daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Dashboard Content Enhancements (#5092) 

Dashboard Content Enhancements
patch-1
MostInterestingBotInTheWorld 2022-08-16 10:14:41 -04:00 committed by GitHub
parent 98b85a139f
commit 48a8621b80
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
77 changed files with 420 additions and 262 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
cves/2002/CVE-2002-1131.yaml
View File

@ -1,10 +1,10 @@
id: CVE-2002-1131
info:
name: SquirrelMail 1.2.6/1.2.7 - Multiple Cross-Site Scripting Vulnerabilities
name: SquirrelMail 1.2.6/1.2.7 - Cross-Site Scripting
author: dhiyaneshDk
severity: medium
description: The Virtual Keyboard plugin for SquirrelMail is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
description: The Virtual Keyboard plugin for SquirrelMail 1.2.6/1.2.7 is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
reference:
- http://www.redhat.com/support/errata/RHSA-2002-204.html
- http://www.debian.org/security/2002/dsa-191
@ -12,6 +12,7 @@ info:
- https://www.exploit-db.com/exploits/21811
- https://web.archive.org/web/20051124131714/http://archives.neohapsis.com/archives/bugtraq/2002-09/0246.html
- http://web.archive.org/web/20210129020617/https://www.securityfocus.com/bid/5763/
- https://nvd.nist.gov/vuln/detail/CVE-2002-1131
classification:
cve-id: CVE-2002-1131
tags: xss,squirrelmail,cve,cve2002
@ -41,3 +42,5 @@ requests:
part: header
words:
- "text/html"
# Enhanced by mp on 2022/08/12

8
cves/2005/CVE-2005-4385.yaml
View File

@ -1,14 +1,14 @@
id: CVE-2005-4385
info:
name: Cofax <= 2.0RC3 XSS
name: Cofax <=2.0RC3 - Cross-Site Scripting
author: geeknik
severity: medium
description: Cross-site scripting vulnerability in search.htm in Cofax 2.0 RC3 and earlier allows remote attackers to inject arbitrary web script or HTML via the searchstring parameter.
description: Cofax 2.0 RC3 and earlier contains a cross-site scripting vulnerability in search.htm which allows remote attackers to inject arbitrary web script or HTML via the searchstring parameter.
reference:
- http://pridels0.blogspot.com/2005/12/cofax-xss-vuln.html
- https://nvd.nist.gov/vuln/detail/CVE-2005-4385
- http://web.archive.org/web/20210121165100/https://www.securityfocus.com/bid/15940/
- https://nvd.nist.gov/vuln/detail/CVE-2005-4385
classification:
cve-id: CVE-2005-4385
tags: cofax,xss,cve,cve2005
@ -27,3 +27,5 @@ requests:
part: body
words:
- "'>\"</script><script>alert(document.domain)</script>"
# Enhanced by mp on 2022/08/12

8
cves/2006/CVE-2006-1681.yaml
View File

@ -1,15 +1,15 @@
id: CVE-2006-1681
info:
name: Cherokee HTTPD <=0.5 XSS
name: Cherokee HTTPD <=0.5 - Cross-Site Scripting
author: geeknik
severity: medium
description: Cross-site scripting (XSS) vulnerability in Cherokee HTTPD 0.5 and earlier allows remote attackers to inject arbitrary web script or HTML via a malformed request that generates an HTTP 400 error, which is not properly handled when the error message is generated.
description: Cherokee HTTPD 0.5 and earlier contains a cross-site scripting vulnerability which allows remote attackers to inject arbitrary web script or HTML via a malformed request that generates an HTTP 400 error, which is not properly handled when the error message is generated.
reference:
- http://web.archive.org/web/20210217161726/https://www.securityfocus.com/bid/17408/
- https://nvd.nist.gov/vuln/detail/CVE-2006-1681
- http://web.archive.org/web/20140803090438/http://secunia.com/advisories/19587/
- http://www.vupen.com/english/advisories/2006/1292
- https://nvd.nist.gov/vuln/detail/CVE-2006-1681
classification:
cve-id: CVE-2006-1681
tags: cherokee,httpd,xss,cve,cve2006
@ -32,3 +32,5 @@ requests:
part: header
words:
- text/html
# Enhanced by mp on 2022/08/12

7
cves/2007/CVE-2007-0885.yaml
View File

@ -1,14 +1,15 @@
id: CVE-2007-0885
info:
name: Rainbow.Zen Jira XSS
name: Jira Rainbow.Zen - Cross-Site Scripting
author: geeknik
severity: medium
description: Cross-site scripting (XSS) vulnerability in jira/secure/BrowseProject.jspa in Rainbow with the Zen (Rainbow.Zen) extension allows remote attackers to inject arbitrary web script or HTML via the id parameter.
description: Jira Rainbow.Zen contains a cross-site scripting vulnerability via Jira/secure/BrowseProject.jspa which allows remote attackers to inject arbitrary web script or HTML via the id parameter.
reference:
- http://web.archive.org/web/20201208220614/https://www.securityfocus.com/archive/1/459590/100/0/threaded
- https://web.archive.org/web/20210119080228/http://www.securityfocus.com/bid/22503
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32418
- https://nvd.nist.gov/vuln/detail/CVE-2007-0885
classification:
cve-id: CVE-2007-0885
tags: cve,cve2007,jira,xss
@ -32,3 +33,5 @@ requests:
part: header
words:
- "text/html"
# Enhanced by mp on 2022/08/12

7
cves/2007/CVE-2007-5728.yaml
View File

@ -1,15 +1,16 @@
id: CVE-2007-5728
info:
name: phpPgAdmin 4.1.1 - 'Redirect.php' Cross-Site Scripting
name: phpPgAdmin <=4.1.1 - Cross-Site Scripting
author: dhiyaneshDK
severity: medium
description: Cross-site scripting (XSS) vulnerability in phpPgAdmin 3.5 to 4.1.1, and possibly 4.1.2, allows remote attackers to inject arbitrary web script or HTML via certain input available in PHP_SELF in (1) redirect.php, possibly related to (2) login.php, different vectors than CVE-2007-2865.
description: phpPgAdmin 3.5 to 4.1.1, and possibly 4.1.2, is vulnerable to cross-site scripting and allows remote attackers to inject arbitrary web script or HTML via certain input available in PHP_SELF in (1) redirect.php, possibly related to (2) login.php, which are different vectors than CVE-2007-2865.
reference:
- https://www.exploit-db.com/exploits/30090
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-May/063617.html
- http://web.archive.org/web/20210130131735/https://www.securityfocus.com/bid/24182/
- http://web.archive.org/web/20161220160642/http://secunia.com/advisories/25446/
- https://nvd.nist.gov/vuln/detail/CVE-2007-5728
classification:
cve-id: CVE-2007-5728
metadata:
@ -36,3 +37,5 @@ requests:
part: header
words:
- "text/html"
# Enhanced by mp on 2022/08/12

7
cves/2008/CVE-2008-2398.yaml
View File

@ -1,15 +1,16 @@
id: CVE-2008-2398
info:
name: AppServ Open Project 2.5.10 and earlier XSS
name: AppServ Open Project <=2.5.10 - Cross-Site Scripting
author: unstabl3
severity: medium
description: Cross-site scripting (XSS) vulnerability in index.php in AppServ Open Project 2.5.10 and earlier allows remote attackers to inject arbitrary web script or HTML via the appservlang parameter.
description: AppServ Open Project 2.5.10 and earlier contains a cross-site scripting vulnerability in index.php which allows remote attackers to inject arbitrary web script or HTML via the appservlang parameter.
reference:
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42546
- http://web.archive.org/web/20210121181851/https://www.securityfocus.com/bid/29291/
- http://web.archive.org/web/20140724110348/http://secunia.com/advisories/30333/
- http://securityreason.com/securityalert/3896
- https://nvd.nist.gov/vuln/detail/CVE-2008-2398
classification:
cve-id: CVE-2008-2398
tags: cve,cve2008,xss
@ -33,3 +34,5 @@ requests:
words:
- "text/html"
part: header
# Enhanced by mp on 2022/08/12

7
cves/2009/CVE-2009-1872.yaml
View File

@ -1,15 +1,16 @@
id: CVE-2009-1872
info:
name: Adobe Coldfusion 8 linked XSS vulnerabilies
name: Adobe Coldfusion <=8.0.1 - Cross-Site Scripting
author: princechaddha
severity: medium
description: Multiple cross-site scripting (XSS) vulnerabilities in Adobe ColdFusion Server 8.0.1, 8, and earlier allow remote attackers to inject arbitrary web script or HTML via (1) the startRow parameter to administrator/logviewer/searchlog.cfm, or the query string to (2) wizards/common/_logintowizard.cfm, (3) wizards/common/_authenticatewizarduser.cfm, or (4) administrator/enter.cfm.
description: Adobe ColdFusion Server 8.0.1 and earlier contain multiple cross-site scripting vulnerabilities which allow remote attackers to inject arbitrary web script or HTML via (1) the startRow parameter to administrator/logviewer/searchlog.cfm, or the query string to (2) wizards/common/_logintowizard.cfm, (3) wizards/common/_authenticatewizarduser.cfm, or (4) administrator/enter.cfm.
reference:
- https://web.archive.org/web/20201208121904/https://www.securityfocus.com/archive/1/505803/100/0/threaded
- https://www.tenable.com/cve/CVE-2009-1872
- http://www.adobe.com/support/security/bulletins/apsb09-12.html
- http://www.dsecrg.com/pages/vul/show.php?id=122
- https://nvd.nist.gov/vuln/detail/CVE-2009-1872
classification:
cve-id: CVE-2009-1872
metadata:
@ -37,3 +38,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/12

7
cves/2013/CVE-2013-6281.yaml
View File

@ -1,16 +1,17 @@
id: CVE-2013-6281
info:
name: WordPress Spreadsheet - dhtmlxspreadsheet Plugin Reflected XSS
name: WordPress Spreadsheet - Cross-Site Scripting
author: random-robbie
severity: medium
description: |
The dhtmlxspreadsheet WordPress plugin was affected by a /dhtmlxspreadsheet/codebase/spreadsheet.php page Parameter Reflected XSS security vulnerability.
WordPress Spreadsheet plugin contains a reflected cross-site scripting vulnerability in /dhtmlxspreadsheet/codebase/spreadsheet.php.
reference:
- https://wpscan.com/vulnerability/49785932-f4e0-4aaa-a86c-4017890227bf
- http://web.archive.org/web/20210213174519/https://www.securityfocus.com/bid/63256/
- https://wordpress.org/plugins/dhtmlxspreadsheet/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6281
- https://nvd.nist.gov/vuln/detail/CVE-2013-6281
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -44,3 +45,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/12

8
cves/2015/CVE-2015-1880.yaml
View File

@ -1,15 +1,15 @@
id: CVE-2015-1880
info:
name: XSS in Fortigates SSL VPN login page
name: Fortinet FortiOS <=5.2.3 - Cross-Site Scripting
author: pikpikcu
severity: medium
description: Cross-site scripting (XSS) vulnerability in the sslvpn login page in Fortinet FortiOS 5.2.x before 5.2.3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
description: Fortinet FortiOS 5.2.x before 5.2.3 contains a cross-site scripting vulnerability in the SSL VPN login page which allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2015-1880
- https://www.c2.lol/articles/xss-in-fortigates-ssl-vpn-login-page
- http://www.fortiguard.com/advisory/FG-IR-15-005/
- http://web.archive.org/web/20210122155324/https://www.securityfocus.com/bid/74652/
- https://nvd.nist.gov/vuln/detail/CVE-2015-1880
classification:
cve-id: CVE-2015-1880
tags: cve,cve2015,xss,fortigates,ssl
@ -35,3 +35,5 @@ requests:
words:
- "text/html"
part: header
# Enhanced by mp on 2022/08/12

8
cves/2015/CVE-2015-2068.yaml
View File

@ -1,14 +1,14 @@
id: CVE-2015-2068
info:
name: Magento Server Magmi Plugin - Cross Site Scripting
name: Magento Server Mass Importer - Cross-Site Scripting
author: daffainfo
severity: medium
description: Multiple cross-site scripting (XSS) vulnerabilities in the MAGMI (aka Magento Mass Importer) plugin for Magento Server allow remote attackers to inject arbitrary web script or HTML via the (1) profile parameter to web/magmi.php or (2) QUERY_STRING to web/magmi_import_run.php.
description: Magento Server Mass Importer plugin contains multiple cross-site scripting vulnerabilities which allow remote attackers to inject arbitrary web script or HTML via the (1) profile parameter to web/magmi.php or (2) QUERY_STRING to web/magmi_import_run.php.
reference:
- https://www.exploit-db.com/exploits/35996
- https://nvd.nist.gov/vuln/detail/CVE-2015-2068
- http://packetstormsecurity.com/files/130250/Magento-Server-MAGMI-Cross-Site-Scripting-Local-File-Inclusion.html
- https://nvd.nist.gov/vuln/detail/CVE-2015-2068
classification:
cve-id: CVE-2015-2068
metadata:
@ -36,3 +36,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/12

8
cves/2015/CVE-2015-2807.yaml
View File

@ -1,15 +1,15 @@
id: CVE-2015-2807
info:
name: Navis DocumentCloud 0.1 - Unauthenticated Reflected Cross-Site Scripting (XSS)
name: Navis DocumentCloud <0.1.1 - Cross-Site Scripting
author: daffainfo
severity: medium
description: Cross-site scripting (XSS) vulnerability in js/window.php in the Navis DocumentCloud plugin before 0.1.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the wpbase parameter.
description: Navis DocumentCloud plugin before 0.1.1 for WordPress contains a reflected cross-site scripting vulnerability in js/window.php which allows remote attackers to inject arbitrary web script or HTML via the wpbase parameter.
reference:
- https://advisories.dxw.com/advisories/publicly-exploitable-xss-in-wordpress-plugin-navis-documentcloud/
- https://nvd.nist.gov/vuln/detail/CVE-2015-2807
- https://security.dxw.com/advisories/publicly-exploitable-xss-in-wordpress-plugin-navis-documentcloud/
- https://wordpress.org/plugins/navis-documentcloud/changelog/
- https://nvd.nist.gov/vuln/detail/CVE-2015-2807
classification:
cve-id: CVE-2015-2807
metadata:
@ -36,3 +36,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/12

6
cves/2015/CVE-2015-6477.yaml
View File

@ -1,10 +1,10 @@
id: CVE-2015-6477
info:
name: Nordex NC2 'username' Parameter XSS
name: Nordex NC2 - Cross-Site Scripting
author: geeknik
severity: medium
description: An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
description: Nordex NC2 contains a cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
reference:
- https://seclists.org/fulldisclosure/2015/Dec/117
- https://ics-cert.us-cert.gov/advisories/ICSA-15-286-01
@ -30,3 +30,5 @@ requests:
part: body
words:
- "</script><script>alert('{{randstr}}')</script>"
# Enhanced by mp on 2022/08/12

8
cves/2015/CVE-2015-6544.yaml
View File

@ -1,16 +1,16 @@
id: CVE-2015-6544
info:
name: iTop XSS
name: Combodo iTop <2.2.0-2459 - Cross-Site Scripting
author: pikpikcu
severity: medium
description: |
Cross-site scripting (XSS) vulnerability in application/dashboard.class.inc.php in Combodo iTop before 2.2.0-2459 allows remote attackers to inject arbitrary web script or HTML via a dashboard title.
Combodo iTop before 2.2.0-2459 contains a cross-site scripting vulnerability in application/dashboard.class.inc.php which allows remote attackers to inject arbitrary web script or HTML via a dashboard title.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2015-6544
- https://www.htbridge.com/advisory/HTB23268
- http://sourceforge.net/p/itop/tickets/1114/
- http://sourceforge.net/p/itop/code/3662/
- https://nvd.nist.gov/vuln/detail/CVE-2015-6544
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -38,3 +38,5 @@ requests:
part: header
words:
- text/html
# Enhanced by mp on 2022/08/12

9
cves/2015/CVE-2015-6920.yaml
View File

@ -1,15 +1,14 @@
id: CVE-2015-6920
info:
name: sourceAFRICA <= 0.1.3 - Unauthenticated Cross-Site Scripting (XSS)
name: WordPress sourceAFRICA <=0.1.3 - Cross-Site Scripting
author: daffainfo
severity: medium
description: WordPress sourceAFRICA plugin version 0.1.3 suffers from a cross site scripting vulnerability.
description: WordPress sourceAFRICA plugin version 0.1.3 contains a cross-site scripting vulnerability.
reference:
- https://packetstormsecurity.com/files/133371/
- https://nvd.nist.gov/vuln/detail/CVE-2015-6920
- http://packetstormsecurity.com/files/133371/WordPress-sourceAFRICA-0.1.3-Cross-Site-Scripting.html
- https://wpvulndb.com/vulnerabilities/8169
- https://nvd.nist.gov/vuln/detail/CVE-2015-6920
classification:
cve-id: CVE-2015-6920
tags: cve,cve2015,wordpress,wp-plugin,xss
@ -34,3 +33,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/12

9
cves/2015/CVE-2015-7377.yaml
View File

@ -1,15 +1,14 @@
id: CVE-2015-7377
info:
name: Pie-Register <= 2.0.18 - Unauthenticated Reflected Cross-Site Scripting (XSS)
name: WordPress Pie-Register <2.0.19 - Cross-Site Scripting
author: daffainfo
severity: medium
description: Cross-site scripting (XSS) vulnerability in pie-register/pie-register.php in the Pie Register plugin before 2.0.19 for WordPress allows remote attackers to inject arbitrary web script or HTML via the invitaion_code parameter in a pie-register page to the default URI.
description: WordPress Pie Register before 2.0.19 contains a reflected cross-site scripting vulnerability in pie-register/pie-register.php which allows remote attackers to inject arbitrary web script or HTML via the invitaion_code parameter in a pie-register page to the default URL.
reference:
- https://packetstormsecurity.com/files/133928/WordPress-Pie-Register-2.0.18-Cross-Site-Scripting.html
- https://nvd.nist.gov/vuln/detail/CVE-2015-7377
- http://packetstormsecurity.com/files/133928/WordPress-Pie-Register-2.0.18-Cross-Site-Scripting.html
- https://github.com/GTSolutions/Pie-Register/blob/2.0.19/readme.txt
- https://nvd.nist.gov/vuln/detail/CVE-2015-7377
classification:
cve-id: CVE-2015-7377
tags: cve,cve2015,wordpress,wp-plugin,xss
@ -34,3 +33,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/12

8
cves/2015/CVE-2015-8349.yaml
View File

@ -1,14 +1,14 @@
id: CVE-2015-8349
info:
name: SourceBans XSS
name: SourceBans <2.0 - Cross-Site Scripting
author: pikpikcu
severity: medium
description: Cross-site scripting (XSS) vulnerability in SourceBans before 2.0 pre-alpha allows remote attackers to inject arbitrary web script or HTML via the advSearch parameter to index.php.
description: SourceBans before 2.0 contains a cross-site scripting vulnerability which allows remote attackers to inject arbitrary web script or HTML via the advSearch parameter to index.php.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2015-8349
- https://www.htbridge.com/advisory/HTB23273
- http://web.archive.org/web/20201207072921/https://www.securityfocus.com/archive/1/537018/100/0/threaded
- https://nvd.nist.gov/vuln/detail/CVE-2015-8349
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -36,3 +36,5 @@ requests:
part: header
words:
- text/
# Enhanced by mp on 2022/08/12

8
cves/2015/CVE-2015-9414.yaml
View File

@ -1,15 +1,15 @@
id: CVE-2015-9414
info:
name: WP Symposium <= 15.8.1 - Unauthenticated Reflected Cross-Site Scripting (XSS)
name: WordPress Symposium <=15.8.1 - Cross-Site Scripting
author: daffainfo
severity: medium
description: The wp-symposium plugin through 15.8.1 for WordPress has XSS via the wp-content/plugins/wp-symposium/get_album_item.php?size parameter.
description: WordPress Symposium through 15.8.1 contains a reflected cross-site scripting vulnerability via the wp-content/plugins/wp-symposium/get_album_item.php?size parameter which allows an attacker to steal cookie-based authentication credentials and launch other attacks.
reference:
- https://wpscan.com/vulnerability/2ac2d43f-bf3f-4831-9585-5c5484051095
- https://nvd.nist.gov/vuln/detail/CVE-2015-9414
- https://wpvulndb.com/vulnerabilities/8175
- https://wordpress.org/plugins/wp-symposium/#developers
- https://nvd.nist.gov/vuln/detail/CVE-2015-9414
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -39,3 +39,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/12

8
cves/2016/CVE-2016-1000126.yaml
View File

@ -1,15 +1,15 @@
id: CVE-2016-1000126
info:
name: Admin Font Editor <= 1.8 - Reflected Cross-Site Scripting (XSS)
name: WordPress Admin Font Editor <=1.8 - Cross-Site Scripting
author: daffainfo
severity: medium
description: Reflected XSS in wordpress plugin admin-font-editor v1.8
description: WordPress Admin Font Editor 1.8 and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000126
- http://www.vapidlabs.com/wp/wp_advisory.php?v=526
- https://wordpress.org/plugins/admin-font-editor
- http://web.archive.org/web/20210123183728/https://www.securityfocus.com/bid/93896/
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000126
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -39,3 +39,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/12

9
cves/2016/CVE-2016-1000129.yaml
View File

@ -1,15 +1,15 @@
id: CVE-2016-1000129
info:
name: defa-online-image-protector <= 3.3 - Reflected Cross-Site Scripting (XSS)
name: WordPress defa-online-image-protector <=3.3 - Cross-Site Scripting
author: daffainfo
severity: medium
description: Reflected XSS in wordpress plugin defa-online-image-protector v3.3
description: WordPress defa-online-image-protector 3.3 and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000129
- https://wordpress.org/plugins/defa-online-image-protector
- http://www.vapidlabs.com/wp/wp_advisory.php?v=449
- http://web.archive.org/web/20210614204644/https://www.securityfocus.com/bid/93892
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000129
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -39,3 +39,6 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/12

8
cves/2016/CVE-2016-1000130.yaml
View File

@ -1,14 +1,14 @@
id: CVE-2016-1000130
info:
name: e-search <= 1.0 - Reflected Cross-Site Scripting (XSS) via date_select.php
name: WordPress e-search <=1.0 - Cross-Site Scripting
author: daffainfo
severity: medium
description: Reflected XSS in wordpress plugin e-search v1.0
description: Wordpress plugin e-search 1.0 and before contains a cross-site scripting vulnerability via date_select.php which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000130
- https://wordpress.org/plugins/e-search
- http://www.vapidlabs.com/wp/wp_advisory.php?v=394
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000130
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -38,3 +38,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/12

8
cves/2016/CVE-2016-1000131.yaml
View File

@ -1,15 +1,15 @@
id: CVE-2016-1000131
info:
name: e-search <= 1.0 - Reflected Cross-Site Scripting (XSS) via title_az.php
name: WordPress e-search <=1.0 - Cross-Site Scripting
author: daffainfo
severity: medium
description: Reflected XSS in wordpress plugin e-search v1.0
description: WordPress e-search 1.0 and before contains a reflected cross-site scripting vulnerability via title_az.php which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000131
- http://www.vapidlabs.com/wp/wp_advisory.php?v=393
- https://wordpress.org/plugins/e-search
- http://web.archive.org/web/20210123183536/https://www.securityfocus.com/bid/93867/
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000131
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -39,3 +39,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/12

8
cves/2016/CVE-2016-1000132.yaml
View File

@ -1,15 +1,15 @@
id: CVE-2016-1000132
info:
name: enhanced-tooltipglossary v3.2.8 - Reflected Cross-Site Scripting (XSS)
name: WordPress enhanced-tooltipglossary 3.2.8 - Cross-Site Scripting
author: daffainfo
severity: medium
description: Reflected XSS in wordpress plugin enhanced-tooltipglossary v3.2.8
description: WordPress enhanced-tooltipglossary 3.2.8 contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000132
- http://www.vapidlabs.com/wp/wp_advisory.php?v=37
- https://wordpress.org/plugins/enhanced-tooltipglossary
- http://web.archive.org/web/20210123183532/https://www.securityfocus.com/bid/93865/
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000132
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -39,3 +39,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/12

8
cves/2016/CVE-2016-1000133.yaml
View File

@ -1,15 +1,15 @@
id: CVE-2016-1000133
info:
name: forget-about-shortcode-buttons 1.1.1 - Reflected Cross-Site Scripting (XSS)
name: WordPress forget-about-shortcode-buttons 1.1.1 - Cross-Site Scripting
author: daffainfo
severity: medium
description: Reflected XSS in wordpress plugin forget-about-shortcode-buttons v1.1.1
description: Wordpress plugin forget-about-shortcode-buttons 1.1.1 contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000133
- https://wordpress.org/plugins/forget-about-shortcode-buttons
- http://www.vapidlabs.com/wp/wp_advisory.php?v=602
- http://web.archive.org/web/20210123183542/https://www.securityfocus.com/bid/93869/
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000133
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -39,3 +39,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/12

8
cves/2016/CVE-2016-1000134.yaml
View File

@ -1,15 +1,15 @@
id: CVE-2016-1000134
info:
name: HDW WordPress Video Gallery <= 1.2 - Reflected Cross-Site Scripting (XSS) via playlist.php
name: WordPress HDW Video Gallery <=1.2 - Cross-Site Scripting
author: daffainfo
severity: medium
description: Reflected XSS in wordpress plugin hdw-tube v1.2
description: WordPress HDW Video Gallery 1.2 and before contains a cross-site scripting vulnerability via playlist.php which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000134
- http://www.vapidlabs.com/wp/wp_advisory.php?v=530
- https://wordpress.org/plugins/hdw-tube
- http://web.archive.org/web/20210615135341/https://www.securityfocus.com/bid/93868
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000134
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -39,3 +39,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/12

8
cves/2016/CVE-2016-1000135.yaml
View File

@ -1,15 +1,15 @@
id: CVE-2016-1000135
info:
name: HDW WordPress Video Gallery <= 1.2 - Reflected Cross-Site Scripting (XSS) via mychannel.php
name: WordPress HDW Video Gallery <=1.2 - Cross-Site Scripting
author: daffainfo
severity: medium
description: Reflected XSS in wordpress plugin hdw-tube v1.2
description: WordPress HDW Video Gallery 1.2 and before contains a cross-site scripting vulnerability via mychannel.php which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000135
- http://www.vapidlabs.com/wp/wp_advisory.php?v=533
- https://wordpress.org/plugins/hdw-tube
- http://web.archive.org/web/20210123183240/https://www.securityfocus.com/bid/93820/
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000135
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -39,3 +39,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/12

8
cves/2016/CVE-2016-1000136.yaml
View File

@ -1,14 +1,14 @@
id: CVE-2016-1000136
info:
name: heat-trackr v1.0 - XSS via heat-trackr_abtest_add.php
name: WordPress heat-trackr 1.0 - Cross-Site Scripting
author: daffainfo
severity: medium
description: Reflected XSS in wordpress plugin heat-trackr v1.0
description: WordPress heat-trackr 1.0 contains a cross-site scripting vulnerability via heat-trackr_abtest_add.php which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
reference:
- http://www.vapidlabs.com/wp/wp_advisory.php?v=798
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000136
- https://wordpress.org/plugins/heat-trackr
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000136
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -38,3 +38,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/12

7
cves/2016/CVE-2016-1000137.yaml
View File

@ -1,14 +1,15 @@
id: CVE-2016-1000137
info:
name: Hero Maps Pro 2.1.0 - Reflected Cross-Site Scripting (XSS)
name: WordPress Hero Maps Pro 2.1.0 - Cross-Site Scripting
author: daffainfo
severity: medium
description: Reflected XSS in wordpress plugin hero-maps-pro v2.1.0
description: WordPress Hero Maps Pro 2.1.0 contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
reference:
- http://www.vapidlabs.com/wp/wp_advisory.php?v=658
- https://wordpress.org/plugins/hero-maps-pro
- http://web.archive.org/web/20210123183224/https://www.securityfocus.com/bid/93815/
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000137
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -36,3 +37,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/12

9
cves/2016/CVE-2016-1000138.yaml
View File

@ -1,14 +1,15 @@
id: CVE-2016-1000138
info:
name: Admin Font Editor <= 1.8 - Reflected Cross-Site Scripting (XSS)
name: WordPress Admin Font Editor <=1.8 - Cross-Site Scripting
author: daffainfo
severity: medium
description: Reflected XSS in wordpress plugin indexisto v1.0.5
description: WordPress Admin Font Editor plugin indexisto 1.8 and before contains a cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
reference:
- http://www.vapidlabs.com/wp/wp_advisory.php?v=38
- https://wordpress.org/plugins/indexisto
- http://web.archive.org/web/20210622181116/https://www.securityfocus.com/bid/93816
- http://web.archive.org/web/20210622181116/
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000138
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -38,3 +39,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/12

8
cves/2016/CVE-2016-1000139.yaml
View File

@ -1,15 +1,15 @@
id: CVE-2016-1000139
info:
name: Infusionsoft Gravity Forms Add-on <= 1.5.11 - XSS
name: WordPress Infusionsoft Gravity Forms <=1.5.11 - Cross-Site Scripting
author: daffainfo
severity: medium
description: Reflected XSS in wordpress plugin infusionsoft v1.5.11
description: WordPress plugin Infusionsoft 1.5.11 and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
reference:
- https://wpscan.com/vulnerability/0a60039b-a08a-4f51-a540-59f397dceb6a
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000139
- https://wordpress.org/plugins/infusionsoft
- http://www.vapidlabs.com/wp/wp_advisory.php?v=864
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000139
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -41,3 +41,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/12

8
cves/2016/CVE-2016-1000140.yaml
View File

@ -1,15 +1,15 @@
id: CVE-2016-1000140
info:
name: New Year Firework <= 1.1.9 - Reflected Cross-Site Scripting (XSS)
name: WordPress New Year Firework <=1.1.9 - Cross-Site Scripting
author: daffainfo
severity: medium
description: Reflected XSS in wordpress plugin new-year-firework v1.1.9
description: WordPress New Year Firework 1.1.9 and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000140
- http://www.vapidlabs.com/wp/wp_advisory.php?v=453
- https://wordpress.org/plugins/new-year-firework
- http://web.archive.org/web/20210123183230/https://www.securityfocus.com/bid/93817/
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000140
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -37,3 +37,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/12

8
cves/2016/CVE-2016-1000142.yaml
View File

@ -1,15 +1,15 @@
id: CVE-2016-1000142
info:
name: MW Font Changer <= 4.2.5 - Unauthenticated Reflected Cross-Site Scripting (XSS)
name: WordPress MW Font Changer <=4.2.5 - Cross-Site Scripting
author: daffainfo
severity: medium
description: The MW Font Changer WordPress plugin was affected by an Unauthenticated Reflected Cross-Site Scripting (XSS) security vulnerability.
description: WordPress MW Font Changer plugin 4.2.5 and before contains a cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
reference:
- https://wpscan.com/vulnerability/4ff5d65a-ba61-439d-ab7f-745a0648fccc
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000142
- http://www.vapidlabs.com/wp/wp_advisory.php?v=435
- https://wordpress.org/plugins/parsi-font
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000142
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -37,3 +37,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/12

8
cves/2016/CVE-2016-1000143.yaml
View File

@ -1,14 +1,14 @@
id: CVE-2016-1000143
info:
name: Photoxhibit v2.1.8 - Unauthenticated Reflected Cross-Site Scripting (XSS)
name: WordPress Photoxhibit 2.1.8 - Cross-Site Scripting
author: daffainfo
severity: medium
description: Reflected XSS in wordpress plugin photoxhibit v2.1.8
description: WordPress Photoxhibit 2.1.8 contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
reference:
- http://www.vapidlabs.com/wp/wp_advisory.php?v=780
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000143
- https://wordpress.org/plugins/photoxhibit
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000143
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -36,3 +36,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/12

8
cves/2016/CVE-2016-1000146.yaml
View File

@ -1,15 +1,15 @@
id: CVE-2016-1000146
info:
name: Pondol Form to Mail <= 1.1 - Reflected Cross-Site Scripting (XSS)
name: WordPress Pondol Form to Mail <=1.1 - Cross-Site Scripting
author: daffainfo
severity: medium
description: Reflected XSS in wordpress plugin pondol-formmail v1.1
description: WordPress Pondol Form to Mail 1.1 and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000146
- http://www.vapidlabs.com/wp/wp_advisory.php?v=787
- https://wordpress.org/plugins/pondol-formmail
- http://web.archive.org/web/20210615122859/https://www.securityfocus.com/bid/93584
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000146
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -37,3 +37,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/12

8
cves/2016/CVE-2016-1000148.yaml
View File

@ -1,15 +1,15 @@
id: CVE-2016-1000148
info:
name: S3 Video Plugin <= 0.983 - Unauthenticated Reflected Cross-Site Scripting (XSS)
name: WordPress S3 Video <=0.983 - Cross-Site Scripting
author: daffainfo
severity: medium
description: Reflected XSS in wordpress plugin s3-video v0.983
description: WordPress S3 Video and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
reference:
- https://wpscan.com/vulnerability/ead796ed-202a-451f-b041-d39c9cf1fb54
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000148
- https://wordpress.org/plugins/s3-video
- http://www.vapidlabs.com/wp/wp_advisory.php?v=240
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000148
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -37,3 +37,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/12

8
cves/2016/CVE-2016-1000149.yaml
View File

@ -1,15 +1,15 @@
id: CVE-2016-1000149
info:
name: Simpel Reserveren 3 <= 3.5.2 - Reflected Cross-Site Scripting (XSS)
name: WordPress Simpel Reserveren <=3.5.2 - Cross-Site Scripting
author: daffainfo
severity: medium
description: Reflected XSS in wordpress plugin simpel-reserveren v3.5.2
description: WordPress plugin Simpel Reserveren 3.5.2 and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000149
- https://wordpress.org/plugins/simpel-reserveren
- http://www.vapidlabs.com/wp/wp_advisory.php?v=474
- http://web.archive.org/web/20210125181834/https://www.securityfocus.com/bid/93582/
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000149
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -37,3 +37,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/12

8
cves/2016/CVE-2016-1000152.yaml
View File

@ -1,15 +1,15 @@
id: CVE-2016-1000152
info:
name: Tidio-form <= 1.0 - Reflected Cross-Site Scripting (XSS)
name: WordPress Tidio-form <=1.0 - Cross-Site Scripting
author: daffainfo
severity: medium
description: Reflected XSS in wordpress plugin tidio-form v1.0
description: WordPress tidio-form1.0 contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000152
- http://www.vapidlabs.com/wp/wp_advisory.php?v=799
- https://wordpress.org/plugins/tidio-form
- http://web.archive.org/web/20210125181732/https://www.securityfocus.com/bid/93579/
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000152
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -37,3 +37,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/12

6
cves/2016/CVE-2016-1000153.yaml
View File

@ -1,10 +1,10 @@
id: CVE-2016-1000153
info:
name: Tidio Gallery <= 1.1 - Unauthenticated Reflected Cross-Site Scripting (XSS)
name: WordPress Tidio Gallery <=1.1 - Cross-Site Scripting
author: daffainfo
severity: medium
description: Reflected XSS in wordpress plugin tidio-gallery v1.1
description: WordPress plugin tidio-gallery v1.1 contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000153
- http://www.vapidlabs.com/wp/wp_advisory.php?v=427
@ -37,3 +37,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/12

8
cves/2016/CVE-2016-1000154.yaml
View File

@ -1,15 +1,15 @@
id: CVE-2016-1000154
info:
name: WHIZZ <= 1.0.7 - Reflected Cross-Site Scripting (XSS)
name: WordPress WHIZZ <=1.0.7 - Cross-Site Scripting
author: daffainfo
severity: medium
description: Reflected XSS in wordpress plugin whizz v1.0.
description: WordPress plugin WHIZZ 1.07 and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000154
- http://www.vapidlabs.com/wp/wp_advisory.php?v=112
- https://wordpress.org/plugins/whizz
- http://web.archive.org/web/20210123180140/https://www.securityfocus.com/bid/93538/
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000154
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -37,3 +37,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/12

8
cves/2016/CVE-2016-1000155.yaml
View File

@ -1,15 +1,15 @@
id: CVE-2016-1000155
info:
name: WPSOLR <= 8.6 - Unauthenticated Reflected Cross-Site Scripting (XSS)
name: WordPress WPSOLR <=8.6 - Cross-Site Scripting
author: daffainfo
severity: medium
description: Reflected XSS in wordpress plugin wpsolr-search-engine v7.6
description: WordPress WPSOLR 8.6 and before contains a reflected cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000155
- https://wordpress.org/plugins/wpsolr-search-engine
- http://www.vapidlabs.com/wp/wp_advisory.php?v=303
- http://web.archive.org/web/20210123180137/https://www.securityfocus.com/bid/93536/
- https://nvd.nist.gov/vuln/detail/CVE-2016-1000155
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -37,3 +37,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/12

8
cves/2016/CVE-2016-10993.yaml
View File

@ -1,14 +1,14 @@
id: CVE-2016-10993
info:
name: ScoreMe Theme - Unauthenticated Reflected Cross-Site Scripting (XSS)
name: ScoreMe Theme - Cross-Site Scripting
author: daffainfo
severity: medium
description: The ScoreMe theme through 2016-04-01 for WordPress has XSS via the s parameter.
description: WordPress ScoreMe theme through 2016-04-01 contains a reflected cross-site scripting vulnerability via the s parameter which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
reference:
- https://www.vulnerability-lab.com/get_content.php?id=1808
- https://nvd.nist.gov/vuln/detail/CVE-2016-10993
- https://wpvulndb.com/vulnerabilities/8431
- https://nvd.nist.gov/vuln/detail/CVE-2016-10993
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
cvss-score: 5.4
@ -36,3 +36,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/12

10
cves/2016/CVE-2016-3978.yaml
View File

@ -1,15 +1,13 @@
id: CVE-2016-3978
info:
name: FortiOS (Fortinet) - Open Redirect and XSS
name: Fortinet FortiOS - Open Redirect/Cross-Site Scripting
author: 0x_Akoko
severity: medium
description: The Web User Interface (WebUI) in FortiOS 5.0.x before 5.0.13, 5.2.x before 5.2.3, and 5.4.x before 5.4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or cross-site scripting (XSS) attacks via the "redirect" parameter to "login."
description: FortiOS Web User Interface in 5.0.x before 5.0.13, 5.2.x before 5.2.3, and 5.4.x before 5.4.0 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks or cross-site scripting attacks via the "redirect" parameter to "login."
reference:
- https://seclists.org/fulldisclosure/2016/Mar/68
- https://nvd.nist.gov/vuln/detail/CVE-2016-3978
- http://seclists.org/fulldisclosure/2016/Mar/68
- http://www.fortiguard.com/advisory/fortios-open-redirect-vulnerability
- https://nvd.nist.gov/vuln/detail/CVE-2016-3978
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -27,3 +25,5 @@ requests:
part: header
regex:
- '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
# Enhanced by mp on 2022/08/12

8
cves/2016/CVE-2016-7981.yaml
View File

@ -1,16 +1,16 @@
id: CVE-2016-7981
info:
name: SPIP 3.1.2 XSS
name: SPIP <3.1.2 - Cross-Site Scripting
author: pikpikcu
severity: medium
description: |
Cross-site scripting (XSS) vulnerability in valider_xml.php in SPIP 3.1.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the var_url parameter in a valider_xml action.
SPIP 3.1.2 and earlier contains a cross-site scripting vulnerability in valider_xml.php which allows remote attackers to inject arbitrary web script or HTML via the var_url parameter in a valider_xml action.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2016-7981
- https://core.spip.net/projects/spip/repository/revisions/23202
- https://core.spip.net/projects/spip/repository/revisions/23201
- https://core.spip.net/projects/spip/repository/revisions/23200
- https://nvd.nist.gov/vuln/detail/CVE-2016-7981
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -38,3 +38,5 @@ requests:
part: header
words:
- text/html
# Enhanced by mp on 2022/08/12

51
cves/2017/CVE-2017-12544.yaml
View File

@ -1,15 +1,14 @@
id: CVE-2017-12544
id: CVE-2017-12544
info:
name: HPE System Management - XSS
name: HPE System Management - Cross-Site Scripting
author: divya_mudgal
severity: medium
description: Reflected Cross-site scripting (XSS) on HPE System Management
description: HPE System Management contains a cross-site scripting vulnerability which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
reference:
- https://seclists.org/fulldisclosure/2018/Mar/5
- https://nvd.nist.gov/vuln/detail/CVE-2017-12544
- https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us
- http://web.archive.org/web/20211206092413/https://securitytracker.com/id/1039437
- https://nvd.nist.gov/vuln/detail/CVE-2017-12544
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
cvss-score: 5.4
@ -17,23 +16,25 @@ info:
cwe-id: CWE-79
tags: cve,cve2017,xss,hp
requests:
- method: GET
path:
- "{{BaseURL}}/gsearch.php.en?prod=';prompt`document.domain`;//"
matchers-condition: and
matchers:
- type: word
words:
- "var prodName = '';prompt`document.domain`;//';"
part: body
- type: word
words:
- "text/html"
part: header
- type: status
status:
- 200
requests:
- method: GET
path:
- "{{BaseURL}}/gsearch.php.en?prod=';prompt`document.domain`;//"
matchers-condition: and
matchers:
- type: word
words:
- "var prodName = '';prompt`document.domain`;//';"
part: body
- type: word
words:
- "text/html"
part: header
- type: status
status:
- 200
# Enhanced by mp on 2022/08/12

7
cves/2017/CVE-2017-12583.yaml
View File

@ -1,12 +1,13 @@
id: CVE-2017-12583
info:
name: Reflected XSS in doku.php
name: DokuWiki - Cross-Site Scripting
author: DhiyaneshDK
severity: medium
description: DokuWiki through 2017-02-19b has XSS in the at parameter (aka the DATE_AT variable) to doku.php.
description: DokuWiki through 2017-02-19b contains a cross-site scripting vulnerability in the DATE_AT parameter to doku.php which allows an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
reference:
- https://github.com/splitbrain/dokuwiki/issues/2061
- https://nvd.nist.gov/vuln/detail/CVE-2017-12583
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -36,3 +37,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/12

8
cves/2017/CVE-2017-17043.yaml
View File

@ -1,15 +1,15 @@
id: CVE-2017-17043
info:
name: Emag Marketplace Connector 1.0 - Reflected Cross-Site Scripting (XSS)
name: WordPress Emag Marketplace Connector 1.0 - Cross-Site Scripting
author: daffainfo
severity: medium
description: The Emag Marketplace Connector plugin 1.0.0 for WordPress has reflected XSS because the parameter "post" to /wp-content/plugins/emag-marketplace-connector/templates/order/awb-meta-box.php is not filtered correctly.
description: WordPress Emag Marketplace Connector plugin 1.0 contains a reflected cross-site scripting vulnerability because the parameter "post" to /wp-content/plugins/emag-marketplace-connector/templates/order/awb-meta-box.php is not filtered correctly.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2017-17043
- https://wordpress.org/support/topic/wordpress-emag-marketplace-connector-1-0-cross-site-scripting-vulnerability/
- https://packetstormsecurity.com/files/145060/wpemagmc10-xss.txt
- https://wpvulndb.com/vulnerabilities/8964
- https://nvd.nist.gov/vuln/detail/CVE-2017-17043
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -37,3 +37,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/12

8
cves/2017/CVE-2017-17059.yaml
View File

@ -1,14 +1,14 @@
id: CVE-2017-17059
info:
name: amtyThumb posts 8.1.3 - Reflected Cross-Site Scripting (XSS)
name: WordPress amtyThumb Posts 8.1.3 - Cross-Site Scripting
author: daffainfo
severity: medium
description: XSS exists in the amtyThumb amty-thumb-recent-post (aka amtyThumb posts or wp-thumb-post) plugin 8.1.3 for WordPress via the query string to amtyThumbPostsAdminPg.php.
description: WordPress amty-thumb-recent-post plugin 8.1.3 contains a cross-site scripting vulnerability via the query string to amtyThumbPostsAdminPg.php.
reference:
- https://github.com/NaturalIntelligence/wp-thumb-post/issues/1
- https://nvd.nist.gov/vuln/detail/CVE-2017-17059
- https://packetstormsecurity.com/files/145044/WordPress-amtyThumb-8.1.3-Cross-Site-Scripting.html
- https://nvd.nist.gov/vuln/detail/CVE-2017-17059
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -38,3 +38,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/12

8
cves/2017/CVE-2017-17451.yaml
View File

@ -1,15 +1,15 @@
id: CVE-2017-17451
info:
name: WP Mailster <= 1.5.4 - Unauthenticated Cross-Site Scripting (XSS)
name: WordPress Mailster <=1.5.4 - Cross-Site Scripting
author: daffainfo
severity: medium
description: The WP Mailster plugin before 1.5.5 for WordPress has XSS in the unsubscribe handler via the mes parameter to view/subscription/unsubscribe2.php.
description: WordPress Mailster 1.5.4 and before contains a cross-site scripting vulnerability in the unsubscribe handler via the mes parameter to view/subscription/unsubscribe2.php.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2017-17451
- https://wordpress.org/plugins/wp-mailster/#developers
- https://packetstormsecurity.com/files/145222/WordPress-WP-Mailster-1.5.4.0-Cross-Site-Scripting.html
- https://wpvulndb.com/vulnerabilities/8973
- https://nvd.nist.gov/vuln/detail/CVE-2017-17451
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -37,3 +37,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/12

6
cves/2017/CVE-2017-18024.yaml
View File

@ -1,10 +1,10 @@
id: CVE-2017-18024
info:
name: AvantFAX 3.3.3 XSS
name: AvantFAX 3.3.3 - Cross-Site Scripting
author: pikpikcu
severity: medium
description: AvantFAX 3.3.3 has XSS via an arbitrary parameter name to the default URI, as demonstrated by a parameter whose name contains a SCRIPT element and whose value is 1.
description: AvantFAX 3.3.3 contains a cross-site scripting vulnerability via an arbitrary parameter name submitted to the default URL, as demonstrated by a parameter whose name contains a SCRIPT element and whose value is 1.
reference:
- https://hackerone.com/reports/963798
- http://packetstormsecurity.com/files/145776/AvantFAX-3.3.3-Cross-Site-Scripting.html
@ -42,3 +42,5 @@ requests:
part: header
words:
- "text/html"
# Enhanced by mp on 2022/08/12

42
cves/2017/CVE-2017-18598.yaml
View File

@ -1,15 +1,15 @@
id: CVE-2017-18598
id: CVE-2017-18598
info:
name: Qards Plugin - Stored XSS and SSRF
name: WordPress Qards - Cross-Site Scripting
author: pussycat0x
severity: medium
description: The Qards plugin through 2017-10-11 for WordPress has XSS via a remote document specified in the url parameter to html2canvasproxy.php
description: WordPress Qards through 2017-10-11 contains a cross-site scripting vulnerability via a remote document specified in the URL parameter to html2canvasproxy.php.
reference:
- https://wpscan.com/vulnerability/8934
- https://wpscan.com/vulnerability/454a0ce3-ecfe-47fc-a282-5caa51370645
- https://nvd.nist.gov/vuln/detail/CVE-2017-18598
- https://wpvulndb.com/vulnerabilities/8934
- https://nvd.nist.gov/vuln/detail/CVE-2017-18598
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -17,19 +17,21 @@ info:
cwe-id: CWE-79
tags: cve,cve2017,wordpress,ssrf,xss,wp-plugin,oast
requests:
- method: GET
path:
- '{{BaseURL}}/wp-content/plugins/qards/html2canvasproxy.php?url=https://{{interactsh-url}}'
matchers-condition: and
matchers:
- type: word
part: interactsh_protocol
words:
- "http"
- type: word
part: body
words:
- "console.log"
requests:
- method: GET
path:
- '{{BaseURL}}/wp-content/plugins/qards/html2canvasproxy.php?url=https://{{interactsh-url}}'
matchers-condition: and
matchers:
- type: word
part: interactsh_protocol
words:
- "http"
- type: word
part: body
words:
- "console.log"
# Enhanced by mp on 2022/08/12

8
cves/2017/CVE-2017-4011.yaml
View File

@ -1,14 +1,14 @@
id: CVE-2017-4011
info:
name: McAfee NDLP User-Agent XSS
name: McAfee Network Data Loss Prevention 9.3.x - Cross-Site Scripting
author: geeknik
severity: medium
description: McAfee Network Data Loss Prevention (NDLP) 9.3.x allows remote attackers to get session/cookie information via modification of the HTTP request.
description: McAfee Network Data Loss Prevention User-Agent 9.3.x contains a cross-site scripting vulnerability which allows remote attackers to get session/cookie information via modification of the HTTP request.
reference:
- https://medium.com/@david.valles/cve-2017-4011-reflected-xss-found-in-mcafee-network-data-loss-prevention-ndlp-9-3-x-cf20451870ab
- https://kc.mcafee.com/corporate/index?page=content&id=SB10198
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=2017-4011
- https://nvd.nist.gov/vuln/detail/CVE-2017-4011
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -34,3 +34,5 @@ requests:
part: header
words:
- "text/html"
# Enhanced by mp on 2022/08/12

9
cves/2017/CVE-2017-5631.yaml
View File

@ -1,15 +1,14 @@
id: CVE-2017-5631
info:
name: CaseAware - Cross Site Scripting
name: KMCIS CaseAware - Cross-Site Scripting
author: edoardottt
severity: medium
description: An issue was discovered in KMCIS CaseAware. Reflected cross site scripting is present in the user parameter (i.e., "usr") that is transmitted in the login.php query string.
description: KMCIS CaseAware contains a reflected cross-site scripting vulnerability via the user parameter transmitted in the login.php query string.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2017-5631
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5631
- https://www.openbugbounty.org/incidents/228262/
- https://www.exploit-db.com/exploits/42042/
- https://nvd.nist.gov/vuln/detail/CVE-2017-5631
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -37,3 +36,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/12

7
cves/2017/CVE-2017-7391.yaml
View File

@ -1,14 +1,15 @@
id: CVE-2017-7391
info:
name: Magmi Cross-Site Scripting v.0.7.22
name: Magmi 0.7.22 - Cross-Site Scripting
author: pikpikcu
severity: medium
description: A Cross-Site Scripting (XSS) was discovered in 'Magmi 0.7.22'. The vulnerability exists due to insufficient filtration of user-supplied data (prefix) passed to the 'magmi-git-master/magmi/web/ajax_gettime.php' URL.
description: Magmi 0.7.22 contains a cross-site scripting vulnerability due to insufficient filtration of user-supplied data (prefix) passed to the magmi-git-master/magmi/web/ajax_gettime.php URL.
reference:
- https://github.com/dweeves/magmi-git/issues/522
- https://github.com/dweeves/magmi-git/releases/download/0.7.22/magmi_full_0.7.22.zip
- https://github.com/dweeves/magmi-git/pull/525
- https://nvd.nist.gov/vuln/detail/CVE-2017-7391
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -36,3 +37,5 @@ requests:
part: header
words:
- "text/html"
# Enhanced by mp on 2022/08/12

8
cves/2017/CVE-2017-9288.yaml
View File

@ -1,15 +1,15 @@
id: CVE-2017-9288
info:
name: Raygun4WP <= 1.8.0 - Reflected Cross-Site Scripting (XSS)
name: WordPress Raygun4WP <=1.8.0 - Cross-Site Scripting
author: daffainfo
severity: medium
description: The Raygun4WP plugin 1.8.0 for WordPress is vulnerable to a reflected XSS in sendtesterror.php (backurl parameter).
description: WordPress Raygun4WP 1.8.0 contains a reflected cross-site scripting vulnerability via sendtesterror.php.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2017-9288
- https://github.com/MindscapeHQ/raygun4wordpress/pull/17
- https://github.com/MindscapeHQ/raygun4wordpress/issues/16
- http://jgj212.blogspot.kr/2017/05/a-reflected-xss-vulnerability-in.html
- https://nvd.nist.gov/vuln/detail/CVE-2017-9288
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -37,3 +37,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/12

7
cves/2017/CVE-2017-9506.yaml
View File

@ -1,14 +1,15 @@
id: CVE-2017-9506
info:
name: Jira IconURIServlet SSRF
name: Atlassian Jira IconURIServlet - Cross-Site Scripting/Server-Side Request Forgery
author: pdteam
severity: medium
description: The IconUriServlet of the Atlassian OAuth Plugin from version 1.3.0 before version 1.9.12 and from version 2.0.0 before version 2.0.4 allows remote attackers to access the content of internal network resources and/or perform an XSS attack via Server Side Request Forgery (SSRF).
description: The Atlassian Jira IconUriServlet of the OAuth Plugin from version 1.3.0 before version 1.9.12 and from version 2.0.0 before version 2.0.4 contains a cross-site scripting vulnerability which allows remote attackers to access the content of internal network resources and/or perform an attack via Server Side Request Forgery.
reference:
- http://dontpanic.42.nl/2017/12/there-is-proxy-in-your-atlassian.html
- https://ecosystem.atlassian.net/browse/OAUTH-344
- https://medium.com/bugbountywriteup/piercing-the-veil-server-side-request-forgery-to-niprnet-access-171018bca2c3
- https://nvd.nist.gov/vuln/detail/CVE-2017-9506
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -30,3 +31,5 @@ requests:
part: interactsh_protocol # Confirms the HTTP Interaction
words:
- "http"
# Enhanced by mp on 2022/08/12

9
cves/2020/CVE-2020-14413.yaml
View File

@ -1,13 +1,14 @@
id: CVE-2020-14413
info:
name: NeDi 1.9C XSS
name: NeDi 1.9C - Cross-Site Scripting
author: pikpikcu
severity: medium
description: NeDi 1.9C is vulnerable to XSS because of an incorrect implementation of sanitize() in inc/libmisc.php. This function attempts to escape the SCRIPT tag from user-controllable values, but can be easily
description: NeDi 1.9C is vulnerable to cross-site scripting because of an incorrect implementation of sanitize() in inc/libmisc.php. This function attempts to escape the SCRIPT tag from user-controllable values, but can be easily
bypassed, as demonstrated by an onerror attribute of an IMG element as a Devices-Config.php?sta= value.
reference:
- https://gist.github.com/farid007/8db2ab5367ba00e87f9479b32d46fea8
- https://nvd.nist.gov/vuln/detail/CVE-2020-14413
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -35,4 +36,6 @@ requests:
- type: word
part: header
words:
- "text/html"
- "text/html"
# Enhanced by mp on 2022/08/15

10
cves/2020/CVE-2020-15500.yaml
View File

@ -1,14 +1,14 @@
id: CVE-2020-15500
info:
name: TileServer GL Reflected XSS
name: TileServer GL <=3.0.0 - Cross-Site Scripting
author: Akash.C
severity: medium
description: An issue was discovered in server.js in TileServer GL through 3.0.0. The content of the key GET parameter is reflected unsanitized in an HTTP response for the application's main page, causing reflected XSS.
description: TileServer GL through 3.0.0 is vulnerable to reflected cross-site scripting via server.js because the content of the key GET parameter is reflected unsanitized in an HTTP response for the application's main page.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2020-15500
- https://github.com/maptiler/tileserver-gl/issues/461
- http://packetstormsecurity.com/files/162193/Tileserver-gl-3.0.0-Cross-Site-Scripting.html
- https://nvd.nist.gov/vuln/detail/CVE-2020-15500
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -35,4 +35,6 @@ requests:
- type: word
words:
- "'>\"<svg/onload=confirm('xss')>"
part: body
part: body
# Enhanced by mp on 2022/08/15

8
cves/2020/CVE-2020-19282.yaml
View File

@ -1,14 +1,14 @@
id: CVE-2020-19282
info:
name: Jeesns 1.4.2 XSS
name: Jeesns 1.4.2 - Cross-Site Scripting
author: pikpikcu
severity: medium
description: Reflected cross-site scripting (XSS) vulnerability in Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the system error message's text field.
description: Jeesns 1.4.2 is vulnerable to reflected cross-site scripting that allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the system error message's text field.
reference:
- https://github.com/zchuanzhao/jeesns/issues/11
- https://nvd.nist.gov/vuln/detail/CVE-2020-19282
- https://www.seebug.org/vuldb/ssvid-97940
- https://nvd.nist.gov/vuln/detail/CVE-2020-19282
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -37,3 +37,5 @@ requests:
part: header
words:
- text/html
# Enhanced by mp on 2022/08/15

8
cves/2020/CVE-2020-19283.yaml
View File

@ -1,14 +1,14 @@
id: CVE-2020-19283
info:
name: Jeesns newVersion Reflection XSS
name: Jeesns 1.4.2 - Cross-Site Scripting
author: pikpikcu
severity: medium
description: Reflected cross-site scripting (XSS) vulnerability in the /newVersion component of Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML.
description: Jeesns 1.4.2 is vulnerable to reflected cross-site scripting in the /newVersion component and allows attackers to execute arbitrary web scripts or HTML.
reference:
- https://github.com/zchuanzhao/jeesns/issues/10
- https://nvd.nist.gov/vuln/detail/CVE-2020-19283
- https://www.seebug.org/vuldb/ssvid-97939
- https://nvd.nist.gov/vuln/detail/CVE-2020-19283
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -37,3 +37,5 @@ requests:
part: header
words:
- text/html
# Enhanced by mp on 2022/08/15

8
cves/2020/CVE-2020-19295.yaml
View File

@ -1,14 +1,14 @@
id: CVE-2020-19295
info:
name: Jeesns Weibo Topic Reflection XSS
name: Jeesns 1.4.2 - Cross-Site Scripting
author: pikpikcu
severity: medium
description: Reflected cross-site scripting (XSS) vulnerability in Jeesns 1.4.2 allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the system error message's text field.
description: Jeesns 1.4.2 is vulnerable to reflected cross-site scripting in the /weibo/topic component and allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the system error message's text field.
reference:
- https://github.com/zchuanzhao/jeesns/issues/21
- https://nvd.nist.gov/vuln/detail/CVE-2020-19295
- https://www.seebug.org/vuldb/ssvid-97950
- https://nvd.nist.gov/vuln/detail/CVE-2020-19295
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -37,3 +37,5 @@ requests:
part: header
words:
- text/html
# Enhanced by mp on 2022/08/15

7
cves/2020/CVE-2020-1943.yaml
View File

@ -1,15 +1,16 @@
id: CVE-2020-1943
info:
name: Apache OFBiz Reflected XSS
name: Apache OFBiz <=16.11.07 - Cross-Site Scripting
author: pdteam
severity: medium
description: Data sent with contentId to /control/stream is not sanitized, allowing XSS attacks in Apache OFBiz 16.11.01 to 16.11.07.
description: Apache OFBiz 16.11.01 to 16.11.07 is vulnerable to cross-site scripting because data sent with contentId to /control/stream is not sanitized.
reference:
- https://lists.apache.org/thread.html/rf867d9a25fa656b279b16e27b8ff6fcda689cfa4275a26655c685702%40%3Cdev.ofbiz.apache.org%3E
- https://s.apache.org/pr5u8
- https://lists.apache.org/thread.html/r034123f2767830169fd04c922afb22d2389de6e2faf3a083207202bc@%3Ccommits.ofbiz.apache.org%3E
- https://lists.apache.org/thread.html/r8efd5b62604d849ae2f93b2eb9ce0ce0356a4cf5812deed14030a757@%3Cdev.ofbiz.apache.org%3E
- https://nvd.nist.gov/vuln/detail/CVE-2020-1943
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -37,3 +38,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/14

7
cves/2020/CVE-2020-2096.yaml
View File

@ -1,14 +1,15 @@
id: CVE-2020-2096
info:
name: Jenkins Gitlab Hook XSS
name: Jenkins Gitlab Hook <=1.4.2 - Cross-Site Scripting
author: madrobot
severity: medium
description: Jenkins Gitlab Hook Plugin 1.4.2 and earlier does not escape project names in the build_now endpoint, resulting in a reflected XSS vulnerability.
description: Jenkins Gitlab Hook 1.4.2 and earlier does not escape project names in the build_now endpoint, resulting in a reflected cross-site scripting vulnerability.
reference:
- https://jenkins.io/security/advisory/2020-01-15/#SECURITY-1683
- http://www.openwall.com/lists/oss-security/2020/01/15/1
- http://packetstormsecurity.com/files/155967/Jenkins-Gitlab-Hook-1.4.2-Cross-Site-Scripting.html
- https://nvd.nist.gov/vuln/detail/CVE-2020-2096
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -38,3 +39,5 @@ requests:
part: header
words:
- text/html
# Enhanced by mp on 2022/08/14

5
cves/2020/CVE-2020-20988.yaml
View File

@ -4,9 +4,10 @@ info:
author: arafatansari
severity: medium
description: |
DomainMOD 4.13.0 is vulnerable to Cross Site Scripting (XSS) via reporting/domains/cost-by-owner.php in "or Expiring Between" parameter.
DomainMOD 4.13.0 is vulnerable to cross-site scripting via reporting/domains/cost-by-owner.php in the "or Expiring Between" parameter.
reference:
- https://mycvee.blogspot.com/p/xss2.html
- https://nvd.nist.gov/vuln/detail/CVE-2020-20988
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
cvss-score: 5.4
@ -43,3 +44,5 @@ requests:
- 'contains(body_2, "value=\"\"/><script>alert(document.domain)</script>")'
- 'contains(body_2, "DomainMOD")'
condition: and
# Enhanced by mp on 2022/08/14

7
cves/2020/CVE-2020-25495.yaml
View File

@ -1,14 +1,15 @@
id: CVE-2020-25495
info:
name: SCO Openserver 5.0.7 - 'section' Cross-Site scripting
name: Xinuo Openserver 5/6 - Cross-Site scripting
author: 0x_Akoko
severity: medium
description: A reflected cross-site scripting (XSS) vulnerability in Xinuo (formerly SCO) Openserver version 5 and 6 allows remote attackers to inject arbitrary web script or HTML tag via the parameter 'section'.
description: Xinuo (formerly SCO) Openserver versions 5 and 6 allows remote attackers to inject arbitrary web script or HTML tag via the parameter 'section' and is vulnerable to reflected cross-site scripting.
reference:
- https://www.exploit-db.com/exploits/49300
- https://github.com/Ramikan/Vulnerabilities/blob/master/SCO%20Openserver%20XSS%20%26%20HTML%20Injection%20vulnerability
- http://packetstormsecurity.com/files/160634/SCO-Openserver-5.0.7-Cross-Site-Scripting.html
- https://nvd.nist.gov/vuln/detail/CVE-2020-25495
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -36,3 +37,5 @@ requests:
words:
- "text/html"
part: header
# Enhanced by mp on 2022/08/14

11
cves/2020/CVE-2020-25864.yaml
View File

@ -1,15 +1,16 @@
id: CVE-2020-25864
info:
name: HashiCorp Consul and Consul Enterprise up to version 1.9.4 key-value (KV) raw mode is vulnerable to cross-site scripting
name: HashiCorp Consul/Consul Enterprise <=1.9.4 - Cross-Site Scripting
author: c-sh0
severity: medium
description: |
HashiCorp Consul and Consul Enterprise up to version 1.9.4 key-value (KV) raw mode was vulnerable to cross-site scripting. Fixed in 1.9.5, 1.8.10 and 1.7.14.
HashiCorp Consul and Consul Enterprise up to version 1.9.4 are vulnerable to cross-site scripting via the key-value (KV) raw mode.
remediation: Fixed in 1.9.5, 1.8.10 and 1.7.14.
reference:
- https://discuss.hashicorp.com/t/hcsec-2021-07-consul-api-kv-endpoint-vulnerable-to-cross-site-scripting/23368
- https://nvd.nist.gov/vuln/detail/CVE-2020-25864
- https://www.hashicorp.com/blog/category/consul
- https://nvd.nist.gov/vuln/detail/CVE-2020-25864
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -44,4 +45,6 @@ requests:
- type: word
part: body_2
words:
- "<!DOCTYPE html><script>alert(document.domain)</script>"
- "<!DOCTYPE html><script>alert(document.domain)</script>"
# Enhanced by mp on 2022/08/14

8
cves/2020/CVE-2020-26153.yaml
View File

@ -1,15 +1,15 @@
id: CVE-2020-26153
info:
name: Event Espresso Core-Reg XSS
name: Event Espresso Core-Reg 4.10.7.p - Cross-Site Scripting
author: pikpikcu
severity: medium
description: |
cross-site scripting (XSS) vulnerability in wp-content/plugins/event-espresso-core-reg/admin_pages/messages/templates/ee_msg_admin_overview.template.php in the Event Espresso Core plugin before 4.10.7.p for WordPress allows remote attackers to inject arbitrary web script or HTML via the page parameter.
Event Espresso Core-Reg 4.10.7.p is vulnerable to cross-site scripting in wp-content/plugins/event-espresso-core-reg/admin_pages/messages/templates/ee_msg_admin_overview.template.php and allows remote attackers to inject arbitrary web script or HTML via the page parameter.
reference:
- https://labs.nettitude.com/blog/cve-2020-26153-event-espresso-core-cross-site-scripting/
- https://nvd.nist.gov/vuln/detail/CVE-2020-26153
- https://github.com/eventespresso/event-espresso-core/compare/4.10.6.p...4.10.7.p
- https://nvd.nist.gov/vuln/detail/CVE-2020-26153
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -37,3 +37,5 @@ requests:
part: header
words:
- text/html
# Enhanced by mp on 2022/08/15

10
cves/2020/CVE-2020-27735.yaml
View File

@ -1,15 +1,15 @@
id: CVE-2020-27735
info:
name: Wing FTP's Web Interface XSS
name: Wing FTP 6.4.4 - Cross-Site Scripting
author: pikpikcu
severity: medium
description: |
An XSS issue was discovered in Wing FTP 6.4.4. An arbitrary IFRAME element can be included in the help pages via a crafted link, leading to the execution of (sandboxed) arbitrary HTML and JavaScript in the user's browser.
Wing FTP 6.4.4 is vulnerable to cross-site scripting via its web interface because an arbitrary IFRAME element can be included in the help pages via a crafted link, leading to the execution of (sandboxed) arbitrary HTML and JavaScript in the user's browser.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2020-27735
- https://www.wftpserver.com/serverhistory.htm
- https://wshenk.blogspot.com/2021/01/xss-in-wing-ftps-web-interface-cve-2020.html
- https://nvd.nist.gov/vuln/detail/CVE-2020-27735
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -20,7 +20,7 @@ info:
requests:
- method: GET
path:
- "{{BaseURL}}/help/english/index.html?javascript&#58;alert(document.domain)"
- "{{BaseURL}}/help/english/index.html?javascript:alert(document.domain)"
matchers-condition: and
matchers:
@ -37,3 +37,5 @@ requests:
part: header
words:
- text/html
# Enhanced by mp on 2022/08/14

10
cves/2020/CVE-2020-27982.yaml
View File

@ -1,14 +1,14 @@
id: CVE-2020-27982
info:
name: IceWarp WebMail Reflected XSS
name: IceWarp WebMail 11.4.5.0 - Cross-Site Scripting
author: madrobot
severity: medium
description: IceWarp 11.4.5.0 allows XSS via the language parameter.
description: IceWarp WebMail 11.4.5.0 is vulnerable to cross-site scripting via the language parameter.
reference:
- https://packetstormsecurity.com/files/159763/Icewarp-WebMail-11.4.5.0-Cross-Site-Scripting.html
- http://packetstormsecurity.com/files/159763/Icewarp-WebMail-11.4.5.0-Cross-Site-Scripting.html
- https://cxsecurity.com/issue/WLB-2020100161
- https://nvd.nist.gov/vuln/detail/CVE-2020-27982
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -37,4 +37,6 @@ requests:
- type: word
words:
- "text/html"
part: header
part: header
# Enhanced by mp on 2022/08/14

9
cves/2020/CVE-2020-28351.yaml
View File

@ -1,15 +1,14 @@
id: CVE-2020-28351
info:
name: ShoreTel 19.46.1802.0 XSS
name: Mitel ShoreTel 19.46.1802.0 Devices - Cross-Site Scripting
author: pikpikcu
severity: medium
description: conferencing component on Mitel ShoreTel 19.46.1802.0 devices could allow an unauthenticated attacker to conduct a reflected cross-site scripting (XSS) attack (via the PATH_INFO to index.php) due to insufficient validation for the time_zone object in the HOME_MEETING& page
description: Mitel ShoreTel 19.46.1802.0 devices and their conference component are vulnerable to an unauthenticated attacker conducting reflected cross-site scripting attacks via the PATH_INFO variable to index.php due to insufficient validation for the time_zone object in the HOME_MEETING& page.
reference:
- https://packetstormsecurity.com/files/159987/ShoreTel-Conferencing-19.46.1802.0-Cross-Site-Scripting.html
- https://nvd.nist.gov/vuln/detail/CVE-2020-28351
- https://www.mitel.com/articles/what-happened-shoretel-products
- https://github.com/dievus/cve-2020-28351
- https://nvd.nist.gov/vuln/detail/CVE-2020-28351
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -39,3 +38,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/15

7
cves/2020/CVE-2020-29164.yaml
View File

@ -1,13 +1,14 @@
id: CVE-2020-29164
info:
name: PacsOne Server XSS
name: PacsOne Server <7.1.1 - Cross-Site Scripting
author: geeknik
severity: medium
description: PacsOne Server (PACS Server In One Box) below 7.1.1 is affected by cross-site scripting (XSS).
description: PacsOne Server (PACS Server In One Box) below 7.1.1 is vulnerable to cross-site scripting.
reference:
- https://gist.github.com/leommxj/0a32afeeaac960682c5b7c9ca8ed070d
- https://pacsone.net/download.htm
- https://nvd.nist.gov/vuln/detail/CVE-2020-29164
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -36,3 +37,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/15

8
cves/2020/CVE-2020-29395.yaml
View File

@ -1,14 +1,14 @@
id: CVE-2020-29395
info:
name: Wordpress Plugin EventON Calendar 3.0.5 - Reflected Cross-Site Scripting (XSS)
name: Wordpress EventON Calendar 3.0.5 - Cross-Site Scripting
author: daffainfo
severity: medium
description: The EventON plugin through 3.0.5 for WordPress allows addons/?q= XSS via the search field.
description: Wordpress EventON Calendar 3.0.5 is vulnerable to cross-site scripting because it allows addons/?q= XSS via the search field.
reference:
- https://github.com/mustgundogdu/Research/tree/main/EventON_PLUGIN_XSS
- https://nvd.nist.gov/vuln/detail/CVE-2020-29395
- https://www.myeventon.com/news/
- https://nvd.nist.gov/vuln/detail/CVE-2020-29395
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -36,3 +36,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/14

10
cves/2020/CVE-2020-3580.yaml
View File

@ -1,15 +1,15 @@
id: CVE-2020-3580
info:
name: Cisco ASA XSS
name: Cisco ASA/FTD Software - Cross-Site Scripting
author: pikpikcu
severity: medium
description: |
Multiple vulnerabilities in the web services interface of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an unauthenticated, remote attacker to conduct cross-site scripting (XSS) attacks against a user of the web services interface of an affected device. The vulnerabilities are due to insufficient validation of user-supplied input by the web services interface of an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive, browser-based information. Note: These vulnerabilities affect only specific AnyConnect and WebVPN configurations. For more information, see the Vulnerable Products section.
Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software are vulnerable to cross-site scripting and could allow an unauthenticated, remote attacker to conduct attacks against a user of the web services interface of an affected device. The vulnerabilities are due to insufficient validation of user-supplied input by the web services interface of an affected device. An attacker could exploit these vulnerabilities by persuading a user of the interface to click a crafted link. A successful exploit could allow the attacker to execute arbitrary script code in the context of the interface or allow the attacker to access sensitive, browser-based information. Note: These vulnerabilities affect only specific AnyConnect and WebVPN configurations. For more information, see the reference links.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2020-3580
- https://twitter.com/ptswarm/status/1408050644460650502
- https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-asaftd-xss-multiple-FCB3vPZe
- https://nvd.nist.gov/vuln/detail/CVE-2020-3580
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -40,4 +40,6 @@ requests:
- type: word
part: header
words:
- "text/html"
- "text/html"
# Enhanced by mp on 2022/08/14

8
cves/2020/CVE-2020-36510.yaml
View File

@ -1,14 +1,14 @@
id: CVE-2020-36510
info:
name: 15Zine < 3.3.0 - Reflected Cross-Site Scripting
name: WordPress 15Zine <3.3.0 - Cross-Site Scripting
author: veshraj
severity: medium
description: |
The 15Zine Wordpress theme does not sanitize the cbi parameter before including it in the HTTP response via the cb_s_a AJAX action, leading to a reflected cross-site scripting.
WordPress 15Zine before 3.3.0 is vulnerable to reflected cross-site scripting because the theme does not sanitize the cbi parameter before including it in the HTTP response via the cb_s_a AJAX action.
reference:
- https://wpscan.com/vulnerability/d1dbc6d7-7488-40c2-bc38-0674ea5b3c95
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36510
- https://nvd.nist.gov/vuln/detail/CVE-2020-36510
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.10
@ -38,3 +38,5 @@ requests:
- type: status
status:
- 200
# Enhanced by mp on 2022/08/14

8
cves/2020/CVE-2020-6171.yaml
View File

@ -1,14 +1,14 @@
id: CVE-2020-6171
info:
name: CLink Office v2 XSS
name: CLink Office 2.0 - Cross-Site Scripting
author: pikpikcu
severity: medium
description: |
A cross-site scripting (XSS) vulnerability in the index page of the CLink Office 2.0 management console allows remote attackers to inject arbitrary web script or HTML via the lang parameter.
CLink Office 2.0 is vulnerable to cross-site scripting in the index page of the management console and allows remote attackers to inject arbitrary web script or HTML via the lang parameter.
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2020-6171
- https://www.deepcode.ca/index.php/2020/04/07/cve-2020-xss-in-clink-office-v2/
- https://nvd.nist.gov/vuln/detail/CVE-2020-6171
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -36,3 +36,5 @@ requests:
part: header
words:
- text/html
# Enhanced by mp on 2022/08/15

12
cves/2020/CVE-2020-7318.yaml
View File

@ -1,19 +1,15 @@
id: CVE-2020-7318
info:
name: McAfee ePolicy Orchestrator Reflected XSS
name: McAfee ePolicy Orchestrator <5.10.9 Update 9 - Cross-Site Scripting
author: dwisiswant0
severity: medium
description: |
Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO)
prior to 5.10.9 Update 9 allows administrators to inject arbitrary web
script or HTML via multiple parameters where the administrator's entries
were not correctly sanitized.
McAfee ePolicy Orchestrator before 5.10.9 Update 9 is vulnerable to a cross-site scripting vulnerability that allows administrators to inject arbitrary web script or HTML via multiple parameters where the administrator's entries were not correctly sanitized.
reference:
- https://swarm.ptsecurity.com/vulnerabilities-in-mcafee-epolicy-orchestrator/
reference:
- https://kc.mcafee.com/corporate/index?page=content&id=SB10332
- https://nvd.nist.gov/vuln/detail/CVE-2020-7318
classification:
cvss-metrics: CVSS:3.1/AV:A/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
cvss-score: 4.3
@ -43,3 +39,5 @@ requests:
- "'\"><svg/onload=alert(document.domain)>"
condition: and
part: body
# Enhanced by mp on 2022/08/15

8
cves/2021/CVE-2021-24275.yaml
View File

@ -1,14 +1,14 @@
id: CVE-2021-24275
info:
name: Popup by Supsystic < 1.10.5 - Reflected Cross-Site scripting (XSS)
name: Popup by Supsystic <1.10.5 - Cross-Site scripting
author: dhiyaneshDK
severity: medium
description: The Popup by Supsystic WordPress plugin before 1.10.5 did not sanitise the tab parameter of its options page before outputting it in an attribute, leading to a reflected Cross-Site Scripting issue.
description: WordPress Popup by Supsystic before 1.10.5 did not sanitize the tab parameter of its options page before outputting it in an attribute, leading to a reflected cross-site scripting issue.
reference:
- https://wpscan.com/vulnerability/efdc76e0-c14a-4baf-af70-9d381107308f
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24275
- http://packetstormsecurity.com/files/164311/WordPress-Popup-1.10.4-Cross-Site-Scripting.html
- https://nvd.nist.gov/vuln/detail/CVE-2021-24275
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
@ -36,3 +36,5 @@ requests:
words:
- "text/html"
part: header
# Enhanced by mp on 2022/08/15

2
exposures/files/bitbucket-pipelines.yaml
View File

@ -1,7 +1,7 @@
id: bitbucket-pipelines
info:
name: BitBucket Piplelines Configuration Exposure
name: BitBucket Pipelines Configuration Exposure
author: DhiyaneshDK
severity: info
metadata:

2
exposures/files/pipeline-configuration.yaml
View File

@ -1,7 +1,7 @@
id: pipeline-configuration
info:
name: Pipleline Configuration Exposure
name: Pipeline Configuration Exposure
author: DhiyaneshDK
severity: info
metadata: