daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/vulnerabilities/other/ueditor-file-upload.yaml

26 lines
749 B
YAML
Raw Normal View History

Create ueditor-file-upload.yaml
2021-04-23 12:15:09 +00:00
id: ueditor-file-upload
refactor: Description field uniformization * info field reorder * reference values refactored to list * added new lines after the id and before the protocols * removed extra new lines * split really long descriptions to multiple lines (part 1) * other minor fixes
2022-04-22 10:38:41 +00:00
Create ueditor-file-upload.yaml
2021-04-23 12:15:09 +00:00
info:
name: UEditor Arbitrary File Upload
author: princechaddha
severity: high
Add description
2021-10-25 09:58:22 +00:00
description: A vulnerability in UEditor allows remote unauthenticated attackers to upload arbitrary files to the server, this in turn can be used to make the application to execute their content as code.
Removed pipe (|) character from references, because the structure requires it to be a string slice, not a string Related nuclei tickets: * #259 - dynamic key-value field support for template information * #940 - new infos in template * #834 * RES-84
2021-08-18 11:37:49 +00:00
reference:
Create ueditor-file-upload.yaml
2021-04-23 12:15:09 +00:00
- https://zhuanlan.zhihu.com/p/85265552
- https://www.freebuf.com/vuls/181814.html
tags: ueditor,fileupload
requests:
- method: GET
path:
- "{{BaseURL}}/ueditor/net/controller.ashx?action=catchimage&encode=utf-8"
matchers-condition: and
matchers:
- type: status
status:
- 200
- type: word
words:
- "没有指定抓取源"
part: body