TemplateMan Update [Wed Nov 1 14:47:00 UTC 2023] 🤖

patch-1
GitHub Action 2023-11-01 14:47:00 +00:00
parent 0024516528
commit 8a122f7398
7 changed files with 18 additions and 11 deletions

View File

@ -18,7 +18,7 @@ info:
cve-id: CVE-2010-1531 cve-id: CVE-2010-1531
cwe-id: CWE-22 cwe-id: CWE-22
epss-score: 0.01815 epss-score: 0.01815
epss-percentile: 0.86835 epss-percentile: 0.8684
cpe: cpe:2.3:a:redcomponent:com_redshop:1.0:*:*:*:*:*:*:* cpe: cpe:2.3:a:redcomponent:com_redshop:1.0:*:*:*:*:*:*:*
metadata: metadata:
max-request: 1 max-request: 1
@ -40,4 +40,5 @@ http:
- type: status - type: status
status: status:
- 200 - 200
# digest: 4b0a00483046022100958720d070a646f5571e1f6bce8828e810958950768b3f7569c7275d9e2226eb0221008fedf75486c48b0e0ec1270d083fec25adb3594b44b8de29818adcafb8e1a8fc:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100958720d070a646f5571e1f6bce8828e810958950768b3f7569c7275d9e2226eb0221008fedf75486c48b0e0ec1270d083fec25adb3594b44b8de29818adcafb8e1a8fc:922c64590222798bb761d5b6d8e72950

View File

@ -17,7 +17,7 @@ info:
cve-id: CVE-2017-18564 cve-id: CVE-2017-18564
cwe-id: CWE-79 cwe-id: CWE-79
epss-score: 0.00088 epss-score: 0.00088
epss-percentile: 0.36966 epss-percentile: 0.36978
cpe: cpe:2.3:a:bestwebsoft:sender:*:*:*:*:*:wordpress:*:* cpe: cpe:2.3:a:bestwebsoft:sender:*:*:*:*:*:wordpress:*:*
metadata: metadata:
verified: true verified: true
@ -52,4 +52,5 @@ http:
- 'contains(body_2, "></script><script>alert(document.domain)</script>\">All</a></li>")' - 'contains(body_2, "></script><script>alert(document.domain)</script>\">All</a></li>")'
- 'contains(body_3, "Sender by BestWebSoft")' - 'contains(body_3, "Sender by BestWebSoft")'
condition: and condition: and
# digest: 490a00463044022033a0f0aa1cd8613485df98f4c142f4d4e7d526d7e1db050338a278b90143cb5202203ac891086e3ee64fea49576edfd24b19428f3ee8a1fc75e3556f2bd5ebc01c6d:922c64590222798bb761d5b6d8e72950
# digest: 490a00463044022033a0f0aa1cd8613485df98f4c142f4d4e7d526d7e1db050338a278b90143cb5202203ac891086e3ee64fea49576edfd24b19428f3ee8a1fc75e3556f2bd5ebc01c6d:922c64590222798bb761d5b6d8e72950

View File

@ -17,7 +17,7 @@ info:
cvss-score: 4.3 cvss-score: 4.3
cve-id: CVE-2019-2579 cve-id: CVE-2019-2579
epss-score: 0.00493 epss-score: 0.00493
epss-percentile: 0.73517 epss-percentile: 0.73528
cpe: cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:*:*:*:*:*:*:* cpe: cpe:2.3:a:oracle:webcenter_sites:12.2.1.3.0:*:*:*:*:*:*:*
metadata: metadata:
max-request: 2 max-request: 2
@ -59,4 +59,5 @@ http:
- "NAME='_authkey_' VALUE='([0-9A-Z]+)'>" - "NAME='_authkey_' VALUE='([0-9A-Z]+)'>"
internal: true internal: true
part: body part: body
# digest: 4a0a004730450221009e486d58016937bf08d0d0d82c6c04e30e847ecc2f8ecddf111e51f059928a65022046c51dca726468019571decc7b0bca2230c5a7932daf8cde971d018d41c8bced:922c64590222798bb761d5b6d8e72950
# digest: 4a0a004730450221009e486d58016937bf08d0d0d82c6c04e30e847ecc2f8ecddf111e51f059928a65022046c51dca726468019571decc7b0bca2230c5a7932daf8cde971d018d41c8bced:922c64590222798bb761d5b6d8e72950

View File

@ -16,7 +16,7 @@ info:
cve-id: CVE-2020-24571 cve-id: CVE-2020-24571
cwe-id: CWE-22 cwe-id: CWE-22
epss-score: 0.02513 epss-score: 0.02513
epss-percentile: 0.8895 epss-percentile: 0.88954
cpe: cpe:2.3:a:nexusdb:nexusdb:*:*:*:*:*:*:*:* cpe: cpe:2.3:a:nexusdb:nexusdb:*:*:*:*:*:*:*:*
metadata: metadata:
max-request: 1 max-request: 1
@ -39,4 +39,5 @@ http:
- type: status - type: status
status: status:
- 200 - 200
# digest: 490a0046304402203026e532f99b1d4c52480be6c72e1996ec151106c410dce07607b4b870ca0ba502205b1e78156975adee7f075f44e78e574e6a5a91017c9ef789e41e7a4f778e7a27:922c64590222798bb761d5b6d8e72950
# digest: 490a0046304402203026e532f99b1d4c52480be6c72e1996ec151106c410dce07607b4b870ca0ba502205b1e78156975adee7f075f44e78e574e6a5a91017c9ef789e41e7a4f778e7a27:922c64590222798bb761d5b6d8e72950

View File

@ -54,4 +54,5 @@ http:
- type: status - type: status
status: status:
- 200 - 200
# digest: 4a0a0047304502210093dc33bb96dcda9ce138df9afef6416272dfcb5a5999a6336822a2ea9efc877d0220189bda66cbe00ce72a330c52ade44e12c7767658440779b4542e1a268496403d:922c64590222798bb761d5b6d8e72950
# digest: 4a0a0047304502210093dc33bb96dcda9ce138df9afef6416272dfcb5a5999a6336822a2ea9efc877d0220189bda66cbe00ce72a330c52ade44e12c7767658440779b4542e1a268496403d:922c64590222798bb761d5b6d8e72950

View File

@ -19,7 +19,7 @@ info:
cve-id: CVE-2021-46073 cve-id: CVE-2021-46073
cwe-id: CWE-79 cwe-id: CWE-79
epss-score: 0.00084 epss-score: 0.00084
epss-percentile: 0.35057 epss-percentile: 0.35066
cpe: cpe:2.3:a:vehicle_service_management_system_project:vehicle_service_management_system:*:*:*:*:*:*:*:* cpe: cpe:2.3:a:vehicle_service_management_system_project:vehicle_service_management_system:*:*:*:*:*:*:*:*
metadata: metadata:
verified: true verified: true
@ -59,4 +59,5 @@ http:
- "status_code_3 == 200" - "status_code_3 == 200"
- 'contains(body_3, "<script>alert(document.domain)</script> Test</td>")' - 'contains(body_3, "<script>alert(document.domain)</script> Test</td>")'
condition: and condition: and
# digest: 4b0a00483046022100d52756d6a067897c83a2636841480c882ed7a312c41f7e314ca023dcda2636a1022100ac8684db4e3bf9f4908efacef890864a3f703a83024c19eb860c0f4b6b44f36e:922c64590222798bb761d5b6d8e72950
# digest: 4b0a00483046022100d52756d6a067897c83a2636841480c882ed7a312c41f7e314ca023dcda2636a1022100ac8684db4e3bf9f4908efacef890864a3f703a83024c19eb860c0f4b6b44f36e:922c64590222798bb761d5b6d8e72950

View File

@ -6,6 +6,7 @@ info:
severity: high severity: high
metadata: metadata:
verified: true verified: true
max-request: 1
shodan-query: title:"WebCalendar Setup Wizard" shodan-query: title:"WebCalendar Setup Wizard"
fofa-query: title="WebCalendar Setup Wizard" fofa-query: title="WebCalendar Setup Wizard"
tags: misconfig,webcalendar,install tags: misconfig,webcalendar,install