daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

removing empty spaces

patch-1
sandeep 2021-03-12 01:46:35 +05:30
parent e676bcb9ab
commit b7618db673
4 changed files with 5 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
cves/2018/CVE-2018-18778.yaml
View File

@ -12,7 +12,7 @@ requests:
- raw:
- |+
GET /etc/passwd HTTP/1.1
Host:
Host:
Content-Length: 4
unsafe: true

6
cves/2020/CVE-2020-16952.yaml
View File

@ -5,16 +5,12 @@ info:
author: dwisiswant0
severity: critical
description: A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka 'Microsoft SharePoint Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-16951.
reference:
reference:
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16952
- https://srcincite.io/pocs/cve-2020-16952.py.txt
- https://github.com/rapid7/metasploit-framework/blob/1a341ae93191ac5f6d8a9603aebb6b3a1f65f107/documentation/modules/exploit/windows/http/sharepoint_ssi_viewstate.md
tags: cve,cve2020,sharepoint,iis
# This template supports the detection part only. See reference.
# Reference:
# - https://srcincite.io/pocs/cve-2020-16952.py.txt
requests:
- method: GET
path:

2
cves/2020/CVE-2020-17518.yaml
View File

@ -6,7 +6,7 @@ info:
severity: critical
reference: https://github.com/vulhub/vulhub/tree/master/flink/CVE-2020-17518
description: |
Apache Flink 1.5.1 introduced a REST handler that allows you to write an uploaded file to an arbitrary location on the local file system,
Apache Flink 1.5.1 introduced a REST handler that allows you to write an uploaded file to an arbitrary location on the local file system,
through a maliciously modified HTTP HEADER.
tags: cve,cve2020,apache,traversal

4
cves/2020/CVE-2020-17530.yaml
View File

@ -4,7 +4,7 @@ info:
name: Apache Struts RCE
author: pikpikcu
severity: critical
reference:
reference:
- http://packetstormsecurity.com/files/160721/Apache-Struts-2-Forced-Multi-OGNL-Evaluation.html
- http://jvn.jp/en/jp/JVN43969166/index.html
- https://cwiki.apache.org/confluence/display/WW/S2-061
@ -12,7 +12,7 @@ info:
tags: cve,cve2020,apache,rce,struts
description: |
Forced OGNL evaluation, when evaluated on raw user input in tag attributes, may lead to remote code execution. Affected software : Apache Struts 2.0.0 - Struts 2.5.25.
requests:
- method: GET
path: