diff --git a/cves/2018/CVE-2018-12998.yaml b/cves/2018/CVE-2018-12998.yaml index 276fbcff83..cd23caa054 100644 --- a/cves/2018/CVE-2018-12998.yaml +++ b/cves/2018/CVE-2018-12998.yaml @@ -4,7 +4,7 @@ info: name: Zoho manageengine Arbitrary Reflected XSS author: pikpikcu severity: medium - description: reflected Cross-site scripting (XSS) vulnerability in Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils before build 123161, and Firewall Analyzer before build 123147 allows remote attackers to inject arbitrary web script or HTML via the parameter 'operation' to /servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet. + description: A reflected Cross-site scripting (XSS) vulnerability in Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils before build 123161, and Firewall Analyzer before build 123147 allows remote attackers to inject arbitrary web script or HTML via the parameter 'operation' to /servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet. reference: - https://github.com/unh3x/just4cve/issues/10 - http://packetstormsecurity.com/files/148635/Zoho-ManageEngine-13-13790-build-XSS-File-Read-File-Deletion.html diff --git a/cves/2021/CVE-2021-41773.yaml b/cves/2021/CVE-2021-41773.yaml index e82bbd6bef..430a5c5bb9 100644 --- a/cves/2021/CVE-2021-41773.yaml +++ b/cves/2021/CVE-2021-41773.yaml @@ -3,7 +3,7 @@ id: CVE-2021-41773 info: name: Apache 2.4.49 - Path Traversal and Remote Code Execution author: daffainfo - severity: critical + severity: high description: A flaw was found in a change made to path normalization in Apache HTTP Server 2.4.49. An attacker could use a path traversal attack to map URLs to files outside the expected document root. If files outside of the document root are not protected by "require all denied" these requests can succeed. Additionally this flaw could leak the source of interpreted files like CGI scripts. This issue is known to be exploited in the wild. This issue only affects Apache 2.4.49 and not earlier versions. reference: - https://github.com/apache/httpd/commit/e150697086e70c552b2588f369f2d17815cb1782 @@ -12,6 +12,11 @@ info: - https://twitter.com/h4x0r_dz/status/1445401960371429381 - https://github.com/blasty/CVE-2021-41773 tags: cve,cve2021,lfi,rce,apache,misconfig + classification: + cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N + cvss-score: 7.50 + cve-id: CVE-2021-41773 + cwe-id: CWE-22 requests: - raw: diff --git a/vulnerabilities/other/netis-info-leak.yaml b/vulnerabilities/other/netis-info-leak.yaml index 9cfa7fac56..bb9688eb93 100644 --- a/vulnerabilities/other/netis-info-leak.yaml +++ b/vulnerabilities/other/netis-info-leak.yaml @@ -5,6 +5,7 @@ info: author: gy741 severity: medium reference: https://www.exploit-db.com/exploits/48384 + description: A vulnerability in Netis allows remote unauthenticated users to disclose the WiFi password of the remote device. tags: netis,exposure requests: diff --git a/vulnerabilities/other/nginx-merge-slashes-path-traversal.yaml b/vulnerabilities/other/nginx-merge-slashes-path-traversal.yaml index 05bb45755f..efc4f25bce 100644 --- a/vulnerabilities/other/nginx-merge-slashes-path-traversal.yaml +++ b/vulnerabilities/other/nginx-merge-slashes-path-traversal.yaml @@ -4,6 +4,7 @@ info: name: Nginx Merge Slashes Path Traversal author: dhiyaneshDk severity: medium + description: A vulnerability in the remote Nginx server could cause the server to merge slashslash together causing what should have protected the web site from a directory traversal vulnerability into a vulnerable server. reference: - https://github.com/detectify/ugly-duckling/blob/master/modules/crowdsourced/nginx-merge-slashes-path-traversal.json - https://medium.com/appsflyer/nginx-may-be-protecting-your-applications-from-traversal-attacks-without-you-even-knowing-b08f882fd43d diff --git a/vulnerabilities/other/opensis-lfi.yaml b/vulnerabilities/other/opensis-lfi.yaml index c6e5e91adf..f2584939c4 100644 --- a/vulnerabilities/other/opensis-lfi.yaml +++ b/vulnerabilities/other/opensis-lfi.yaml @@ -4,9 +4,9 @@ info: name: openSIS 5.1 - 'ajax.php' Local File Inclusion author: pikpikcu severity: high + description: An attacker can exploit a vulnerability in openSIS to obtain potentially sensitive information and execute arbitrary local scripts in the context of the Web server process. This may allow the attacker to compromise the application and computer; other attacks are also possible. reference: - https://www.exploit-db.com/exploits/38039 - - https://www.securityfocus.com/bid/56598/info tags: opensis,lfi requests: