Search
Find a vulnerability
Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
14 vulnerabilities by Olive Design
CVE-2022-47435 (GCVE-0-2022-47435)
Vulnerability from nvd – Published: 2023-04-23 09:18 – Updated: 2026-04-28 16:07
VLAI
Title
WordPress WP-OliveCart Plugin <= 1.1.3 is vulnerable to Cross Site Scripting (XSS)
Summary
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Olive Design WP-OliveCart plugin <= 1.1.3 versions.
Severity
5.9 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/vulnerability/wp-… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Olive Design | WP-OliveCart |
Affected:
n/a , ≤ 1.1.3
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:55:08.192Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/wp-olivecart/wordpress-wp-olivecart-plugin-1-1-3-cross-site-scripting-xss?_s_id=cve"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-47435",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-10T17:41:37.675334Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T18:46:59.135Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "wp-olivecart",
"product": "WP-OliveCart",
"vendor": "Olive Design",
"versions": [
{
"lessThanOrEqual": "1.1.3",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "TEAM WEBoB of BoB 11th (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Olive Design WP-OliveCart plugin \u003c=\u003cspan style=\"background-color: var(--wht);\"\u003e\u00a01.1.3 versions.\u003c/span\u003e"
}
],
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Olive Design WP-OliveCart plugin \u003c=\u00a01.1.3 versions."
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-592 Stored XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:07:57.442Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/wp-olivecart/wordpress-wp-olivecart-plugin-1-1-3-cross-site-scripting-xss?_s_id=cve"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress WP-OliveCart Plugin \u003c= 1.1.3 is vulnerable to Cross Site Scripting (XSS)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2022-47435",
"datePublished": "2023-04-23T09:18:31.643Z",
"dateReserved": "2022-12-15T00:08:11.246Z",
"dateUpdated": "2026-04-28T16:07:57.442Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2016-4905 (GCVE-0-2016-4905)
Vulnerability from nvd – Published: 2017-05-22 16:00 – Updated: 2024-08-06 00:46
VLAI
Summary
SQL injection vulnerability in the WP-OliveCart versions prior to 3.1.3 and WP-OliveCartPro versions prior to 3.1.8 allows attackers with administrator rights to execute arbitrary SQL commands via unspecified vectors.
Severity
No CVSS data available.
CWE
- SQL Injection
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.wp-olivecart.com/news/20160925.html | x_refsource_CONFIRM |
| http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-0… | third-party-advisoryx_refsource_JVNDB |
| http://www.securityfocus.com/bid/93790 | vdb-entryx_refsource_BID |
| https://jvn.jp/en/jp/JVN14567604/index.html | third-party-advisoryx_refsource_JVN |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Olive Design | WP-OliveCart |
Affected:
versions prior to 3.1.3
|
|
| Olive Design | WP-OliveCartPro |
Affected:
versions prior to 3.1.8
|
Date Public
2016-09-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:39.878Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wp-olivecart.com/news/20160925.html"
},
{
"name": "JVNDB-2016-000210",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000210.html"
},
{
"name": "93790",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93790"
},
{
"name": "JVN#14567604",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN14567604/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WP-OliveCart",
"vendor": "Olive Design",
"versions": [
{
"status": "affected",
"version": "versions prior to 3.1.3"
}
]
},
{
"product": "WP-OliveCartPro",
"vendor": "Olive Design",
"versions": [
{
"status": "affected",
"version": "versions prior to 3.1.8"
}
]
}
],
"datePublic": "2016-09-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the WP-OliveCart versions prior to 3.1.3 and WP-OliveCartPro versions prior to 3.1.8 allows attackers with administrator rights to execute arbitrary SQL commands via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "SQL Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-05-23T09:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wp-olivecart.com/news/20160925.html"
},
{
"name": "JVNDB-2016-000210",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000210.html"
},
{
"name": "93790",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93790"
},
{
"name": "JVN#14567604",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN14567604/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2016-4905",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WP-OliveCart",
"version": {
"version_data": [
{
"version_value": "versions prior to 3.1.3"
}
]
}
},
{
"product_name": "WP-OliveCartPro",
"version": {
"version_data": [
{
"version_value": "versions prior to 3.1.8"
}
]
}
}
]
},
"vendor_name": "Olive Design"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in the WP-OliveCart versions prior to 3.1.3 and WP-OliveCartPro versions prior to 3.1.8 allows attackers with administrator rights to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "SQL Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.wp-olivecart.com/news/20160925.html",
"refsource": "CONFIRM",
"url": "http://www.wp-olivecart.com/news/20160925.html"
},
{
"name": "JVNDB-2016-000210",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000210.html"
},
{
"name": "93790",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93790"
},
{
"name": "JVN#14567604",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN14567604/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2016-4905",
"datePublished": "2017-05-22T16:00:00.000Z",
"dateReserved": "2016-05-17T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:46:39.878Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4904 (GCVE-0-2016-4904)
Vulnerability from nvd – Published: 2017-05-22 16:00 – Updated: 2024-08-06 00:46
VLAI
Summary
Cross-site request forgery (CSRF) vulnerability in WP-OliveCart versions prior to 3.1.3 and WP-OliveCartPro versions prior to 3.1.8 allows remote attackers to hijack the authentication of a user to perform unintended operations via unspecified vectors.
Severity
No CVSS data available.
CWE
- Cross-site request forgery
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-0… | third-party-advisoryx_refsource_JVNDB |
| http://www.wp-olivecart.com/news/20160925.html | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/93790 | vdb-entryx_refsource_BID |
| https://jvn.jp/en/jp/JVN14567604/index.html | third-party-advisoryx_refsource_JVN |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Olive Design | WP-OliveCart |
Affected:
versions prior to 3.1.3
|
|
| Olive Design | WP-OliveCartPro |
Affected:
versions prior to 3.1.8
|
Date Public
2016-09-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:39.864Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVNDB-2016-000209",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000209.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wp-olivecart.com/news/20160925.html"
},
{
"name": "93790",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93790"
},
{
"name": "JVN#14567604",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN14567604/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WP-OliveCart",
"vendor": "Olive Design",
"versions": [
{
"status": "affected",
"version": "versions prior to 3.1.3"
}
]
},
{
"product": "WP-OliveCartPro",
"vendor": "Olive Design",
"versions": [
{
"status": "affected",
"version": "versions prior to 3.1.8"
}
]
}
],
"datePublic": "2016-09-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in WP-OliveCart versions prior to 3.1.3 and WP-OliveCartPro versions prior to 3.1.8 allows remote attackers to hijack the authentication of a user to perform unintended operations via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site request forgery",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-05-23T09:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVNDB-2016-000209",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000209.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wp-olivecart.com/news/20160925.html"
},
{
"name": "93790",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93790"
},
{
"name": "JVN#14567604",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN14567604/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2016-4904",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WP-OliveCart",
"version": {
"version_data": [
{
"version_value": "versions prior to 3.1.3"
}
]
}
},
{
"product_name": "WP-OliveCartPro",
"version": {
"version_data": [
{
"version_value": "versions prior to 3.1.8"
}
]
}
}
]
},
"vendor_name": "Olive Design"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in WP-OliveCart versions prior to 3.1.3 and WP-OliveCartPro versions prior to 3.1.8 allows remote attackers to hijack the authentication of a user to perform unintended operations via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site request forgery"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVNDB-2016-000209",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000209.html"
},
{
"name": "http://www.wp-olivecart.com/news/20160925.html",
"refsource": "CONFIRM",
"url": "http://www.wp-olivecart.com/news/20160925.html"
},
{
"name": "93790",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93790"
},
{
"name": "JVN#14567604",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN14567604/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2016-4904",
"datePublished": "2017-05-22T16:00:00.000Z",
"dateReserved": "2016-05-17T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:46:39.864Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4903 (GCVE-0-2016-4903)
Vulnerability from nvd – Published: 2017-05-22 16:00 – Updated: 2024-08-06 00:46
VLAI
Summary
Cross-site scripting vulnerability in WP-OliveCart versions prior to 3.1.3 and WP-OliveCartPro versions prior to 3.1.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity
No CVSS data available.
