daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Spacing issues

patch-1
sullo 2022-05-13 16:20:32 -04:00
parent f182d7bcb8
commit 7e13db1d67
4 changed files with 5 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cves/2017/CVE-2017-15363.yaml
View File

@ -1,7 +1,7 @@
id: CVE-2017-15363
info:
name: TYPO3 Restler - Arbitrary File Retrieval
name: TYPO3 Restler - Arbitrary File Retrieval
author: 0x_Akoko
severity: high
description: Directory traversal vulnerability in public/examples/resources/getsource.php in Luracast Restler through 3.0.0, as used in the restler extension before 1.7.1 for TYPO3, allows remote attackers to read arbitrary files via the file parameter.

3
cves/2018/CVE-2018-2894.yaml
View File

@ -4,7 +4,8 @@ info:
name: Oracle WebLogic Server - Remote Code Execution
author: geeknik,pdteam
severity: critical
description: The Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services) is susceptible to a remote code execution vulnerability that is easily exploitable and could allow unauthenticated attackers with network access via HTTP to compromise the server. Supported versions that are affected are 12.1.3.0, 12.2.1.2 and 12.2.1.3.
description: |
The Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: WLS - Web Services) is susceptible to a remote code execution vulnerability that is easily exploitable and could allow unauthenticated attackers with network access via HTTP to compromise the server. Supported versions that are affected are 12.1.3.0, 12.2.1.2 and 12.2.1.3.
reference:
- https://blog.detectify.com/2018/11/14/technical-explanation-of-cve-2018-2894-oracle-weblogic-rce/
- https://github.com/vulhub/vulhub/tree/fda47b97c7d2809660a4471539cd0e6dbf8fac8c/weblogic/CVE-2018-2894

2
vulnerabilities/other/microstrategy-ssrf.yaml
View File

@ -1,7 +1,7 @@
id: microstrategy-ssrf
info:
name: MicroStrategy tinyurl - Server-Side Reqeust Forgery (Blind)
name: MicroStrategy tinyurl - Server-Side Request Forgery (Blind)
author: organiccrap
severity: high
description: Blind server-side (SSRF) request forgery vulnerability on MicroStrategy URL shortener.

2
vulnerabilities/wordpress/wordpress-zebra-form-xss.yaml
View File

@ -1,7 +1,7 @@
id: wordpress-zebra-form-xss
info:
name: Wordpress Zebra Form - Cross-Site Scripting
name: Wordpress Zebra Form - Cross-Site Scripting
author: madrobot
severity: medium
reference: