diff --git a/cves/2021/CVE-2021-26295.yaml b/cves/2021/CVE-2021-26295.yaml index ab08b76304..fa1a549e53 100644 --- a/cves/2021/CVE-2021-26295.yaml +++ b/cves/2021/CVE-2021-26295.yaml @@ -9,15 +9,13 @@ info: - https://github.com/yumusb/CVE-2021-26295-POC - https://lists.apache.org/thread.html/r3c1802eaf34aa78a61b4e8e044c214bc94accbd28a11f3a276586a31%40%3Cuser.ofbiz.apache.org%3E - https://lists.apache.org/thread.html/r6e4579c4ebf7efeb462962e359501c6ca4045687f12212551df2d607@%3Cnotifications.ofbiz.apache.org%3E - -# Note:- This is detection template, To perform deserializes do as below -# java.exe -jar .\ysoserial-master-d367e379d9-1.jar URLDNS http://t53lq9.dnslog.cn/ > mad.ot -# `cat mad.ot | hex` and replace in along with the url in std-String value classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-score: 9.80 cve-id: CVE-2021-26295 cwe-id: CWE-502 + additional-fields: + ysoserial-payload: 'java -jar ysoserial-master-d367e379d9-1.jar URLDNS http://t53lq9.dnslog.cn | hex' requests: - raw: diff --git a/vulnerabilities/oscommerce/oscommerce-rce.yaml b/vulnerabilities/oscommerce/oscommerce-rce.yaml index 5f888337fc..f359c42b11 100644 --- a/vulnerabilities/oscommerce/oscommerce-rce.yaml +++ b/vulnerabilities/oscommerce/oscommerce-rce.yaml @@ -3,7 +3,7 @@ id: oscommerce-rce info: author: Suman_Kar name: osCommerce 2.3.4.1 - Remote Code Execution - description: Exploiting the install.php finish process by injecting php payload into the db_database parameter & read the system command output from configure.php + description: A vulnerability in osCommerce's install.php allows remote unauthenticated attackers to injecting PHP code into the db_database parameter, and subsequently use the configure.php page to to read the command's executed output reference: https://www.exploit-db.com/exploits/50128 severity: high tags: rce,oscommerce diff --git a/vulnerabilities/wordpress/wp-church-admin-xss.yaml b/vulnerabilities/wordpress/wp-church-admin-xss.yaml index f5c5957b97..089b607075 100644 --- a/vulnerabilities/wordpress/wp-church-admin-xss.yaml +++ b/vulnerabilities/wordpress/wp-church-admin-xss.yaml @@ -4,7 +4,7 @@ info: name: WordPress Plugin church_admin - 'id' Reflected Cross-Site Scripting (XSS) author: daffainfo severity: medium - reference: https://www.securityfocus.com/bid/54329/info + reference: https://packetstormsecurity.com/files/132034/WordPress-Church-Admin-0.800-Cross-Site-Scripting.html tags: wordpress,xss,wp-plugin requests: diff --git a/vulnerabilities/wordpress/wp-custom-tables-xss.yaml b/vulnerabilities/wordpress/wp-custom-tables-xss.yaml index c0918d72c5..958241da6b 100644 --- a/vulnerabilities/wordpress/wp-custom-tables-xss.yaml +++ b/vulnerabilities/wordpress/wp-custom-tables-xss.yaml @@ -5,7 +5,7 @@ info: author: daffainfo severity: medium description: WordPress custom tables Plugin 'key' Parameter Cross Site Scripting Vulnerability - reference: https://www.securityfocus.com/bid/54326/info + reference: https://wpscan.com/vulnerability/211a4286-4747-4b62-acc3-fd9a57b06252 tags: wordpress,xss,wp-plugin requests: diff --git a/vulnerabilities/wordpress/wp-finder-xss.yaml b/vulnerabilities/wordpress/wp-finder-xss.yaml index 1bbd46235e..d9dd3851bf 100644 --- a/vulnerabilities/wordpress/wp-finder-xss.yaml +++ b/vulnerabilities/wordpress/wp-finder-xss.yaml @@ -4,7 +4,7 @@ info: name: WordPress Plugin Finder - 'order' Reflected Cross-Site Scripting (XSS) author: daffainfo severity: medium - reference: https://www.securityfocus.com/bid/55217/info + reference: https://packetstormsecurity.com/files/115902/WordPress-Finder-Cross-Site-Scripting.html tags: wordpress,xss,wp-plugin requests: diff --git a/vulnerabilities/wordpress/wp-multiple-theme-ssrf.yaml b/vulnerabilities/wordpress/wp-multiple-theme-ssrf.yaml index 7075c485bf..4fe1fb2f7a 100644 --- a/vulnerabilities/wordpress/wp-multiple-theme-ssrf.yaml +++ b/vulnerabilities/wordpress/wp-multiple-theme-ssrf.yaml @@ -5,6 +5,9 @@ info: author: madrobot severity: high tags: wordpress,rce,ssrf + reference: + - https://www.exploit-db.com/exploits/49327 + - https://wpscan.com/vulnerability/10417 requests: - raw: diff --git a/vulnerabilities/wordpress/wp-super-forms.yaml b/vulnerabilities/wordpress/wp-super-forms.yaml index 7b1c01e7ad..1d3a407ad9 100644 --- a/vulnerabilities/wordpress/wp-super-forms.yaml +++ b/vulnerabilities/wordpress/wp-super-forms.yaml @@ -1,6 +1,6 @@ id: wordpress-super-forms info: - name: WordPress super-forms + name: WordPress super-forms Plugin Directory Listing author: pussycat0x severity: low description: Searches for sensitive directories present in the wordpress-plugins plugin.