daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

TemplateMan Update [Mon Nov 6 11:39:46 UTC 2023] 🤖

patch-1
GitHub Action 2023-11-06 11:39:46 +00:00
parent d0091b3b42
commit 88c866b96c
32 changed files with 41 additions and 34 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
http/cves/2017/CVE-2017-5631.yaml
View File

@ -45,4 +45,5 @@ http:
- type: status
status:
- 200
# digest: 4a0a0047304502203997d56dfe7d1edadde8baa626180206e02b2f8e2afcbd1da4d2425d70b134ed022100d6db0a23c30c9a9c38ae811500b5b7a72b169b04f33727c6c41bd4b576163f2a:922c64590222798bb761d5b6d8e72950
# digest: 4a0a0047304502203997d56dfe7d1edadde8baa626180206e02b2f8e2afcbd1da4d2425d70b134ed022100d6db0a23c30c9a9c38ae811500b5b7a72b169b04f33727c6c41bd4b576163f2a:922c64590222798bb761d5b6d8e72950

2
http/cves/2017/CVE-2017-7925.yaml
View File

@ -16,7 +16,7 @@ info:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2017-7925
cwe-id: CWE-260,CWE-522
cwe-id: CWE-522,CWE-260
epss-score: 0.35031
epss-percentile: 0.96648
cpe: cpe:2.3:o:dahuasecurity:dh-ipc-hdbw23a0rn-zs_firmware:-:*:*:*:*:*:*:*

3
http/cves/2019/CVE-2019-1898.yaml
View File

@ -42,4 +42,5 @@ http:
- 'contains(to_lower(body), "ethernet") && contains(to_lower(body), "connection")'
- 'contains(header, "application/octet-stream")'
condition: and
# digest: 490a0046304402206203e7b412ce7d54b3078255c6d38044396b9259063c8cd8a830b74ea270ab21022025f8b568a55775b825e4b6d76726b4362f404b04eb638315c33b1fdab27e62ad:922c64590222798bb761d5b6d8e72950
# digest: 490a0046304402206203e7b412ce7d54b3078255c6d38044396b9259063c8cd8a830b74ea270ab21022025f8b568a55775b825e4b6d76726b4362f404b04eb638315c33b1fdab27e62ad:922c64590222798bb761d5b6d8e72950

2
http/cves/2019/CVE-2019-3929.yaml
View File

@ -17,7 +17,7 @@ info:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2019-3929
cwe-id: CWE-78,CWE-79
cwe-id: CWE-79,CWE-78
epss-score: 0.97419
epss-percentile: 0.99908
cpe: cpe:2.3:o:crestron:am-100_firmware:1.6.0.2:*:*:*:*:*:*:*

3
http/cves/2020/CVE-2020-26919.yaml
View File

@ -39,4 +39,5 @@ http:
part: interactsh_protocol # Confirms the HTTP Interaction
words:
- "http"
# digest: 4a0a00473045022100bb9a095aafca3db46dc1d0359e46b013cd6c3fa46fbc66738ddeb8f213b12aa3022031b63bf4677f5ab53e0b92949b4b67e8cf455969f7fb58eb510046fbc8dd1aa4:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100bb9a095aafca3db46dc1d0359e46b013cd6c3fa46fbc66738ddeb8f213b12aa3022031b63bf4677f5ab53e0b92949b4b67e8cf455969f7fb58eb510046fbc8dd1aa4:922c64590222798bb761d5b6d8e72950

2
http/cves/2020/CVE-2020-3452.yaml
View File

@ -20,7 +20,7 @@ info:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cve-id: CVE-2020-3452
cwe-id: CWE-20,CWE-22
cwe-id: CWE-22,CWE-20
epss-score: 0.97541
epss-percentile: 0.99992
cpe: cpe:2.3:o:cisco:adaptive_security_appliance_software:*:*:*:*:*:*:*:*

2
http/cves/2020/CVE-2020-5284.yaml
View File

@ -14,7 +14,7 @@ info:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
cvss-score: 4.3
cve-id: CVE-2020-5284
cwe-id: CWE-23,CWE-22
cwe-id: CWE-22,CWE-23
epss-score: 0.00152
epss-percentile: 0.51328
cpe: cpe:2.3:a:zeit:next.js:*:*:*:*:*:*:*:*

2
http/cves/2020/CVE-2020-5410.yaml
View File

@ -14,7 +14,7 @@ info:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cve-id: CVE-2020-5410
cwe-id: CWE-23,CWE-22
cwe-id: CWE-22,CWE-23
epss-score: 0.96802
epss-percentile: 0.99567
cpe: cpe:2.3:a:vmware:spring_cloud_config:*:*:*:*:*:*:*:*

2
http/cves/2021/CVE-2021-1472.yaml
View File

@ -18,7 +18,7 @@ info:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2021-1472
cwe-id: CWE-119,CWE-287
cwe-id: CWE-287,CWE-119
epss-score: 0.97318
epss-percentile: 0.99841
cpe: cpe:2.3:o:cisco:rv160_firmware:*:*:*:*:*:*:*:*

2
http/cves/2021/CVE-2021-24215.yaml
View File

@ -16,7 +16,7 @@ info:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2021-24215
cwe-id: CWE-425,CWE-284
cwe-id: CWE-284,CWE-425
epss-score: 0.07303
epss-percentile: 0.93336
cpe: cpe:2.3:a:wpruby:controlled_admin_access:*:*:*:*:*:wordpress:*:*

3
http/cves/2021/CVE-2021-24387.yaml
View File

@ -49,4 +49,5 @@ http:
- type: status
status:
- 200
# digest: 4b0a00483046022100c1a737bfc09e589e8ad249182c83dc7988b2c39028847a47fe3de1a86ef49b82022100e71cb2b2a75ca486014950f2308ed290da2eee4ea5ab2d97343edde519778886:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100c1a737bfc09e589e8ad249182c83dc7988b2c39028847a47fe3de1a86ef49b82022100e71cb2b2a75ca486014950f2308ed290da2eee4ea5ab2d97343edde519778886:922c64590222798bb761d5b6d8e72950

2
http/cves/2021/CVE-2021-24947.yaml
View File

@ -14,7 +14,7 @@ info:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
cvss-score: 6.5
cve-id: CVE-2021-24947
cwe-id: CWE-352,CWE-863
cwe-id: CWE-863,CWE-352
epss-score: 0.00291
epss-percentile: 0.65701
cpe: cpe:2.3:a:thinkupthemes:responsive_vector_maps:*:*:*:*:*:wordpress:*:*

2
http/cves/2021/CVE-2021-25003.yaml
View File

@ -16,7 +16,7 @@ info:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2021-25003
cwe-id: CWE-94,CWE-434
cwe-id: CWE-434,CWE-94
epss-score: 0.5392
epss-percentile: 0.97246
cpe: cpe:2.3:a:wptaskforce:wpcargo_track_\&_trace:*:*:*:*:*:wordpress:*:*

2
http/cves/2021/CVE-2021-37704.yaml
View File

@ -17,7 +17,7 @@ info:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
cvss-score: 4.3
cve-id: CVE-2021-37704
cwe-id: CWE-668,CWE-200
cwe-id: CWE-200,CWE-668
epss-score: 0.00283
epss-percentile: 0.65132
cpe: cpe:2.3:a:phpfastcache:phpfastcache:*:*:*:*:*:*:*:*

2
http/cves/2021/CVE-2021-38314.yaml
View File

@ -16,7 +16,7 @@ info:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cvss-score: 5.3
cve-id: CVE-2021-38314
cwe-id: CWE-200,CWE-916
cwe-id: CWE-916,CWE-200
epss-score: 0.00153
epss-percentile: 0.51508
cpe: cpe:2.3:a:redux:gutenberg_template_library_\&_redux_framework:*:*:*:*:*:wordpress:*:*

2
http/cves/2021/CVE-2021-38540.yaml
View File

@ -14,7 +14,7 @@ info:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2021-38540
cwe-id: CWE-269,CWE-306
cwe-id: CWE-306,CWE-269
epss-score: 0.00588
epss-percentile: 0.75904
cpe: cpe:2.3:a:apache:airflow:*:*:*:*:*:*:*:*

