#!/usr/bin/python import cgi, cgitb import mysql.connector import json #import html cgitb.enable() cnx = mysql.connector.connect( user='root', password='s3cur1ty', host='127.0.0.1', database='vapidlabs') cursor = cnx.cursor() JSON_Object = { "DATA_VERSION": "2.4", "UPDATED": "DATE-TIMESTAMP", "SERIAL": "INT", "CVE_ID": "CVE-YEAR-NNNNNNN", "DATE_REQUESTED": "DATE-TIMESTAMP", "DATE_ASSIGNED": "DATE-TIMESTAMP", "DATE_PUBLIC": "DATE_PUBLIC", "REQUESTER": "larry0@me.com", "ASSIGNER": "kurt@seifried.org", "REPLACED_BY": "replaced by data", "STATE": "PUBLIC", "TITLE": "Short title", "DWF": { "PROBLEM_TYPE": { "CWE": "X", "OWASP": "X", "DESCRIPTION": { "eng": "String description of issue" } }, "IMPACT": { "DATA_VERSION": "2.4", "eng": "Text data here", }, "AFFECTS": [ { "PRODUCT": "string", "AFFECTED": [ "1.0" ] } ], "DESCRIPTION": { "eng": "String description of issue" }, "REFERENCES": [ { "FILES": [ { "URL": "URL to reference", "LOCALNAME": "advisory.php?v=" } ] } ] } } # Create instance of FieldStorage form = cgi.FieldStorage() print "\n" #print "
" id = form.getvalue("id") if id.isdigit(): cursor.execute("SELECT title,cveids,download,url,vulnerability,version,cwe,cwe_string FROM v_entry WHERE vdbid = %s", (id, )) for (title, cveids, download,url,vulnerability,version,cwe,cwe_string) in cursor: mytitle = title mycve = cveids down = download adv = url vuln = vulnerability vuln = cgi.escape(vuln, quote=True) ver = version cwe = cwe cwe_string = cwe_string JSON_Object['DWF']['CVE_ID'] = mycve JSON_Object['CVE_ID'] = mycve JSON_Object['TITLE'] = mytitle JSON_Object['DWF']['DESCRIPTION']['eng'] = mytitle JSON_Object['DWF']['PROBLEM_TYPE']['CWE'] = cwe JSON_Object['DWF']['AFFECTS'][0]['PRODUCT'] = download JSON_Object['DWF']['AFFECTS'][0]['AFFECTED'] = ver JSON_Object['DWF']['REFERENCES'][0]['FILES'][0]['URL'] = url JSON_Object['DWF']['REFERENCES'][0]['FILES'][0]['LOCALNAME'] = 'advisory.php?v=' + id JSON_Object['DWF']['PROBLEM_TYPE']['DESCRIPTION'] = vuln print json.dumps(JSON_Object, indent=4, separators=(',', ': ')) # print "" cursor.close() cnx.close()