TemplateMan Update [Mon Sep 18 12:45:28 UTC 2023] 🤖
parent
9d36f78437
commit
aa3659d49d
|
@ -5,6 +5,8 @@ info:
|
|||
author: SleepingBag945
|
||||
severity: critical
|
||||
description: There is an arbitrary method calling vulnerability in UFIDA NC and NCC systems. By exploiting the vulnerability through uapjs (jsinvoke), dangerous methods can be called to cause attacks.
|
||||
metadata:
|
||||
max-request: 2
|
||||
tags: cvnd,cvnd2023,yonyou,rce
|
||||
|
||||
http:
|
||||
|
|
|
@ -11,8 +11,8 @@ info:
|
|||
- https://github.com/zan8in/afrog/blob/main/v2/pocs/afrog-pocs/vulnerability/smartbi-default-user-weakpass.yaml
|
||||
- https://github.com/Threekiii/Awesome-POC/blob/master/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/Smartbi%20%E7%99%BB%E5%BD%95%E7%BB%95%E8%BF%87%E6%BC%8F%E6%B4%9E.md
|
||||
metadata:
|
||||
max-request: 1
|
||||
fofa-query: app="SMARTBI"
|
||||
max-request: 2
|
||||
verified: true
|
||||
tags: smartbi,default-login
|
||||
|
||||
|
|
|
@ -9,9 +9,9 @@ info:
|
|||
reference:
|
||||
- https://github.com/zan8in/afrog/blob/main/v2/pocs/afrog-pocs/vulnerability/realor-gwt-system-sql-injection.yaml
|
||||
metadata:
|
||||
fofa-query: app="REALOR-天翼应用虚拟化系统"
|
||||
max-request: 2
|
||||
verified: "true"
|
||||
fofa-query: 'app="REALOR-天翼应用虚拟化系统"'
|
||||
max-request: 1
|
||||
tags: realor,sqli
|
||||
|
||||
http:
|
||||
|
|
|
@ -8,8 +8,8 @@ info:
|
|||
reference:
|
||||
- https://github.com/zan8in/afrog/blob/main/v2/pocs/afrog-pocs/vulnerability/ruijie-nbr-fileupload.yaml
|
||||
metadata:
|
||||
max-request: 1
|
||||
fofa-query: app="Ruijie-NBR路由器"
|
||||
max-request: 2
|
||||
verified: true
|
||||
tags: ruijie,file-upload,intrusive,nbr
|
||||
|
||||
|
|
|
@ -10,9 +10,9 @@ info:
|
|||
- https://peiqi.wgpsec.org/wiki/iot/%E5%A5%87%E5%AE%89%E4%BF%A1/%E7%BD%91%E7%A5%9E%20SecGate%203600%20%E9%98%B2%E7%81%AB%E5%A2%99%20obj_app_upfile%20%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0%E6%BC%8F%E6%B4%9E.html
|
||||
- https://github.com/PeiQi0/PeiQi-WIKI-Book/blob/main/docs/wiki/iot/%E5%A5%87%E5%AE%89%E4%BF%A1/%E7%BD%91%E7%A5%9E%20SecGate%203600%20%E9%98%B2%E7%81%AB%E5%A2%99%20obj_app_upfile%20%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0%E6%BC%8F%E6%B4%9E.md
|
||||
metadata:
|
||||
fofa-query: fid="1Lh1LHi6yfkhiO83I59AYg=="
|
||||
max-request: 2
|
||||
verified: "true"
|
||||
fofa-query: 'fid="1Lh1LHi6yfkhiO83I59AYg=="'
|
||||
max-request: 1
|
||||
tags: secgate,3600,firewall,file-upload,intrusive
|
||||
|
||||
variables:
|
||||
|
|
|
@ -10,8 +10,8 @@ info:
|
|||
