daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Auto Generated CVE annotations [Sun Feb 26 13:23:33 UTC 2023] 🤖

patch-1
GitHub Action 2023-02-26 13:23:33 +00:00
parent 49b5737eba
commit 4a363a8511
31 changed files with 97 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cves/2017/CVE-2017-7615.yaml
View File

@ -18,7 +18,7 @@ info:
- http://www.openwall.com/lists/oss-security/2017/04/16/2
- https://nvd.nist.gov/vuln/detail/CVE-2017-7615
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
cvss-score: 8.8
cve-id: CVE-2017-7615
cwe-id: CWE-640

2
cves/2017/CVE-2017-9833.yaml
View File

@ -11,7 +11,7 @@ info:
- https://pastebin.com/raw/rt7LJvyF
- https://www.exploit-db.com/exploits/42290/
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cve-id: CVE-2017-9833
cwe-id: CWE-22

2
cves/2018/CVE-2018-17431.yaml
View File

@ -11,7 +11,7 @@ info:
- https://nvd.nist.gov/vuln/detail/CVE-2018-17431
- https://github.com/Fadavvi/CVE-2018-17431-PoC#confirmation-than-bug-exist-2018-09-25-ticket-id-xwr-503-79437
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2018-17431
cwe-id: CWE-287

6
cves/2018/CVE-2018-19365.yaml
View File

@ -3,15 +3,15 @@ id: CVE-2018-19365
info:
name: Wowza Streaming Engine Manager 4.7.4.01 - Directory Traversal
author: 0x_Akoko
severity: high
severity: critical
description: Wowza Streaming Engine 4.7.4.01 allows traversal of the directory structure and retrieval of a file via a remote, specifically crafted HTTP request to the REST API.
reference:
- https://blog.gdssecurity.com/labs/2019/2/11/wowza-streaming-engine-manager-directory-traversal-and-local.html
- https://www.cvedetails.com/cve/CVE-2018-19365
- https://raw.githubusercontent.com/WowzaMediaSystems/public_cve/main/wowza-streaming-engine/CVE-2018-19365.txt
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:H
cvss-score: 9.1
cve-id: CVE-2018-19365
cwe-id: CWE-22
tags: cve,cve2018,wowza,lfi

2
cves/2018/CVE-2018-20470.yaml
View File

@ -11,7 +11,7 @@ info:
- http://packetstormsecurity.com/files/153330/Sahi-Pro-7.x-8.x-Directory-Traversal.html
- https://nvd.nist.gov/vuln/detail/CVE-2018-20470
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cve-id: CVE-2018-20470
cwe-id: CWE-22

6
cves/2019/CVE-2019-10405.yaml
View File

@ -10,10 +10,10 @@ info:
- https://jenkins.io/security/advisory/2019-09-25/#SECURITY-1505
- http://www.openwall.com/lists/oss-security/2019/09/25/3
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
cvss-score: 4.3
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N
cvss-score: 5.4
cve-id: CVE-2019-10405
cwe-id: CWE-200
cwe-id: CWE-79
metadata:
shodan-query: http.favicon.hash:81586312
tags: cve,cve2019,jenkins

2
cves/2019/CVE-2019-14322.yaml
View File

@ -11,7 +11,7 @@ info:
- http://packetstormsecurity.com/files/163398/Pallets-Werkzeug-0.15.4-Path-Traversal.html
- https://nvd.nist.gov/vuln/detail/CVE-2019-14322
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cve-id: CVE-2019-14322
cwe-id: CWE-22

2
cves/2019/CVE-2019-9922.yaml
View File

@ -11,7 +11,7 @@ info:
- https://extensions.joomla.org/extension/je-messenger/
- https://nvd.nist.gov/vuln/detail/CVE-2019-9922
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cve-id: CVE-2019-9922
cwe-id: CWE-22

6
cves/2020/CVE-2020-11110.yaml
View File

@ -13,13 +13,13 @@ info:
- https://hackerone.com/reports/1329433
remediation: This issue can be resolved by updating Grafana to the latest version.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
cvss-score: 5.4
cve-id: CVE-2020-11110
cwe-id: CWE-79
metadata:
shodan-query: title:"Grafana"
tags: cve,cve2020,xss,grafana
tags: cve2020,xss,grafana,hackerone,cve
requests:
- raw:

2
cves/2020/CVE-2020-35476.yaml
View File

@ -14,7 +14,7 @@ info:
cvss-score: 9.8
cve-id: CVE-2020-35476
cwe-id: CWE-78
tags: cve,cve2020,opentsdb,rce
tags: cve,cve2020,opentsdb,rce,packetstorm
requests:
- method: GET

7
cves/2021/CVE-2021-25099.yaml
View File

@ -11,10 +11,13 @@ info:
- https://wordpress.org/plugins/give/
- https://nvd.nist.gov/vuln/detail/CVE-2021-25099
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2021-25099
cwe-id: CWE-79
metadata:
verified: true
tags: cve,cve2021,wordpress,wp-plugin,wp,xss,give,unauth
verified: "true"
tags: give,unauth,cve2021,wordpress,wp-plugin,xss,cve,wp,wpscan
requests:
- raw:

7
cves/2021/CVE-2021-30128.yaml
View File

@ -8,11 +8,16 @@ info:
reference:
- https://lists.apache.org/thread.html/rbe8439b26a71fc3b429aa793c65dcc4a6e349bc7bb5010746a74fa1d@%3Ccommits.ofbiz.apache.org%3E
- https://nvd.nist.gov/vuln/detail/CVE-2021-30128
- https://lists.apache.org/thread.html/rb3f5cd65f3ddce9b9eb4d6ea6e2919933f0f89b15953769d11003743%40%3Cdev.ofbiz.apache.org%3E
- https://lists.apache.org/thread.html/rb3f5cd65f3ddce9b9eb4d6ea6e2919933f0f89b15953769d11003743@%3Cdev.ofbiz.apache.org%3E
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2021-30128
cwe-id: CWE-502
metadata:
verified: true
fofa-query: app="Apache_OFBiz"
verified: "true"
tags: cve,cve2021,apache,ofbiz,deserialization,rce
requests:

2
cves/2021/CVE-2021-32853.yaml
View File

@ -8,6 +8,8 @@ info:
reference:
- https://securitylab.github.com/advisories/GHSL-2021-103-erxes/
- https://nvd.nist.gov/vuln/detail/CVE-2021-3285
- https://github.com/erxes/erxes/blob/f131b49add72032650d483f044d00658908aaf4a/widgets/server/views/widget.ejs#L14
- https://github.com/erxes/erxes/blob/f131b49add72032650d483f044d00658908aaf4a/widgets/server/index.ts#L54
classification:
cve-id: CVE-2021-32853
metadata:

2
cves/2021/CVE-2021-41773.yaml
View File

@ -19,8 +19,8 @@ info:
cve-id: CVE-2021-41773
cwe-id: CWE-22
metadata:
verified: "true"
shodan-query: Apache 2.4.49
verified: "true"
tags: cve,cve2021,lfi,rce,apache,misconfig,traversal,kev
variables:

2
cves/2021/CVE-2021-42887.yaml
View File

@ -10,7 +10,7 @@ info:
- https://nvd.nist.gov/vuln/detail/cve-2021-42887
- https://github.com/p1Kk/vuln/blob/main/totolink_ex1200t_login_bypass.md
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2021-42887
cwe-id: CWE-287

5
cves/2022/CVE-2022-0786.yaml
View File

@ -11,10 +11,13 @@ info:
- https://wordpress.org/plugins/kivicare-clinic-management-system/
- https://nvd.nist.gov/vuln/detail/CVE-2022-0786
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2022-0786
cwe-id: CWE-89
metadata:
verified: "true"
tags: cve,cve2022,wordpress,wp-plugin,wp,sqli,kivicare-clinic-management-system,unauth
tags: wordpress,wp-plugin,wp,sqli,kivicare-clinic-management-system,unauth,cve,cve2022,wpscan
requests:
- raw:

5
cves/2022/CVE-2022-1595.yaml
View File

@ -11,10 +11,13 @@ info:
- https://wordpress.org/plugins/hc-custom-wp-admin-url/
- https://nvd.nist.gov/vuln/detail/CVE-2022-1595
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cvss-score: 5.3
cve-id: CVE-2022-1595
cwe-id: CWE-200
metadata:
verified: "true"
tags: cve,cve2022,wordpress,wp-plugin,wp,hc-custom-wp-admin-url,unauth
tags: wp-plugin,wp,hc-custom-wp-admin-url,unauth,wpscan,cve,cve2022,wordpress
requests:
- raw:

6
cves/2022/CVE-2022-2314.yaml
View File

@ -11,10 +11,12 @@ info:
- https://wordpress.org/plugins/vr-calendar-sync/
- https://nvd.nist.gov/vuln/detail/CVE-2022-2314
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2022-2314
metadata:
verified: true
tags: cve,cve2022,wordpress,wp-plugin,wp,rce,vr-calendar-sync,unauth
verified: "true"
tags: cve,cve2022,wordpress,wp,wp-plugin,rce,vr-calendar-sync,unauth,wpscan
requests:
- raw:

3
cves/2022/CVE-2022-23854.yaml
View File

@ -12,7 +12,10 @@ info:
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-23854
- https://www.cisa.gov/uscert/ics/advisories/icsa-22-342-02
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cve-id: CVE-2022-23854
cwe-id: CWE-23
metadata:
shodan-query: http.html:"InTouch Access Anywhere"
verified: "true"

8
cves/2022/CVE-2022-24990.yaml
View File

@ -3,15 +3,19 @@ id: CVE-2022-24990
info:
name: TerraMaster TOS < 4.2.30 Server Information Disclosure
author: dwisiswant0
severity: medium
severity: high
description: TerraMaster NAS devices running TOS prior to version 4.2.30 are vulnerable to information disclosure.
reference:
- https://octagon.net/blog/2022/03/07/cve-2022-24990-terrmaster-tos-unauthenticated-remote-command-execution-via-php-object-instantiation/
- https://www.broadcom.com/support/security-center/attacksignatures/detail?asid=33732
- https://forum.terra-master.com/en/viewforum.php?f=28
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cve-id: CVE-2022-24990
metadata:
shodan-query: TerraMaster
tags: cve,cve2022,terramaster,exposure
tags: cve,cve2022,terramaster,exposure,kev
requests:
- method: GET

5
cves/2022/CVE-2022-2546.yaml
View File

@ -12,9 +12,12 @@ info:
- https://patchstack.com/database/vulnerability/all-in-one-wp-migration/wordpress-all-in-one-wp-migration-plugin-7-62-unauthenticated-reflected-cross-site-scripting-xss-vulnerability
- https://nvd.nist.gov/vuln/detail/CVE-2022-2546
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 4.7
cve-id: CVE-2022-2546
cwe-id: CWE-79
metadata:
verified: true
verified: "true"
tags: cve,all-in-one-wp-migration,authenticated,wpscan,cve2022,wordpress,wp-plugin,wp,xss
requests:

9
cves/2022/CVE-2022-33891.yaml
View File

@ -8,9 +8,16 @@ info:
reference:
- https://github.com/W01fh4cker/cve-2022-33891
- https://nvd.nist.gov/vuln/detail/CVE-2022-33891
- https://lists.apache.org/thread/p847l3kopoo5bjtmxrcwk21xp6tjxqlc
- http://packetstormsecurity.com/files/168309/Apache-Spark-Unauthenticated-Command-Injection.html
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
cvss-score: 8.8
cve-id: CVE-2022-33891
cwe-id: CWE-77
metadata:
verified: "true"
shodan-query: title:"Spark Master at"
verified: "true"
tags: cve,cve2022,apache,spark,authenticated
variables:

4
cves/2022/CVE-2022-3768.yaml
View File

@ -6,12 +6,12 @@ info:
severity: high
description: |
The WPSmartContracts WordPress plugin before 1.3.12 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as author
remediation: Fixed in version 1.3.12
reference:
- https://wpscan.com/vulnerability/1d8bf5bb-5a17-49b7-a5ba-5f2866e1f8a3
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3768
- https://nvd.nist.gov/vuln/detail/CVE-2022-3768
- https://cve.report/CVE-2022-3768
remediation: Fixed in version 1.3.12
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
cvss-score: 8.8
@ -19,7 +19,7 @@ info:
cwe-id: CWE-89
metadata:
verified: "true"
tags: cve,cve2022,wordpress,wp-plugin,wp,sqli,wp-smart-contracts,authenticated
tags: wpscan,cve2022,wp-plugin,wp,authenticated,cve,wordpress,sqli,wp-smart-contracts
requests:
- raw:

7
cves/2022/CVE-2022-4050.yaml
View File

@ -11,10 +11,13 @@ info:
- https://wordpress.org/plugins/joomsport-sports-league-results-management/
- https://nvd.nist.gov/vuln/detail/CVE-2022-4050
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2022-4050
cwe-id: CWE-89
metadata:
verified: true
tags: cve,cve2022,wordpress,wp-plugin,wp,sqli,joomsport-sports-league-results-management,unauth
verified: "true"
tags: cve2022,wp-plugin,wp,sqli,cve,wordpress,joomsport-sports-league-results-management,unauth,wpscan
requests:
- raw:

8
cves/2022/CVE-2022-4260.yaml
View File

@ -3,20 +3,22 @@ id: CVE-2022-4260
info:
name: WP-Ban < 1.69.1 - Admin Stored XSS
author: Hardik-Solanki
severity: high
severity: medium
description: |
The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
remediation: Fixed in version 1.69.1
reference:
- https://wpscan.com/vulnerability/d0cf24be-df87-4e1f-aae7-e9684c88e7db
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-4260
- https://drive.google.com/file/d/11nQ21cQ9irajYqNqsQtNrLJOkeRcwCXn/view?usp=drivesdk
remediation: Fixed in version 1.69.1
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N
cvss-score: 4.8
cve-id: CVE-2022-4260
cwe-id: CWE-79
metadata:
verified: "true"
tags: cve,cve2022,wordpress,wp-plugin,wp,xss,wp-ban,authenticated
tags: cve2022,wp-plugin,wp,xss,authenticated,cve,wordpress,wp-ban,wpscan
requests:
- raw:

9
cves/2022/CVE-2022-42746.yaml
View File

@ -9,14 +9,15 @@ info:
reference:
- https://fluidattacks.com/advisories/modestep/
- https://nvd.nist.gov/vuln/detail/CVE-2022-42746
- https://candidats.net/
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
cvss-score: 5.4
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2022-42746
cwe-id: CWE-80
cwe-id: CWE-79
metadata:
verified: true
shodan-query: http.html:"CandidATS"
verified: "true"
tags: cve,cve2022,candidats,xss
requests:

9
cves/2022/CVE-2022-45917.yaml
View File

@ -11,10 +11,15 @@ info:
- https://seclists.org/fulldisclosure/2022/Dec/7
- https://sec-consult.com/vulnerability-lab/advisory/multiple-critical-vulnerabilities-in-ilias-elearning-platform/
- https://github.com/advisories/GHSA-hf6q-rx44-fh6j
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2022-45917
cwe-id: CWE-601
metadata:
verified: true
shodan-query: http.html:"ILIAS"
tags: cve,cve2022,ilias,redirect
verified: "true"
tags: seclists,cve,cve2022,ilias,redirect,packetstorm
requests:
- method: GET

7
cves/2022/CVE-2022-46381.yaml
View File

@ -9,9 +9,14 @@ info:
reference:
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-46381
- https://github.com/omarhashem123/Security-Research/blob/main/CVE-2022-46381/CVE-2022-46381.txt
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2022-46381
cwe-id: CWE-79
metadata:
verified: "true"
shodan-query: http.html:"Linear eMerge"
verified: "true"
tags: cve,cve2022,xss,emerge,linear
requests:

2
exposures/files/svn-wc-db.yaml
View File

@ -10,7 +10,7 @@ info:
metadata:
verified: true
google-query: intitle:"index of" "wc.db"
tags: exposure,svn,config,files
tags: msf,exposure,svn,config,files
requests:
- method: GET

2
vulnerabilities/vmware/vmware-nsx-stream-rce.yaml
View File

@ -21,7 +21,7 @@ info:
verified: true
shodan-query: title:"VMware Appliance Management"
fofa-query: title="VMware Appliance Management"
tags: vmware,xstream,rce
tags: vmware,xstream,rce,msf
variables:
lowerrstr: "{{to_lower(rand_text_alpha(6))}}"

2
vulnerabilities/zyxel/unauth-lfd-zhttpd.yaml
View File

@ -13,7 +13,7 @@ info:
metadata:
verified: "true"
shodan-query: http.html:"VMG1312-B10D"
tags: misconfig,unauth,zyxel,lfi
tags: misconfig,unauth,zyxel,lfi,msf
requests:
- raw: