daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update CVE-2022-29272.yaml

patch-1
Prince Chaddha 2022-08-21 14:20:07 +05:30 committed by GitHub
parent da868c0fb3
commit 8042eb160b
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
cves/2022/CVE-2022-29272.yaml
View File

@ -11,20 +11,18 @@ info:
- https://nvd.nist.gov/vuln/detail/CVE-2022-29272
classification:
cve-id: CVE-2022-29272
tags: cve,cve2022,redirect,nagios
tags: cve,cve2022,redirect,nagios,nagiosxi
requests:
- raw:
- |
GET /nagiosxi/login.php?redirect=/www.interact.sh HTTP/1.1
Host: {{Hostname}}
Cookie: nagiosxi=cvdde3p1b9gtr27pigi8l4fsb5
- |
POST /nagiosxi/login.php HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
Cookie: nagiosxi=cvdde3p1b9gtr27pigi8l4fsb5
nsp={{nsp_token}}&page=auth&debug=&pageopt=login&redirect=%2Fwww.interact.sh&username={{username}}&password={{password}}&loginButton=Login
@ -41,7 +39,7 @@ requests:
part: body
name: nsp_token
group: 1
internal: true
regex:
- '<input type="hidden" name="nsp" value="(.*)">'
- "<input type='hidden' name='nsp' value='(.*)'>"
internal: true