- https://github.com/achuna33/MYExploit/blob/8ffbf7ee60cbd77ad90b0831b93846aba224ab29/src/main/java/com/achuna33/Controllers/SeeyonController.java
|
||||
- https://github.com/Threekiii/Awesome-POC/blob/master/OA%E4%BA%A7%E5%93%81%E6%BC%8F%E6%B4%9E/%E8%87%B4%E8%BF%9COA%20A6%20createMysql.jsp%20%E6%95%B0%E6%8D%AE%E5%BA%93%E6%95%8F%E6%84%9F%E4%BF%A1%E6%81%AF%E6%B3%84%E9%9C%B2.md
|
||||
metadata:
|
||||
max-request: 1
|
||||
fofa-query: title="致远A8+协同管理软件.A6"
|
||||
max-request: 2
|
||||
verified: true
|
||||
tags: seeyon,oa,info-leak
|
||||
|
||||
|
|
|
@ -11,8 +11,8 @@ info:
|
|||
- http://wiki.peiqi.tech/wiki/oa/致远OA/致远OA%20wpsAssistServlet%20任意文件上传漏洞.html
|
||||
- https://github.com/Threekiii/Awesome-POC/blob/master/OA%E4%BA%A7%E5%93%81%E6%BC%8F%E6%B4%9E/%E8%87%B4%E8%BF%9COA%20wpsAssistServlet%20%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0%E6%BC%8F%E6%B4%9E.md
|
||||
metadata:
|
||||
max-request: 1
|
||||
fofa-query: app="致远互联-OA" && title="V8.0SP2"
|
||||
max-request: 2
|
||||
verified: true
|
||||
tags: seeyon,oa,file-upload,intrusive
|
||||
|
||||
|
|
|
@ -11,8 +11,8 @@ info:
|
|||
- https://github.com/zan8in/afrog/blob/main/v2/pocs/afrog-pocs/vulnerability/smartbi-windowunloading-other.yaml
|
||||
- https://github.com/Threekiii/Awesome-POC/blob/master/Web%E5%BA%94%E7%94%A8%E6%BC%8F%E6%B4%9E/Smartbi%20%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E.md
|
||||
metadata:
|
||||
max-request: 1
|
||||
fofa-query: app="SMARTBI"
|
||||
max-request: 2
|
||||
verified: true
|
||||
tags: smartbi,deserialization
|
||||
|
||||
|
|
|
@ -10,9 +10,9 @@ info:
|
|||
- https://github.com/PeiQi0/PeiQi-WIKI-Book/blob/main/docs/wiki/oa/%E9%80%9A%E8%BE%BEOA/%E9%80%9A%E8%BE%BEOA%20v2017%20action_upload.php%20%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0%E6%BC%8F%E6%B4%9E.md
|
||||
- https://github.com/shadow1ng/fscan/blob/main/WebScan/pocs/tongda-v2017-uploadfile.yml
|
||||
metadata:
|
||||
max-request: 1
|
||||
verified: true
|
||||
fofa-query: app="TDXK-通达OA"
|
||||
max-request: 2
|
||||
verified: true
|
||||
tags: tongda,fileupload,intrusive,router
|
||||
|
||||
variables:
|
||||
|
|
|
@ -9,8 +9,8 @@ info:
|
|||
reference:
|
||||
- https://github.com/zan8in/afrog/blob/main/v2/pocs/afrog-pocs/vulnerability/tongda-oa-api-ali-upload.yaml
|
||||
metadata:
|
||||
max-request: 1
|
||||
fofa-query: app="TDXK-通达OA"
|
||||
max-request: 3
|
||||
verified: true
|
||||
tags: tongda,oa,fileupload
|
||||
|
||||
|
|
|
@ -9,8 +9,8 @@ info:
|
|||
reference:
|
||||
- https://github.com/Threekiii/Awesome-POC/blob/master/OA%E4%BA%A7%E5%93%81%E6%BC%8F%E6%B4%9E/%E9%80%9A%E8%BE%BEOA%20v11.8%20getway.php%20%E8%BF%9C%E7%A8%8B%E6%96%87%E4%BB%B6%E5%8C%85%E5%90%AB%E6%BC%8F%E6%B4%9E.md
|
||||
metadata:
|
||||
max-request: 1
|
||||
fofa-query: app="TDXK-通达OA"
|
||||
max-request: 2
|
||||
verified: true
|
||||
tags: tongda,rfi
|
||||
|
||||
|
|
|
@ -9,9 +9,9 @@ info:
|
|||
reference:
|
||||
- https://github.com/PeiQi0/PeiQi-WIKI-Book/blob/main/docs/wiki/oa/%E9%80%9A%E8%BE%BEOA/%E9%80%9A%E8%BE%BEOA%20v11.6%20insert%20SQL%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E.md
|
||||
metadata:
|
||||
max-request: 1
|
||||
verified: true
|
||||
fofa-query: app="TDXK-通达OA"
|
||||
max-request: 2
|
||||
verified: true
|
||||
tags: tongda,sqli
|
||||
|
||||
http:
|
||||
|
|
|
@ -9,9 +9,9 @@ info:
|
|||
reference:
|
||||
- https://github.com/cqr-cryeye-forks/goby-pocs/blob/main/Topsec-TopAppLB-Any-account-Login.json
|
||||
metadata:
|
||||
max-request: 1
|
||||
verified: true
|
||||
fofa-query: title="TopApp-LB 负载均衡系统"
|
||||
max-request: 2
|
||||
verified: true
|
||||
tags: topsec,topapplb,auth-bypass
|
||||
|
||||
http:
|
||||
|
|
|
@ -10,6 +10,7 @@ info:
|
|||
- http://wiki.peiqi.tech/wiki/oa/%E6%B3%9B%E5%BE%AEOA/%E6%B3%9B%E5%BE%AEOA%20E-Cology%20VerifyQuickLogin.jsp%20%E4%BB%BB%E6%84%8F%E7%AE%A1%E7%90%86%E5%91%98%E7%99%BB%E5%BD%95%E6%BC%8F%E6%B4%9E.html
|
||||
metadata:
|
||||
fofa-query: app="泛微-协同办公OA"
|
||||
max-request: 1
|
||||
tags: ecology,weaver,oa,auth-bypass
|
||||
|
||||
http:
|
||||
|
|
|
@ -6,6 +6,8 @@ info:
|
|||
severity: high
|
||||
description: |
|
||||
In the validate.jsp file of the Panwei e-cology OA system, the parameter capitalid is not strictly filtered, which can lead to SQL injection vulnerabilities. An attacker can use this vulnerability to remotely send carefully constructed SQL statements without authorization, thereby obtaining sensitive database information.
|
||||
metadata:
|
||||
max-request: 1
|
||||
tags: ecology,weaver,sqli
|
||||
|
||||
variables:
|
||||
|
|
|
@ -9,10 +9,10 @@ info:
|
|||
reference:
|
||||
- https://peiqi.wgpsec.org/wiki/oa/%E6%B3%9B%E5%BE%AEOA/%E6%B3%9B%E5%BE%AEOA%20E-Bridge%20saveYZJFile%20%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E8%AF%BB%E5%8F%96%E6%BC%8F%E6%B4%9E.html
|
||||
metadata:
|
||||
max-request: 1
|
||||
verified: true
|
||||
shodan-query: eBridge_JSessionid
|
||||
fofa-query: app="泛微云桥e-Bridge"
|
||||
max-request: 4
|
||||
shodan-query: eBridge_JSessionid
|
||||
verified: true
|
||||
tags: eBridge,weaver,oa,lfi,lfr,intrusive
|
||||
|
||||
http:
|
||||
|
|
|
@ -7,10 +7,10 @@ info:
|
|||
description: |
|
||||
Weaver BeanShell contains a remote command execution vulnerability in the bsh.servlet.BshServlet program.
|
||||
metadata:
|
||||
max-request: 1
|
||||
verified: true
|
||||
shodan-query: ecology_JSessionid
|
||||
fofa-query: app="泛微-协同办公OA"
|
||||
max-request: 2
|
||||
shodan-query: ecology_JSessionid
|
||||
verified: true
|
||||
tags: beanshell,rce,weaver
|
||||
|
||||
http:
|
||||
|
|
|
@ -10,8 +10,8 @@ info:
|
|||
- http://wiki.peiqi.tech/wiki/oa/泛微OA/泛微OA%20E-Office%20group_xml.php%20SQL注入漏洞.html
|
||||
- https://github.com/PeiQi0/PeiQi-WIKI-Book/blob/main/docs/wiki/oa/%E6%B3%9B%E5%BE%AEOA/%E6%B3%9B%E5%BE%AEOA%20E-Office%20group_xml.php%20SQL%E6%B3%A8%E5%85%A5%E6%BC%8F%E6%B4%9E.md
|
||||
metadata:
|
||||
max-request: 1
|
||||
fofa-query: app="泛微-EOffice"
|
||||
max-request: 2
|
||||
verified: true
|
||||
tags: weaver,e-office,oa,sqli
|
||||
|
||||
|
|
|
@ -7,8 +7,8 @@ info:
|
|||
reference:
|
||||
- https://github.com/w-digital-scanner/w9scan/blob/master/plugins/weaver_oa/2158.py
|
||||
metadata:
|
||||
max-request: 1
|
||||
fofa-query: app="泛微-EOffice"
|
||||
max-request: 3
|
||||
verified: true
|
||||
tags: weaver,e-office,oa,instrusive,rce
|
||||
|
||||
|
|
|
@ -7,8 +7,8 @@ info:
|
|||
reference:
|
||||
- https://github.com/w-digital-scanner/w9scan/blob/master/plugins/weaver_oa/2158.py
|
||||
metadata:
|
||||
max-request: 1
|
||||
fofa-query: app="泛微-EOffice"
|
||||
max-request: 3
|
||||
verified: true
|
||||
tags: weaver,e-office,intrusive,rce,file-upload
|
||||
|
||||
|
|
|
@ -5,7 +5,7 @@ info:
|
|||
author: SleepingBag945
|
||||
severity: high
|
||||
metadata:
|
||||
max-request: 1
|
||||
max-request: 2
|
||||
shodan-query: http.html:"E-Mobile"
|
||||
tags: weaver,e-mobile,oa
|
||||
|
||||
|
|
|
@ -9,8 +9,8 @@ info:
|
|||
reference:
|
||||
- https://github.com/PeiQi0/PeiQi-WIKI-Book/blob/main/docs/wiki/oa/%E6%B3%9B%E5%BE%AEOA/%E6%B3%9B%E5%BE%AEOA%20E-Office%20OfficeServer.php%20%E4%BB%BB%E6%84%8F%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0%E6%BC%8F%E6%B4%9E.md
|
||||
metadata:
|
||||
max-request: 1
|
||||
fofa-query: app="泛微-EOffice"
|
||||
max-request: 2
|
||||
verified: true
|
||||
tags: weaver,e-office,oa,rce,intrusive,fileupload
|
||||
|
||||
|
|
|
@ -7,8 +7,8 @@ info:
|
|||
reference:
|
||||
- https://github.com/w-digital-scanner/w9scan/blob/master/plugins/weaver_oa/2158.py
|
||||
metadata:
|
||||
max-request: 1
|
||||
fofa-query: app="泛微-EOffice"
|
||||
max-request: 3
|
||||
verified: true
|
||||
tags: weaver,e-office,oa,instrusive,rce
|
||||
|
||||
|
|
|
@ -11,6 +11,7 @@ info:
|
|||
- https://github.com/zan8in/afrog/blob/main/v2/pocs/afrog-pocs/vulnerability/weaver-oa-workrelate-file-upload.yaml
|
||||
metadata:
|
||||
fofa-query: app="泛微-协同办公OA"
|
||||
max-request: 3
|
||||
tags: ecology,fileupload,intrusive
|
||||
|
||||
variables:
|
||||
|
|
|
@ -11,6 +11,7 @@ info:
|
|||
- https://github.com/MrWQ/vulnerability-paper/blob/7551f7584bd35039028b1d9473a00201ed18e6b2/bugs/%E7%95%85%E6%8D%B7%E9%80%9A%20T%2B%20%E8%BF%9C%E7%A8%8B%E5%91%BD%E4%BB%A4%E6%89%A7%E8%A1%8C%E6%BC%8F%E6%B4%9E.md
|
||||
metadata:
|
||||
fofa-query: app="畅捷通-TPlus"
|
||||
max-request: 1
|
||||
verified: true
|
||||
tags: chanjettplus,rce
|
||||
|
||||
|
|
|
@ -5,12 +5,12 @@ info:
|
|||
author: SleepingBag945
|
||||
severity: medium
|
||||
description: |
|
||||
There is a directory traversal vulnerability in the templateOfTaohong_manager.jsp file of UFIDA FE collaborative office platform. Through the vulnerability, attackers can obtain directory files and other information, leading to further attacks.