2
http/cves/2021/CVE-2021-39327.yaml
View File

@ -17,7 +17,7 @@ info:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cvss-score: 5.3
cve-id: CVE-2021-39327
cwe-id: CWE-200,CWE-459
cwe-id: CWE-459,CWE-200
epss-score: 0.1118
epss-percentile: 0.94563
cpe: cpe:2.3:a:ait-pro:bulletproof_security:*:*:*:*:*:wordpress:*:*

2
http/cves/2021/CVE-2021-44228.yaml
View File

@ -17,7 +17,7 @@ info:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
cvss-score: 10
cve-id: CVE-2021-44228
cwe-id: CWE-917,CWE-20
cwe-id: CWE-20,CWE-917
epss-score: 0.97453
epss-percentile: 0.99942
cpe: cpe:2.3:a:apache:log4j:*:*:*:*:*:*:*:*

2
http/cves/2022/CVE-2022-0415.yaml
View File

@ -15,7 +15,7 @@ info:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
cvss-score: 8.8
cve-id: CVE-2022-0415
cwe-id: CWE-434,CWE-20
cwe-id: CWE-20,CWE-434
epss-score: 0.1488
epss-percentile: 0.95198
cpe: cpe:2.3:a:gogs:gogs:*:*:*:*:*:*:*:*

3
http/cves/2022/CVE-2022-1013.yaml
View File

@ -45,4 +45,5 @@ http:
- 'contains(content_type, "text/html")'
- 'contains(body, "\"status\":true,")'
condition: and
# digest: 4a0a00473045022053b88187b102d5b5140ddc0595a3c3fd560804dd453144886aed6ad86ff6af4c022100c43e0d71fa53f6f4e8fc2b1e3f039f414cd3f7235c5f32ca03c18f2031d024e7:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022053b88187b102d5b5140ddc0595a3c3fd560804dd453144886aed6ad86ff6af4c022100c43e0d71fa53f6f4e8fc2b1e3f039f414cd3f7235c5f32ca03c18f2031d024e7:922c64590222798bb761d5b6d8e72950

2
http/cves/2022/CVE-2022-22947.yaml
View File

@ -17,7 +17,7 @@ info:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
cvss-score: 10
cve-id: CVE-2022-22947
cwe-id: CWE-94,CWE-917
cwe-id: CWE-917,CWE-94
epss-score: 0.97481
epss-percentile: 0.99964
cpe: cpe:2.3:a:vmware:spring_cloud_gateway:*:*:*:*:*:*:*:*

2
http/cves/2022/CVE-2022-23944.yaml
View File

@ -16,7 +16,7 @@ info:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
cvss-score: 9.1
cve-id: CVE-2022-23944
cwe-id: CWE-306,CWE-862
cwe-id: CWE-862,CWE-306
epss-score: 0.71433
epss-percentile: 0.97714
cpe: cpe:2.3:a:apache:shenyu:2.4.0:*:*:*:*:*:*:*

2
http/cves/2022/CVE-2022-3800.yaml
View File

@ -16,7 +16,7 @@ info:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
cvss-score: 8.8
cve-id: CVE-2022-3800
cwe-id: CWE-707,CWE-89
cwe-id: CWE-89,CWE-707
epss-score: 0.04344
epss-percentile: 0.91381
cpe: cpe:2.3:a:ibax:go-ibax:-:*:*:*:*:*:*:*

2
http/cves/2022/CVE-2022-43769.yaml
View File

@ -15,7 +15,7 @@ info:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
cvss-score: 7.2
cve-id: CVE-2022-43769
cwe-id: CWE-74,CWE-94
cwe-id: CWE-94,CWE-74
epss-score: 0.27754
epss-percentile: 0.96283
cpe: cpe:2.3:a:hitachi:vantara_pentaho_business_analytics_server:*:*:*:*:*:*:*:*

2
http/cves/2022/CVE-2022-46169.yaml
View File

@ -18,7 +18,7 @@ info:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2022-46169
cwe-id: CWE-74,CWE-78
cwe-id: CWE-78,CWE-74
epss-score: 0.96583
epss-percentile: 0.99486
cpe: cpe:2.3:a:cacti:cacti:*:*:*:*:*:*:*:*

2
http/cves/2023/CVE-2023-1177.yaml
View File

@ -18,7 +18,7 @@ info:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2023-1177
cwe-id: CWE-29,CWE-22
cwe-id: CWE-22,CWE-29
epss-score: 0.01985
epss-percentile: 0.87552
cpe: cpe:2.3:a:lfprojects:mlflow:*:*:*:*:*:*:*:*

3
http/cves/2023/CVE-2023-27587.yaml
View File

@ -60,4 +60,5 @@ http:
- type: status
status:
- 500
# digest: 490a0046304402202f899a4c1c7e6b3123565e93f31a8bdba718060b4fad0f4920043a162d1aeec502205979319193559bdc9ef7f6d0afc4070363a1065ea56aa775b7ab69a11f32de3b:922c64590222798bb761d5b6d8e72950
# digest: 490a0046304402202f899a4c1c7e6b3123565e93f31a8bdba718060b4fad0f4920043a162d1aeec502205979319193559bdc9ef7f6d0afc4070363a1065ea56aa775b7ab69a11f32de3b:922c64590222798bb761d5b6d8e72950

2
http/cves/2023/CVE-2023-30943.yaml
View File

@ -16,7 +16,7 @@ info:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
cvss-score: 5.3
cve-id: CVE-2023-30943
cwe-id: CWE-73,CWE-610
cwe-id: CWE-610,CWE-73
epss-score: 0.01461
epss-percentile: 0.85309
cpe: cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*

2
http/cves/2023/CVE-2023-34124.yaml
View File

@ -18,7 +18,7 @@ info:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2023-34124
cwe-id: CWE-305,CWE-287
cwe-id: CWE-287,CWE-305
epss-score: 0.01627
epss-percentile: 0.86129
cpe: cpe:2.3:a:sonicwall:analytics:*:*:*:*:*:*:*:*

3
http/cves/2023/CVE-2023-39598.yaml
View File

@ -47,4 +47,5 @@ http:
- type: status
status:
- 200
# digest: 4a0a00473045022100b28561b3d599735c1e0840be2b5793e43b32a0c5623ed58e390dbee06fe8bcaf0220432a6257ccba0effeec3b001d258650f9cf5815d90eb8ff9f8c31f56c146c3b4:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022100b28561b3d599735c1e0840be2b5793e43b32a0c5623ed58e390dbee06fe8bcaf0220432a6257ccba0effeec3b001d258650f9cf5815d90eb8ff9f8c31f56c146c3b4:922c64590222798bb761d5b6d8e72950

3
http/misconfiguration/manage-engine-ad-search.yaml
View File

@ -34,4 +34,5 @@ http:
- type: status
status:
- 200
# digest: 4a0a00473045022074265f61eea8f5d170a6a71de9470b85fa69ad269f080759c9b2b4237f05dc72022100af312aa6397b9b68a20b5c312e0bc870cfb6b57ee9fd193396ef950da766261b:922c64590222798bb761d5b6d8e72950
# digest: 4a0a00473045022074265f61eea8f5d170a6a71de9470b85fa69ad269f080759c9b2b4237f05dc72022100af312aa6397b9b68a20b5c312e0bc870cfb6b57ee9fd193396ef950da766261b:922c64590222798bb761d5b6d8e72950

5
http/vulnerabilities/other/processmaker-lfi.yaml
View File

@ -13,11 +13,9 @@ info:
cvss-score: 7.5
cwe-id: CWE-22
metadata:
max-request: 1
max-request: 2
tags: processmaker,lfi,edb
flow: http(1) && http(2)
http:
- method: GET
path:
@ -37,6 +35,7 @@ http:
Host: {{Hostname}}
unsafe: true
matchers-condition: and
matchers:
- type: regex