nuclei-templates/vulnerabilities/generic/error-based-sql-injection.yaml

483 lines
16 KiB
YAML
Raw Normal View History

id: error-based-sql-injection
info:
name: Error based SQL injection
author: geeknik
Dashboard Content Enhancements (#6965) * Add description and enhance one where the UI failed to save properly. dos2unix on a template * Change cvedetails link to nvd * make severities match * Enhancement: cves/2015/CVE-2015-2863.yaml by md * Enhancement: cves/2017/CVE-2017-14524.yaml by md * Enhancement: cves/2017/CVE-2017-5638.yaml by md * Enhancement: cves/2019/CVE-2019-16759.yaml by md * Enhancement: cves/2021/CVE-2021-22986.yaml by md * Enhancement: cves/2021/CVE-2021-24145.yaml by md * Enhancement: cves/2021/CVE-2021-24145.yaml by md * Enhancement: cves/2021/CVE-2021-24155.yaml by md * Enhancement: cves/2021/CVE-2021-24145.yaml by md * Enhancement: cves/2021/CVE-2021-24145.yaml by md * Enhancement: cves/2021/CVE-2021-24347.yaml by md * Enhancement: cves/2021/CVE-2021-25003.yaml by md * Enhancement: cves/2021/CVE-2021-25296.yaml by md * Enhancement: cves/2021/CVE-2021-25297.yaml by md * Enhancement: cves/2021/CVE-2021-25296.yaml by md * Enhancement: cves/2021/CVE-2021-25297.yaml by md * Enhancement: cves/2021/CVE-2021-25298.yaml by md * Enhancement: cves/2021/CVE-2021-25297.yaml by md * Enhancement: cves/2021/CVE-2021-28151.yaml by md * Enhancement: cves/2021/CVE-2021-30128.yaml by md * Enhancement: cves/2022/CVE-2022-0824.yaml by md * Enhancement: cves/2022/CVE-2022-0824.yaml by md * Enhancement: cves/2022/CVE-2022-0885.yaml by md * Enhancement: cves/2022/CVE-2022-21587.yaml by md * Enhancement: cves/2022/CVE-2022-2314.yaml by md * Enhancement: cves/2022/CVE-2022-24816.yaml by md * Enhancement: cves/2022/CVE-2022-31499.yaml by md * Enhancement: cves/2022/CVE-2022-21587.yaml by md * Enhancement: cves/2021/CVE-2021-24155.yaml by md * Enhancement: cves/2017/CVE-2017-5638.yaml by md * Enhancement: cves/2015/CVE-2015-2863.yaml by md * Enhancement: cves/2022/CVE-2022-33901.yaml by md * Enhancement: cves/2022/CVE-2022-2314.yaml by md * Enhancement: cves/2022/CVE-2022-33901.yaml by md * Enhancement: cves/2022/CVE-2022-34753.yaml by md * Enhancement: cves/2022/CVE-2022-39952.yaml by md * Enhancement: cves/2022/CVE-2022-4060.yaml by md * Enhancement: cves/2022/CVE-2022-44877.yaml by md * Enhancement: cves/2023/CVE-2023-0669.yaml by md * Enhancement: cves/2023/CVE-2023-26255.yaml by md * Enhancement: cves/2023/CVE-2023-26256.yaml by md * Enhancement: exposures/files/salesforce-credentials.yaml by md * Enhancement: misconfiguration/hadoop-unauth-rce.yaml by md * Enhancement: misconfiguration/installer/nopcommerce-installer.yaml by md * Enhancement: network/backdoor/backdoored-zte.yaml by md * Enhancement: network/detection/ibm-d2b-database-server.yaml by md * Enhancement: network/detection/ibm-d2b-database-server.yaml by md * Enhancement: technologies/oracle/oracle-atg-commerce.yaml by md * Enhancement: token-spray/api-abuseipdb.yaml by md * Enhancement: token-spray/api-abuseipdb.yaml by md * Enhancement: token-spray/api-dbt.yaml by md * Enhancement: vulnerabilities/avaya/avaya-aura-rce.yaml by md * Enhancement: vulnerabilities/avaya/avaya-aura-xss.yaml by md * Enhancement: vulnerabilities/cisco/cisco-cloudcenter-suite-rce.yaml by md * Enhancement: vulnerabilities/froxlor-xss.yaml by md * Enhancement: vulnerabilities/jamf/jamf-log4j-jndi-rce.yaml by md * Enhancement: vulnerabilities/mobileiron/mobileiron-log4j-jndi-rce.yaml by md * Enhancement: vulnerabilities/jamf/jamf-log4j-jndi-rce.yaml by md * Enhancement: vulnerabilities/opencpu/opencpu-rce.yaml by md * Enhancement: vulnerabilities/other/academy-lms-xss.yaml by md * Enhancement: vulnerabilities/other/caucho-resin-info-disclosure.yaml by md * Enhancement: vulnerabilities/other/ckan-dom-based-xss.yaml by md * Enhancement: vulnerabilities/other/couchdb-adminparty.yaml by md * Enhancement: vulnerabilities/other/graylog-log4j.yaml by md * Enhancement: vulnerabilities/mobileiron/mobileiron-log4j-jndi-rce.yaml by md * Initial cleanups for syntax errors * dashboard gremlins * Add log4j back to name * Enhancement: exposures/files/salesforce-credentials.yaml by cs * Enhancement: misconfiguration/installer/nopcommerce-installer.yaml by cs * Enhancement: network/backdoor/backdoored-zte.yaml by cs * Enhancement: vulnerabilities/other/couchdb-adminparty.yaml by cs * Sev and other info tweaks * Merge conflict --------- Co-authored-by: sullo <sullo@cirt.net>
2023-03-27 17:46:47 +00:00
severity: critical
description: Detects potential SQL injection via error strings in 29 database engines. Inspired by https://github.com/sqlmapproject/sqlmap/blob/master/data/xml/errors.xml.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cwe-id: CWE-89
Updated all templates tags with technologies (#3478) * Updated tags for template sonicwall-email-security-detect.yaml * Updated tags for template detect-sentry.yaml * Updated tags for template kong-detect.yaml * Updated tags for template openam-detect.yaml * Updated tags for template shiro-detect.yaml * Updated tags for template iplanet-web-server.yaml * Updated tags for template graylog-api-browser.yaml * Updated tags for template prtg-detect.yaml * Updated tags for template node-red-detect.yaml * Updated tags for template abyss-web-server.yaml * Updated tags for template geo-webserver.yaml * Updated tags for template autobahn-python-detect.yaml * Updated tags for template default-lighttpd-page.yaml * Updated tags for template microsoft-iis-8.yaml * Updated tags for template lucee-detect.yaml * Updated tags for template php-proxy-detect.yaml * Updated tags for template jenkins-detect.yaml * Updated tags for template cockpit-detect.yaml * Updated tags for template csrfguard-detect.yaml * Updated tags for template dwr-index-detect.yaml * Updated tags for template netsweeper-webadmin-detect.yaml * Updated tags for template weblogic-detect.yaml * Updated tags for template s3-detect.yaml * Updated tags for template tileserver-gl.yaml * Updated tags for template springboot-actuator.yaml * Updated tags for template terraform-detect.yaml * Updated tags for template redmine-cli-detect.yaml * Updated tags for template mrtg-detect.yaml * Updated tags for template tableau-server-detect.yaml * Updated tags for template magmi-detect.yaml * Updated tags for template oidc-detect.yaml * Updated tags for template tor-socks-proxy.yaml * Updated tags for template synology-web-station.yaml * Updated tags for template herokuapp-detect.yaml * Updated tags for template gunicorn-detect.yaml * Updated tags for template sql-server-reporting.yaml * Updated tags for template google-bucket-service.yaml * Updated tags for template kubernetes-mirantis.yaml * Updated tags for template kubernetes-enterprise-manager.yaml * Updated tags for template oracle-iplanet-web-server.yaml * Updated tags for template dell-idrac7-detect.yaml * Updated tags for template dell-idrac6-detect.yaml * Updated tags for template dell-idrac9-detect.yaml * Updated tags for template dell-idrac8-detect.yaml * Updated tags for template apache-guacamole.yaml * Updated tags for template aws-cloudfront-service.yaml * Updated tags for template aws-bucket-service.yaml * Updated tags for template nginx-linux-page.yaml * Updated tags for template telerik-fileupload-detect.yaml * Updated tags for template telerik-dialoghandler-detect.yaml * Updated tags for template htaccess-config.yaml * Updated tags for template microsoft-azure-error.yaml * Updated tags for template detect-options-method.yaml * Updated tags for template unpatched-coldfusion.yaml * Updated tags for template moodle-changelog.yaml * Updated tags for template detect-dns-over-https.yaml * Updated tags for template CVE-2019-19134.yaml * Updated tags for template CVE-2019-3929.yaml * Updated tags for template CVE-2019-19908.yaml * Updated tags for template CVE-2019-10475.yaml * Updated tags for template CVE-2019-17382.yaml * Updated tags for template CVE-2019-16332.yaml * Updated tags for template CVE-2019-14974.yaml * Updated tags for template CVE-2019-19368.yaml * Updated tags for template CVE-2019-12725.yaml * Updated tags for template CVE-2019-15501.yaml * Updated tags for template CVE-2019-9733.yaml * Updated tags for template CVE-2019-14322.yaml * Updated tags for template CVE-2019-9955.yaml * Updated tags for template CVE-2019-0230.yaml * Updated tags for template CVE-2019-10232.yaml * Updated tags for template CVE-2019-17506.yaml * Updated tags for template CVE-2019-8449.yaml * Updated tags for template CVE-2019-12593.yaml * Updated tags for template CVE-2019-10092.yaml * Updated tags for template CVE-2019-1821.yaml * Updated tags for template CVE-2019-3401.yaml * Updated tags for template CVE-2019-16662.yaml * Updated tags for template CVE-2019-5418.yaml * Updated tags for template CVE-2016-4975.yaml * Updated tags for template CVE-2016-1000137.yaml * Updated tags for template CVE-2016-7552.yaml * Updated tags for template CVE-2016-10956.yaml * Updated tags for template CVE-2016-1000146.yaml * Updated tags for template CVE-2013-2251.yaml * Updated tags for template CVE-2013-1965.yaml * Updated tags for template CVE-2014-2323.yaml * Updated tags for template CVE-2014-5111.yaml * Updated tags for template CVE-2014-2962.yaml * Updated tags for template CVE-2014-4561.yaml * Updated tags for template CVE-2014-4558.yaml * Updated tags for template CVE-2014-3120.yaml * Updated tags for template CVE-2007-5728.yaml * Updated tags for template CVE-2009-4679.yaml * Updated tags for template CVE-2009-1558.yaml * Updated tags for template CVE-2009-4202.yaml * Updated tags for template CVE-2009-0932.yaml * Updated tags for template CVE-2015-2068.yaml * Updated tags for template CVE-2015-8813.yaml * Updated tags for template CVE-2015-7450.yaml * Updated tags for template CVE-2015-2067.yaml * Updated tags for template CVE-2015-3306.yaml * Updated tags for template CVE-2015-3337.yaml * Updated tags for template CVE-2015-1427.yaml * Updated tags for template CVE-2015-1503.yaml * Updated tags for template CVE-2015-1880.yaml * Updated tags for template CVE-2018-3810.yaml * Updated tags for template CVE-2018-18069.yaml * Updated tags for template CVE-2018-17246.yaml * Updated tags for template CVE-2018-10141.yaml * Updated tags for template CVE-2018-16341.yaml * Updated tags for template CVE-2018-18777.yaml * Updated tags for template CVE-2018-15138.yaml * Updated tags for template CVE-2018-11784.yaml * Updated tags for template CVE-2018-16299.yaml * Updated tags for template CVE-2018-7251.yaml * Updated tags for template CVE-2018-1273.yaml * Updated tags for template CVE-2018-1271.yaml * Updated tags for template CVE-2018-11759.yaml * Updated tags for template CVE-2018-3167.yaml * Updated tags for template CVE-2018-7490.yaml * Updated tags for template CVE-2018-2628.yaml * Updated tags for template CVE-2018-13380.yaml * Updated tags for template CVE-2018-2893.yaml * Updated tags for template CVE-2018-5316.yaml * Updated tags for template CVE-2018-20985.yaml * Updated tags for template CVE-2018-10818.yaml * Updated tags for template CVE-2018-1000861.yaml * Updated tags for template CVE-2018-0296.yaml * Updated tags for template CVE-2018-19458.yaml * Updated tags for template CVE-2018-3760.yaml * Updated tags for template CVE-2018-12998.yaml * Updated tags for template CVE-2018-9118.yaml * Updated tags for template CVE-2018-1000130.yaml * Updated tags for template CVE-2008-6668.yaml * Updated tags for template CVE-2017-7269.yaml * Updated tags for template CVE-2017-1000170.yaml * Updated tags for template CVE-2017-16877.yaml * Updated tags for template CVE-2017-1000486.yaml * Updated tags for template CVE-2017-9822.yaml * Updated tags for template CVE-2017-0929.yaml * Updated tags for template CVE-2017-7921.yaml * Updated tags for template CVE-2017-14535.yaml * Updated tags for template CVE-2017-5521.yaml * Updated tags for template CVE-2017-12637.yaml * Updated tags for template CVE-2017-12635.yaml * Updated tags for template CVE-2017-11610.yaml * Updated tags for template CVE-2021-20114.yaml * Updated tags for template CVE-2021-40856.yaml * Updated tags for template CVE-2021-21972.yaml * Updated tags for template CVE-2021-31602.yaml * Updated tags for template CVE-2021-41773.yaml * Updated tags for template CVE-2021-37704.yaml * Updated tags for template CVE-2021-45046.yaml * Updated tags for template CVE-2021-26084.yaml * Updated tags for template CVE-2021-27931.yaml * Updated tags for template CVE-2021-24291.yaml * Updated tags for template CVE-2021-41648.yaml * Updated tags for template CVE-2021-37216.yaml * Updated tags for template CVE-2021-22005.yaml * Updated tags for template CVE-2021-37573.yaml * Updated tags for template CVE-2021-31755.yaml * Updated tags for template CVE-2021-43287.yaml * Updated tags for template CVE-2021-24274.yaml * Updated tags for template CVE-2021-33564.yaml * Updated tags for template CVE-2021-22145.yaml * Updated tags for template CVE-2021-24237.yaml * Updated tags for template CVE-2021-44848.yaml * Updated tags for template CVE-2021-25646.yaml * Updated tags for template CVE-2021-21816.yaml * Updated tags for template CVE-2021-41649.yaml * Updated tags for template CVE-2021-41291.yaml * Updated tags for template CVE-2021-41293.yaml * Updated tags for template CVE-2021-21801.yaml * Updated tags for template CVE-2021-29156.yaml * Updated tags for template CVE-2021-34370.yaml * Updated tags for template CVE-2021-27132.yaml * Updated tags for template CVE-2021-28151.yaml * Updated tags for template CVE-2021-26812.yaml * Updated tags for template CVE-2021-21985.yaml * Updated tags for template CVE-2021-43778.yaml * Updated tags for template CVE-2021-25281.yaml * Updated tags for template CVE-2021-40539.yaml * Updated tags for template CVE-2021-36749.yaml * Updated tags for template CVE-2021-21234.yaml * Updated tags for template CVE-2021-33221.yaml * Updated tags for template CVE-2021-42013.yaml * Updated tags for template CVE-2021-33807.yaml * Updated tags for template CVE-2021-44228.yaml * Updated tags for template CVE-2012-0896.yaml * Updated tags for template CVE-2012-0991.yaml * Updated tags for template CVE-2012-0392.yaml * Updated tags for template CVE-2012-4940.yaml * Updated tags for template CVE-2012-1226.yaml * Updated tags for template CVE-2012-4878.yaml * Updated tags for template CVE-2010-1304.yaml * Updated tags for template CVE-2010-1217.yaml * Updated tags for template CVE-2010-0759.yaml * Updated tags for template CVE-2010-2307.yaml * Updated tags for template CVE-2010-4231.yaml * Updated tags for template CVE-2010-2861.yaml * Updated tags for template CVE-2010-4282.yaml * Updated tags for template CVE-2010-1302.yaml * Updated tags for template CVE-2010-1461.yaml * Updated tags for template CVE-2020-4463.yaml * Updated tags for template CVE-2020-1943.yaml * Updated tags for template CVE-2020-36289.yaml * Updated tags for template CVE-2020-17518.yaml * Updated tags for template CVE-2020-12800.yaml * Updated tags for template CVE-2020-10770.yaml * Updated tags for template CVE-2020-17506.yaml * Updated tags for template CVE-2020-11547.yaml * Updated tags for template CVE-2020-11034.yaml * Updated tags for template CVE-2020-24589.yaml * Updated tags for template CVE-2020-9054.yaml * Updated tags for template CVE-2020-28976.yaml * Updated tags for template CVE-2020-16952.yaml * Updated tags for template CVE-2020-24312.yaml * Updated tags for template CVE-2020-8512.yaml * Updated tags for template CVE-2020-14179.yaml * Updated tags for template CVE-2020-6308.yaml * Updated tags for template CVE-2020-35846.yaml * Updated tags for template CVE-2020-7318.yaml * Updated tags for template CVE-2020-2140.yaml * Updated tags for template CVE-2020-5410.yaml * Updated tags for template CVE-2020-5777.yaml * Updated tags for template CVE-2020-13700.yaml * Updated tags for template CVE-2020-5775.yaml * Updated tags for template CVE-2020-13167.yaml * Updated tags for template CVE-2020-35848.yaml * Updated tags for template CVE-2020-9484.yaml * Updated tags for template CVE-2020-15505.yaml * Updated tags for template CVE-2020-9047.yaml * Updated tags for template CVE-2020-17519.yaml * Updated tags for template CVE-2020-17505.yaml * Updated tags for template CVE-2020-9376.yaml * Updated tags for template CVE-2020-8497.yaml * Updated tags for template CVE-2020-14092.yaml * Updated tags for template CVE-2020-10148.yaml * Updated tags for template CVE-2020-35847.yaml * Updated tags for template CVE-2020-12116.yaml * Updated tags for template CVE-2020-11930.yaml * Updated tags for template CVE-2020-24186.yaml * Updated tags for template CVE-2020-9496.yaml * Updated tags for template CVE-2020-35489.yaml * Updated tags for template CVE-2020-26413.yaml * Updated tags for template CVE-2020-2096.yaml * misc updates * misc update * more updates Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-04 19:34:16 +00:00
tags: sqli,generic,error
requests:
2021-04-23 14:12:58 +00:00
- method: GET
path:
- "{{BaseURL}}/'"
matchers-condition: and
matchers:
- type: word
words:
- "Adminer"
# False Positive
part: body
negative: true
- type: regex
regex:
# MySQL
- "SQL syntax.*?MySQL"
- "Warning.*?\\Wmysqli?_"
- "MySQLSyntaxErrorException"
- "valid MySQL result"
- "check the manual that (corresponds to|fits) your MySQL server version"
- "Unknown column '[^ ]+' in 'field list'"
- "MySqlClient\\."
- "com\\.mysql\\.jdbc"
- "Zend_Db_(Adapter|Statement)_Mysqli_Exception"
- "Pdo[./_\\\\]Mysql"
- "MySqlException"
- "SQLSTATE\\[\\d+\\]: Syntax error or access violation"
# MariaDB
- "check the manual that (corresponds to|fits) your MariaDB server version"
# Drizzle
- "check the manual that (corresponds to|fits) your Drizzle server version"
# MemSQL
- "MemSQL does not support this type of query"
- "is not supported by MemSQL"
- "unsupported nested scalar subselect"
# PostgreSQL
- "PostgreSQL.*?ERROR"
- "Warning.*?\\Wpg_"
- "valid PostgreSQL result"
- "Npgsql\\."
- "PG::SyntaxError:"
- "org\\.postgresql\\.util\\.PSQLException"
- "ERROR:\\s\\ssyntax error at or near"
- "ERROR: parser: parse error at or near"
- "PostgreSQL query failed"
- "org\\.postgresql\\.jdbc"
- "Pdo[./_\\\\]Pgsql"
- "PSQLException"
# Microsoft SQL Server
- "Driver.*? SQL[\\-\\_\\ ]*Server"
- "OLE DB.*? SQL Server"
- "\\bSQL Server[^&lt;&quot;]+Driver"
- "Warning.*?\\W(mssql|sqlsrv)_"
- "\\bSQL Server[^&lt;&quot;]+[0-9a-fA-F]{8}"
- "System\\.Data\\.SqlClient\\.SqlException\\.(SqlException|SqlConnection\\.OnError)"
- "(?s)Exception.*?\\bRoadhouse\\.Cms\\."
- "Microsoft SQL Native Client error '[0-9a-fA-F]{8}"
- "\\[SQL Server\\]"
- "ODBC SQL Server Driver"
- "ODBC Driver \\d+ for SQL Server"
- "SQLServer JDBC Driver"
- "com\\.jnetdirect\\.jsql"
- "macromedia\\.jdbc\\.sqlserver"
- "Zend_Db_(Adapter|Statement)_Sqlsrv_Exception"
- "com\\.microsoft\\.sqlserver\\.jdbc"
- "Pdo[./_\\\\](Mssql|SqlSrv)"
- "SQL(Srv|Server)Exception"
- "Unclosed quotation mark after the character string"
# Microsoft Access
- "Microsoft Access (\\d+ )?Driver"
- "JET Database Engine"
- "Access Database Engine"
- "ODBC Microsoft Access"
- "Syntax error \\(missing operator\\) in query expression"
# Oracle
- "\\bORA-\\d{5}"
- "Oracle error"
- "Oracle.*?Driver"
- "Warning.*?\\W(oci|ora)_"
- "quoted string not properly terminated"
- "SQL command not properly ended"
- "macromedia\\.jdbc\\.oracle"
- "oracle\\.jdbc"
- "Zend_Db_(Adapter|Statement)_Oracle_Exception"
- "Pdo[./_\\\\](Oracle|OCI)"
- "OracleException"
# IBM DB2
- "CLI Driver.*?DB2"
- "DB2 SQL error"
- "\\bdb2_\\w+\\("
- "SQLCODE[=:\\d, -]+SQLSTATE"
- "com\\.ibm\\.db2\\.jcc"
- "Zend_Db_(Adapter|Statement)_Db2_Exception"
- "Pdo[./_\\\\]Ibm"
- "DB2Exception"
- "ibm_db_dbi\\.ProgrammingError"
# Informix
- "Warning.*?\\Wifx_"
- "Exception.*?Informix"
- "Informix ODBC Driver"
- "ODBC Informix driver"
- "com\\.informix\\.jdbc"
- "weblogic\\.jdbc\\.informix"
- "Pdo[./_\\\\]Informix"
- "IfxException"
# Firebird
- "Dynamic SQL Error"
- "Warning.*?\\Wibase_"
- "org\\.firebirdsql\\.jdbc"
- "Pdo[./_\\\\]Firebird"
# SQLite
- "SQLite/JDBCDriver"
- "SQLite\\.Exception"
- "(Microsoft|System)\\.Data\\.SQLite\\.SQLiteException"
- "Warning.*?\\W(sqlite_|SQLite3::)"
- "\\[SQLITE_ERROR\\]"
- "SQLite error \\d+:"
- "sqlite3.OperationalError:"
- "SQLite3::SQLException"
- "org\\.sqlite\\.JDBC"
- "Pdo[./_\\\\]Sqlite"
- "SQLiteException"
# SAP MaxDB
- "SQL error.*?POS([0-9]+)"
- "Warning.*?\\Wmaxdb_"
- "DriverSapDB"
- "-3014.*?Invalid end of SQL statement"
- "com\\.sap\\.dbtech\\.jdbc"
- "\\[-3008\\].*?: Invalid keyword or missing delimiter"
# Sybase
- "Warning.*?\\Wsybase_"
- "Sybase message"
- "Sybase.*?Server message"
- "SybSQLException"
- "Sybase\\.Data\\.AseClient"
- "com\\.sybase\\.jdbc"
# Ingres
- "Warning.*?\\Wingres_"
- "Ingres SQLSTATE"
- "Ingres\\W.*?Driver"
- "com\\.ingres\\.gcf\\.jdbc"
# FrontBase
- "Exception (condition )?\\d+\\. Transaction rollback"
- "com\\.frontbase\\.jdbc"
- "Syntax error 1. Missing"
- "(Semantic|Syntax) error [1-4]\\d{2}\\."
# HSQLDB
- "Unexpected end of command in statement \\["
- "Unexpected token.*?in statement \\["
- "org\\.hsqldb\\.jdbc"
# H2
- "org\\.h2\\.jdbc"
- "\\[42000-192\\]"
# MonetDB
- "![0-9]{5}![^\\n]+(failed|unexpected|error|syntax|expected|violation|exception)"
- "\\[MonetDB\\]\\[ODBC Driver"
- "nl\\.cwi\\.monetdb\\.jdbc"
# Apache Derby
- "Syntax error: Encountered"
- "org\\.apache\\.derby"
- "ERROR 42X01"
# Vertica
- ", Sqlstate: (3F|42).{3}, (Routine|Hint|Position):"
- "/vertica/Parser/scan"
- "com\\.vertica\\.jdbc"
- "org\\.jkiss\\.dbeaver\\.ext\\.vertica"
- "com\\.vertica\\.dsi\\.dataengine"
# Mckoi
- "com\\.mckoi\\.JDBCDriver"
- "com\\.mckoi\\.database\\.jdbc"
- "&lt;REGEX_LITERAL&gt;"
# Presto
- "com\\.facebook\\.presto\\.jdbc"
- "io\\.prestosql\\.jdbc"
- "com\\.simba\\.presto\\.jdbc"
- "UNION query has different number of fields: \\d+, \\d+"
# Altibase
- "Altibase\\.jdbc\\.driver"
# MimerSQL
- "com\\.mimer\\.jdbc"
- "Syntax error,[^\\n]+assumed to mean"
# CrateDB
- "io\\.crate\\.client\\.jdbc"
# Cache
- "encountered after end of query"
- "A comparison operator is required here"
# Raima Database Manager
- "-10048: Syntax error"
- "rdmStmtPrepare\\(.+?\\) returned"
# Virtuoso
- "SQ074: Line \\d+:"
- "SR185: Undefined procedure"
- "SQ200: No table "
- "Virtuoso S0002 Error"
- "\\[(Virtuoso Driver|Virtuoso iODBC Driver)\\]\\[Virtuoso Server\\]"
condition: or
extractors:
- type: regex
name: MySQL
regex:
- "SQL syntax.*?MySQL"
- "Warning.*?\\Wmysqli?_"
- "MySQLSyntaxErrorException"
- "valid MySQL result"
- "check the manual that (corresponds to|fits) your MySQL server version"
- "Unknown column '[^ ]+' in 'field list'"
- "MySqlClient\\."
- "com\\.mysql\\.jdbc"
- "Zend_Db_(Adapter|Statement)_Mysqli_Exception"
- "Pdo[./_\\\\]Mysql"
- "MySqlException"
- "SQLSTATE[\\d+]: Syntax error or access violation"
- type: regex
name: MariaDB
regex:
- "check the manual that (corresponds to|fits) your MariaDB server version"
- type: regex
name: Drizzel
regex:
- "check the manual that (corresponds to|fits) your Drizzle server version"
- type: regex
name: MemSQL
regex:
- "MemSQL does not support this type of query"
- "is not supported by MemSQL"
- "unsupported nested scalar subselect"
- type: regex
name: PostgreSQL
regex:
- "PostgreSQL.*?ERROR"
- "Warning.*?\\Wpg_"
- "valid PostgreSQL result"
- "Npgsql\\."
- "PG::SyntaxError:"
- "org\\.postgresql\\.util\\.PSQLException"
- "ERROR:\\s\\ssyntax error at or near"
- "ERROR: parser: parse error at or near"
- "PostgreSQL query failed"
- "org\\.postgresql\\.jdbc"
- "Pdo[./_\\\\]Pgsql"
- "PSQLException"
- type: regex
name: MicrosoftSQLServer
regex:
- "Driver.*? SQL[\\-\\_\\ ]*Server"
- "OLE DB.*? SQL Server"
- "\\bSQL Server[^&lt;&quot;]+Driver"
- "Warning.*?\\W(mssql|sqlsrv)_"
- "\\bSQL Server[^&lt;&quot;]+[0-9a-fA-F]{8}"
- "System\\.Data\\.SqlClient\\.SqlException\\.(SqlException|SqlConnection\\.OnError)"
- "(?s)Exception.*?\\bRoadhouse\\.Cms\\."
- "Microsoft SQL Native Client error '[0-9a-fA-F]{8}"
- "\\[SQL Server\\]"
- "ODBC SQL Server Driver"
- "ODBC Driver \\d+ for SQL Server"
- "SQLServer JDBC Driver"
- "com\\.jnetdirect\\.jsql"
- "macromedia\\.jdbc\\.sqlserver"
- "Zend_Db_(Adapter|Statement)_Sqlsrv_Exception"
- "com\\.microsoft\\.sqlserver\\.jdbc"
- "Pdo[./_\\\\](Mssql|SqlSrv)"
- "SQL(Srv|Server)Exception"
- "Unclosed quotation mark after the character string"
- type: regex
name: MicrosoftAccess
regex:
- "Microsoft Access (\\d+ )?Driver"
- "JET Database Engine"
- "Access Database Engine"
- "ODBC Microsoft Access"
- "Syntax error \\(missing operator\\) in query expression"
- type: regex
name: Oracle
regex:
- "\\bORA-\\d{5}"
- "Oracle error"
- "Oracle.*?Driver"
- "Warning.*?\\W(oci|ora)_"
- "quoted string not properly terminated"
- "SQL command not properly ended"
- "macromedia\\.jdbc\\.oracle"
- "oracle\\.jdbc"
- "Zend_Db_(Adapter|Statement)_Oracle_Exception"
- "Pdo[./_\\\\](Oracle|OCI)"
- "OracleException"
- type: regex
name: IBMDB2
regex:
- "CLI Driver.*?DB2"
- "DB2 SQL error"
- "\\bdb2_\\w+\\("
- "SQLCODE[=:\\d, -]+SQLSTATE"
- "com\\.ibm\\.db2\\.jcc"
- "Zend_Db_(Adapter|Statement)_Db2_Exception"
- "Pdo[./_\\\\]Ibm"
- "DB2Exception"
- "ibm_db_dbi\\.ProgrammingError"
- type: regex
name: Informix
regex:
- "Warning.*?\\Wifx_"
- "Exception.*?Informix"
- "Informix ODBC Driver"
- "ODBC Informix driver"
- "com\\.informix\\.jdbc"
- "weblogic\\.jdbc\\.informix"
- "Pdo[./_\\\\]Informix"
- "IfxException"
- type: regex
name: Firebird
regex:
- "Dynamic SQL Error"
- "Warning.*?\\Wibase_"
- "org\\.firebirdsql\\.jdbc"
- "Pdo[./_\\\\]Firebird"
- type: regex
name: SQLite
regex:
- "SQLite/JDBCDriver"
- "SQLite\\.Exception"
- "(Microsoft|System)\\.Data\\.SQLite\\.SQLiteException"
- "Warning.*?\\W(sqlite_|SQLite3::)"
- "\\[SQLITE_ERROR\\]"
- "SQLite error \\d+:"
- "sqlite3.OperationalError:"
- "SQLite3::SQLException"
- "org\\.sqlite\\.JDBC"
- "Pdo[./_\\\\]Sqlite"
- "SQLiteException"
- type: regex
name: SAPMaxDB
regex:
- "SQL error.*?POS([0-9]+)"
- "Warning.*?\\Wmaxdb_"
- "DriverSapDB"
- "-3014.*?Invalid end of SQL statement"
- "com\\.sap\\.dbtech\\.jdbc"
- "\\[-3008\\].*?: Invalid keyword or missing delimiter"
- type: regex
name: Sybase
regex:
- "Warning.*?\\Wsybase_"
- "Sybase message"
- "Sybase.*?Server message"
- "SybSQLException"
- "Sybase\\.Data\\.AseClient"
- "com\\.sybase\\.jdbc"
- type: regex
name: Ingres
regex:
- "Warning.*?\\Wingres_"
- "Ingres SQLSTATE"
- "Ingres\\W.*?Driver"
- "com\\.ingres\\.gcf\\.jdbc"
- type: regex
name: FrontBase
regex:
- "Exception (condition )?\\d+\\. Transaction rollback"
- "com\\.frontbase\\.jdbc"
- "Syntax error 1. Missing"
- "(Semantic|Syntax) error \\[1-4\\]\\d{2}\\."
- type: regex
name: HSQLDB
regex:
- "Unexpected end of command in statement \\["
- "Unexpected token.*?in statement \\["
- "org\\.hsqldb\\.jdbc"
- type: regex
name: H2
regex:
- "org\\.h2\\.jdbc"
- "\\[42000-192\\]"
- type: regex
name: MonetDB
regex:
- "![0-9]{5}![^\\n]+(failed|unexpected|error|syntax|expected|violation|exception)"
- "\\[MonetDB\\]\\[ODBC Driver"
- "nl\\.cwi\\.monetdb\\.jdbc"
- type: regex
name: ApacheDerby
regex:
- "Syntax error: Encountered"
- "org\\.apache\\.derby"
- "ERROR 42X01"
- type: regex
name: Vertica
regex:
- ", Sqlstate: (3F|42).{3}, (Routine|Hint|Position):"
- "/vertica/Parser/scan"
- "com\\.vertica\\.jdbc"
- "org\\.jkiss\\.dbeaver\\.ext\\.vertica"
- "com\\.vertica\\.dsi\\.dataengine"
- type: regex
name: Mckoi
regex:
- "com\\.mckoi\\.JDBCDriver"
- "com\\.mckoi\\.database\\.jdbc"
- "&lt;REGEX_LITERAL&gt;"
- type: regex
name: Presto
regex:
- "com\\.facebook\\.presto\\.jdbc"
- "io\\.prestosql\\.jdbc"
- "com\\.simba\\.presto\\.jdbc"
- "UNION query has different number of fields: \\d+, \\d+"
- type: regex
name: Altibase
regex:
- "Altibase\\.jdbc\\.driver"
- type: regex
name: MimerSQL
regex:
- "com\\.mimer\\.jdbc"
- "Syntax error,[^\\n]+assumed to mean"
- type: regex
name: CrateDB
regex:
- "io\\.crate\\.client\\.jdbc"
- type: regex
name: Cache
regex:
- "encountered after end of query"
- "A comparison operator is required here"
- type: regex
name: RaimaDatabaseManager
regex:
- "-10048: Syntax error"
- "rdmStmtPrepare\\(.+?\\) returned"
- type: regex
name: Virtuoso
regex:
- "SQ074: Line \\d+:"
- "SR185: Undefined procedure"
- "SQ200: No table "
- "Virtuoso S0002 Error"
- "\\[(Virtuoso Driver|Virtuoso iODBC Driver)\\]\\[Virtuoso Server\\]"
Dashboard Content Enhancements (#6965) * Add description and enhance one where the UI failed to save properly. dos2unix on a template * Change cvedetails link to nvd * make severities match * Enhancement: cves/2015/CVE-2015-2863.yaml by md * Enhancement: cves/2017/CVE-2017-14524.yaml by md * Enhancement: cves/2017/CVE-2017-5638.yaml by md * Enhancement: cves/2019/CVE-2019-16759.yaml by md * Enhancement: cves/2021/CVE-2021-22986.yaml by md * Enhancement: cves/2021/CVE-2021-24145.yaml by md * Enhancement: cves/2021/CVE-2021-24145.yaml by md * Enhancement: cves/2021/CVE-2021-24155.yaml by md * Enhancement: cves/2021/CVE-2021-24145.yaml by md * Enhancement: cves/2021/CVE-2021-24145.yaml by md * Enhancement: cves/2021/CVE-2021-24347.yaml by md * Enhancement: cves/2021/CVE-2021-25003.yaml by md * Enhancement: cves/2021/CVE-2021-25296.yaml by md * Enhancement: cves/2021/CVE-2021-25297.yaml by md * Enhancement: cves/2021/CVE-2021-25296.yaml by md * Enhancement: cves/2021/CVE-2021-25297.yaml by md * Enhancement: cves/2021/CVE-2021-25298.yaml by md * Enhancement: cves/2021/CVE-2021-25297.yaml by md * Enhancement: cves/2021/CVE-2021-28151.yaml by md * Enhancement: cves/2021/CVE-2021-30128.yaml by md * Enhancement: cves/2022/CVE-2022-0824.yaml by md * Enhancement: cves/2022/CVE-2022-0824.yaml by md * Enhancement: cves/2022/CVE-2022-0885.yaml by md * Enhancement: cves/2022/CVE-2022-21587.yaml by md * Enhancement: cves/2022/CVE-2022-2314.yaml by md * Enhancement: cves/2022/CVE-2022-24816.yaml by md * Enhancement: cves/2022/CVE-2022-31499.yaml by md * Enhancement: cves/2022/CVE-2022-21587.yaml by md * Enhancement: cves/2021/CVE-2021-24155.yaml by md * Enhancement: cves/2017/CVE-2017-5638.yaml by md * Enhancement: cves/2015/CVE-2015-2863.yaml by md * Enhancement: cves/2022/CVE-2022-33901.yaml by md * Enhancement: cves/2022/CVE-2022-2314.yaml by md * Enhancement: cves/2022/CVE-2022-33901.yaml by md * Enhancement: cves/2022/CVE-2022-34753.yaml by md * Enhancement: cves/2022/CVE-2022-39952.yaml by md * Enhancement: cves/2022/CVE-2022-4060.yaml by md * Enhancement: cves/2022/CVE-2022-44877.yaml by md * Enhancement: cves/2023/CVE-2023-0669.yaml by md * Enhancement: cves/2023/CVE-2023-26255.yaml by md * Enhancement: cves/2023/CVE-2023-26256.yaml by md * Enhancement: exposures/files/salesforce-credentials.yaml by md * Enhancement: misconfiguration/hadoop-unauth-rce.yaml by md * Enhancement: misconfiguration/installer/nopcommerce-installer.yaml by md * Enhancement: network/backdoor/backdoored-zte.yaml by md * Enhancement: network/detection/ibm-d2b-database-server.yaml by md * Enhancement: network/detection/ibm-d2b-database-server.yaml by md * Enhancement: technologies/oracle/oracle-atg-commerce.yaml by md * Enhancement: token-spray/api-abuseipdb.yaml by md * Enhancement: token-spray/api-abuseipdb.yaml by md * Enhancement: token-spray/api-dbt.yaml by md * Enhancement: vulnerabilities/avaya/avaya-aura-rce.yaml by md * Enhancement: vulnerabilities/avaya/avaya-aura-xss.yaml by md * Enhancement: vulnerabilities/cisco/cisco-cloudcenter-suite-rce.yaml by md * Enhancement: vulnerabilities/froxlor-xss.yaml by md * Enhancement: vulnerabilities/jamf/jamf-log4j-jndi-rce.yaml by md * Enhancement: vulnerabilities/mobileiron/mobileiron-log4j-jndi-rce.yaml by md * Enhancement: vulnerabilities/jamf/jamf-log4j-jndi-rce.yaml by md * Enhancement: vulnerabilities/opencpu/opencpu-rce.yaml by md * Enhancement: vulnerabilities/other/academy-lms-xss.yaml by md * Enhancement: vulnerabilities/other/caucho-resin-info-disclosure.yaml by md * Enhancement: vulnerabilities/other/ckan-dom-based-xss.yaml by md * Enhancement: vulnerabilities/other/couchdb-adminparty.yaml by md * Enhancement: vulnerabilities/other/graylog-log4j.yaml by md * Enhancement: vulnerabilities/mobileiron/mobileiron-log4j-jndi-rce.yaml by md * Initial cleanups for syntax errors * dashboard gremlins * Add log4j back to name * Enhancement: exposures/files/salesforce-credentials.yaml by cs * Enhancement: misconfiguration/installer/nopcommerce-installer.yaml by cs * Enhancement: network/backdoor/backdoored-zte.yaml by cs * Enhancement: vulnerabilities/other/couchdb-adminparty.yaml by cs * Sev and other info tweaks * Merge conflict --------- Co-authored-by: sullo <sullo@cirt.net>
2023-03-27 17:46:47 +00:00
# Enhanced by CS 03/27/2023