|
||||
There is a directory traversal vulnerability in the templateOfTaohong_manager.jsp file of UFIDA FE collaborative office platform. Through the vulnerability, attackers can obtain directory files and other information, leading to further attacks.
|
||||
reference:
|
||||
- https://github.com/PeiQi0/PeiQi-WIKI-Book/blob/main/docs/wiki/oa/%E7%94%A8%E5%8F%8BOA/%E7%94%A8%E5%8F%8B%20FE%E5%8D%8F%E4%BD%9C%E5%8A%9E%E5%85%AC%E5%B9%B3%E5%8F%B0%20templateOfTaohong_manager.jsp%20%E7%9B%AE%E5%BD%95%E9%81%8D%E5%8E%86%E6%BC%8F%E6%B4%9E.md
|
||||
metadata:
|
||||
max-request: 2
|
||||
fofa-query: "FE协作"
|
||||
fofa-query: FE协作
|
||||
max-request: 1
|
||||
verified: true
|
||||
tags: yonyou,fe,lfi
|
||||
|
||||
|
|
|
@ -9,8 +9,8 @@ info:
|
|||
reference:
|
||||
- https://github.com/zan8in/afrog/blob/main/v2/pocs/afrog-pocs/vulnerability/yonyou-nc-arbitrary-file-upload.yaml
|
||||
metadata:
|
||||
max-request: 1
|
||||
fofa-query: app="用友-UFIDA-NC"
|
||||
max-request: 2
|
||||
verified: true
|
||||
tags: yonyou,file-upload,intrusive
|
||||
|
||||
|
|
|
@ -7,6 +7,8 @@ info:
|
|||
description: UFIDA GRP-u8 has an XXE vulnerability. This vulnerability is caused by the application not loading external entities when parsing XML input, resulting in the loading of external SQL statements and command execution.
|
||||
reference:
|
||||
- http://wiki.peiqi.tech/wiki/oa/%E7%94%A8%E5%8F%8BOA/%E7%94%A8%E5%8F%8B%20GRP-U8%20Proxy%20SQL%E6%B3%A8%E5%85%A5%20CNNVD-201610-923.html
|
||||
metadata:
|
||||
max-request: 1
|
||||
tags: yonyou,grp,xxe,sqli
|
||||
|
||||
variables:
|
||||
|
|
|
@ -10,6 +10,7 @@ info:
|
|||
- https://github.com/lal0ne/vulnerability/blob/c0985107adfd91d85fbd76d9a8acf8fbfa98ed41/YonyouNC/ncDecode/README.md
|
||||
metadata:
|
||||
fofa-query: icon_hash="1085941792"
|
||||
max-request: 2
|
||||
verified: true
|
||||
tags: yonyou,intrusive,fileupload
|
||||
|
||||
|
|
Loading…
Reference in New Issue