daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fixing spelling, -dorks, and some severity mismatches

patch-1
sullo 2023-01-23 15:08:27 -05:00
parent ac1613e57a
commit 8a3eeea516
68 changed files with 68 additions and 68 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cves/2017/CVE-2017-14186.yaml
View File

@ -5,7 +5,7 @@ info:
author: johnk3r
severity: medium
description: |
FortiGate FortiOS through SSL VPN Web Portal contains a cross-site scripting vulnerability. The login redir parameter is not santized, so an attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks such as a URL redirect. Affected versions are 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, and 5.4 and below.
FortiGate FortiOS through SSL VPN Web Portal contains a cross-site scripting vulnerability. The login redir parameter is not sanitized, so an attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks such as a URL redirect. Affected versions are 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, and 5.4 and below.
reference:
- https://www.fortiguard.com/psirt/FG-IR-17-242
- https://fortiguard.com/advisory/FG-IR-17-242

2
cves/2019/CVE-2019-19908.yaml
View File

@ -18,7 +18,7 @@ info:
cwe-id: CWE-79
metadata:
verified: true
google-dork: inurl:"/plus/pass_reset.php"
google-query: inurl:"/plus/pass_reset.php"
tags: cve,cve2019,phpMyChat,xss
requests:

2
cves/2019/CVE-2019-20933.yaml
View File

@ -17,7 +17,7 @@ info:
cve-id: CVE-2019-20933
cwe-id: CWE-287
metadata:
shodan-dork: InfluxDB
shodan-query: InfluxDB
verified: "true"
tags: unauth,db,influxdb,misconfig
requests:

2
cves/2020/CVE-2020-24902.yaml
View File

@ -15,7 +15,7 @@ info:
cve-id: CVE-2020-24902
cwe-id: CWE-79
metadata:
google-dork: intitle:"My Download Server"
google-query: intitle:"My Download Server"
shodan-query: http.title:"My Download Server"
verified: "true"
tags: cve,cve2020,quixplorer,xss

2
cves/2021/CVE-2021-40859.yaml
View File

@ -15,7 +15,7 @@ info:
cvss-score: 9.8
cve-id: CVE-2021-40859
metadata:
fofa-dork: '"auerswald"'
fofa-query: '"auerswald"'
tags: cve,cve2021,iot,unauth,voip,auerswald
requests:

2
cves/2021/CVE-2021-44152.yaml
View File

@ -18,7 +18,7 @@ info:
metadata:
verified: true
shodan-query: http.html:"Reprise License Manager"
google-dork: inurl:"/goforms/menu"
google-query: inurl:"/goforms/menu"
tags: cve2021,rlm,auth-bypass,packetstorm,cve
requests:

2
default-logins/steve/steve-default-login.yaml
View File

@ -3,7 +3,7 @@ id: steve-default-login
info:
name: SteVe Login Panel - Detect
author: clem9669
severity: high
severity: info
description: |
SteVe login panel was detected.
reference:

2
exposed-panels/acemanager-login.yaml
View File

@ -8,7 +8,7 @@ info:
classification:
cwe-id: CWE-200
metadata:
fofa-dork: app="ACEmanager"
fofa-query: app="ACEmanager"
tags: panel,login,tech,acemanager
requests:

2
exposed-panels/airnotifier-panel.yaml
View File

@ -11,7 +11,7 @@ info:
cwe-id: CWE-200
metadata:
verified: true
shodan-dork: http.title:"AirNotifier"
shodan-query: http.title:"AirNotifier"
tags: panel,airnotifier
requests:

2
exposed-panels/apache-jmeter-dashboard.yaml
View File

@ -3,7 +3,7 @@ id: apache-jmeter-dashboard
info:
name: Apache JMeter Dashboard Login Panel - Detect
author: tess
severity: low
severity: info
description: Apache JMeter Dashboard login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

2
exposed-panels/couchdb-exposure.yaml
View File

@ -3,7 +3,7 @@ id: couchdb-exposure
info:
name: Apache CouchDB Panel - Detect
author: organiccrap
severity: low
severity: info
description: Apache CouchDB panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

