daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update CVE-2019-14322.yaml

patch-1
Prince Chaddha 2022-06-20 23:00:13 +05:30 committed by GitHub
parent ff5d73e8f4
commit 37240cfe1a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 7 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
cves/2019/CVE-2019-14322.yaml
View File

@ -4,7 +4,8 @@ info:
name: Pallets Werkzeug <0.15.5 - Local File Inclusion name: Pallets Werkzeug <0.15.5 - Local File Inclusion
author: madrobot author: madrobot
severity: high severity: high
description: Pallets Werkzeug before 0.15.5 is susceptible to local file inclusion because SharedDataMiddleware mishandles drive names (such as C:) in Windows pathnames. description: |
Pallets Werkzeug before 0.15.5 is susceptible to local file inclusion because SharedDataMiddleware mishandles drive names (such as C:) in Windows pathnames.
reference: reference:
- https://palletsprojects.com/blog/werkzeug-0-15-5-released/ - https://palletsprojects.com/blog/werkzeug-0-15-5-released/
- http://packetstormsecurity.com/files/163398/Pallets-Werkzeug-0.15.4-Path-Traversal.html - http://packetstormsecurity.com/files/163398/Pallets-Werkzeug-0.15.4-Path-Traversal.html
@ -26,15 +27,16 @@ requests:
stop-at-first-match: true stop-at-first-match: true
matchers-condition: and matchers-condition: and
matchers: matchers:
- type: status
status:
- 200
- type: word - type: word
part: body
words: words:
- "bit app support" - "bit app support"
- "fonts" - "fonts"
- "extensions" - "extensions"
condition: and condition: and
part: body
- type: status
status:
- 200
# Enhanced by mp on 2022/06/14 # Enhanced by mp on 2022/06/14