daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Metadata attribute update

patch-1
sandeep 2021-09-16 21:24:33 +05:30
parent 18ab41c89a
commit 676b51d20c
15 changed files with 19 additions and 21 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
cves/2019/CVE-2019-1010287.yaml
View File

@ -4,21 +4,21 @@ info:
name: Timesheet 1.5.3 - Cross Site Scripting name: Timesheet 1.5.3 - Cross Site Scripting
author: pikpikcu author: pikpikcu
severity: medium severity: medium
description: "Timesheet Next Gen 1.5.3 and earlier is affected by: Cross Site Scripting (XSS). The impact is: Allows an attacker to execute arbitrary HTML and JavaScript code via a \"redirect\" parameter. The component is: Web login form: login.php, lines 40 and 54. The attack vector is: reflected XSS, victim may click the malicious url."
reference: reference:
- https://nvd.nist.gov/vuln/detail/CVE-2019-1010287 - https://nvd.nist.gov/vuln/detail/CVE-2019-1010287
- http://www.mdh-tz.info/ # demo - http://www.mdh-tz.info/ # demo
tags: cve,cve2019,timesheet,xss tags: cve,cve2019,timesheet,xss
additional-fields:
google-dork: inurl:"/timesheet/login.php"
classification: classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.10 cvss-score: 6.10
cve-id: CVE-2019-1010287 cve-id: CVE-2019-1010287
cwe-id: CWE-79 cwe-id: CWE-79
description: "Timesheet Next Gen 1.5.3 and earlier is affected by: Cross Site Scripting (XSS). The impact is: Allows an attacker to execute arbitrary HTML and JavaScript code via a \"redirect\" parameter. The component is: Web login form: login.php, lines 40 and 54. The attack vector is: reflected XSS, victim may click the malicious url." metadata:
google-dork: inurl:"/timesheet/login.php"
requests: requests:
- raw: # Metod POST From login.php - raw:
- | - |
POST /timesheet/login.php HTTP/1.1 POST /timesheet/login.php HTTP/1.1
Host: {{Hostname}} Host: {{Hostname}}

4
cves/2019/CVE-2019-12593.yaml
View File

@ -11,13 +11,13 @@ info:
- https://nvd.nist.gov/vuln/detail/CVE-2019-12593 - https://nvd.nist.gov/vuln/detail/CVE-2019-12593
- http://www.icewarp.com # vendor homepage - http://www.icewarp.com # vendor homepage
- https://www.icewarp.com/downloads/trial/ # software link - https://www.icewarp.com/downloads/trial/ # software link
additional-fields:
google-dork: Powered By IceWarp 10.4.4
classification: classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.50 cvss-score: 7.50
cve-id: CVE-2019-12593 cve-id: CVE-2019-12593
cwe-id: CWE-22 cwe-id: CWE-22
metadata:
google-dork: Powered By IceWarp 10.4.4
requests: requests:
- method: GET - method: GET

4
cves/2020/CVE-2020-13167.yaml
View File

@ -9,13 +9,13 @@ info:
reference: reference:
- https://ssd-disclosure.com/ssd-advisory-netsweeper-preauth-rce/ - https://ssd-disclosure.com/ssd-advisory-netsweeper-preauth-rce/
- https://portswigger.net/daily-swig/severe-rce-vulnerability-in-content-filtering-system-has-been-patched-netsweeper-says - https://portswigger.net/daily-swig/severe-rce-vulnerability-in-content-filtering-system-has-been-patched-netsweeper-says
additional-fields:
hex-payload: 'echo "bm9uZXhpc3RlbnQ=" | base64 -d > /usr/local/netsweeper/webadmin/out'
classification: classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.80 cvss-score: 9.80
cve-id: CVE-2020-13167 cve-id: CVE-2020-13167
cwe-id: CWE-78 cwe-id: CWE-78
metadata:
hex-payload: 'echo "bm9uZXhpc3RlbnQ=" | base64 -d > /usr/local/netsweeper/webadmin/out'
requests: requests:
- method: GET - method: GET

2
cves/2020/CVE-2020-14864.yaml
View File

@ -8,8 +8,6 @@ info:
reference: reference:
- http://packetstormsecurity.com/files/159748/Oracle-Business-Intelligence-Enterprise-Edition-5.5.0.0.0-12.2.1.3.0-12.2.1.4.0-LFI.html - http://packetstormsecurity.com/files/159748/Oracle-Business-Intelligence-Enterprise-Edition-5.5.0.0.0-12.2.1.3.0-12.2.1.4.0-LFI.html
- https://www.oracle.com/security-alerts/cpuoct2020.html - https://www.oracle.com/security-alerts/cpuoct2020.html
additional-fields:
cvss: 'CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'
classification: classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.50 cvss-score: 7.50

2
cves/2021/CVE-2021-26295.yaml
View File

@ -14,7 +14,7 @@ info:
cvss-score: 9.80 cvss-score: 9.80
cve-id: CVE-2021-26295 cve-id: CVE-2021-26295
cwe-id: CWE-502 cwe-id: CWE-502
additional-fields: metadata:
ysoserial-payload: 'java -jar ysoserial-master-d367e379d9-1.jar URLDNS http://t53lq9.dnslog.cn | hex' ysoserial-payload: 'java -jar ysoserial-master-d367e379d9-1.jar URLDNS http://t53lq9.dnslog.cn | hex'
requests: requests:

2
default-logins/abb/cs141-default-login.yaml
View File

@ -6,7 +6,7 @@ info:
severity: medium severity: medium
reference: https://www.generex.de/media/pages/packages/documents/manuals/f65348d5b6-1628841637/manual_CS141_en.pdf reference: https://www.generex.de/media/pages/packages/documents/manuals/f65348d5b6-1628841637/manual_CS141_en.pdf
tags: hiawatha,iot,default-login tags: hiawatha,iot,default-login
additional-fields: metadata:
shodan-dork: https://www.shodan.io/search?query=html%3A%22CS141%22 shodan-dork: https://www.shodan.io/search?query=html%3A%22CS141%22
requests: requests:

2
dns/elasticbeantalk-takeover.yaml
View File

@ -9,7 +9,7 @@ info:
- https://twitter.com/payloadartist/status/1362035009863880711 - https://twitter.com/payloadartist/status/1362035009863880711
- https://www.youtube.com/watch?v=srKIqhj_ki8 - https://www.youtube.com/watch?v=srKIqhj_ki8
tags: dns,takeover,aws tags: dns,takeover,aws
additional-fields: metadata:
comments: | comments: |
Only CNAMEs with region specification are hijackable. Only CNAMEs with region specification are hijackable.
You need to claim the CNAME in AWS portal (https://aws.amazon.com/) or via AWS CLI to confirm the takeover. You need to claim the CNAME in AWS portal (https://aws.amazon.com/) or via AWS CLI to confirm the takeover.

2
technologies/abyss-web-server.yaml
View File

@ -5,7 +5,7 @@ info:
author: pussycat0x author: pussycat0x
severity: info severity: info
tags: tech tags: tech
additional-fields: metadata:
fofa-dork: 'app="Abyss-Web-Server"' fofa-dork: 'app="Abyss-Web-Server"'
requests: requests:

2
technologies/iplanet-web-server.yaml
View File

@ -5,7 +5,7 @@ info:
author: pussycat0x author: pussycat0x
severity: info severity: info
tags: tech tags: tech
additional-fields: metadata:
fofa-dork: 'app="iPlanet-Web-Server,-Enterprise-Edition-4.1"' fofa-dork: 'app="iPlanet-Web-Server,-Enterprise-Edition-4.1"'
requests: requests:

2
technologies/kubernetes/kubernetes-enterprise-manager.yaml
View File

@ -5,7 +5,7 @@ info:
author: pussycat0x author: pussycat0x
severity: info severity: info
tags: tech,kubernetes tags: tech,kubernetes
additional-fields: metadata:
fofa-dork: 'app="Kubernetes-Enterprise-Manager"' fofa-dork: 'app="Kubernetes-Enterprise-Manager"'
requests: requests:

2
technologies/kubernetes/kubernetes-mirantis.yaml
View File

@ -5,7 +5,7 @@ info:
author: pussycat0x author: pussycat0x
severity: info severity: info
tags: tech,kubernetes tags: tech,kubernetes
additional-fields: metadata:
fofa-dork: 'app="Mirantis-Kubernetes-Engine"' fofa-dork: 'app="Mirantis-Kubernetes-Engine"'
requests: requests:

2
technologies/oracle/oracle-iplanet-web-server.yaml
View File

@ -5,7 +5,7 @@ info:
author: pussycat0x author: pussycat0x
severity: info severity: info
tags: tech,oracle tags: tech,oracle
additional-fields: metadata:
fofa-dork: 'app="Oracle-iPlanet-Web-Server' fofa-dork: 'app="Oracle-iPlanet-Web-Server'
requests: requests:

2
vulnerabilities/generic/top-xss-params.yaml
View File

@ -6,7 +6,7 @@ info:
severity: medium severity: medium
description: Searches for reflected XSS in the server response via GET-requests. description: Searches for reflected XSS in the server response via GET-requests.
tags: xss,generic tags: xss,generic
additional-fields: metadata:
parameters: q,s,search,id,action,keyword,query,page,keywords,url,view,cat,name,key,p parameters: q,s,search,id,action,keyword,query,page,keywords,url,view,cat,name,key,p
requests: requests:

2
vulnerabilities/other/bullwark-momentum-lfi.yaml
View File

@ -8,7 +8,7 @@ info:
- https://www.exploit-db.com/exploits/47773 - https://www.exploit-db.com/exploits/47773
- http://www.bullwark.net/ # vendor homepage - http://www.bullwark.net/ # vendor homepage
- http://www.bullwark.net/Kategoriler.aspx?KategoriID=24 # software link - http://www.bullwark.net/Kategoriler.aspx?KategoriID=24 # software link
additional-fields: metadata:
version: Bullwark Momentum Series Web Server JAWS/1.0 version: Bullwark Momentum Series Web Server JAWS/1.0
shodan-dork: https://www.shodan.io/search?query=Bullwark&page=1 shodan-dork: https://www.shodan.io/search?query=Bullwark&page=1
fofa-dork: https://fofa.so/result?q=Bullwark&qbase64=QnVsbHdhcms%3D fofa-dork: https://fofa.so/result?q=Bullwark&qbase64=QnVsbHdhcms%3D

2
vulnerabilities/other/sick-beard-xss.yaml
View File

@ -8,7 +8,7 @@ info:
reference: reference:
- https://sickbeard.com/ # vendor homepage - https://sickbeard.com/ # vendor homepage
- https://github.com/midgetspy/Sick-Beard # software link - https://github.com/midgetspy/Sick-Beard # software link
additional-fields: metadata:
shodan-dork: sickbeard shodan-dork: sickbeard
requests: requests: