daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

misc changes

patch-1
sandeep 2021-05-28 09:26:30 +05:30
parent 830a187e0d
commit 01995c82ab
1 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
cves/2020/CVE-2020-35736.yaml
View File

@ -1,13 +1,14 @@
id: CVE-2020-35736
info:
name: GateOne LFI
name: GateOne Arbitrary File Download
author: pikpikcu
severity: high
description: GateOne 1.1 allows arbitrary file download without authentication via /downloads/.. directory traversal because os.path.join is misused.
reference: |
- https://github.com/liftoff/GateOne/issues/747
- https://twitter.com/sec715/status/1397900990901223429
tags: gateone,lfi
- https://nvd.nist.gov/vuln/detail/CVE-2020-35736
tags: cve,cve2020,gateone,lfi
requests:
- method: GET
@ -22,4 +23,4 @@ requests:
- type: status
status:
- 200
- 200