daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix matcher and added metadata

patch-1
Dhiyaneshwaran 2023-06-12 16:29:09 +05:30 committed by GitHub
parent 171082cf0e
commit 26f3753bba
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 10 additions and 23 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
http/cves/2011/CVE-2011-5252.yaml
View File

@ -1,46 +1,33 @@
id: CVE-2011-5252 id: CVE-2011-5252
info: info:
name: Orchard 1.0.x before 1.0.21, 1.1.x before 1.1.31, 1.2.x before 1.2.42, and 1.3.x before 1.3.10 - Open Redirect name: Orchard 'ReturnUrl' Parameter URI - Open Redirect
description: |
Open redirect vulnerability in Users/Account/LogOff in Orchard 1.0.x before 1.0.21, 1.1.x before 1.1.31, 1.2.x before 1.2.42, and 1.3.x before 1.3.10 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the ReturnUrl parameter.
author: ctflearner author: ctflearner
severity: medium severity: medium
tags: description: |
- Orchard Open redirect vulnerability in Users/Account/LogOff in Orchard 1.0.x before 1.0.21, 1.1.x before 1.1.31, 1.2.x before 1.2.42, and 1.3.x before 1.3.10 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the ReturnUrl parameter.
- Open redirect
- web
- cve2011
reference: reference:
- https://www.exploit-db.com/exploits/36493 - https://www.exploit-db.com/exploits/36493
- https://nvd.nist.gov/vuln/detail/CVE-2011-5252 - https://nvd.nist.gov/vuln/detail/CVE-2011-5252
- https://www.invicti.com/web-applications-advisories/open-redirection-vulnerability-in-orchard/ - https://www.invicti.com/web-applications-advisories/open-redirection-vulnerability-in-orchard/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/72110 - https://exchange.xforce.ibmcloud.com/vulnerabilities/72110
classification: classification:
cvss-metrics: CVSS:2.0/(AV:N/AC:M/Au:N/C:P/I:P/A:N) cvss-metrics: AV:N/AC:M/Au:N/C:P/I:P/A:N
cvss-score: 5.8 cvss-score: 5.8
cve-id: CVE-2011-5252 cve-id: CVE-2011-5252
cwe-id: CWE-20 cwe-id: CWE-20
cpe: cpe:2.3:a:orchardproject:orchard:1.3.10:*:*:*:*:*:*:* cpe: cpe:2.3:a:orchardproject:orchard:1.0:*:*:*:*:*:*:*
metadata: metadata:
max-request: 1 max-request: 1
tags: cve,cve2011,redirect,orchard
http: http:
- method: GET - method: GET
path: path:
- "{{BaseURL}}/orchard/Users/Account/LogOff?ReturnUrl=%2f%2fhttp://www.evil.com%3f" - "{{BaseURL}}/orchard/Users/Account/LogOff?ReturnUrl=%2f%2fhttp://interact.sh%3f"
stop-at-first-match: true
matchers-condition: and
matchers: matchers:
- type: regex - type: regex
part: header part: header
regex: regex:
- '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)evil\.com\/?(\/|[^.].*)?$' - '(?m)^(?:Location\s*?:\s*?)(?:http?://|//)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$'
- type: status
status:
- 301
- 302
- 307
- 308
condition: or