Merge pull request #2728 from projectdiscovery/template-fixes

Added missing cves tags
patch-1
Sandeep Singh 2021-09-21 16:23:43 +05:30 committed by GitHub
commit 2393d4a97c
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 6 additions and 6 deletions

View File

@ -7,7 +7,7 @@ info:
reference:
- https://blog.zsec.uk/cve-2017-3528/
- https://www.exploit-db.com/exploits/43592
tags: oracle,redirect
tags: cve,cve2017,oracle,redirect
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:N
cvss-score: 5.40

View File

@ -1,11 +1,11 @@
id: rubedo-cms-directory-traversal
id: CVE-2018-16836
info:
name: Rubedo CMS 3.4.0 - Directory Traversal
author: 0x_Akoko
severity: high
reference: https://www.exploit-db.com/exploits/45385
tags: rubedo,lfi
tags: cve,cve2018,rubedo,lfi
requests:
- method: GET

View File

@ -5,7 +5,7 @@ info:
author: 0x_Akoko
description: Microstrategy Web, version 7, does not sufficiently encode user-controlled inputs, resulting in a Cross-Site Scripting (XSS) vulnerability via the Login.asp Msg parameter
severity: medium
tags: microstrategy,xss
tags: cve,cve2018,microstrategy,xss
reference: https://www.exploit-db.com/exploits/45755
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

View File

@ -9,7 +9,7 @@ info:
allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /..
(slash dot dot) in a pathname used by a web application. NOTE: this is a deprecated product.
reference: https://www.exploit-db.com/exploits/45755
tags: microstrategy,lfi
tags: cve,cve2018,microstrategy,lfi
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
cvss-score: 4.30

View File

@ -5,7 +5,7 @@ info:
author: 0x_Akoko
severity: high
reference: https://www.exploit-db.com/exploits/47616
tags: emerge,lfi
tags: cve,cve2019,emerge,lfi
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
cvss-score: 8.80