2
exposed-panels/deluge-webui-panel.yaml
View File

@ -11,7 +11,7 @@ info:
cwe-id: CWE-200
metadata:
verified: true
shodan-dork: title:"Deluge WebUI"
shodan-query: title:"Deluge WebUI"
tags: panel,deluge
requests:

2
exposed-panels/emerson-power-panel.yaml
View File

@ -10,7 +10,7 @@ info:
cvss-score: 0.0
cwe-id: CWE-200
metadata:
shodan-dork: http.title:"Emerson Network Power IntelliSlot Web Card"
shodan-query: http.title:"Emerson Network Power IntelliSlot Web Card"
tags: panel,intellislot,emerson
requests:

2
exposed-panels/exolis-engage-panel.yaml
View File

@ -14,7 +14,7 @@ info:
metadata:
verified: true
shodan-query: html:"engage - Portail soignant"
google-dork: intitle:"engage - Portail soignant"
google-query: intitle:"engage - Portail soignant"
tags: panel,exolis,engage
requests:

2
exposed-panels/extreme-netconfig-ui.yaml
View File

@ -10,7 +10,7 @@ info:
cvss-score: 0.0
cwe-id: CWE-200
metadata:
shodan-dork: 'http.title:"Extreme NetConfig UI"'
shodan-query: 'http.title:"Extreme NetConfig UI"'
tags: panel,tech,hiveos,extreme
requests:

2
exposed-panels/flink-exposure.yaml
View File

@ -3,7 +3,7 @@ id: flink-exposure
info:
name: Apache Flink Login Panel - Detect
author: pdteam
severity: low
severity: info
description: Apache Flink login panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

2
exposed-panels/freepbx-administration-panel.yaml
View File

@ -11,7 +11,7 @@ info:
cwe-id: CWE-200
metadata:
verified: "true"
shodan-dork: http.title:"FreePBX Administration"
shodan-query: http.title:"FreePBX Administration"
tags: freepbx,panel
requests:

2
exposed-panels/git-repository-browser.yaml
View File

@ -11,7 +11,7 @@ info:
cwe-id: CWE-200
metadata:
verified: true
shodan-dork: http.title:"Git repository browser"
shodan-query: http.title:"Git repository browser"
tags: panel,git
requests:

2
exposed-panels/gitblit-panel.yaml
View File

@ -11,7 +11,7 @@ info:
cwe-id: CWE-200
metadata:
verified: true
shodan-dork: http.title:"Gitblit"
shodan-query: http.title:"Gitblit"
tags: panel,gitblit
requests:

2
exposed-panels/honeywell-xl-web-controller.yaml
View File

@ -13,7 +13,7 @@ info:
cwe-id: CWE-200
metadata:
verified: true
shodan-dork: title:"Honeywell XL Web Controller"
shodan-query: title:"Honeywell XL Web Controller"
tags: panel,honeywell,edb
requests:

2
exposed-panels/kenesto-login.yaml
View File

@ -5,7 +5,7 @@ info:
author: pussycat0x
severity: info
metadata:
fofa-dork: 'app="kenesto"'
fofa-query: 'app="kenesto"'
tags: login,tech,kenesto
requests:

2
exposed-panels/linksys-wifi-login.yaml
View File

@ -10,7 +10,7 @@ info:
cvss-score: 0.0
cwe-id: CWE-200
metadata:
shodan-dork: http.title:"Linksys Smart WI-FI"
shodan-query: http.title:"Linksys Smart WI-FI"
tags: tech,panel,linksys,iot
requests:

2
exposed-panels/maestro-login-panel.yaml
View File

@ -11,7 +11,7 @@ info:
cwe-id: CWE-200
metadata:
verified: true
shodan-dork: http.title:"Maestro - LuCI"
shodan-query: http.title:"Maestro - LuCI"
tags: panel,maestro,luci
requests:

