fixed invalid template syntax
parent
7e27db0348
commit
8c3f98c767
|
@ -1,4 +1,4 @@
|
|||
id: CVE-2018–10818
|
||||
id: CVE-2018-10818
|
||||
|
||||
info:
|
||||
name: LG NAS Devices - Remote Code Execution (Unauthenticated)
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
id: CVE-2018–9845
|
||||
id: CVE-2018-9845
|
||||
|
||||
info:
|
||||
name: Etherpad Lite before 1.6.4 is exploitable for admin access.
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
id: CVE-2021–35336
|
||||
id: CVE-2021-35336
|
||||
|
||||
info:
|
||||
name: Unauthorised Remote Access of Internal Panel
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
id: exposed-authentication.asmx
|
||||
id: exposed-authentication-asmx
|
||||
|
||||
info:
|
||||
name: Exposed Authentication.asmx
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
id: electron-version-detect.yaml
|
||||
id: electron-version-detect
|
||||
|
||||
info:
|
||||
name: Electron Version Detect
|
||||
|
|
|
@ -1,6 +1,7 @@
|
|||
id: wix-takeover
|
||||
|
||||
info:
|
||||
name: Wix Takeover Detection
|
||||
author: harshinsecurity,philippedelteil
|
||||
description: This subdomain take over would only work on an edge case when the account was deleted. You will need a premium account (~ US$7) to test the take over.
|
||||
severity: high
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
id: default-asp.net-page
|
||||
id: default-asp-net-page
|
||||
|
||||
info:
|
||||
name: ASP.Net Test Page
|
||||
|
@ -11,8 +11,9 @@ requests:
|
|||
- method: GET
|
||||
path:
|
||||
- '{{BaseURL}}'
|
||||
|
||||
matchers:
|
||||
- type: word
|
||||
part: body
|
||||
words:
|
||||
- "Home Page - My ASP.NET Application"
|
||||
part: body
|
|
@ -1,4 +1,4 @@
|
|||
id: fastjson-1.2.24-rce
|
||||
id: fastjson-1-2-24-rce
|
||||
|
||||
info:
|
||||
name: Fastjson 1.2.24 Deserialization RCE
|
|
@ -1,4 +1,4 @@
|
|||
id: fastjson-1.2.41-rce
|
||||
id: fastjson-1-2-41-rce
|
||||
|
||||
info:
|
||||
name: Fastjson 1.2.41 Deserialization RCE
|
|
@ -1,4 +1,4 @@
|
|||
id: fastjson-1.2.42-rce
|
||||
id: fastjson-1-2-42-rce
|
||||
|
||||
info:
|
||||
name: Fastjson 1.2.42 Deserialization RCE
|
|
@ -1,4 +1,4 @@
|
|||
id: fastjson-1.2.43-rce
|
||||
id: fastjson-1-2-43-rce
|
||||
|
||||
info:
|
||||
name: Fastjson 1.2.43 Deserialization RCE
|
|
@ -1,4 +1,4 @@
|
|||
id: fastjson-1.2.47-rce
|
||||
id: fastjson-1-2-47-rce
|
||||
|
||||
info:
|
||||
name: Fastjson 1.2.47 Deserialization RCE
|
|
@ -1,4 +1,4 @@
|
|||
id: fastjson-1.2.62-rce
|
||||
id: fastjson-1-2-62-rce
|
||||
|
||||
info:
|
||||
name: Fastjson 1.2.62 Deserialization RCE
|
|
@ -1,4 +1,4 @@
|
|||
id: fastjson-1.2.67-rce
|
||||
id: fastjson-1-2-67-rce
|
||||
|
||||
info:
|
||||
name: Fastjson 1.2.67 Deserialization RCE
|
|
@ -1,4 +1,4 @@
|
|||
id: fastjson-1.2.68-rce
|
||||
id: fastjson-1-2-68-rce
|
||||
|
||||
info:
|
||||
name: Fastjson 1.2.68 Deserialization RCE
|
|
@ -1,4 +1,5 @@
|
|||
id: nuuo-file-inclusion.yaml
|
||||
id: nuuo-file-inclusion
|
||||
|
||||
info:
|
||||
name: NUUO NVRmini 2 3.0.8 Local File Disclosure
|
||||
author: princechaddha
|
||||
|
@ -14,13 +15,15 @@ requests:
|
|||
matchers-condition: and
|
||||
matchers:
|
||||
- type: word
|
||||
part: body
|
||||
words:
|
||||
- "$_GET['css']"
|
||||
part: body
|
||||
|
||||
- type: word
|
||||
part: header
|
||||
words:
|
||||
- "text/css"
|
||||
part: header
|
||||
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
||||
|
|
|
@ -1,4 +1,4 @@
|
|||
id: spark-webui-unauth.yaml
|
||||
id: spark-webui-unauth
|
||||
info:
|
||||
name: Unauthenticated Spark WebUI
|
||||
author: princechaddha
|
||||
|
|
Loading…
Reference in New Issue