daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2728 from projectdiscovery/template-fixes 

Added missing cves tags
patch-1
Sandeep Singh 2021-09-21 16:23:43 +05:30 committed by GitHub
parent 34fd6fc688 a98e8defc2
commit 2393d4a97c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 6 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cves/2017/CVE-2017-3528.yaml
View File

@ -7,7 +7,7 @@ info:
reference: reference:
- https://blog.zsec.uk/cve-2017-3528/ - https://blog.zsec.uk/cve-2017-3528/
- https://www.exploit-db.com/exploits/43592 - https://www.exploit-db.com/exploits/43592
tags: oracle,redirect tags: cve,cve2017,oracle,redirect
classification: classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
cvss-score: 5.40 cvss-score: 5.40

4
cves/2018/CVE-2018-16836.yaml
View File

@ -1,11 +1,11 @@
id: rubedo-cms-directory-traversal id: CVE-2018-16836
info: info:
name: Rubedo CMS 3.4.0 - Directory Traversal name: Rubedo CMS 3.4.0 - Directory Traversal
author: 0x_Akoko author: 0x_Akoko
severity: high severity: high
reference: https://www.exploit-db.com/exploits/45385 reference: https://www.exploit-db.com/exploits/45385
tags: rubedo,lfi tags: cve,cve2018,rubedo,lfi
requests: requests:
- method: GET - method: GET

2
cves/2018/CVE-2018-18775.yaml
View File

@ -5,7 +5,7 @@ info:
author: 0x_Akoko author: 0x_Akoko
description: Microstrategy Web, version 7, does not sufficiently encode user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability via the Login.asp Msg parameter description: Microstrategy Web, version 7, does not sufficiently encode user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability via the Login.asp Msg parameter
severity: medium severity: medium
tags: microstrategy,xss tags: cve,cve2018,microstrategy,xss
reference: https://www.exploit-db.com/exploits/45755 reference: https://www.exploit-db.com/exploits/45755
classification: classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

2
cves/2018/CVE-2018-18777.yaml
View File

@ -9,7 +9,7 @@ info:
allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /.. allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /..
(slash dot dot) in a pathname used by a web application. NOTE: this is a deprecated product. (slash dot dot) in a pathname used by a web application. NOTE: this is a deprecated product.
reference: https://www.exploit-db.com/exploits/45755 reference: https://www.exploit-db.com/exploits/45755
tags: microstrategy,lfi tags: cve,cve2018,microstrategy,lfi
classification: classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
cvss-score: 4.30 cvss-score: 4.30

2
cves/2019/CVE-2019-7254.yaml
View File

@ -5,7 +5,7 @@ info:
author: 0x_Akoko author: 0x_Akoko
severity: high severity: high
reference: https://www.exploit-db.com/exploits/47616 reference: https://www.exploit-db.com/exploits/47616
tags: emerge,lfi tags: cve,cve2019,emerge,lfi
classification: classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
cvss-score: 8.80 cvss-score: 8.80