CWE
- Cross-site scripting
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.wp-olivecart.com/news/20160925.html | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/93790 | vdb-entryx_refsource_BID |
| https://jvn.jp/en/jp/JVN14567604/index.html | third-party-advisoryx_refsource_JVN |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Olive Design | WP-OliveCart |
Affected:
versions prior to 3.1.3
|
|
| Olive Design | WP-OliveCartPro |
Affected:
versions prior to 3.1.8
|
Date Public
2016-09-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:39.469Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wp-olivecart.com/news/20160925.html"
},
{
"name": "93790",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93790"
},
{
"name": "JVN#14567604",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN14567604/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WP-OliveCart",
"vendor": "Olive Design",
"versions": [
{
"status": "affected",
"version": "versions prior to 3.1.3"
}
]
},
{
"product": "WP-OliveCartPro",
"vendor": "Olive Design",
"versions": [
{
"status": "affected",
"version": "versions prior to 3.1.8"
}
]
}
],
"datePublic": "2016-09-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in WP-OliveCart versions prior to 3.1.3 and WP-OliveCartPro versions prior to 3.1.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-05-25T12:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wp-olivecart.com/news/20160925.html"
},
{
"name": "93790",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93790"
},
{
"name": "JVN#14567604",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN14567604/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2016-4903",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WP-OliveCart",
"version": {
"version_data": [
{
"version_value": "versions prior to 3.1.3"
}
]
}
},
{
"product_name": "WP-OliveCartPro",
"version": {
"version_data": [
{
"version_value": "versions prior to 3.1.8"
}
]
}
}
]
},
"vendor_name": "Olive Design"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting vulnerability in WP-OliveCart versions prior to 3.1.3 and WP-OliveCartPro versions prior to 3.1.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.wp-olivecart.com/news/20160925.html",
"refsource": "CONFIRM",
"url": "http://www.wp-olivecart.com/news/20160925.html"
},
{
"name": "93790",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93790"
},
{
"name": "JVN#14567604",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN14567604/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2016-4903",
"datePublished": "2017-05-22T16:00:00.000Z",
"dateReserved": "2016-05-17T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:46:39.469Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7841 (GCVE-0-2016-7841)
Vulnerability from nvd – Published: 2017-04-28 16:00 – Updated: 2024-08-06 02:04
VLAI
Summary
Cross-site scripting vulnerability in Olive Diary DX allows remote attackers to inject arbitrary web script or HTML via the page parameter.
Severity
No CVSS data available.
CWE
- Cross-site scripting
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/95314 | vdb-entryx_refsource_BID |
| http://jvn.jp/en/jp/JVN71538099/index.html | third-party-advisoryx_refsource_JVN |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Olive Design | Olive Diary DX |
Affected:
All versions
|
Date Public
2017-04-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:04:56.032Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95314",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95314"
},
{
"name": "JVN#71538099",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN71538099/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Olive Diary DX",
"vendor": "Olive Design",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"datePublic": "2017-04-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in Olive Diary DX allows remote attackers to inject arbitrary web script or HTML via the page parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-05-01T09:57:02.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "95314",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95314"
},
{
"name": "JVN#71538099",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN71538099/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2016-7841",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Olive Diary DX",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
}
]
},
"vendor_name": "Olive Design"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting vulnerability in Olive Diary DX allows remote attackers to inject arbitrary web script or HTML via the page parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95314",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95314"
},
{
"name": "JVN#71538099",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN71538099/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2016-7841",
"datePublished": "2017-04-28T16:00:00.000Z",
"dateReserved": "2016-09-09T00:00:00.000Z",
"dateUpdated": "2024-08-06T02:04:56.032Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7840 (GCVE-0-2016-7840)
Vulnerability from nvd – Published: 2017-04-28 16:00 – Updated: 2024-08-06 02:04
VLAI
Summary
Cross-site scripting vulnerability in WEB SCHEDULE allows remote attackers to inject arbitrary web script or HTML via the month parameter.
Severity
No CVSS data available.
CWE
- Cross-site scripting
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://jvn.jp/en/jp/JVN12124922/index.html | third-party-advisoryx_refsource_JVN |
| http://www.securityfocus.com/bid/95312 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Olive Design | WEB SCHEDULE |
Affected:
All versions
|
Date Public
2017-04-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:04:56.139Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#12124922",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN12124922/index.html"
},
{
"name": "95312",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95312"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WEB SCHEDULE",
"vendor": "Olive Design",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"datePublic": "2017-04-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in WEB SCHEDULE allows remote attackers to inject arbitrary web script or HTML via the month parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-02T15:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#12124922",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN12124922/index.html"
},
{
"name": "95312",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95312"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2016-7840",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WEB SCHEDULE",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
}
]
},
"vendor_name": "Olive Design"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting vulnerability in WEB SCHEDULE allows remote attackers to inject arbitrary web script or HTML via the month parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#12124922",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN12124922/index.html"
},
{
"name": "95312",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95312"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2016-7840",
"datePublished": "2017-04-28T16:00:00.000Z",
"dateReserved": "2016-09-09T00:00:00.000Z",
"dateUpdated": "2024-08-06T02:04:56.139Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7839 (GCVE-0-2016-7839)
Vulnerability from nvd – Published: 2017-04-28 16:00 – Updated: 2024-08-06 02:04
VLAI
Summary
Cross-site scripting vulnerability in Olive Blog allows remote attackers to inject arbitrary web script or HTML via the search parameter.
Severity
No CVSS data available.
CWE
- Cross-site scripting
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/95309 | vdb-entryx_refsource_BID |
| http://jvn.jp/en/jp/JVN60879379/index.html | third-party-advisoryx_refsource_JVN |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Olive Design | Olive Blog |
Affected:
All versions
|
Date Public
2017-04-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:04:56.137Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95309",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95309"
},
{
"name": "JVN#60879379",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN60879379/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Olive Blog",
"vendor": "Olive Design",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"datePublic": "2017-04-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in Olive Blog allows remote attackers to inject arbitrary web script or HTML via the search parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-05-01T09:57:02.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "95309",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95309"
},
{
"name": "JVN#60879379",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN60879379/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2016-7839",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Olive Blog",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
}
]
},
"vendor_name": "Olive Design"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting vulnerability in Olive Blog allows remote attackers to inject arbitrary web script or HTML via the search parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95309",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95309"
},
{
"name": "JVN#60879379",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN60879379/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2016-7839",
"datePublished": "2017-04-28T16:00:00.000Z",
"dateReserved": "2016-09-09T00:00:00.000Z",
"dateUpdated": "2024-08-06T02:04:56.137Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-47435 (GCVE-0-2022-47435)
Vulnerability from cvelistv5 – Published: 2023-04-23 09:18 – Updated: 2026-04-28 16:07
VLAI
Title
WordPress WP-OliveCart Plugin <= 1.1.3 is vulnerable to Cross Site Scripting (XSS)
Summary
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Olive Design WP-OliveCart plugin <= 1.1.3 versions.
Severity
5.9 (Medium)
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Assigner
References
1 reference
| URL | Tags |
|---|---|
| https://patchstack.com/database/vulnerability/wp-… | vdb-entry |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Olive Design | WP-OliveCart |
Affected:
n/a , ≤ 1.1.3
(custom)
|
Credits
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T14:55:08.192Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "https://patchstack.com/database/vulnerability/wp-olivecart/wordpress-wp-olivecart-plugin-1-1-3-cross-site-scripting-xss?_s_id=cve"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2022-47435",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-10T17:41:37.675334Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-10T18:46:59.135Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"packageName": "wp-olivecart",
"product": "WP-OliveCart",
"vendor": "Olive Design",
"versions": [
{
"lessThanOrEqual": "1.1.3",
"status": "affected",
"version": "n/a",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"user": "00000000-0000-4000-9000-000000000000",
"value": "TEAM WEBoB of BoB 11th (Patchstack Alliance)"
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Olive Design WP-OliveCart plugin \u003c=\u003cspan style=\"background-color: var(--wht);\"\u003e\u00a01.1.3 versions.\u003c/span\u003e"
}
],
"value": "Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Olive Design WP-OliveCart plugin \u003c=\u00a01.1.3 versions."
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-592 Stored XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:L",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-28T16:07:57.442Z",
"orgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"shortName": "Patchstack"
},
"references": [
{
"tags": [
"vdb-entry"
],
"url": "https://patchstack.com/database/vulnerability/wp-olivecart/wordpress-wp-olivecart-plugin-1-1-3-cross-site-scripting-xss?_s_id=cve"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "WordPress WP-OliveCart Plugin \u003c= 1.1.3 is vulnerable to Cross Site Scripting (XSS)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "21595511-bba5-4825-b968-b78d1f9984a3",
"assignerShortName": "Patchstack",
"cveId": "CVE-2022-47435",
"datePublished": "2023-04-23T09:18:31.643Z",
"dateReserved": "2022-12-15T00:08:11.246Z",
"dateUpdated": "2026-04-28T16:07:57.442Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2016-4903 (GCVE-0-2016-4903)
Vulnerability from cvelistv5 – Published: 2017-05-22 16:00 – Updated: 2024-08-06 00:46
VLAI
Summary
Cross-site scripting vulnerability in WP-OliveCart versions prior to 3.1.3 and WP-OliveCartPro versions prior to 3.1.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
Severity
No CVSS data available.
CWE
- Cross-site scripting
Assigner
References
3 references
| URL | Tags |
|---|---|
| http://www.wp-olivecart.com/news/20160925.html | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/93790 | vdb-entryx_refsource_BID |
| https://jvn.jp/en/jp/JVN14567604/index.html | third-party-advisoryx_refsource_JVN |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Olive Design | WP-OliveCart |
Affected:
versions prior to 3.1.3
|
|
| Olive Design | WP-OliveCartPro |
Affected:
versions prior to 3.1.8
|
Date Public
2016-09-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:39.469Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wp-olivecart.com/news/20160925.html"
},
{
"name": "93790",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93790"
},
{
"name": "JVN#14567604",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN14567604/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WP-OliveCart",
"vendor": "Olive Design",
"versions": [
{
"status": "affected",
"version": "versions prior to 3.1.3"
}
]
},
{
"product": "WP-OliveCartPro",
"vendor": "Olive Design",
"versions": [
{
"status": "affected",
"version": "versions prior to 3.1.8"
}
]
}
],
"datePublic": "2016-09-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in WP-OliveCart versions prior to 3.1.3 and WP-OliveCartPro versions prior to 3.1.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-05-25T12:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wp-olivecart.com/news/20160925.html"
},
{
"name": "93790",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93790"
},
{
"name": "JVN#14567604",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN14567604/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2016-4903",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WP-OliveCart",
"version": {
"version_data": [
{
"version_value": "versions prior to 3.1.3"
}
]
}
},
{
"product_name": "WP-OliveCartPro",
"version": {
"version_data": [
{
"version_value": "versions prior to 3.1.8"
}
]
}
}
]
},
"vendor_name": "Olive Design"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting vulnerability in WP-OliveCart versions prior to 3.1.3 and WP-OliveCartPro versions prior to 3.1.8 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.wp-olivecart.com/news/20160925.html",
"refsource": "CONFIRM",
"url": "http://www.wp-olivecart.com/news/20160925.html"
},
{
"name": "93790",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93790"
},
{
"name": "JVN#14567604",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN14567604/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2016-4903",
"datePublished": "2017-05-22T16:00:00.000Z",
"dateReserved": "2016-05-17T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:46:39.469Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4904 (GCVE-0-2016-4904)
Vulnerability from cvelistv5 – Published: 2017-05-22 16:00 – Updated: 2024-08-06 00:46
VLAI
Summary
Cross-site request forgery (CSRF) vulnerability in WP-OliveCart versions prior to 3.1.3 and WP-OliveCartPro versions prior to 3.1.8 allows remote attackers to hijack the authentication of a user to perform unintended operations via unspecified vectors.
Severity
No CVSS data available.
CWE
- Cross-site request forgery
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-0… | third-party-advisoryx_refsource_JVNDB |
| http://www.wp-olivecart.com/news/20160925.html | x_refsource_CONFIRM |
| http://www.securityfocus.com/bid/93790 | vdb-entryx_refsource_BID |
| https://jvn.jp/en/jp/JVN14567604/index.html | third-party-advisoryx_refsource_JVN |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Olive Design | WP-OliveCart |
Affected:
versions prior to 3.1.3
|
|
| Olive Design | WP-OliveCartPro |
Affected:
versions prior to 3.1.8
|
Date Public
2016-09-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:39.864Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVNDB-2016-000209",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000209.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wp-olivecart.com/news/20160925.html"
},
{
"name": "93790",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93790"
},
{
"name": "JVN#14567604",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN14567604/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WP-OliveCart",
"vendor": "Olive Design",
"versions": [
{
"status": "affected",
"version": "versions prior to 3.1.3"
}
]
},
{
"product": "WP-OliveCartPro",
"vendor": "Olive Design",
"versions": [
{
"status": "affected",
"version": "versions prior to 3.1.8"
}
]
}
],
"datePublic": "2016-09-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site request forgery (CSRF) vulnerability in WP-OliveCart versions prior to 3.1.3 and WP-OliveCartPro versions prior to 3.1.8 allows remote attackers to hijack the authentication of a user to perform unintended operations via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site request forgery",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-05-23T09:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVNDB-2016-000209",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000209.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wp-olivecart.com/news/20160925.html"
},
{
"name": "93790",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93790"
},
{
"name": "JVN#14567604",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN14567604/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2016-4904",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WP-OliveCart",
"version": {
"version_data": [
{
"version_value": "versions prior to 3.1.3"
}
]
}
},
{
"product_name": "WP-OliveCartPro",
"version": {
"version_data": [
{
"version_value": "versions prior to 3.1.8"
}
]
}
}
]
},
"vendor_name": "Olive Design"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site request forgery (CSRF) vulnerability in WP-OliveCart versions prior to 3.1.3 and WP-OliveCartPro versions prior to 3.1.8 allows remote attackers to hijack the authentication of a user to perform unintended operations via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site request forgery"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVNDB-2016-000209",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000209.html"
},
{
"name": "http://www.wp-olivecart.com/news/20160925.html",
"refsource": "CONFIRM",
"url": "http://www.wp-olivecart.com/news/20160925.html"
},
{
"name": "93790",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93790"
},
{
"name": "JVN#14567604",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN14567604/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2016-4904",
"datePublished": "2017-05-22T16:00:00.000Z",
"dateReserved": "2016-05-17T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:46:39.864Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-4905 (GCVE-0-2016-4905)
Vulnerability from cvelistv5 – Published: 2017-05-22 16:00 – Updated: 2024-08-06 00:46
VLAI
Summary
SQL injection vulnerability in the WP-OliveCart versions prior to 3.1.3 and WP-OliveCartPro versions prior to 3.1.8 allows attackers with administrator rights to execute arbitrary SQL commands via unspecified vectors.
Severity
No CVSS data available.
CWE
- SQL Injection
Assigner
References
4 references
| URL | Tags |
|---|---|
| http://www.wp-olivecart.com/news/20160925.html | x_refsource_CONFIRM |
| http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-0… | third-party-advisoryx_refsource_JVNDB |
| http://www.securityfocus.com/bid/93790 | vdb-entryx_refsource_BID |
| https://jvn.jp/en/jp/JVN14567604/index.html | third-party-advisoryx_refsource_JVN |
Impacted products
2 products
| Vendor | Product | Version | |
|---|---|---|---|
| Olive Design | WP-OliveCart |
Affected:
versions prior to 3.1.3
|
|
| Olive Design | WP-OliveCartPro |
Affected:
versions prior to 3.1.8
|
Date Public
2016-09-25 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T00:46:39.878Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.wp-olivecart.com/news/20160925.html"
},
{
"name": "JVNDB-2016-000210",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000210.html"
},
{
"name": "93790",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/93790"
},
{
"name": "JVN#14567604",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "https://jvn.jp/en/jp/JVN14567604/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WP-OliveCart",
"vendor": "Olive Design",
"versions": [
{
"status": "affected",
"version": "versions prior to 3.1.3"
}
]
},
{
"product": "WP-OliveCartPro",
"vendor": "Olive Design",
"versions": [
{
"status": "affected",
"version": "versions prior to 3.1.8"
}
]
}
],
"datePublic": "2016-09-25T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the WP-OliveCart versions prior to 3.1.3 and WP-OliveCartPro versions prior to 3.1.8 allows attackers with administrator rights to execute arbitrary SQL commands via unspecified vectors."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "SQL Injection",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-05-23T09:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.wp-olivecart.com/news/20160925.html"
},
{
"name": "JVNDB-2016-000210",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000210.html"
},
{
"name": "93790",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/93790"
},
{
"name": "JVN#14567604",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "https://jvn.jp/en/jp/JVN14567604/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2016-4905",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WP-OliveCart",
"version": {
"version_data": [
{
"version_value": "versions prior to 3.1.3"
}
]
}
},
{
"product_name": "WP-OliveCartPro",
"version": {
"version_data": [
{
"version_value": "versions prior to 3.1.8"
}
]
}
}
]
},
"vendor_name": "Olive Design"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in the WP-OliveCart versions prior to 3.1.3 and WP-OliveCartPro versions prior to 3.1.8 allows attackers with administrator rights to execute arbitrary SQL commands via unspecified vectors."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "SQL Injection"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.wp-olivecart.com/news/20160925.html",
"refsource": "CONFIRM",
"url": "http://www.wp-olivecart.com/news/20160925.html"
},
{
"name": "JVNDB-2016-000210",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/en/contents/2016/JVNDB-2016-000210.html"
},
{
"name": "93790",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/93790"
},
{
"name": "JVN#14567604",
"refsource": "JVN",
"url": "https://jvn.jp/en/jp/JVN14567604/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2016-4905",
"datePublished": "2017-05-22T16:00:00.000Z",
"dateReserved": "2016-05-17T00:00:00.000Z",
"dateUpdated": "2024-08-06T00:46:39.878Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7839 (GCVE-0-2016-7839)
Vulnerability from cvelistv5 – Published: 2017-04-28 16:00 – Updated: 2024-08-06 02:04
VLAI
Summary
Cross-site scripting vulnerability in Olive Blog allows remote attackers to inject arbitrary web script or HTML via the search parameter.
Severity
No CVSS data available.
CWE
- Cross-site scripting
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/95309 | vdb-entryx_refsource_BID |
| http://jvn.jp/en/jp/JVN60879379/index.html | third-party-advisoryx_refsource_JVN |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Olive Design | Olive Blog |
Affected:
All versions
|
Date Public
2017-04-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:04:56.137Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95309",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95309"
},
{
"name": "JVN#60879379",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN60879379/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Olive Blog",
"vendor": "Olive Design",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"datePublic": "2017-04-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in Olive Blog allows remote attackers to inject arbitrary web script or HTML via the search parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-05-01T09:57:02.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "95309",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95309"
},
{
"name": "JVN#60879379",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN60879379/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2016-7839",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Olive Blog",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
}
]
},
"vendor_name": "Olive Design"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting vulnerability in Olive Blog allows remote attackers to inject arbitrary web script or HTML via the search parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95309",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95309"
},
{
"name": "JVN#60879379",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN60879379/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2016-7839",
"datePublished": "2017-04-28T16:00:00.000Z",
"dateReserved": "2016-09-09T00:00:00.000Z",
"dateUpdated": "2024-08-06T02:04:56.137Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7840 (GCVE-0-2016-7840)
Vulnerability from cvelistv5 – Published: 2017-04-28 16:00 – Updated: 2024-08-06 02:04
VLAI
Summary
Cross-site scripting vulnerability in WEB SCHEDULE allows remote attackers to inject arbitrary web script or HTML via the month parameter.
Severity
No CVSS data available.
CWE
- Cross-site scripting
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://jvn.jp/en/jp/JVN12124922/index.html | third-party-advisoryx_refsource_JVN |
| http://www.securityfocus.com/bid/95312 | vdb-entryx_refsource_BID |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Olive Design | WEB SCHEDULE |
Affected:
All versions
|
Date Public
2017-04-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:04:56.139Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#12124922",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN12124922/index.html"
},
{
"name": "95312",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95312"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "WEB SCHEDULE",
"vendor": "Olive Design",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"datePublic": "2017-04-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in WEB SCHEDULE allows remote attackers to inject arbitrary web script or HTML via the month parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-02T15:57:01.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#12124922",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN12124922/index.html"
},
{
"name": "95312",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95312"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2016-7840",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WEB SCHEDULE",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
}
]
},
"vendor_name": "Olive Design"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting vulnerability in WEB SCHEDULE allows remote attackers to inject arbitrary web script or HTML via the month parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#12124922",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN12124922/index.html"
},
{
"name": "95312",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95312"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2016-7840",
"datePublished": "2017-04-28T16:00:00.000Z",
"dateReserved": "2016-09-09T00:00:00.000Z",
"dateUpdated": "2024-08-06T02:04:56.139Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2016-7841 (GCVE-0-2016-7841)
Vulnerability from cvelistv5 – Published: 2017-04-28 16:00 – Updated: 2024-08-06 02:04
VLAI
Summary
Cross-site scripting vulnerability in Olive Diary DX allows remote attackers to inject arbitrary web script or HTML via the page parameter.
Severity
No CVSS data available.
CWE
- Cross-site scripting
Assigner
References
2 references
| URL | Tags |
|---|---|
| http://www.securityfocus.com/bid/95314 | vdb-entryx_refsource_BID |
| http://jvn.jp/en/jp/JVN71538099/index.html | third-party-advisoryx_refsource_JVN |
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Olive Design | Olive Diary DX |
Affected:
All versions
|
Date Public
2017-04-28 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T02:04:56.032Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "95314",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/95314"
},
{
"name": "JVN#71538099",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN71538099/index.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Olive Diary DX",
"vendor": "Olive Design",
"versions": [
{
"status": "affected",
"version": "All versions"
}
]
}
],
"datePublic": "2017-04-28T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting vulnerability in Olive Diary DX allows remote attackers to inject arbitrary web script or HTML via the page parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Cross-site scripting",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-05-01T09:57:02.000Z",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "95314",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/95314"
},
{
"name": "JVN#71538099",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN71538099/index.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2016-7841",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Olive Diary DX",
"version": {
"version_data": [
{
"version_value": "All versions"
}
]
}
}
]
},
"vendor_name": "Olive Design"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting vulnerability in Olive Diary DX allows remote attackers to inject arbitrary web script or HTML via the page parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Cross-site scripting"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "95314",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/95314"
},
{
"name": "JVN#71538099",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN71538099/index.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2016-7841",
"datePublished": "2017-04-28T16:00:00.000Z",
"dateReserved": "2016-09-09T00:00:00.000Z",
"dateUpdated": "2024-08-06T02:04:56.032Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}