC |
| https://github.com/d4software/QueryTree/compare/3… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:09:39.579Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/d4software/QueryTree/commit/57b700823f8eb1a42eb3bc0c706fbe5e5f5e766f"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/d4software/QueryTree/compare/3.0.97-beta...3.0.99-beta"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Controllers/InvitationsController.cs in QueryTree before 3.0.99-beta mishandles invitations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-25T16:47:35.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/d4software/QueryTree/commit/57b700823f8eb1a42eb3bc0c706fbe5e5f5e766f"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/d4software/QueryTree/compare/3.0.97-beta...3.0.99-beta"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19249",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Controllers/InvitationsController.cs in QueryTree before 3.0.99-beta mishandles invitations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/d4software/QueryTree/commit/57b700823f8eb1a42eb3bc0c706fbe5e5f5e766f",
"refsource": "MISC",
"url": "https://github.com/d4software/QueryTree/commit/57b700823f8eb1a42eb3bc0c706fbe5e5f5e766f"
},
{
"name": "https://github.com/d4software/QueryTree/compare/3.0.97-beta...3.0.99-beta",
"refsource": "MISC",
"url": "https://github.com/d4software/QueryTree/compare/3.0.97-beta...3.0.99-beta"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19249",
"datePublished": "2019-11-25T16:47:35.000Z",
"dateReserved": "2019-11-25T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:09:39.579Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-19249 (GCVE-0-2019-19249)
Vulnerability from nvd – Published: 2019-11-25 16:47 – Updated: 2024-08-05 02:09
VLAI
Summary
Controllers/InvitationsController.cs in QueryTree before 3.0.99-beta mishandles invitations.
Severity
No CVSS data available.
CWE
- n/a
Assigner
References
2 references
| URL | Tags |
|---|---|
| https://github.com/d4software/QueryTree/commit/57… | x_refsource_MISC |
| https://github.com/d4software/QueryTree/compare/3… | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T02:09:39.579Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/d4software/QueryTree/commit/57b700823f8eb1a42eb3bc0c706fbe5e5f5e766f"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/d4software/QueryTree/compare/3.0.97-beta...3.0.99-beta"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Controllers/InvitationsController.cs in QueryTree before 3.0.99-beta mishandles invitations."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-11-25T16:47:35.000Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/d4software/QueryTree/commit/57b700823f8eb1a42eb3bc0c706fbe5e5f5e766f"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/d4software/QueryTree/compare/3.0.97-beta...3.0.99-beta"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2019-19249",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Controllers/InvitationsController.cs in QueryTree before 3.0.99-beta mishandles invitations."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/d4software/QueryTree/commit/57b700823f8eb1a42eb3bc0c706fbe5e5f5e766f",
"refsource": "MISC",
"url": "https://github.com/d4software/QueryTree/commit/57b700823f8eb1a42eb3bc0c706fbe5e5f5e766f"
},
{
"name": "https://github.com/d4software/QueryTree/compare/3.0.97-beta...3.0.99-beta",
"refsource": "MISC",
"url": "https://github.com/d4software/QueryTree/compare/3.0.97-beta...3.0.99-beta"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2019-19249",
"datePublished": "2019-11-25T16:47:35.000Z",
"dateReserved": "2019-11-25T00:00:00.000Z",
"dateUpdated": "2024-08-05T02:09:39.579Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}