From 6eb7489dd45f8294b2aa1ddfd3a5e08bbbe54fe2 Mon Sep 17 00:00:00 2001 From: Dhiyaneshwaran Date: Tue, 18 Jul 2023 13:05:20 +0530 Subject: [PATCH] added metadata --- http/cves/2020/CVE-2020-17463.yaml | 12 +++++++++--- 1 file changed, 9 insertions(+), 3 deletions(-) diff --git a/http/cves/2020/CVE-2020-17463.yaml b/http/cves/2020/CVE-2020-17463.yaml index 52135f8840..f74e18f64c 100644 --- a/http/cves/2020/CVE-2020-17463.yaml +++ b/http/cves/2020/CVE-2020-17463.yaml @@ -1,7 +1,7 @@ id: CVE-2020-17463 info: - name: FUEL CMS 1.4.7 - SQL Injection + name: Fuel CMS 1.4.7 - SQL Injection author: Thirukrishnan severity: high description: | @@ -9,13 +9,20 @@ info: remediation: Fixed in version 115 reference: - https://www.exploit-db.com/exploits/48741 + - https://nvd.nist.gov/vuln/detail/CVE-2020-17463 + - http://packetstormsecurity.com/files/158840/Fuel-CMS-1.4.7-SQL-Injection.html + - https://getfuelcms.com/ classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N + cvss-score: 9.8 cve-id: CVE-2020-17463 + cwe-id: CWE-89 + cpe: cpe:2.3:a:thedaylightstudio:fuel_cms:1.4.7:*:*:*:*:*:*:* metadata: max-request: 3 verified: true shodan-query: http.title:"fuel cms" - tags: cve,cve2020,sqli,fuel-cms + tags: cve,cve2020,sqli,fuel-cms,kev http: - raw: @@ -38,7 +45,6 @@ http: X-Requested-With: XMLHttpRequest Referer: {{RootURL}} - payloads: username: - admin