daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Description and References

patch-1
Noam Rathaus 2021-04-18 16:02:50 +03:00
parent 4beb5e8495
commit 0ee0c0870f
4 changed files with 7 additions and 14 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
cves/2017/CVE-2017-5638.yaml
View File

@ -5,11 +5,7 @@ info:
severity: critical severity: critical
description: Struts is vulnerable to remote command injection attacks through incorrectly parsing an attackers invalid Content-Type HTTP header. The Struts vulnerability allows these commands to be executed under the privileges of the Web server. description: Struts is vulnerable to remote command injection attacks through incorrectly parsing an attackers invalid Content-Type HTTP header. The Struts vulnerability allows these commands to be executed under the privileges of the Web server.
tags: cve,cve2017,struts,rce,apache tags: cve,cve2017,struts,rce,apache
reference: https://github.com/mazen160/struts-pwn
# This template supports the detection part only.
# Do not test any website without permission
# Exploit:- https://github.com/mazen160/struts-pwn
requests: requests:
- raw: - raw:

4
cves/2017/CVE-2017-7269.yaml
View File

@ -5,9 +5,7 @@ info:
author: thomas_from_offensity author: thomas_from_offensity
severity: critical severity: critical
description: RCE - Buffer overflow in ScStoragePathFromUrl function (WebDAV service - IIS 6.0) - Windows Server 2003 R2 description: RCE - Buffer overflow in ScStoragePathFromUrl function (WebDAV service - IIS 6.0) - Windows Server 2003 R2
reference: https://github.com/danigargu/explodingcan/blob/master/explodingcan.py
# this was implemented based on the "check"-method in:
# https://github.com/danigargu/explodingcan/blob/master/explodingcan.py
requests: requests:
- method: OPTIONS - method: OPTIONS

3
cves/2017/CVE-2017-7391.yaml
View File

@ -6,8 +6,7 @@ info:
severity: medium severity: medium
description: A Cross-Site Scripting (XSS) was discovered in 'Magmi 0.7.22'. The vulnerability exists due to insufficient filtration of user-supplied data (prefix) passed to the 'magmi-git-master/magmi/web/ajax_gettime.php' URL. description: A Cross-Site Scripting (XSS) was discovered in 'Magmi 0.7.22'. The vulnerability exists due to insufficient filtration of user-supplied data (prefix) passed to the 'magmi-git-master/magmi/web/ajax_gettime.php' URL.
tags: cve,cve2017,magmi,xss tags: cve,cve2017,magmi,xss
reference: https://github.com/dweeves/magmi-git/issues/522
# Issues:-https://github.com/dweeves/magmi-git/issues/522
# Download:-https://github.com/dweeves/magmi-git/releases/download/0.7.22/magmi_full_0.7.22.zip # Download:-https://github.com/dweeves/magmi-git/releases/download/0.7.22/magmi_full_0.7.22.zip
requests: requests:

8
cves/2017/CVE-2017-7615.yaml
View File

@ -12,10 +12,10 @@ info:
# This template works by guessing user ID. # This template works by guessing user ID.
# MantisBT before 1.3.10, 2.2.4, and 2.3.1, that can be downloaded on reference[1]. # MantisBT before 1.3.10, 2.2.4, and 2.3.1, that can be downloaded on reference[1].
# References: reference: |
# - [1] https://sourceforge.net/projects/mantisbt/files/mantis-stable/ - https://sourceforge.net/projects/mantisbt/files/mantis-stable/
# - [2] http://hyp3rlinx.altervista.org/advisories/MANTIS-BUG-TRACKER-PRE-AUTH-REMOTE-PASSWORD-RESET.txt - http://hyp3rlinx.altervista.org/advisories/MANTIS-BUG-TRACKER-PRE-AUTH-REMOTE-PASSWORD-RESET.txt
# - [3] https://www.exploit-db.com/exploits/41890 - https://www.exploit-db.com/exploits/41890
requests: requests:
- method: GET - method: GET