2
exposed-panels/netdata-dashboard-detected.yaml
View File

@ -10,7 +10,7 @@ info:
cvss-score: 0.0
cwe-id: CWE-200
metadata:
shodan-dork: 'Server: NetData Embedded HTTP Server'
shodan-query: 'Server: NetData Embedded HTTP Server'
tags: netdata,panel,tech
requests:

2
exposed-panels/noescape-login.yaml
View File

@ -11,7 +11,7 @@ info:
cwe-id: CWE-200
metadata:
verified: true
shodan-dork: title:"NoEscape - Login"
shodan-query: title:"NoEscape - Login"
tags: panel,noescape
requests:

2
exposed-panels/openshift-installer-panel.yaml
View File

@ -3,7 +3,7 @@ id: openshift-installer-panel
info:
name: OpenShift Assisted Installer Panel - Detect
author: DhiyaneshDk
severity: high
severity: info
description: OpenShift Assisted Installer panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

2
exposed-panels/pega-web-panel.yaml
View File

@ -15,7 +15,7 @@ info:
metadata:
verified: true
shodan-query: title:"Pega Platform"
google-dork: inurl:"/prweb/PRAuth/app/default"
google-query: inurl:"/prweb/PRAuth/app/default"
tags: panel,pega
requests:

2
exposed-panels/php-mailer.yaml
View File

@ -3,7 +3,7 @@ id: php-mailer
info:
name: PHPMailer Panel - Detect
author: ritikchaddha
severity: unknown
severity: info
description: PHPMailer panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

2
exposed-panels/prometheus-exposed-panel.yaml
View File

@ -3,7 +3,7 @@ id: prometheus-exposed-panel
info:
name: Prometheus Panel - Detect
author: organiccrap
severity: low
severity: info
description: Prometheus panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

2
exposed-panels/qualcomm-voip-router.yaml
View File

@ -10,7 +10,7 @@ info:
cvss-score: 0.0
cwe-id: CWE-200
metadata:
fofa-dork: 'app="Qualcomm-4G-LTE-WiFi-VoIP-Router"'
fofa-query: 'app="Qualcomm-4G-LTE-WiFi-VoIP-Router"'
tags: panel,qualcomm,iot,router,voip
requests:

2
exposed-panels/securepoint-utm.yaml
View File

@ -10,7 +10,7 @@ info:
cvss-score: 0.0
cwe-id: CWE-200
metadata:
fofa-dork: 'app="Securepoint-UTM-v11-Admin-Interface-11.8.8.8"'
fofa-query: 'app="Securepoint-UTM-v11-Admin-Interface-11.8.8.8"'
tags: securepoint,panel
requests:

2
exposed-panels/securityspy-detect.yaml
View File

@ -10,7 +10,7 @@ info:
cvss-score: 0.0
cwe-id: CWE-200
metadata:
shodan-dork: 'title:SecuritySpy'
shodan-query: 'title:SecuritySpy'
tags: unauth,iot,securityspy,panel,camera
requests:

2
exposed-panels/sonicwall-analyzer-login.yaml
View File

@ -11,7 +11,7 @@ info:
cwe-id: CWE-200
metadata:
verified: true
shodan-dork: title:"SonicWall Analyzer Login"
shodan-query: title:"SonicWall Analyzer Login"
tags: panel,sonicwall
requests:

2
exposed-panels/tableau-panel.yaml
View File

@ -10,7 +10,7 @@ info:
cvss-score: 0.0
cwe-id: CWE-200
metadata:
fofa-dork: 'app="Tableau-Python-Server"'
fofa-query: 'app="Tableau-Python-Server"'
tags: tableau,panel,python
requests:

2
exposed-panels/tenda-web-master.yaml
View File

@ -11,7 +11,7 @@ info:
cwe-id: CWE-200
metadata:
verified: true
shodan-dork: title:"Tenda Web Master"
shodan-query: title:"Tenda Web Master"
tags: panel,tenda,router
requests:

2
exposed-panels/tiny-file-manager.yaml
View File

@ -11,7 +11,7 @@ info:
cwe-id: CWE-200
metadata:
verified: true
shodan-dork: title:"Tiny File Manager"
shodan-query: title:"Tiny File Manager"
tags: panel,filemanager
requests:

2
exposed-panels/unauth-xproxy-dashboard.yaml
View File

@ -10,7 +10,7 @@ info:
cvss-score: 5.3
cwe-id: CWE-200
metadata:
fofa-dork: "X-Proxy Dashboard"
fofa-query: "X-Proxy Dashboard"
tags: xproxy,panel
requests:

2
exposed-panels/vmware-carbon-black-edr.yaml
View File

@ -6,7 +6,7 @@ info:
severity: info
metadata:
verified: true
shodan-dork: title:"VMware Carbon Black EDR"
shodan-query: title:"VMware Carbon Black EDR"
tags: panel,vmware
requests:

2
exposed-panels/vmware-cloud-availability.yaml
View File

@ -6,7 +6,7 @@ info:
severity: info
metadata:
verified: true
shodan-dork: title:"VMware Cloud Director Availability"
shodan-query: title:"VMware Cloud Director Availability"
tags: panel,vmware
requests:

2
exposed-panels/vmware-ftp-server.yaml
View File

@ -6,7 +6,7 @@ info:
severity: info
metadata:
verified: true
shodan-dork: title:"VMWARE FTP SERVER"
shodan-query: title:"VMWARE FTP SERVER"
tags: panel,vmware,ftp
requests:

2
exposed-panels/vmware-horizon-daas.yaml
View File

@ -6,7 +6,7 @@ info:
severity: info
metadata:
verified: true
shodan-dork: title:"Horizon DaaS"
shodan-query: title:"Horizon DaaS"
tags: panel,vmware
requests:

2
exposed-panels/vmware-vcenter-converter-standalone.yaml
View File

@ -6,7 +6,7 @@ info:
severity: info
metadata:
verified: true
shodan-dork: title:"VMware vCenter Converter Standalone"
shodan-query: title:"VMware vCenter Converter Standalone"
tags: panel,vmware,vcenter
requests:

2
exposed-panels/vmware-vcloud-director.yaml
View File

@ -6,7 +6,7 @@ info:
severity: info
metadata:
verified: true
shodan-dork: title:"VMware vCloud Director"
shodan-query: title:"VMware vCloud Director"
tags: panel,vmware,vcloud
requests:

2
exposed-panels/vrealize-loginsight-panel.yaml
View File

@ -11,7 +11,7 @@ info:
cwe-id: CWE-200
metadata:
verified: true
shodan-dork: title:"vRealize Log insight"
shodan-query: title:"vRealize Log insight"
tags: panel,vmware,vrealize
requests:

2
exposed-panels/web-file-manager.yaml
View File

@ -6,7 +6,7 @@ info:
severity: info
metadata:
verified: true
shodan-dork: title:"Web File Manager"
shodan-query: title:"Web File Manager"
tags: panel,filemanager
requests:

2
exposed-panels/wiren-board-webui.yaml
View File

@ -6,7 +6,7 @@ info:
severity: low
metadata:
verified: true
shodan-dork: http.title:"Wiren Board Web UI"
shodan-query: http.title:"Wiren Board Web UI"
tags: panel,exposure,wiren
requests:

2
exposures/configs/ovpn-config-exposed.yaml
View File

@ -6,7 +6,7 @@ info:
severity: low
metadata:
verified: "true"
shodan-dork: http.title:"OVPN Config Download"
shodan-query: http.title:"OVPN Config Download"
tags: config,ovpn,exposure
requests:

2
exposures/files/npmrc-authtoken.yaml
View File

@ -9,7 +9,7 @@ info:
- https://docs.github.com/en/packages/working-with-a-github-packages-registry/working-with-the-npm-registry
metadata:
verified: true
google-dork: intitle:"index of" ".npmrc"
google-query: intitle:"index of" ".npmrc"
tags: npm,exposure
requests:

2
exposures/mobiproxy-dashboard.yaml
View File

@ -6,7 +6,7 @@ info:
severity: medium
metadata:
verified: true
shodan-dork: http.title:"MobiProxy"
shodan-query: http.title:"MobiProxy"
tags: dashboard,exposure,mobiproxy
requests:

2
misconfiguration/encompass-cm1-homepage.yaml
View File

@ -3,7 +3,7 @@ id: encompass-cm1-homepage
info:
name: Encompass CM1 Home Page - Detect
author: tess
severity: low
severity: info
description: Encompass CM1 home page was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

2
misconfiguration/hp/unauthorized-printer-hp.yaml
View File

@ -5,7 +5,7 @@ info:
author: pussycat0x,r3naissance
severity: high
metadata:
shodan-dork: http.title:"Hp Officejet pro"
shodan-query: http.title:"Hp Officejet pro"
tags: hp,iot,unauth
requests:

2
misconfiguration/mysqld-exporter-metrics.yaml
View File

@ -3,7 +3,7 @@ id: mysqld-exporter-metrics
info:
name: MySQL Exporter Panel - Detect
author: DhiyaneshDk
severity: low
severity: info
description: MYSQL Exporter panel was detected.
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:N

2
misconfiguration/openbmcs/openbmcs-ssrf.yaml
View File

@ -3,7 +3,7 @@ id: openbmcs-ssrf
info:
name: OpenBMCS 2.4 - Server-Side Request Forgery / Remote File Inclusion
author: dhiyaneshDK
severity: high
severity: medium
description: OpenBMCS 2.4 is susceptible to unauthenticated server-side request forgery and remote file inclusion vulnerabilities within its functionalities. The application parses user supplied data in the POST parameter 'ip' to query a server IP on port 81 by default. Since no validation is carried out on the parameter, an attacker can specify an external domain and force the application to make an HTTP request to an arbitrary destination host.
reference:
- https://www.exploit-db.com/exploits/50670

2
misconfiguration/unauthorized-puppet-node-manager-detect.yaml
View File

@ -5,7 +5,7 @@ info:
author: pussycat0x
severity: medium
metadata:
fofa-dork: 'app="puppet-Node-Manager"'
fofa-query: 'app="puppet-Node-Manager"'
tags: node,misconfig
requests:

2
network/tidb-unauth.yaml
View File

@ -6,7 +6,7 @@ info:
severity: high
description: TiDB server was able to be accessed because no authentication was required.
metadata:
zoomeye-dork: tidb +port:"4000"
zoomeye-query: tidb +port:"4000"
tags: network,tidb,unauth
network:

2
vulnerabilities/dedecms/dedecms-openredirect.yaml
View File

@ -3,7 +3,7 @@ id: dedecms-openredirect
info:
name: DedeCMS - Open Redirect
author: pikpikcu
severity: low
severity: medium
description: DedeCMS contains an open redirect vulnerability. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.
reference:
- https://blog.csdn.net/ystyaoshengting/article/details/82734888

2
vulnerabilities/generic/open-redirect.yaml
View File

@ -3,7 +3,7 @@ id: open-redirect
info:
name: Open Redirect - Detection
author: afaq,melbadry9,Elmahdi,pxmme1337,Regala_,andirrahmani1,geeknik
severity: low
severity: medium
description: An open redirect vulnerability was detected. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

2
vulnerabilities/httpbin/httpbin-open-redirect.yaml
View File

@ -3,7 +3,7 @@ id: httpbin-open-redirect
info:
name: HTTPBin - Open Redirect
author: Adam Crosser
severity: low
severity: medium
description: HTTPBin contains an open redirect vulnerability. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.
reference:
- https://github.com/postmanlabs/httpbin

2
vulnerabilities/other/aspnuke-openredirect.yaml
View File

@ -3,7 +3,7 @@ id: aspnuke-openredirect
info:
name: ASP-Nuke - Open Redirect
author: pdteam
severity: low
severity: medium
description: ASP-Nuke contains an open redirect vulnerability. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.
reference:
- https://packetstormsecurity.com/files/125931/ASP-Nuke-2.0.7-Open-Redirect.html

2
vulnerabilities/other/bitrix-open-redirect.yaml
View File

@ -3,7 +3,7 @@ id: bitrix-open-redirect
info:
name: Bitrix Site Management Russia 2.0 - Open Redirect
author: pikpikcu
severity: low
severity: medium
description: Bitrix Site Management Russia 2.0 contains an open redirect vulnerability. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.
reference:
- https://packetstormsecurity.com/files/151955/1C-Bitrix-Site-Management-Russia-2.0-Open-Redirection.html

2
vulnerabilities/other/odoo-cms-redirect.yaml
View File

@ -3,7 +3,7 @@ id: odoo-cms-redirect
info:
name: Odoo CMS - Open Redirect
author: 0x_Akoko
severity: low
severity: medium
description: Odoo CMS contains an open redirect vulnerability. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.
reference:
- https://cxsecurity.com/issue/WLB-2021020143

2
vulnerabilities/wordpress/age-gate-open-redirect.yaml
View File

@ -3,7 +3,7 @@ id: age-gate-open-redirect
info:
name: WordPress Age Gate <2.13.5 - Open Redirect
author: akincibor
severity: low
severity: medium
description: WordPress Age Gate plugin before 2.13.5 contains an open redirect vulnerability via the _wp_http_referer parameter after certain actions and after invalid or missing nonces. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.
reference:
- https://wpscan.com/vulnerability/10489

2
vulnerabilities/wordpress/attitude-theme-open-redirect.yaml
View File

@ -3,7 +3,7 @@ id: attitude-theme-open-redirect
info:
name: WordPress Attitude 1.1.1 - Open Redirect
author: 0x_Akoko
severity: low
severity: medium
description: WordPress Attitude theme 1.1.1 contains an open redirect vulnerability via the goto.php endpoint. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.
reference:
- https://cxsecurity.com/issue/WLB-2020030185

2
vulnerabilities/wordpress/eatery-restaurant-open-redirect.yaml
View File

@ -3,7 +3,7 @@ id: eatery-restaurant-open-redirect
info:
name: WordPress Eatery 2.2 - Open Redirect
author: 0x_Akoko
severity: low
severity: medium
description: |
WordPress Eatery theme 2.2 contains an open redirect vulnerability. The theme accepts a user-controlled input that specifies a link to an external site. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.
reference:

2
vulnerabilities/wordpress/weekender-newspaper-open-redirect.yaml
View File

@ -3,7 +3,7 @@ id: weekender-newspaper-open-redirect
info:
name: WordPress Weekender Newspaper 9.0 - Open Redirect
author: 0x_Akoko
severity: low
severity: medium
description: WordPress Weekender Newspaper theme 9.0 contains an open redirect vulnerability. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.
reference:
- https://cxsecurity.com/issue/WLB-2020040103

2
vulnerabilities/wordpress/wp-grimag-open-redirect.yaml
View File

@ -3,7 +3,7 @@ id: wp-grimag-open-redirect
info:
name: WordPress Grimag <1.1.1 - Open Redirection
author: 0x_Akoko
severity: low
severity: medium
description: WordPress Grimag theme before 1.1.1 contains an open redirect vulnerability. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.
remediation: Fixed in 1.1.1.
reference:

2
vulnerabilities/wordpress/wp-security-open-redirect.yaml
View File

@ -3,7 +3,7 @@ id: wp-security-open-redirect
info:
name: WordPress All-in-One Security <=4.4.1 - Open Redirect
author: akincibor
severity: low
severity: medium
description: |
WordPress All-in-One Security plugin through 4.4.1 contains an open redirect vulnerability which can expose the actual URL of the hidden login page feature. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations.
remediation: Upgrade to 4.4.2 or later.

2
vulnerabilities/zend/zend-v1-xss.yaml
View File

@ -10,7 +10,7 @@ info:
- https://twitter.com/c3l3si4n/status/1600035722148212737
metadata:
verified: true
google-dork: inurl:"/tests/Zend/Http/"
google-query: inurl:"/tests/Zend/Http/"
tags: zend,zendframework,xss
requests: