commit
2393d4a97c
|
@ -7,7 +7,7 @@ info:
|
|||
reference:
|
||||
- https://blog.zsec.uk/cve-2017-3528/
|
||||
- https://www.exploit-db.com/exploits/43592
|
||||
tags: oracle,redirect
|
||||
tags: cve,cve2017,oracle,redirect
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
|
||||
cvss-score: 5.40
|
||||
|
|
|
@ -1,11 +1,11 @@
|
|||
id: rubedo-cms-directory-traversal
|
||||
id: CVE-2018-16836
|
||||
|
||||
info:
|
||||
name: Rubedo CMS 3.4.0 - Directory Traversal
|
||||
author: 0x_Akoko
|
||||
severity: high
|
||||
reference: https://www.exploit-db.com/exploits/45385
|
||||
tags: rubedo,lfi
|
||||
tags: cve,cve2018,rubedo,lfi
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
|
|
|
@ -5,7 +5,7 @@ info:
|
|||
author: 0x_Akoko
|
||||
description: Microstrategy Web, version 7, does not sufficiently encode user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability via the Login.asp Msg parameter
|
||||
severity: medium
|
||||
tags: microstrategy,xss
|
||||
tags: cve,cve2018,microstrategy,xss
|
||||
reference: https://www.exploit-db.com/exploits/45755
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
|
||||
|
|
|
@ -9,7 +9,7 @@ info:
|
|||
allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /..
|
||||
(slash dot dot) in a pathname used by a web application. NOTE: this is a deprecated product.
|
||||
reference: https://www.exploit-db.com/exploits/45755
|
||||
tags: microstrategy,lfi
|
||||
tags: cve,cve2018,microstrategy,lfi
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
|
||||
cvss-score: 4.30
|
||||
|
|
|
@ -5,7 +5,7 @@ info:
|
|||
author: 0x_Akoko
|
||||
severity: high
|
||||
reference: https://www.exploit-db.com/exploits/47616
|
||||
tags: emerge,lfi
|
||||
tags: cve,cve2019,emerge,lfi
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
||||
cvss-score: 8.80
|
||||
|
|
Loading…
Reference in New Issue