daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #4801 from ritikchaddha/Update-metadata-query 

Update metadata query
patch-1
Prince Chaddha 2022-07-13 21:23:20 +05:30 committed by GitHub
parent c8ca6db8f8 4714c90836
commit a16c99effb
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
50 changed files with 102 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cves/2011/CVE-2011-1669.yaml
View File

@ -13,6 +13,8 @@ info:
remediation: Upgrade to a supported version.
classification:
cve-id: CVE-2011-1669
metadata:
google-query: inurl:"/wp-content/plugins/wp-custom-pages/"
tags: cve,cve2011,wordpress,wp-plugin,lfi
requests:

4
cves/2011/CVE-2011-4618.yaml
View File

@ -12,6 +12,8 @@ info:
remediation: Upgrade to a supported version.
classification:
cve-id: CVE-2011-4618
metadata:
google-query: inurl:"/wp-content/plugins/advanced-text-widget"
tags: cve,cve2011,wordpress,xss,wp-plugin
requests:
@ -22,9 +24,9 @@ requests:
matchers-condition: and
matchers:
- type: word
part: body
words:
- "</script><script>alert(document.domain)</script>"
part: body
- type: word
part: header

2
cves/2011/CVE-2011-4624.yaml
View File

@ -12,6 +12,8 @@ info:
remediation: Upgrade to a supported version.
classification:
cve-id: CVE-2011-4624
metadata:
google-query: inurl:"/wp-content/plugins/flash-album-gallery"
tags: cve,cve2011,wordpress,xss,wp-plugin
requests:

4
cves/2011/CVE-2011-4926.yaml
View File

@ -12,6 +12,8 @@ info:
- http://www.openwall.com/lists/oss-security/2012/01/10/9
classification:
cve-id: CVE-2011-4926
metadata:
google-query: inurl:"/wp-content/plugins/adminimize/"
tags: cve,cve2011,wordpress,xss,wp-plugin
requests:
@ -22,9 +24,9 @@ requests:
matchers-condition: and
matchers:
- type: word
part: body
words:
- "</script><script>alert(document.domain)</script>"
part: body
- type: word
part: header

2
cves/2011/CVE-2011-5106.yaml
View File

@ -12,6 +12,8 @@ info:
- http://wordpress.org/extend/plugins/flexible-custom-post-type/changelog/
classification:
cve-id: CVE-2011-5106
metadata:
google-query: inurl:"/wp-content/plugins/flexible-custom-post-type/"
tags: cve,cve2011,wordpress,xss,wp-plugin
requests:

2
cves/2011/CVE-2011-5107.yaml
View File

@ -12,6 +12,8 @@ info:
- http://web.archive.org/web/20201208110708/https://www.securityfocus.com/archive/1/520590/100/0/threaded
classification:
cve-id: CVE-2011-5107
metadata:
google-query: inurl:"/wp-content/plugins/alert-before-your-post"
tags: cve,cve2011,wordpress,xss,wp-plugin
requests:

2
cves/2011/CVE-2011-5179.yaml
View File

@ -12,6 +12,8 @@ info:
- http://web.archive.org/web/20210614205347/https://www.securityfocus.com/archive/1/520662/100/0/threaded
classification:
cve-id: CVE-2011-5179
metadata:
google-query: inurl:"/wp-content/plugins/skysa-official/"
tags: cve,cve2011,wordpress,xss,wp-plugin
requests:

2
cves/2011/CVE-2011-5181.yaml
View File

@ -11,6 +11,8 @@ info:
- http://wordpress.org/extend/plugins/clickdesk-live-support-chat-plugin/changelog/
classification:
cve-id: CVE-2011-5181
metadata:
google-query: inurl:"/wp-content/plugins/clickdesk-live-support-chat/"
tags: cve,cve2011,wordpress,xss,wp-plugin
requests:

2
cves/2011/CVE-2011-5265.yaml
View File

@ -11,6 +11,8 @@ info:
- https://exchange.xforce.ibmcloud.com/vulnerabilities/71468
classification:
cve-id: CVE-2011-5265
metadata:
google-query: inurl:"/wp-content/plugins/featurific-for-wordpress"
tags: cve,cve2011,wordpress,xss,wp-plugin
requests:

2
cves/2012/CVE-2012-0896.yaml
View File

@ -12,6 +12,8 @@ info:
- http://plugins.trac.wordpress.org/changeset/488883/count-per-day
classification:
cve-id: CVE-2012-0896
metadata:
google-query: inurl:"/wp-content/plugins/count-per-day"
tags: cve,cve2012,lfi,wordpress,wp-plugin,traversal
requests:

2
cves/2012/CVE-2012-0901.yaml
View File

@ -11,6 +11,8 @@ info:
- https://exchange.xforce.ibmcloud.com/vulnerabilities/72271
classification:
cve-id: CVE-2012-0901
metadata:
google-query: inurl:"/wp-content/plugins/yousaytoo-auto-publishing-plugin"
tags: cve,cve2012,wordpress,xss,wp-plugin
requests:

2
cves/2012/CVE-2012-1835.yaml
View File

@ -12,6 +12,8 @@ info:
- https://www.htbridge.com/advisory/HTB23082
classification:
cve-id: CVE-2012-1835
metadata:
google-query: inurl:"/wp-content/plugins/all-in-one-event-calendar"
tags: cve,cve2012,wordpress,xss,wp-plugin
requests:

2
cves/2012/CVE-2012-4273.yaml
View File

@ -12,6 +12,8 @@ info:
- http://packetstormsecurity.org/files/112615/WordPress-2-Click-Socialmedia-Buttons-Cross-Site-Scripting.html
classification:
cve-id: CVE-2012-4273
metadata:
google-query: inurl:"/wp-content/plugins/2-click-socialmedia-buttons"
tags: cve,cve2012,wordpress,xss,wp-plugin
requests:

2
cves/2013/CVE-2013-2287.yaml
View File

@ -10,6 +10,8 @@ info:
- https://www.dognaedis.com/vulns/DGS-SEC-16.html
classification:
cve-id: CVE-2013-2287
metadata:
google-query: inurl:"/wp-content/plugins/uploader"
tags: cve,cve2013,wordpress,xss,wp-plugin
requests:

2
cves/2013/CVE-2013-3526.yaml
View File

@ -11,6 +11,8 @@ info:
- http://web.archive.org/web/20210123051939/https://www.securityfocus.com/bid/58948/
classification:
cve-id: CVE-2013-3526
metadata:
google-query: inurl:"/wp-content/plugins/trafficanalyzer"
tags: cve,cve2013,wordpress,xss,wp-plugin
requests:

2
cves/2013/CVE-2013-4117.yaml
View File

@ -11,6 +11,8 @@ info:
- http://seclists.org/bugtraq/2013/Jul/17
classification:
cve-id: CVE-2013-4117
metadata:
google-query: inurl:"/wp-content/plugins/category-grid-view-gallery"
tags: cve,cve2013,wordpress,xss,wp-plugin
requests:

2
cves/2013/CVE-2013-4625.yaml
View File

@ -13,6 +13,8 @@ info:
remediation: Upgrade to Duplicator 0.4.5 or later.
classification:
cve-id: CVE-2013-4625
metadata:
google-query: inurl:"/wp-content/plugins/duplicator"
tags: cve,cve2013,wordpress,xss,wp-plugin
requests:

2
cves/2013/CVE-2013-7240.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 7.5
cve-id: CVE-2013-7240
cwe-id: CWE-22
metadata:
google-query: inurl:"/wp-content/plugins/advanced-dewplayer/"
tags: cve,cve2013,wordpress,wp-plugin,lfi
requests:

2
cves/2014/CVE-2014-4513.yaml
View File

@ -10,6 +10,8 @@ info:
- http://codevigilant.com/disclosure/wp-plugin-activehelper-livehelp-a3-cross-site-scripting-xss
classification:
cve-id: CVE-2014-4513
metadata:
google-query: inurl:"/wp-content/plugins/activehelper-livehelp"
tags: cve,cve2014,wordpress,xss,wp-plugin
requests:

2
cves/2014/CVE-2014-4536.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 6.1
cve-id: CVE-2014-4536
cwe-id: CWE-79
metadata:
google-query: inurl:"/wp-content/plugins/infusionsoft/Infusionsoft/"
tags: cve,cve2014,wordpress,wp-plugin,xss
requests:

2
cves/2014/CVE-2014-4550.yaml
View File

@ -14,6 +14,8 @@ info:
cvss-score: 6.1
cve-id: CVE-2014-4550
cwe-id: CWE-79
metadata:
google-query: inurl:"/wp-content/plugins/shortcode-ninja"
tags: cve,cve2014,wordpress,wp-plugin,xss
requests:

2
cves/2014/CVE-2014-4592.yaml
View File

@ -14,6 +14,8 @@ info:
cvss-score: 6.1
cve-id: CVE-2014-4592
cwe-id: CWE-79
metadata:
google-query: inurl:"/wp-content/plugins/wp-planet"
tags: cve,cve2014,wordpress,wp-plugin,xss
requests:

2
cves/2014/CVE-2014-4940.yaml
View File

@ -11,6 +11,8 @@ info:
- http://codevigilant.com/disclosure/wp-plugin-tera-chart-local-file-inclusion/
classification:
cve-id: CVE-2014-4940
metadata:
google-query: inurl:"/wp-content/plugins/tera-charts"
tags: cve,cve2014,wordpress,wp-plugin,lfi
requests:

2
cves/2014/CVE-2014-5368.yaml
View File

@ -12,6 +12,8 @@ info:
- http://seclists.org/oss-sec/2014/q3/417
classification:
cve-id: CVE-2014-5368
metadata:
google-query: inurl:"/wp-content/plugins/wp-source-control"
tags: cve,cve2014,wordpress,wp-plugin,lfi
requests:

2
cves/2014/CVE-2014-8799.yaml
View File

@ -12,6 +12,8 @@ info:
- https://wordpress.org/plugins/dukapress/changelog/
classification:
cve-id: CVE-2014-8799
metadata:
google-query: inurl:"/wp-content/plugins/dukapress"
tags: cve,cve2014,wordpress,wp-plugin,lfi
requests:

2
cves/2014/CVE-2014-9094.yaml
View File

@ -12,6 +12,8 @@ info:
- http://web.archive.org/web/20210615134835/https://www.securityfocus.com/bid/68525
classification:
cve-id: CVE-2014-9094
metadata:
google-query: inurl:"/wp-content/plugins/dzs-videogallery"
tags: cve,cve2014,wordpress,xss,wp-plugin
requests:

2
cves/2015/CVE-2015-1000012.yaml
View File

@ -16,6 +16,8 @@ info:
cvss-score: 7.5
cve-id: CVE-2015-1000012
cwe-id: CWE-200
metadata:
google-query: inurl:"/wp-content/plugins/mypixs"
tags: cve,cve2015,wordpress,wp-plugin,lfi
requests:

2
cves/2015/CVE-2015-2807.yaml
View File

@ -12,6 +12,8 @@ info:
- https://wordpress.org/plugins/navis-documentcloud/changelog/
classification:
cve-id: CVE-2015-2807
metadata:
google-query: inurl:"/wp-content/plugins/navis-documentcloud"
tags: cve,cve2015,wordpress,wp-plugin,xss
requests:

2
cves/2015/CVE-2015-4414.yaml
View File

@ -12,6 +12,8 @@ info:
- http://packetstormsecurity.com/files/132266/WordPress-SE-HTML5-Album-Audio-Player-1.1.0-Directory-Traversal.html
classification:
cve-id: CVE-2015-4414
metadata:
google-query: inurl:"/wp-content/plugins/se-html5-album-audio-player"
tags: cve,cve2015,wordpress,wp-plugin,lfi
requests:

2
cves/2015/CVE-2015-4694.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 8.6
cve-id: CVE-2015-4694
cwe-id: CWE-22
metadata:
google-query: inurl:"/wp-content/plugins/zip-attachments"
tags: lfi,wordpress,cve,cve2015,wp-plugin
requests:

2
cves/2015/CVE-2015-5461.yaml
View File

@ -12,6 +12,8 @@ info:
- http://seclists.org/fulldisclosure/2015/Jul/27
classification:
cve-id: CVE-2015-5461
metadata:
google-query: inurl:"/wp-content/plugins/stageshow/"
tags: redirect,cve,cve2015,wordpress,wp-plugin
requests:

2
cves/2015/CVE-2015-5471.yaml
View File

@ -16,6 +16,8 @@ info:
cvss-score: 5.3
cve-id: CVE-2015-5471
cwe-id: CWE-22
metadata:
google-query: inurl:"/wp-content/plugins/wp-swimteam"
tags: cve,cve2015,wordpress,wp-plugin,lfi
requests:

2
cves/2015/CVE-2015-9414.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 6.1
cve-id: CVE-2015-9414
cwe-id: CWE-79
metadata:
google-query: inurl:"/wp-content/plugins/wp-symposium"
tags: cve,cve2015,wordpress,wp-plugin,xss
requests:

2
cves/2015/CVE-2015-9480.yaml
View File

@ -13,6 +13,8 @@ info:
cvss-score: 7.5
cve-id: CVE-2015-9480
cwe-id: CWE-22
metadata:
google-query: inurl:"/wp-content/plugins/robotcpa"
tags: cve,cve2015,wordpress,wp-plugin,lfi
requests:

2
cves/2016/CVE-2016-1000126.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 6.1
cve-id: CVE-2016-1000126
cwe-id: CWE-79
metadata:
google-query: inurl:"/wp-content/plugins/admin-font-editor"
tags: cve,cve2016,wordpress,xss,wp-plugin
requests:

2
cves/2016/CVE-2016-1000128.yaml
View File

@ -13,6 +13,8 @@ info:
cvss-score: 6.1
cve-id: CVE-2016-1000128
cwe-id: CWE-79
metadata:
google-query: inurl:"/wp-content/plugins/anti-plagiarism"
tags: cve,cve2016,wordpress,xss,wp-plugin
requests:

2
cves/2016/CVE-2016-1000129.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 6.1
cve-id: CVE-2016-1000129
cwe-id: CWE-79
metadata:
google-query: inurl:"/wp-content/plugins/defa-online-image-protector"
tags: cve,cve2016,wordpress,xss,wp-plugin
requests:

2
cves/2016/CVE-2016-1000130.yaml
View File

@ -14,6 +14,8 @@ info:
cvss-score: 6.1
cve-id: CVE-2016-1000130
cwe-id: CWE-79
metadata:
google-query: inurl:"/wp-content/plugins/e-search"
tags: cve,cve2016,wordpress,xss,wp-plugin
requests:

2
cves/2016/CVE-2016-1000131.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 6.1
cve-id: CVE-2016-1000131
cwe-id: CWE-79
metadata:
google-query: inurl:"/wp-content/plugins/e-search"
tags: cve,cve2016,wordpress,xss,wp-plugin
requests:

2
cves/2016/CVE-2016-1000132.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 6.1
cve-id: CVE-2016-1000132
cwe-id: CWE-79
metadata:
google-query: inurl:"/wp-content/plugins/enhanced-tooltipglossary"
tags: cve,cve2016,wordpress,xss,wp-plugin
requests:

2
cves/2016/CVE-2016-1000133.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 6.1
cve-id: CVE-2016-1000133
cwe-id: CWE-79
metadata:
google-query: inurl:"/wp-content/plugins/forget-about-shortcode-buttons"
tags: cve,cve2016,wordpress,xss,wp-plugin
requests:

2
cves/2016/CVE-2016-1000134.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 6.1
cve-id: CVE-2016-1000134
cwe-id: CWE-79
metadata:
google-query: inurl:"/wp-content/plugins/hdw-tube"
tags: cve,cve2016,wordpress,xss,wp-plugin
requests:

2
cves/2016/CVE-2016-1000135.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 6.1
cve-id: CVE-2016-1000135
cwe-id: CWE-79
metadata:
google-query: inurl:"/wp-content/plugins/hdw-tube"
tags: cve,cve2016,wordpress,xss,wp-plugin
requests:

2
cves/2016/CVE-2016-1000136.yaml
View File

@ -14,6 +14,8 @@ info:
cvss-score: 6.1
cve-id: CVE-2016-1000136
cwe-id: CWE-79
metadata:
google-query: inurl:"/wp-content/plugins/heat-trackr"
tags: cve,cve2016,wordpress,xss,wp-plugin
requests:

2
cves/2016/CVE-2016-1000138.yaml
View File

@ -14,6 +14,8 @@ info:
cvss-score: 6.1
cve-id: CVE-2016-1000138
cwe-id: CWE-79
metadata:
google-query: inurl:"/wp-content/plugins/indexisto"
tags: cve,cve2016,wordpress,xss,wp-plugin
requests:

2
cves/2016/CVE-2016-1000139.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 6.1
cve-id: CVE-2016-1000139
cwe-id: CWE-79
metadata:
google-query: inurl:"/wp-content/plugins/infusionsoft"
tags: cve,cve2016,wordpress,wp-plugin,xss
requests:

2
cves/2016/CVE-2016-1000141.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 6.1
cve-id: CVE-2016-1000141
cwe-id: CWE-79
metadata:
google-query: inurl:"/wp-content/plugins/page-layout-builder"
tags: cve,cve2016,wordpress,xss,wp-plugin
requests:

2
cves/2016/CVE-2016-10924.yaml
View File

@ -16,6 +16,8 @@ info:
cvss-score: 7.5
cve-id: CVE-2016-10924
cwe-id: CWE-22
metadata:
google-query: inurl:"/wp-content/plugins/ebook-download"
tags: cve,cve2016,wp-plugin,lfi,wordpress,ebook,wp
requests:

2
cves/2016/CVE-2016-10956.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 7.5
cve-id: CVE-2016-10956
cwe-id: CWE-20
metadata:
google-query: inurl:"/wp-content/plugins/mail-masta"
tags: cve,cve2016,wordpress,wp-plugin,lfi,mail
requests:

2
cves/2016/CVE-2016-10960.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 8.8
cve-id: CVE-2016-10960
cwe-id: CWE-20
metadata:
google-query: inurl:"/wp-content/plugins/wsecure"
tags: cve,cve2016,wordpress,wp-plugin,rce
requests: