daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into pr/2635

patch-1
sandeep 2021-09-12 17:22:01 +05:30
parent f0a500cf97 34b89610c9
commit 4ae55349a8
7 changed files with 10 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
cves/2021/CVE-2021-26295.yaml
View File

@ -9,15 +9,13 @@ info:
- https://github.com/yumusb/CVE-2021-26295-POC
- https://lists.apache.org/thread.html/r3c1802eaf34aa78a61b4e8e044c214bc94accbd28a11f3a276586a31%40%3Cuser.ofbiz.apache.org%3E
- https://lists.apache.org/thread.html/r6e4579c4ebf7efeb462962e359501c6ca4045687f12212551df2d607@%3Cnotifications.ofbiz.apache.org%3E
# Note:- This is detection template, To perform deserializes do as below
# java.exe -jar .\ysoserial-master-d367e379d9-1.jar URLDNS http://t53lq9.dnslog.cn/ > mad.ot
# `cat mad.ot | hex` and replace in <cus-obj> along with the url in std-String value
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.80
cve-id: CVE-2021-26295
cwe-id: CWE-502
additional-fields:
ysoserial-payload: 'java -jar ysoserial-master-d367e379d9-1.jar URLDNS http://t53lq9.dnslog.cn | hex'
requests:
- raw:

2
vulnerabilities/oscommerce/oscommerce-rce.yaml
View File

@ -3,7 +3,7 @@ id: oscommerce-rce
info:
author: Suman_Kar
name: osCommerce 2.3.4.1 - Remote Code Execution
description: Exploiting the install.php finish process by injecting php payload into the db_database parameter & read the system command output from configure.php
description: A vulnerability in osCommerce's install.php allows remote unauthenticated attackers to injecting PHP code into the db_database parameter, and subsequently use the configure.php page to to read the command's executed output
reference: https://www.exploit-db.com/exploits/50128
severity: high
tags: rce,oscommerce

2
vulnerabilities/wordpress/wp-church-admin-xss.yaml
View File

@ -4,7 +4,7 @@ info:
name: WordPress Plugin church_admin - 'id' Reflected Cross-Site Scripting (XSS)
author: daffainfo
severity: medium
reference: https://www.securityfocus.com/bid/54329/info
reference: https://packetstormsecurity.com/files/132034/WordPress-Church-Admin-0.800-Cross-Site-Scripting.html
tags: wordpress,xss,wp-plugin
requests:

2
vulnerabilities/wordpress/wp-custom-tables-xss.yaml
View File

@ -5,7 +5,7 @@ info:
author: daffainfo
severity: medium
description: WordPress custom tables Plugin 'key' Parameter Cross Site Scripting Vulnerability
reference: https://www.securityfocus.com/bid/54326/info
reference: https://wpscan.com/vulnerability/211a4286-4747-4b62-acc3-fd9a57b06252
tags: wordpress,xss,wp-plugin
requests:

2
vulnerabilities/wordpress/wp-finder-xss.yaml
View File

@ -4,7 +4,7 @@ info:
name: WordPress Plugin Finder - 'order' Reflected Cross-Site Scripting (XSS)
author: daffainfo
severity: medium
reference: https://www.securityfocus.com/bid/55217/info
reference: https://packetstormsecurity.com/files/115902/WordPress-Finder-Cross-Site-Scripting.html
tags: wordpress,xss,wp-plugin
requests:

3
vulnerabilities/wordpress/wp-multiple-theme-ssrf.yaml
View File

@ -5,6 +5,9 @@ info:
author: madrobot
severity: high
tags: wordpress,rce,ssrf
reference:
- https://www.exploit-db.com/exploits/49327
- https://wpscan.com/vulnerability/10417
requests:
- raw:

2
vulnerabilities/wordpress/wp-super-forms.yaml
View File

@ -1,6 +1,6 @@
id: wordpress-super-forms
info:
name: WordPress super-forms
name: WordPress super-forms Plugin Directory Listing
author: pussycat0x
severity: low
description: Searches for sensitive directories present in the wordpress-plugins plugin.