daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #1207 from nrathaus/master 

Fixed some template issues
patch-1
PD-Team 2021-04-07 14:27:19 +05:30 committed by GitHub
parent 40c21e3871 7bc9df16d7
commit 2d3051aea1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
cves/2019/CVE-2019-12461.yaml
View File

@ -4,11 +4,10 @@ info:
name: WebPort 1.19.1 - Reflected Cross-Site Scripting
author: pikpikcu
severity: medium
description: Web Port 1.19.1 allows XSS via the /log type parameter.
tags: cve,cve2019,xss
# Vendor Homepage: https://webport.se/
# Software Link: https://webport.se/nedladdningar/
# reference: https://github.com/EmreOvunc/WebPort-v1.19.1-Reflected-XSS
reference: https://github.com/EmreOvunc/WebPort-v1.19.1-Reflected-XSS
software: https://webport.se/nedladdningar/
requests:
- method: GET

1
cves/2019/CVE-2019-15107.yaml
View File

@ -4,6 +4,7 @@ info:
name: Webmin <= 1.920 Unauhenticated Remote Command Execution
author: bp0lr
severity: high
description: An issue was discovered in Webmin <=1.920. The parameter old in password_change.cgi contains a command injection vulnerability.
reference: https://pentest.com.tr/exploits/DEFCON-Webmin-1920-Unauthenticated-Remote-Command-Execution.html
tags: cve,cve2019,webmin,rce

2
cves/2019/CVE-2019-3403.yaml
View File

@ -5,7 +5,7 @@ info:
author: Ganofins
severity: medium
description: The /rest/api/2/user/picker rest resource in Jira before version 7.13.3, from version 8.0.0 before version 8.0.4, and from version 8.1.0 before version 8.1.1 allows remote attackers to enumerate usernames via an incorrect authorisation check.
reference: https://nvd.nist.gov/vuln/detail/CVE-2019-3403
reference: https://jira.atlassian.com/browse/JRASERVER-69242
tags: cve,cve2019,atlassian,jira
requests:

2
cves/2020/CVE-2020-24550.yaml
View File

@ -6,7 +6,7 @@ info:
severity: medium
description: An Open Redirect vulnerability in EpiServer Find before 13.2.7 allows an attacker to redirect users to untrusted websites via the _t_redirect parameter in a crafted URL, such as a /find_v2/_click URL.
tags: cve,cve2020,redirect,episerver
reference: https://nvd.nist.gov/vuln/detail/CVE-2020-24550
reference: https://labs.nettitude.com/blog/cve-2020-24550-open-redirect-in-episerver-find/
requests:
- method: GET

2
cves/2021/CVE-2021-21402.yaml
View File

@ -1,7 +1,7 @@
id: CVE-2021-21402
info:
name: Jellyfin prior to 10.7.0 Unauthenticated Abritrary File Read
name: Jellyfin prior to 10.7.0 Unauthenticated Arbitrary File Read
author: dwisiswant0
severity: high
description: |