daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

chore: generate CVEs metadata 🤖

patch-14
ghost 2024-11-07 13:28:40 +00:00
parent 404a52a317
commit 40c6a28517
2 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
cves.json
View File

@ -505,6 +505,7 @@
{"ID":"CVE-2018-10141","Info":{"Name":"Palo Alto Networks PAN-OS GlobalProtect \u003c8.1.4 - Cross-Site Scripting","Severity":"medium","Description":"Palo Alto Networks PAN-OS before 8.1.4 GlobalProtect Portal Login page allows an unauthenticated attacker to inject arbitrary JavaScript or HTML, making it vulnerable to cross-site scripting.","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2018/CVE-2018-10141.yaml"}
{"ID":"CVE-2018-10201","Info":{"Name":"Ncomputing vSPace Pro 10 and 11 - Directory Traversal","Severity":"high","Description":"Ncomputing vSpace Pro versions 10 and 11 suffer from a directory traversal vulnerability.","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2018/CVE-2018-10201.yaml"}
{"ID":"CVE-2018-10230","Info":{"Name":"Zend Server \u003c9.13 - Cross-Site Scripting","Severity":"medium","Description":"Zend Server before version 9.13 is vulnerable to cross-site scripting via the debug_host parameter.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2018/CVE-2018-10230.yaml"}
{"ID":"CVE-2018-10383","Info":{"Name":"Lantronix SecureLinx Spider (SLS) 2.2+ - Cross-Site Scripting","Severity":"medium","Description":"Lantronix SecureLinx Spider (SLS) 2.2+ devices have XSS in the auth.asp login page.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2018/CVE-2018-10383.yaml"}
{"ID":"CVE-2018-10562","Info":{"Name":"Dasan GPON Devices - Remote Code Execution","Severity":"critical","Description":"Dasan GPON home routers are susceptible to command injection which can occur via the dest_host parameter in a diag_action=ping request to a GponForm/diag_Form URI. Because the router saves ping results in /tmp and transmits them to the user when the user revisits /diag.html, it's quite simple to execute commands and retrieve their output.","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2018/CVE-2018-10562.yaml"}
{"ID":"CVE-2018-10735","Info":{"Name":"NagiosXI \u003c= 5.4.12 `commandline.php` SQL injection","Severity":"high","Description":"A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/commandline.php cname parameter.\n","Classification":{"CVSSScore":"7.2"}},"file_path":"http/cves/2018/CVE-2018-10735.yaml"}
{"ID":"CVE-2018-10736","Info":{"Name":"NagiosXI \u003c= 5.4.12 - SQL injection","Severity":"high","Description":"A SQL injection issue was discovered in Nagios XI before 5.4.13 via the admin/info.php key1 parameter.\n","Classification":{"CVSSScore":"7.2"}},"file_path":"http/cves/2018/CVE-2018-10736.yaml"}

2
cves.json-checksum.txt
View File

@ -1 +1 @@
d8ea07c946ef4507c6cfde523a33a771
4f2d2721b89d12269346c0e4071d779c