Fixing errors in templates
Related nuclei tickets: * #259 - dynamic key-value field support for template information * #940 - new infos in template * #834 * RES-84patch-1
parent
a4250b8f2f
commit
419a957409
|
@ -5,7 +5,6 @@ info:
|
|||
author: shelld3v
|
||||
severity: medium
|
||||
description: A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4.0 to 5.4.12, 5.2 and below versions under SSL VPN web portal allows attacker to execute unauthorized malicious script code via the error or message handling parameters.
|
||||
type: XSS
|
||||
reference: https://nvd.nist.gov/vuln/detail/CVE-2018-13380
|
||||
tags: cve,cve2018,fortios,xss
|
||||
|
||||
|
|
|
@ -4,7 +4,7 @@ info:
|
|||
name: HotelDruid 2.3.0 - XSS
|
||||
author: LogicalHunter
|
||||
severity: medium
|
||||
refrense: https://www.exploit-db.com/exploits/46429
|
||||
reference: https://www.exploit-db.com/exploits/46429
|
||||
tags: cve,cve2019,xss,hoteldruid
|
||||
|
||||
requests:
|
||||
|
|
|
@ -20,7 +20,6 @@ requests:
|
|||
part: body
|
||||
regex:
|
||||
- "(\\d{2}.\\d{1,2}.\\d{1,2}.\\d{2,3})"
|
||||
condition: and
|
||||
extractors:
|
||||
- type: regex
|
||||
part: body
|
||||
|
|
|
@ -19,14 +19,12 @@ file:
|
|||
regex:
|
||||
- 'srand'
|
||||
- 'rand'
|
||||
condition: or
|
||||
- type: regex
|
||||
regex:
|
||||
- 'getc'
|
||||
- 'readdir'
|
||||
- 'read'
|
||||
- 'sysread'
|
||||
condition: or
|
||||
- type: regex
|
||||
# When using exec, it is important to be sure that the string being used does not contain relative paths elements (../ for example), or a null, which may cause underlying C calls to behave strangely.
|
||||
regex:
|
||||
|
@ -104,4 +102,3 @@ file:
|
|||
regex:
|
||||
- 'gethostbyname'
|
||||
- 'gethostbyaddr'
|
||||
condition: or
|
||||
|
|
|
@ -34,13 +34,11 @@ file:
|
|||
regex:
|
||||
- 'eval'
|
||||
- 'eval\((base64|eval|\$_|\$\$|\$[A-Za-z_0-9\{]*(\(|\{|\[))'
|
||||
condition: or
|
||||
- type: regex
|
||||
# Avoid the use of exit or die()
|
||||
regex:
|
||||
- 'exit'
|
||||
- 'die'
|
||||
condition: or
|
||||
- type: regex
|
||||
# Avoid the use of logical operators (ex. using and over &&)
|
||||
regex:
|
||||
|
@ -62,7 +60,6 @@ file:
|
|||
- 'print_r'
|
||||
- 'vprintf'
|
||||
- 'sprintf'
|
||||
condition: or
|
||||
- type: regex
|
||||
# Ensuring you're not using echo with file_get_contents
|
||||
regex:
|
||||
|
|
|
@ -29,7 +29,7 @@ requests:
|
|||
matchers:
|
||||
- type: word
|
||||
part: body
|
||||
word:
|
||||
words:
|
||||
- 'buildCount'
|
||||
- 'downloadName'
|
||||
- 'acHandling'
|
||||
|
|
|
@ -22,4 +22,3 @@ requests:
|
|||
- 'LISTSERV Maestro\s+[5678]'
|
||||
- 'Administration Hub 9\.0-[123456780]'
|
||||
- 'Administration Hub [5678]'
|
||||
condition: or
|
|
@ -31,5 +31,5 @@ requests:
|
|||
- 200
|
||||
|
||||
- type: word
|
||||
word:
|
||||
words:
|
||||
- "root:"
|
||||
|
|
Loading…
Reference in New Issue