daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Description and reference

patch-1
Noam Rathaus 2021-04-22 11:59:05 +03:00
parent 039ddb4fa2
commit 4c048c4de1
6 changed files with 15 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
cves/2005/CVE-2005-2428.yaml
View File

@ -4,6 +4,10 @@ info:
author: CasperGN
severity: medium
tags: cve,cve2005
description: Lotus Domino R5 and R6 WebMail, with "Generate HTML for all fields" enabled, stores sensitive data from names.nsf in hidden form fields, which allows remote attackers to read the HTML source to obtain sensitive information such as (1) the password hash in the HTTPPassword field, (2) the password change date in the HTTPPasswordChangeDate field, (3) the client platform in the ClntPltfrm field, (4) the client machine name in the ClntMachine field, and (5) the client Lotus Domino release in the ClntBld field, a different vulnerability than CVE-2005-2696.
reference: |
- http://www.cybsec.com/vuln/default_configuration_information_disclosure_lotus_domino.pdf
- https://www.exploit-db.com/exploits/39495
requests:
- method: GET

1
cves/2007/CVE-2007-4556.yaml
View File

@ -4,6 +4,7 @@ info:
name: Apache Struts2 S2-001 RCE
author: pikpikcu
severity: critical
description: Struts support in OpenSymphony XWork before 1.2.3, and 2.x before 2.0.4, as used in WebWork and Apache Struts, recursively evaluates all input as an Object-Graph Navigation Language (OGNL) expression when altSyntax is enabled, which allows remote attackers to cause a denial of service (infinite loop) or execute arbitrary code via form input beginning with a "%{" sequence and ending with a "}" character.
reference: https://www.guildhab.top/?p=2326
tags: cve,cve2007,apache,rce,struts

2
cves/2008/CVE-2008-2398.yaml
View File

@ -4,6 +4,8 @@ info:
name: AppServ Open Project 2.5.10 and earlier XSS
author: unstabl3
severity: medium
description: Cross-site scripting (XSS) vulnerability in index.php in AppServ Open Project 2.5.10 and earlier allows remote attackers to inject arbitrary web script or HTML via the appservlang parameter.
reference: https://exchange.xforce.ibmcloud.com/vulnerabilities/42546
tags: cve,cve2008,xss
requests:

2
cves/2008/CVE-2008-2650.yaml
View File

@ -3,6 +3,8 @@ info:
name: CMSimple 3.1 - Local File Inclusion
author: pussycat0x
severity: high
description: |
Directory traversal vulnerability in cmsimple/cms.php in CMSimple 3.1, when register_globals is enabled, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the sl parameter to index.php. NOTE: this can be leveraged for remote file execution by including adm.php and then invoking the upload action. NOTE: on 20080601, the vendor patched 3.1 without changing the version number.
reference: https://www.exploit-db.com/exploits/5700
tags: cve,cve2008,lfi
requests:

5
cves/2010/CVE-2010-2861.yaml
View File

@ -4,7 +4,10 @@ info:
name: Adobe ColdFusion 8.0/8.0.1/9.0/9.0.1 LFI
author: pikpikcu
severity: high
reference: https://github.com/vulhub/vulhub/tree/master/coldfusion/CVE-2010-2861
description: Multiple directory traversal vulnerabilities in the administrator console in Adobe ColdFusion 9.0.1 and earlier allow remote attackers to read arbitrary files via the locale parameter to (1) CFIDE/administrator/settings/mappings.cfm, (2) logging/settings.cfm, (3) datasources/index.cfm, (4) j2eepackaging/editarchive.cfm, and (5) enter.cfm in CFIDE/administrator/.
reference: |
- https://github.com/vulhub/vulhub/tree/master/coldfusion/CVE-2010-2861
- http://www.adobe.com/support/security/bulletins/apsb10-18.html
tags: cve,cve2010,coldfusion,lfi
requests:

3
cves/2011/CVE-2011-0049.yaml
View File

@ -4,10 +4,11 @@ info:
name: Majordomo2 - SMTP/HTTP Directory Traversal
author: pikpikcu
severity: high
description: Directory traversal vulnerability in the _list_file_get function in lib/Majordomo.pm in Majordomo 2 before 20110131 allows remote attackers to read arbitrary files via .. (dot dot) sequences in the help command, as demonstrated using (1) a crafted email and (2) cgi-bin/mj_wwwusr in the web interface.
reference: |
- https://www.exploit-db.com/exploits/16103
- https://nvd.nist.gov/vuln/detail/CVE-2011-0063
- https://nvd.nist.gov/vuln/detail/CVE-2011-0049
- http://www.kb.cert.org/vuls/id/363726
tags: cve,cve2011,majordomo2,lfi
requests: