jramos/cve-dashboard
1
0
Fork 0
Code Issues 3 Pull Requests Actions Packages Projects 1 Releases Wiki Activity

Compare commits

base: jramos:5ae2b42ce820e764b2472f7b0534e18321508267
Branches Tags
jramos:master jramos:enhancement/midpanel jramos:feature/archer jramos:enhancement/panel jramos:feature/weekly-report-upload jramos:feature/ivanti-report jramos:feature/nvd-lookup
..
compare: jramos:1d2a6b2e7297986e7b9d79d8efd8ccd8b5100baa
Branches Tags
jramos:enhancement/midpanel jramos:master jramos:feature/archer jramos:enhancement/panel jramos:feature/weekly-report-upload jramos:feature/ivanti-report jramos:feature/nvd-lookup

4 Commits
5ae2b42ce8 ... 1d2a6b2e72

Author SHA1 Message Date
root
1d2a6b2e72 Merge branch 'fix/issue-1' 
Merges fixed code from the issue-1 branch back into master: fixes issues with Hardcoded IP across deployments, the App.js src using .env file and multivendor support
 2026-01-28 19:12:43 +00:00
Jordan Ramos
60f0424235 Added .env configuration to remove hardcoded IP issues 2026-01-28 09:23:30 -07:00
jramos
88c33cae04 Fix: Enable multi-vendor support for CVE entries 
- Changed CVEs table constraint from UNIQUE(cve_id) to UNIQUE(cve_id, vendor)
- Added vendor column to documents table for proper file organization
- Updated backend INSERT statements to include vendor field in both CVE and document creation
- Fixed document retrieval to filter by vendor
- Created corrected setup.js that includes multi-vendor support from initial setup
- Added migration scripts for existing databases

Resolves #1: Users can now add the same CVE-ID with multiple different vendors, each maintaining separate document storage organized as CVE-ID/Vendor/files
 2026-01-28 14:49:03 +00:00
root
b9421ea0e9 added stop start files and testing multivendor support 2026-01-27 23:00:12 +00:00
9 changed files with 618 additions and 270 deletions
Expand all files Collapse all files

4
backend/.env.example Normal file
View File

@@ -0,0 +1,4 @@
# Backend Configuration
PORT=3001
API_HOST=localhost
CORS_ORIGINS=http://localhost:3000

128
backend/migrate_multivendor.js Normal file
View File

@@ -0,0 +1,128 @@
const sqlite3 = require('sqlite3').verbose();
const db = new sqlite3.Database('./cve_database.db');
console.log('🔄 Starting database migration for multi-vendor support...\n');
db.serialize(() => {
// Backup existing data
console.log('📦 Creating backup tables...');
db.run(`CREATE TABLE IF NOT EXISTS cves_backup AS SELECT * FROM cves`, (err) => {
if (err) console.error('Backup error:', err);
else console.log('✓ CVEs backed up');
});
db.run(`CREATE TABLE IF NOT EXISTS documents_backup AS SELECT * FROM documents`, (err) => {
if (err) console.error('Backup error:', err);
else console.log('✓ Documents backed up');
});
// Drop old table
console.log('\n🗑 Dropping old cves table...');
db.run(`DROP TABLE IF EXISTS cves`, (err) => {
if (err) {
console.error('Drop error:', err);
return;
}
console.log('✓ Old table dropped');
// Create new table with UNIQUE(cve_id, vendor) instead of UNIQUE(cve_id)
console.log('\n🏗 Creating new cves table with multi-vendor support...');
db.run(`
CREATE TABLE cves (
id INTEGER PRIMARY KEY AUTOINCREMENT,
cve_id VARCHAR(20) NOT NULL,
vendor VARCHAR(100) NOT NULL,
severity VARCHAR(20) NOT NULL,
description TEXT,
published_date DATE,
status VARCHAR(50) DEFAULT 'Open',
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
UNIQUE(cve_id, vendor)
)
`, (err) => {
if (err) {
console.error('Create error:', err);
return;
}
console.log('✓ New table created with UNIQUE(cve_id, vendor)');
// Restore data
console.log('\n📥 Restoring data...');
db.run(`INSERT INTO cves SELECT * FROM cves_backup`, (err) => {
if (err) {
console.error('Restore error:', err);
return;
}
console.log('✓ Data restored');
// Recreate indexes
console.log('\n🔍 Creating indexes...');
db.run(`CREATE INDEX idx_cve_id ON cves(cve_id)`, () => {
console.log('✓ Index: idx_cve_id');
});
db.run(`CREATE INDEX idx_vendor ON cves(vendor)`, () => {
console.log('✓ Index: idx_vendor');
});
db.run(`CREATE INDEX idx_severity ON cves(severity)`, () => {
console.log('✓ Index: idx_severity');
});
db.run(`CREATE INDEX idx_status ON cves(status)`, () => {
console.log('✓ Index: idx_status');
});
// Update view
console.log('\n👁 Updating cve_document_status view...');
db.run(`DROP VIEW IF EXISTS cve_document_status`, (err) => {
if (err) console.error('Drop view error:', err);
db.run(`
CREATE VIEW cve_document_status AS
SELECT
c.id as record_id,
c.cve_id,
c.vendor,
c.severity,
c.status,
COUNT(DISTINCT d.id) as total_documents,
COUNT(DISTINCT CASE WHEN d.type = 'advisory' THEN d.id END) as advisory_count,
COUNT(DISTINCT CASE WHEN d.type = 'email' THEN d.id END) as email_count,
COUNT(DISTINCT CASE WHEN d.type = 'screenshot' THEN d.id END) as screenshot_count,
CASE
WHEN COUNT(DISTINCT CASE WHEN d.type = 'advisory' THEN d.id END) > 0
THEN 'Complete'
ELSE 'Missing Required Docs'
END as compliance_status
FROM cves c
LEFT JOIN documents d ON c.cve_id = d.cve_id AND c.vendor = d.vendor
GROUP BY c.id, c.cve_id, c.vendor, c.severity, c.status
`, (err) => {
if (err) {
console.error('Create view error:', err);
} else {
console.log('✓ View recreated');
}
console.log('\n✅ Migration complete!');
console.log('\n📊 Summary:');
db.get('SELECT COUNT(*) as count FROM cves', (err, row) => {
if (!err) console.log(` Total CVE entries: ${row.count}`);
db.get('SELECT COUNT(DISTINCT cve_id) as count FROM cves', (err, row) => {
if (!err) console.log(` Unique CVE IDs: ${row.count}`);
console.log('\n💡 Next steps:');
console.log(' 1. Restart backend: pkill -f "node server.js" && node server.js &');
console.log(' 2. Replace frontend/src/App.js with multi-vendor version');
console.log(' 3. Test by adding same CVE with multiple vendors\n');
db.close();
});
});
});
});
});
});
});
});

193
backend/server.js
View File

@@ -1,5 +1,7 @@
// CVE Management Backend API // CVE Management Backend API
// Install: npm install express sqlite3 multer cors // Install: npm install express sqlite3 multer cors dotenv
require('dotenv').config();
const express = require('express'); const express = require('express');
const sqlite3 = require('sqlite3').verbose(); const sqlite3 = require('sqlite3').verbose();
@@ -9,11 +11,21 @@ const path = require('path');
const fs = require('fs'); const fs = require('fs');
const app = express(); const app = express();
const PORT = 3001; const PORT = process.env.PORT || 3001;
const API_HOST = process.env.API_HOST || 'localhost';
const CORS_ORIGINS = process.env.CORS_ORIGINS
? process.env.CORS_ORIGINS.split(',')
: ['http://localhost:3000'];
// Log all incoming requests
app.use((req, res, next) => {
console.log(`${new Date().toISOString()} - ${req.method} ${req.url}`);
next();
});
// Middleware // Middleware
app.use(cors({ app.use(cors({
origin: ['http://localhost:3000', 'http://192.168.2.117:3000'], origin: CORS_ORIGINS,
credentials: true credentials: true
})); }));
app.use(express.json()); app.use(express.json());
@@ -94,7 +106,7 @@ app.get('/api/cves', (req, res) => {
}); });
}); });
// Check if CVE exists and get its status // Check if CVE exists and get its status - UPDATED FOR MULTI-VENDOR
app.get('/api/cves/check/:cveId', (req, res) => { app.get('/api/cves/check/:cveId', (req, res) => {
const { cveId } = req.params; const { cveId } = req.params;
@@ -105,80 +117,53 @@ app.get('/api/cves/check/:cveId', (req, res) => {
COUNT(CASE WHEN d.type = 'email' THEN 1 END) as has_email, COUNT(CASE WHEN d.type = 'email' THEN 1 END) as has_email,
COUNT(CASE WHEN d.type = 'screenshot' THEN 1 END) as has_screenshot COUNT(CASE WHEN d.type = 'screenshot' THEN 1 END) as has_screenshot
FROM cves c FROM cves c
LEFT JOIN documents d ON c.cve_id = d.cve_id LEFT JOIN documents d ON c.cve_id = d.cve_id AND c.vendor = d.vendor
WHERE c.cve_id = ? WHERE c.cve_id = ?
GROUP BY c.id GROUP BY c.id
`; `;
db.get(query, [cveId], (err, row) => { db.all(query, [cveId], (err, rows) => {
if (err) { if (err) {
return res.status(500).json({ error: err.message }); return res.status(500).json({ error: err.message });
} }
if (!row) { if (!rows || rows.length === 0) {
return res.json({ return res.json({
exists: false, exists: false,
message: 'CVE not found - not yet addressed' message: 'CVE not found - not yet addressed'
}); });
} }
// Return all vendor entries for this CVE
res.json({ res.json({
exists: true, exists: true,
cve: row, vendors: rows.map(row => ({
addressed: true, vendor: row.vendor,
has_required_docs: row.has_advisory > 0, severity: row.severity,
status: row.status,
total_documents: row.total_documents,
compliance: { compliance: {
advisory: row.has_advisory > 0, advisory: row.has_advisory > 0,
email: row.has_email > 0, email: row.has_email > 0,
screenshot: row.has_screenshot > 0 screenshot: row.has_screenshot > 0
} }
})),
addressed: true,
has_required_docs: rows.some(row => row.has_advisory > 0)
}); });
}); });
}); });
// Create new CVE entry // NEW ENDPOINT: Get all vendors for a specific CVE
app.post('/api/cves', (req, res) => { app.get('/api/cves/:cveId/vendors', (req, res) => {
const { cve_id, vendor, severity, description, published_date } = req.body; const { cveId } = req.params;
const query = ` const query = `
INSERT INTO cves (cve_id, vendor, severity, description, published_date) SELECT vendor, severity, status, description, published_date
VALUES (?, ?, ?, ?, ?) FROM cves
WHERE cve_id = ?
ORDER BY vendor
`; `;
db.run(query, [cve_id, vendor, severity, description, published_date], function(err) {
if (err) {
return res.status(500).json({ error: err.message });
}
res.json({
id: this.lastID,
cve_id,
message: 'CVE created successfully'
});
});
});
// Update CVE status
app.patch('/api/cves/:cveId/status', (req, res) => {
const { cveId } = req.params;
const { status } = req.body;
const query = `UPDATE cves SET status = ?, updated_at = CURRENT_TIMESTAMP WHERE cve_id = ?`;
db.run(query, [status, cveId], function(err) {
if (err) {
return res.status(500).json({ error: err.message });
}
res.json({ message: 'Status updated successfully', changes: this.changes });
});
});
// ========== DOCUMENT ENDPOINTS ==========
// Get documents for a CVE
app.get('/api/cves/:cveId/documents', (req, res) => {
const { cveId } = req.params;
const query = `SELECT * FROM documents WHERE cve_id = ? ORDER BY uploaded_at DESC`;
db.all(query, [cveId], (err, rows) => { db.all(query, [cveId], (err, rows) => {
if (err) { if (err) {
return res.status(500).json({ error: err.message }); return res.status(500).json({ error: err.message });
@@ -187,17 +172,110 @@ app.get('/api/cves/:cveId/documents', (req, res) => {
}); });
}); });
// Upload document
app.post('/api/cves/:cveId/documents', upload.single('file'), (req, res) => { // Create new CVE entry - ALLOW MULTIPLE VENDORS
app.post('/api/cves', (req, res) => {
console.log('=== ADD CVE REQUEST ===');
console.log('Body:', req.body);
console.log('=======================');
const { cve_id, vendor, severity, description, published_date } = req.body;
const query = `
INSERT INTO cves (cve_id, vendor, severity, description, published_date)
VALUES (?, ?, ?, ?, ?)
`;
console.log('Query:', query);
console.log('Values:', [cve_id, vendor, severity, description, published_date]);
db.run(query, [cve_id, vendor, severity, description, published_date], function(err) {
if (err) {
console.error('DATABASE ERROR:', err); // Make sure this is here
// ... rest of error handling
// Check if it's a duplicate CVE_ID + Vendor combination
if (err.message.includes('UNIQUE constraint failed')) {
return res.status(409).json({
error: 'This CVE already exists for this vendor. Choose a different vendor or update the existing entry.'
});
}
return res.status(500).json({ error: err.message });
}
res.json({
id: this.lastID,
cve_id,
message: `CVE created successfully for vendor: ${vendor}`
});
});
});
// Update CVE status
app.patch('/api/cves/:cveId/status', (req, res) => {
const { cveId } = req.params;
const { status } = req.body;
const query = `UPDATE cves SET status = ?, updated_at = CURRENT_TIMESTAMP WHERE cve_id = ?`;
db.run(query, [
vendor,status, cveId], function(err) {
if (err) {
return res.status(500).json({ error: err.message });
}
res.json({ message: 'Status updated successfully', changes: this.changes });
});
});
// ========== DOCUMENT ENDPOINTS ==========
// Get documents for a CVE - FILTER BY VENDOR
app.get('/api/cves/:cveId/documents', (req, res) => {
const { cveId } = req.params;
const { vendor } = req.query; // NEW: Optional vendor filter
let query = `SELECT * FROM documents WHERE cve_id = ?`;
let params = [cveId];
if (vendor) {
query += ` AND vendor = ?`;
params.push(vendor);
}
query += ` ORDER BY uploaded_at DESC`;
db.all(query, params, (err, rows) => {
if (err) {
return res.status(500).json({ error: err.message });
}
res.json(rows);
});
});
// Upload document - ADD ERROR HANDLING FOR MULTER
app.post('/api/cves/:cveId/documents', (req, res, next) => {
upload.single('file')(req, res, (err) => {
if (err) {
console.error('MULTER ERROR:', err);
return res.status(500).json({ error: 'File upload failed: ' + err.message });
}
console.log('=== UPLOAD REQUEST RECEIVED ===');
console.log('CVE ID:', req.params.cveId);
console.log('Body:', req.body);
console.log('File:', req.file);
console.log('================================');
const { cveId } = req.params; const { cveId } = req.params;
const { type, notes, vendor } = req.body; const { type, notes, vendor } = req.body;
const file = req.file; const file = req.file;
if (!file) { if (!file) {
console.error('ERROR: No file uploaded');
return res.status(400).json({ error: 'No file uploaded' }); return res.status(400).json({ error: 'No file uploaded' });
} }
if (!vendor) { if (!vendor) {
console.error('ERROR: Vendor is required');
return res.status(400).json({ error: 'Vendor is required' }); return res.status(400).json({ error: 'Vendor is required' });
} }
@@ -213,14 +291,15 @@ app.post('/api/cves/:cveId/documents', upload.single('file'), (req, res) => {
fs.renameSync(file.path, finalPath); fs.renameSync(file.path, finalPath);
const query = ` const query = `
INSERT INTO documents (cve_id, name, type, file_path, file_size, mime_type, notes) INSERT INTO documents (cve_id, vendor, name, type, file_path, file_size, mime_type, notes)
VALUES (?, ?, ?, ?, ?, ?, ?) VALUES (?, ?, ?, ?, ?, ?, ?, ?)
`; `;
const fileSizeKB = (file.size / 1024).toFixed(2) + ' KB'; const fileSizeKB = (file.size / 1024).toFixed(2) + ' KB';
db.run(query, [ db.run(query, [
cveId, cveId,
vendor,
file.originalname, file.originalname,
type, type,
finalPath, finalPath,
@@ -229,6 +308,7 @@ app.post('/api/cves/:cveId/documents', upload.single('file'), (req, res) => {
notes notes
], function(err) { ], function(err) {
if (err) { if (err) {
console.error('DATABASE ERROR:', err);
// If database insert fails, delete the file // If database insert fails, delete the file
if (fs.existsSync(finalPath)) { if (fs.existsSync(finalPath)) {
fs.unlinkSync(finalPath); fs.unlinkSync(finalPath);
@@ -246,7 +326,7 @@ app.post('/api/cves/:cveId/documents', upload.single('file'), (req, res) => {
}); });
}); });
}); });
});
// Delete document // Delete document
app.delete('/api/documents/:id', (req, res) => { app.delete('/api/documents/:id', (req, res) => {
const { id } = req.params; const { id } = req.params;
@@ -308,5 +388,6 @@ app.get('/api/stats', (req, res) => {
// Start server // Start server
app.listen(PORT, () => { app.listen(PORT, () => {
console.log(`CVE API server running on http://localhost:${PORT}`); console.log(`CVE API server running on http://${API_HOST}:${PORT}`);
console.log(`CORS origins: ${CORS_ORIGINS.join(', ')}`);
}); });

86
backend/setup.js
View File

@@ -1,5 +1,5 @@
// Setup Script for CVE Database // Setup Script for CVE Database
// This creates a fresh database ready for new CVE entries // This creates a fresh database with multi-vendor support built-in
const sqlite3 = require('sqlite3').verbose(); const sqlite3 = require('sqlite3').verbose();
const fs = require('fs'); const fs = require('fs');
@@ -18,19 +18,21 @@ function initializeDatabase() {
const schema = ` const schema = `
CREATE TABLE IF NOT EXISTS cves ( CREATE TABLE IF NOT EXISTS cves (
id INTEGER PRIMARY KEY AUTOINCREMENT, id INTEGER PRIMARY KEY AUTOINCREMENT,
cve_id VARCHAR(20) UNIQUE NOT NULL, cve_id VARCHAR(20) NOT NULL,
vendor VARCHAR(100) NOT NULL, vendor VARCHAR(100) NOT NULL,
severity VARCHAR(20) NOT NULL, severity VARCHAR(20) NOT NULL,
description TEXT, description TEXT,
published_date DATE, published_date DATE,
status VARCHAR(50) DEFAULT 'Open', status VARCHAR(50) DEFAULT 'Open',
created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP, created_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP updated_at TIMESTAMP DEFAULT CURRENT_TIMESTAMP,
UNIQUE(cve_id, vendor)
); );
CREATE TABLE IF NOT EXISTS documents ( CREATE TABLE IF NOT EXISTS documents (
id INTEGER PRIMARY KEY AUTOINCREMENT, id INTEGER PRIMARY KEY AUTOINCREMENT,
cve_id VARCHAR(20) NOT NULL, cve_id VARCHAR(20) NOT NULL,
vendor VARCHAR(100) NOT NULL,
name VARCHAR(255) NOT NULL, name VARCHAR(255) NOT NULL,
type VARCHAR(50) NOT NULL, type VARCHAR(50) NOT NULL,
file_path VARCHAR(500) NOT NULL, file_path VARCHAR(500) NOT NULL,
@@ -54,6 +56,7 @@ function initializeDatabase() {
CREATE INDEX IF NOT EXISTS idx_severity ON cves(severity); CREATE INDEX IF NOT EXISTS idx_severity ON cves(severity);
CREATE INDEX IF NOT EXISTS idx_status ON cves(status); CREATE INDEX IF NOT EXISTS idx_status ON cves(status);
CREATE INDEX IF NOT EXISTS idx_doc_cve_id ON documents(cve_id); CREATE INDEX IF NOT EXISTS idx_doc_cve_id ON documents(cve_id);
CREATE INDEX IF NOT EXISTS idx_doc_vendor ON documents(vendor);
CREATE INDEX IF NOT EXISTS idx_doc_type ON documents(type); CREATE INDEX IF NOT EXISTS idx_doc_type ON documents(type);
INSERT OR IGNORE INTO required_documents (vendor, document_type, is_mandatory, description) VALUES INSERT OR IGNORE INTO required_documents (vendor, document_type, is_mandatory, description) VALUES
@@ -66,6 +69,7 @@ function initializeDatabase() {
CREATE VIEW IF NOT EXISTS cve_document_status AS CREATE VIEW IF NOT EXISTS cve_document_status AS
SELECT SELECT
c.id as record_id,
c.cve_id, c.cve_id,
c.vendor, c.vendor,
c.severity, c.severity,
@@ -80,8 +84,8 @@ function initializeDatabase() {
ELSE 'Missing Required Docs' ELSE 'Missing Required Docs'
END as compliance_status END as compliance_status
FROM cves c FROM cves c
LEFT JOIN documents d ON c.cve_id = d.cve_id LEFT JOIN documents d ON c.cve_id = d.cve_id AND c.vendor = d.vendor
GROUP BY c.cve_id, c.vendor, c.severity, c.status; GROUP BY c.id, c.cve_id, c.vendor, c.severity, c.status;
`; `;
db.exec(schema, (err) => { db.exec(schema, (err) => {
@@ -107,17 +111,21 @@ function createUploadsDirectory() {
// Add sample CVE data (optional - for testing) // Add sample CVE data (optional - for testing)
async function addSampleData(db) { async function addSampleData(db) {
console.log('\n📝 Would you like to add sample CVE data for testing? (y/n)'); console.log('\n📝 Adding sample CVE data for testing...');
// For automated setup, we'll skip this. Uncomment the code below if you want samples.
/*
const sampleCVEs = [ const sampleCVEs = [
{ {
cve_id: 'CVE-2024-SAMPLE-1', cve_id: 'CVE-2024-SAMPLE-1',
vendor: 'Microsoft', vendor: 'Microsoft',
severity: 'Critical', severity: 'Critical',
description: 'Sample vulnerability for testing', description: 'Sample remote code execution vulnerability',
published_date: '2024-01-15'
},
{
cve_id: 'CVE-2024-SAMPLE-1',
vendor: 'Cisco',
severity: 'High',
description: 'Sample remote code execution vulnerability',
published_date: '2024-01-15' published_date: '2024-01-15'
} }
]; ];
@@ -131,16 +139,37 @@ async function addSampleData(db) {
(err) => { (err) => {
if (err) reject(err); if (err) reject(err);
else { else {
console.log(` ✓ Added sample CVE: ${cve.cve_id}`); console.log(` ✓ Added sample: ${cve.cve_id} / ${cve.vendor}`);
resolve(); resolve();
} }
} }
); );
}); });
} }
*/
console.log(' Skipping sample data - you can add CVEs through the API or dashboard'); console.log(' Sample data added - demonstrates multi-vendor support');
}
// Verify database structure
async function verifySetup(db) {
return new Promise((resolve) => {
db.get('SELECT sql FROM sqlite_master WHERE type="table" AND name="cves"', (err, row) => {
if (err) {
console.error('Warning: Could not verify setup:', err);
} else {
console.log('\n📋 CVEs table structure:');
console.log(row.sql);
// Check if UNIQUE constraint is correct
if (row.sql.includes('UNIQUE(cve_id, vendor)')) {
console.log('\n✅ Multi-vendor support: ENABLED');
} else {
console.log('\n⚠ Warning: Multi-vendor constraint may not be set correctly');
}
}
resolve();
});
});
} }
// Display setup summary // Display setup summary
@@ -151,33 +180,37 @@ function displaySummary() {
console.log('\n📊 What was created:'); console.log('\n📊 What was created:');
console.log(' ✓ SQLite database (cve_database.db)'); console.log(' ✓ SQLite database (cve_database.db)');
console.log(' ✓ Tables: cves, documents, required_documents'); console.log(' ✓ Tables: cves, documents, required_documents');
console.log(' ✓ Multi-vendor support with UNIQUE(cve_id, vendor)');
console.log(' ✓ Vendor column in documents table');
console.log(' ✓ Indexes for fast queries'); console.log(' ✓ Indexes for fast queries');
console.log(' ✓ Document compliance view'); console.log(' ✓ Document compliance view');
console.log(' ✓ Uploads directory for file storage'); console.log(' ✓ Uploads directory for file storage');
console.log('\n📁 File structure will be:'); console.log('\n📁 File structure will be:');
console.log(' uploads/'); console.log(' uploads/');
console.log(' └── CVE-XXXX-XXXX/'); console.log(' └── CVE-XXXX-XXXX/');
console.log(' ── VendorName/'); console.log(' ── Vendor1/');
console.log(' ├── advisory.pdf'); console.log(' ├── advisory.pdf');
console.log(' ── email.pdf'); console.log(' ── screenshot.png');
console.log(' └── screenshot.png'); console.log(' └── Vendor2/');
console.log(' └── advisory.pdf');
console.log('\n🚀 Next steps:'); console.log('\n🚀 Next steps:');
console.log(' 1. Start the backend API:'); console.log(' 1. Start the backend API:');
console.log(' → cd backend && node server.js'); console.log(' → cd backend && node server.js');
console.log(' 2. Start the frontend:'); console.log(' 2. Start the frontend:');
console.log(' → cd frontend && npm start'); console.log(' → cd frontend && npm start');
console.log(' 3. Open http://localhost:3000'); console.log(' 3. Open http://localhost:3000');
console.log(' 4. Start adding CVEs and uploading documents!'); console.log(' 4. Start adding CVEs with multiple vendors!');
console.log('\n💡 Tips:'); console.log('\n💡 Key Features:');
console.log(' • Use the Quick Check to verify CVE status'); console.log(' • Add same CVE-ID with different vendors');
console.log(' • Upload documents through the dashboard'); console.log(' • Each vendor has separate document storage');
console.log(' • Documents are auto-organized by CVE ID → Vendor'); console.log(' • Quick Check shows all vendors for a CVE');
console.log(' • Document compliance tracking per vendor');
console.log(' • Required docs: Advisory (mandatory for most vendors)\n'); console.log(' • Required docs: Advisory (mandatory for most vendors)\n');
} }
// Main execution // Main execution
async function main() { async function main() {
console.log('🚀 CVE Database Setup\n'); console.log('🚀 CVE Database Setup (Multi-Vendor Support)\n');
console.log('════════════════════════════════════════\n'); console.log('════════════════════════════════════════\n');
try { try {
@@ -187,13 +220,16 @@ async function main() {
// Initialize database // Initialize database
const db = await initializeDatabase(); const db = await initializeDatabase();
// Optionally add sample data // Add sample data
await addSampleData(db); await addSampleData(db);
// Verify setup
await verifySetup(db);
// Close database connection // Close database connection
db.close((err) => { db.close((err) => {
if (err) console.error('Error closing database:', err); if (err) console.error('Error closing database:', err);
else console.log('✓ Database connection closed'); else console.log('\n✓ Database connection closed');
// Display summary // Display summary
displaySummary(); displaySummary();

5
frontend/.env.example Normal file
View File

@@ -0,0 +1,5 @@
# Frontend Configuration
# API_BASE should include the /api path
REACT_APP_API_BASE=http://localhost:3001/api
# API_HOST is used for direct file URLs (no /api)
REACT_APP_API_HOST=http://localhost:3001

173
frontend/src/App.js
View File

@@ -1,7 +1,8 @@
import React, { useState, useEffect } from 'react'; import React, { useState, useEffect } from 'react';
import { Search, FileText, AlertCircle, Download, Upload, Eye, Filter, CheckCircle, XCircle, Loader, Trash2 } from 'lucide-react'; import { Search, FileText, AlertCircle, Download, Upload, Eye, Filter, CheckCircle, XCircle, Loader, Trash2, Plus } from 'lucide-react';
const API_BASE = 'http://192.168.2.117:3001/api'; const API_BASE = process.env.REACT_APP_API_BASE || 'http://localhost:3001/api';
const API_HOST = process.env.REACT_APP_API_HOST || 'http://localhost:3001';
const severityLevels = ['All Severities', 'Critical', 'High', 'Medium', 'Low']; const severityLevels = ['All Severities', 'Critical', 'High', 'Medium', 'Low'];
@@ -10,6 +11,7 @@ export default function App() {
const [selectedVendor, setSelectedVendor] = useState('All Vendors'); const [selectedVendor, setSelectedVendor] = useState('All Vendors');
const [selectedSeverity, setSelectedSeverity] = useState('All Severities'); const [selectedSeverity, setSelectedSeverity] = useState('All Severities');
const [selectedCVE, setSelectedCVE] = useState(null); const [selectedCVE, setSelectedCVE] = useState(null);
const [selectedVendorView, setSelectedVendorView] = useState(null);
const [selectedDocuments, setSelectedDocuments] = useState([]); const [selectedDocuments, setSelectedDocuments] = useState([]);
const [cves, setCves] = useState([]); const [cves, setCves] = useState([]);
const [vendors, setVendors] = useState(['All Vendors']); const [vendors, setVendors] = useState(['All Vendors']);
@@ -73,14 +75,15 @@ export default function App() {
} }
}; };
const fetchDocuments = async (cveId) => { const fetchDocuments = async (cveId, vendor) => {
if (cveDocuments[cveId]) return; const key = `${cveId}-${vendor}`;
if (cveDocuments[key]) return;
try { try {
const response = await fetch(`${API_BASE}/cves/${cveId}/documents`); const response = await fetch(`${API_BASE}/cves/${cveId}/documents?vendor=${vendor}`);
if (!response.ok) throw new Error('Failed to fetch documents'); if (!response.ok) throw new Error('Failed to fetch documents');
const data = await response.json(); const data = await response.json();
setCveDocuments(prev => ({ ...prev, [cveId]: data })); setCveDocuments(prev => ({ ...prev, [key]: data }));
} catch (err) { } catch (err) {
console.error('Error fetching documents:', err); console.error('Error fetching documents:', err);
} }
@@ -100,12 +103,15 @@ export default function App() {
} }
}; };
const handleViewDocuments = async (cveId) => { const handleViewDocuments = async (cveId, vendor) => {
if (selectedCVE === cveId) { const key = `${cveId}-${vendor}`;
if (selectedCVE === cveId && selectedVendorView === vendor) {
setSelectedCVE(null); setSelectedCVE(null);
setSelectedVendorView(null);
} else { } else {
setSelectedCVE(cveId); setSelectedCVE(cveId);
await fetchDocuments(cveId); setSelectedVendorView(vendor);
await fetchDocuments(cveId, vendor);
} }
}; };
@@ -140,9 +146,12 @@ export default function App() {
body: JSON.stringify(newCVE) body: JSON.stringify(newCVE)
}); });
if (!response.ok) throw new Error('Failed to add CVE'); if (!response.ok) {
const data = await response.json();
throw new Error(data.error || 'Failed to add CVE');
}
alert(`CVE ${newCVE.cve_id} added successfully!`); alert(`CVE ${newCVE.cve_id} added successfully for vendor: ${newCVE.vendor}!`);
setShowAddCVE(false); setShowAddCVE(false);
setNewCVE({ setNewCVE({
cve_id: '', cve_id: '',
@@ -192,8 +201,9 @@ export default function App() {
if (!response.ok) throw new Error('Failed to upload document'); if (!response.ok) throw new Error('Failed to upload document');
alert(`Document uploaded successfully!`); alert(`Document uploaded successfully!`);
delete cveDocuments[cveId]; const key = `${cveId}-${vendor}`;
await fetchDocuments(cveId); delete cveDocuments[key];
await fetchDocuments(cveId, vendor);
fetchCVEs(); fetchCVEs();
} catch (err) { } catch (err) {
alert(`Error: ${err.message}`); alert(`Error: ${err.message}`);
@@ -205,7 +215,7 @@ export default function App() {
fileInput.click(); fileInput.click();
}; };
const handleDeleteDocument = async (docId, cveId) => { const handleDeleteDocument = async (docId, cveId, vendor) => {
if (!window.confirm('Are you sure you want to delete this document?')) { if (!window.confirm('Are you sure you want to delete this document?')) {
return; return;
} }
@@ -218,20 +228,30 @@ export default function App() {
if (!response.ok) throw new Error('Failed to delete document'); if (!response.ok) throw new Error('Failed to delete document');
alert('Document deleted successfully!'); alert('Document deleted successfully!');
delete cveDocuments[cveId]; const key = `${cveId}-${vendor}`;
await fetchDocuments(cveId); delete cveDocuments[key];
await fetchDocuments(cveId, vendor);
fetchCVEs(); fetchCVEs();
} catch (err) { } catch (err) {
alert(`Error: ${err.message}`); alert(`Error: ${err.message}`);
} }
}; };
const filteredCVEs = cves; // Group CVEs by CVE ID
const groupedCVEs = cves.reduce((acc, cve) => {
if (!acc[cve.cve_id]) {
acc[cve.cve_id] = [];
}
acc[cve.cve_id].push(cve);
return acc;
}, {});
const filteredGroupedCVEs = groupedCVEs;
return ( return (
<div className="min-h-screen bg-gray-100 p-6"> <div className="min-h-screen bg-gray-100 p-6">
<div className="max-w-7xl mx-auto"> <div className="max-w-7xl mx-auto">
{/* Header with Charter Branding */} {/* Header */}
<div className="mb-8 flex justify-between items-center"> <div className="mb-8 flex justify-between items-center">
<div> <div>
<h1 className="text-3xl font-bold text-gray-900 mb-2">CVE Dashboard</h1> <h1 className="text-3xl font-bold text-gray-900 mb-2">CVE Dashboard</h1>
@@ -241,8 +261,8 @@ export default function App() {
onClick={() => setShowAddCVE(true)} onClick={() => setShowAddCVE(true)}
className="px-4 py-2 bg-[#0476D9] text-white rounded-lg hover:bg-[#0360B8] transition-colors flex items-center gap-2 shadow-md" className="px-4 py-2 bg-[#0476D9] text-white rounded-lg hover:bg-[#0360B8] transition-colors flex items-center gap-2 shadow-md"
> >
<span className="text-xl">+</span> <Plus className="w-5 h-5" />
Add New CVE Add CVE/Vendor
</button> </button>
</div> </div>
@@ -252,7 +272,7 @@ export default function App() {
<div className="bg-white rounded-lg shadow-xl max-w-2xl w-full max-h-[90vh] overflow-y-auto"> <div className="bg-white rounded-lg shadow-xl max-w-2xl w-full max-h-[90vh] overflow-y-auto">
<div className="p-6"> <div className="p-6">
<div className="flex justify-between items-center mb-4"> <div className="flex justify-between items-center mb-4">
<h2 className="text-2xl font-bold text-gray-900">Add New CVE</h2> <h2 className="text-2xl font-bold text-gray-900">Add CVE Entry</h2>
<button <button
onClick={() => setShowAddCVE(false)} onClick={() => setShowAddCVE(false)}
className="text-gray-400 hover:text-gray-600" className="text-gray-400 hover:text-gray-600"
@@ -261,6 +281,13 @@ export default function App() {
</button> </button>
</div> </div>
<div className="mb-4 p-3 bg-blue-50 border border-blue-200 rounded-lg">
<p className="text-sm text-blue-800">
<strong>Tip:</strong> You can add the same CVE-ID multiple times with different vendors.
Each vendor will have its own documents folder.
</p>
</div>
<form onSubmit={handleAddCVE} className="space-y-4"> <form onSubmit={handleAddCVE} className="space-y-4">
<div> <div>
<label className="block text-sm font-medium text-gray-700 mb-1"> <label className="block text-sm font-medium text-gray-700 mb-1">
@@ -274,6 +301,7 @@ export default function App() {
onChange={(e) => setNewCVE({...newCVE, cve_id: e.target.value.toUpperCase()})} onChange={(e) => setNewCVE({...newCVE, cve_id: e.target.value.toUpperCase()})}
className="w-full px-4 py-2 border border-gray-300 rounded-lg focus:ring-2 focus:ring-[#0476D9] focus:border-transparent" className="w-full px-4 py-2 border border-gray-300 rounded-lg focus:ring-2 focus:ring-[#0476D9] focus:border-transparent"
/> />
<p className="text-xs text-gray-500 mt-1">Can be the same as existing CVE if adding another vendor</p>
</div> </div>
<div> <div>
@@ -288,6 +316,7 @@ export default function App() {
onChange={(e) => setNewCVE({...newCVE, vendor: e.target.value})} onChange={(e) => setNewCVE({...newCVE, vendor: e.target.value})}
className="w-full px-4 py-2 border border-gray-300 rounded-lg focus:ring-2 focus:ring-[#0476D9] focus:border-transparent" className="w-full px-4 py-2 border border-gray-300 rounded-lg focus:ring-2 focus:ring-[#0476D9] focus:border-transparent"
/> />
<p className="text-xs text-gray-500 mt-1">Must be unique for this CVE-ID</p>
</div> </div>
<div> <div>
@@ -338,7 +367,7 @@ export default function App() {
type="submit" type="submit"
className="flex-1 px-4 py-2 bg-[#0476D9] text-white rounded-lg hover:bg-[#0360B8] transition-colors font-medium shadow-md" className="flex-1 px-4 py-2 bg-[#0476D9] text-white rounded-lg hover:bg-[#0360B8] transition-colors font-medium shadow-md"
> >
Add CVE Add CVE Entry
</button> </button>
<button <button
type="button" type="button"
@@ -354,7 +383,7 @@ export default function App() {
</div> </div>
)} )}
{/* Quick Check with Charter Blue */} {/* Quick Check */}
<div className="bg-gradient-to-r from-blue-50 to-blue-100 rounded-lg shadow-md p-6 mb-6 border-2 border-[#0476D9]"> <div className="bg-gradient-to-r from-blue-50 to-blue-100 rounded-lg shadow-md p-6 mb-6 border-2 border-[#0476D9]">
<h2 className="text-lg font-semibold text-gray-900 mb-3">Quick CVE Status Check</h2> <h2 className="text-lg font-semibold text-gray-900 mb-3">Quick CVE Status Check</h2>
<div className="flex gap-3"> <div className="flex gap-3">
@@ -388,24 +417,30 @@ export default function App() {
<div className="flex items-start gap-3"> <div className="flex items-start gap-3">
<CheckCircle className="w-5 h-5 text-green-600 mt-0.5" /> <CheckCircle className="w-5 h-5 text-green-600 mt-0.5" />
<div className="flex-1"> <div className="flex-1">
<p className="font-medium text-green-900"> CVE Addressed</p> <p className="font-medium text-green-900"> CVE Addressed ({quickCheckResult.vendors.length} vendor{quickCheckResult.vendors.length > 1 ? 's' : ''})</p>
<div className="mt-2 space-y-1 text-sm text-gray-700"> <div className="mt-3 space-y-3">
<p><strong>Vendor:</strong> {quickCheckResult.cve.vendor}</p> {quickCheckResult.vendors.map((vendorInfo, idx) => (
<p><strong>Severity:</strong> {quickCheckResult.cve.severity}</p> <div key={idx} className="p-3 bg-white rounded border border-green-200">
<p><strong>Status:</strong> {quickCheckResult.cve.status}</p> <p className="font-semibold text-gray-900 mb-2">{vendorInfo.vendor}</p>
<p><strong>Documents:</strong> {quickCheckResult.cve.total_documents} attached</p> <div className="grid grid-cols-2 gap-2 text-sm text-gray-700 mb-2">
<div className="mt-2 flex gap-3"> <p><strong>Severity:</strong> {vendorInfo.severity}</p>
<span className={`px-2 py-1 rounded text-xs font-medium ${quickCheckResult.compliance.advisory ? 'bg-green-100 text-green-800' : 'bg-red-100 text-red-800'}`}> <p><strong>Status:</strong> {vendorInfo.status}</p>
{quickCheckResult.compliance.advisory ? '✓' : '✗'} Advisory <p><strong>Documents:</strong> {vendorInfo.total_documents} attached</p>
</div>
<div className="flex gap-2 flex-wrap">
<span className={`px-2 py-1 rounded text-xs font-medium ${vendorInfo.compliance.advisory ? 'bg-green-100 text-green-800' : 'bg-red-100 text-red-800'}`}>
{vendorInfo.compliance.advisory ? '✓' : '✗'} Advisory
</span> </span>
<span className={`px-2 py-1 rounded text-xs font-medium ${quickCheckResult.compliance.email ? 'bg-green-100 text-green-800' : 'bg-gray-100 text-gray-600'}`}> <span className={`px-2 py-1 rounded text-xs font-medium ${vendorInfo.compliance.email ? 'bg-green-100 text-green-800' : 'bg-gray-100 text-gray-600'}`}>
{quickCheckResult.compliance.email ? '✓' : '○'} Email {vendorInfo.compliance.email ? '✓' : '○'} Email
</span> </span>
<span className={`px-2 py-1 rounded text-xs font-medium ${quickCheckResult.compliance.screenshot ? 'bg-green-100 text-green-800' : 'bg-gray-100 text-gray-600'}`}> <span className={`px-2 py-1 rounded text-xs font-medium ${vendorInfo.compliance.screenshot ? 'bg-green-100 text-green-800' : 'bg-gray-100 text-gray-600'}`}>
{quickCheckResult.compliance.screenshot ? '✓' : '○'} Screenshot {vendorInfo.compliance.screenshot ? '✓' : '○'} Screenshot
</span> </span>
</div> </div>
</div> </div>
))}
</div>
</div> </div>
</div> </div>
) : ( ) : (
@@ -475,7 +510,8 @@ export default function App() {
{/* Results Summary */} {/* Results Summary */}
<div className="mb-4 flex justify-between items-center"> <div className="mb-4 flex justify-between items-center">
<p className="text-gray-600"> <p className="text-gray-600">
Found {filteredCVEs.length} CVE{filteredCVEs.length !== 1 ? 's' : ''} Found {Object.keys(filteredGroupedCVEs).length} CVE{Object.keys(filteredGroupedCVEs).length !== 1 ? 's' : ''}
({cves.length} vendor entr{cves.length !== 1 ? 'ies' : 'y'})
</p> </p>
{selectedDocuments.length > 0 && ( {selectedDocuments.length > 0 && (
<button <button
@@ -488,7 +524,7 @@ export default function App() {
)} )}
</div> </div>
{/* CVE List */} {/* CVE List - Grouped by CVE ID */}
{loading ? ( {loading ? (
<div className="bg-white rounded-lg shadow-md p-12 text-center"> <div className="bg-white rounded-lg shadow-md p-12 text-center">
<Loader className="w-12 h-12 text-[#0476D9] mx-auto mb-4 animate-spin" /> <Loader className="w-12 h-12 text-[#0476D9] mx-auto mb-4 animate-spin" />
@@ -508,16 +544,33 @@ export default function App() {
</div> </div>
) : ( ) : (
<div className="space-y-4"> <div className="space-y-4">
{filteredCVEs.map(cve => { {Object.entries(filteredGroupedCVEs).map(([cveId, vendorEntries]) => (
const documents = cveDocuments[cve.cve_id] || []; <div key={cveId} className="bg-white rounded-lg shadow-md border-2 border-gray-200">
<div className="p-6">
{/* CVE Header */}
<div className="mb-4">
<h3 className="text-2xl font-bold text-gray-900 mb-2">{cveId}</h3>
<p className="text-gray-600 mb-3">{vendorEntries[0].description}</p>
<div className="flex items-center gap-2 text-sm text-gray-500">
<span>Published: {vendorEntries[0].published_date}</span>
<span></span>
<span>{vendorEntries.length} affected vendor{vendorEntries.length > 1 ? 's' : ''}</span>
</div>
</div>
{/* Vendor Entries */}
<div className="space-y-3">
{vendorEntries.map((cve) => {
const key = `${cve.cve_id}-${cve.vendor}`;
const documents = cveDocuments[key] || [];
const isExpanded = selectedCVE === cve.cve_id && selectedVendorView === cve.vendor;
return ( return (
<div key={cve.cve_id} className="bg-white rounded-lg shadow-md border border-gray-200"> <div key={cve.id} className="border border-gray-200 rounded-lg p-4 bg-gray-50">
<div className="p-6"> <div className="flex justify-between items-start">
<div className="flex justify-between items-start mb-4">
<div className="flex-1"> <div className="flex-1">
<div className="flex items-center gap-3 mb-2"> <div className="flex items-center gap-3 mb-2">
<h3 className="text-xl font-semibold text-gray-900">{cve.cve_id}</h3> <h4 className="text-lg font-semibold text-gray-900">{cve.vendor}</h4>
<span className={`px-3 py-1 rounded-full text-sm font-medium ${getSeverityColor(cve.severity)}`}> <span className={`px-3 py-1 rounded-full text-sm font-medium ${getSeverityColor(cve.severity)}`}>
{cve.severity} {cve.severity}
</span> </span>
@@ -525,10 +578,7 @@ export default function App() {
{cve.doc_status === 'Complete' ? '✓ Docs Complete' : '⚠ Incomplete'} {cve.doc_status === 'Complete' ? '✓ Docs Complete' : '⚠ Incomplete'}
</span> </span>
</div> </div>
<p className="text-gray-700 mb-2">{cve.description}</p>
<div className="flex items-center gap-4 text-sm text-gray-500"> <div className="flex items-center gap-4 text-sm text-gray-500">
<span>Vendor: <span className="font-medium text-gray-700">{cve.vendor}</span></span>
<span>Published: {cve.published_date}</span>
<span>Status: <span className="font-medium text-gray-700">{cve.status}</span></span> <span>Status: <span className="font-medium text-gray-700">{cve.status}</span></span>
<span className="flex items-center gap-1"> <span className="flex items-center gap-1">
<FileText className="w-4 h-4" /> <FileText className="w-4 h-4" />
@@ -537,27 +587,27 @@ export default function App() {
</div> </div>
</div> </div>
<button <button
onClick={() => handleViewDocuments(cve.cve_id)} onClick={() => handleViewDocuments(cve.cve_id, cve.vendor)}
className="px-4 py-2 text-[#0476D9] hover:bg-blue-50 rounded-lg transition-colors flex items-center gap-2 border border-[#0476D9]" className="px-4 py-2 text-[#0476D9] hover:bg-blue-50 rounded-lg transition-colors flex items-center gap-2 border border-[#0476D9]"
> >
<Eye className="w-4 h-4" /> <Eye className="w-4 h-4" />
{selectedCVE === cve.cve_id ? 'Hide' : 'View'} Documents {isExpanded ? 'Hide' : 'View'} Documents
</button> </button>
</div> </div>
{/* Documents Section */} {/* Documents Section */}
{selectedCVE === cve.cve_id && ( {isExpanded && (
<div className="mt-4 pt-4 border-t border-gray-200"> <div className="mt-4 pt-4 border-t border-gray-300">
<h4 className="text-sm font-semibold text-gray-700 mb-3 flex items-center gap-2"> <h5 className="text-sm font-semibold text-gray-700 mb-3 flex items-center gap-2">
<FileText className="w-4 h-4" /> <FileText className="w-4 h-4" />
Attached Documents ({documents.length}) Documents for {cve.vendor} ({documents.length})
</h4> </h5>
{documents.length > 0 ? ( {documents.length > 0 ? (
<div className="space-y-2"> <div className="space-y-2">
{documents.map(doc => ( {documents.map(doc => (
<div <div
key={doc.id} key={doc.id}
className="flex items-center justify-between p-3 bg-gray-50 rounded-lg hover:bg-gray-100 transition-colors" className="flex items-center justify-between p-3 bg-white rounded-lg hover:bg-gray-50 transition-colors border border-gray-200"
> >
<div className="flex items-center gap-3 flex-1"> <div className="flex items-center gap-3 flex-1">
<input <input
@@ -577,7 +627,7 @@ export default function App() {
</div> </div>
<div className="flex gap-2"> <div className="flex gap-2">
<a <a
href={`http://192.168.2.117:3001/${doc.file_path}`} href={`${API_HOST}/${doc.file_path}`}
target="_blank" target="_blank"
rel="noopener noreferrer" rel="noopener noreferrer"
className="px-3 py-1 text-sm text-[#0476D9] hover:bg-blue-50 rounded transition-colors border border-[#0476D9]" className="px-3 py-1 text-sm text-[#0476D9] hover:bg-blue-50 rounded transition-colors border border-[#0476D9]"
@@ -585,7 +635,7 @@ export default function App() {
View View
</a> </a>
<button <button
onClick={() => handleDeleteDocument(doc.id, cve.cve_id)} onClick={() => handleDeleteDocument(doc.id, cve.cve_id, cve.vendor)}
className="px-3 py-1 text-sm text-red-600 hover:bg-red-50 rounded transition-colors border border-red-600 flex items-center gap-1" className="px-3 py-1 text-sm text-red-600 hover:bg-red-50 rounded transition-colors border border-red-600 flex items-center gap-1"
> >
<Trash2 className="w-3 h-3" /> <Trash2 className="w-3 h-3" />
@@ -604,18 +654,21 @@ export default function App() {
className="mt-3 px-4 py-2 text-sm text-gray-600 hover:bg-gray-100 rounded-lg transition-colors flex items-center gap-2 disabled:opacity-50 border border-gray-300" className="mt-3 px-4 py-2 text-sm text-gray-600 hover:bg-gray-100 rounded-lg transition-colors flex items-center gap-2 disabled:opacity-50 border border-gray-300"
> >
<Upload className="w-4 h-4" /> <Upload className="w-4 h-4" />
{uploadingFile ? 'Uploading...' : 'Upload New Document'} {uploadingFile ? 'Uploading...' : 'Upload Document'}
</button> </button>
</div> </div>
)} )}
</div> </div>
</div>
); );
})} })}
</div> </div>
</div>
</div>
))}
</div>
)} )}
{filteredCVEs.length === 0 && !loading && ( {Object.keys(filteredGroupedCVEs).length === 0 && !loading && (
<div className="bg-white rounded-lg shadow-md p-12 text-center"> <div className="bg-white rounded-lg shadow-md p-12 text-center">
<AlertCircle className="w-12 h-12 text-gray-400 mx-auto mb-4" /> <AlertCircle className="w-12 h-12 text-gray-400 mx-auto mb-4" />
<h3 className="text-lg font-medium text-gray-900 mb-2">No CVEs Found</h3> <h3 className="text-lg font-medium text-gray-900 mb-2">No CVEs Found</h3>

1
package.json
View File

@@ -11,6 +11,7 @@
"license": "ISC", "license": "ISC",
"dependencies": { "dependencies": {
"cors": "^2.8.6", "cors": "^2.8.6",
"dotenv": "^16.6.1",
"express": "^5.2.1", "express": "^5.2.1",
"multer": "^2.0.2", "multer": "^2.0.2",
"sqlite3": "^5.1.7" "sqlite3": "^5.1.7"

22
start-servers.sh Executable file
View File

@@ -0,0 +1,22 @@
#!/bin/bash
echo "Starting CVE Dashboard servers..."
# Start backend
cd backend
nohup node server.js > backend.log 2>&1 &
BACKEND_PID=$!
echo "Backend started (PID: $BACKEND_PID)"
# Start frontend
cd ../frontend
nohup npm start > frontend.log 2>&1 &
FRONTEND_PID=$!
echo "Frontend started (PID: $FRONTEND_PID)"
# Save PIDs
echo $BACKEND_PID > ../backend.pid
echo $FRONTEND_PID > ../frontend.pid
echo "✓ Both servers running in background"
echo " Backend: http://localhost:3001"
echo " Frontend: http://localhost:3000"

18
stop-servers.sh Executable file
View File

@@ -0,0 +1,18 @@
#!/bin/bash
echo "Stopping CVE Dashboard servers..."
if [ -f backend.pid ]; then
kill $(cat backend.pid) 2>/dev/null
rm backend.pid
echo "✓ Backend stopped"
fi
if [ -f frontend.pid ]; then
kill $(cat frontend.pid) 2>/dev/null
rm frontend.pid
echo "✓ Frontend stopped"
fi
pkill -f "node server.js"
pkill -f "react-scripts start"
echo "All servers stopped"