Merge branch 'projectdiscovery:master' into dashboard
commit
bf17862efc
|
@ -21,7 +21,10 @@ exposed-panels/froxlor-management-panel.yaml
|
|||
exposed-panels/livehelperchat-admin-panel.yaml
|
||||
exposed-panels/nzbget-panel.yaml
|
||||
exposed-panels/ocomon-panel.yaml
|
||||
exposed-panels/parallels/parallels-hsphere-detect.yaml
|
||||
exposed-panels/redhat/redhat-satellite-panel.yaml
|
||||
exposed-panels/royalevent-management-panel.yaml
|
||||
exposed-panels/sas-login-panel.yaml
|
||||
exposed-panels/teamcity-login-panel.yaml
|
||||
exposed-panels/vault-panel.yaml
|
||||
exposed-panels/veeam-panel.yaml
|
||||
|
@ -37,6 +40,8 @@ token-spray/api-segment.yaml
|
|||
vulnerabilities/other/parallels-hsphere-xss.yaml
|
||||
vulnerabilities/other/royalevent/royalevent-management-xss.yaml
|
||||
vulnerabilities/other/royalevent/royalevent-stored-xss.yaml
|
||||
vulnerabilities/other/siteminder-dom-xss.yaml
|
||||
vulnerabilities/wordpress/new-user-approve-xss.yaml
|
||||
vulnerabilities/wordpress/sym404.yaml
|
||||
vulnerabilities/wordpress/wp-all-export-xss.yaml
|
||||
vulnerabilities/wordpress/wpify-woo-czech-xss.yaml
|
||||
|
|
|
@ -6,10 +6,12 @@ info:
|
|||
severity: medium
|
||||
description: The Virtual Keyboard plugin for SquirrelMail is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
|
||||
reference:
|
||||
- http://www.redhat.com/support/errata/RHSA-2002-204.html
|
||||
- http://www.debian.org/security/2002/dsa-191
|
||||
- http://sourceforge.net/project/shownotes.php?group_id=311&release_id=110774
|
||||
- https://www.exploit-db.com/exploits/21811
|
||||
- https://web.archive.org/web/20051124131714/http://archives.neohapsis.com/archives/bugtraq/2002-09/0246.html
|
||||
- http://web.archive.org/web/20210129020617/https://www.securityfocus.com/bid/5763/
|
||||
- http://archives.neohapsis.com/archives/bugtraq/2002-09/0246.html
|
||||
classification:
|
||||
cve-id: CVE-2002-1131
|
||||
tags: xss,squirrelmail,cve,cve2002
|
||||
|
|
|
@ -9,7 +9,6 @@ info:
|
|||
- http://pridels0.blogspot.com/2005/12/cofax-xss-vuln.html
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2005-4385
|
||||
- http://web.archive.org/web/20210121165100/https://www.securityfocus.com/bid/15940/
|
||||
- http://www.securityfocus.com/bid/15940
|
||||
classification:
|
||||
cve-id: CVE-2005-4385
|
||||
tags: cofax,xss,cve,cve2005
|
||||
|
|
|
@ -8,8 +8,8 @@ info:
|
|||
reference:
|
||||
- http://web.archive.org/web/20210217161726/https://www.securityfocus.com/bid/17408/
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2006-1681
|
||||
- http://secunia.com/advisories/19587
|
||||
- http://www.securityfocus.com/bid/17408
|
||||
- http://web.archive.org/web/20140803090438/http://secunia.com/advisories/19587/
|
||||
- http://www.vupen.com/english/advisories/2006/1292
|
||||
classification:
|
||||
cve-id: CVE-2006-1681
|
||||
tags: cherokee,httpd,xss,cve,cve2006
|
||||
|
|
|
@ -9,7 +9,7 @@ info:
|
|||
- https://www.exploit-db.com/exploits/27948
|
||||
- http://squirrelmail.cvs.sourceforge.net/squirrelmail/squirrelmail/functions/global.php?r1=1.27.2.16&r2=1.27.2.17&view=patch&pathrev=SM-1_4-STABLE
|
||||
- http://www.squirrelmail.org/security/issue/2006-06-01
|
||||
- http://secunia.com/advisories/20406
|
||||
- http://web.archive.org/web/20160915101900/http://secunia.com/advisories/20406/
|
||||
classification:
|
||||
cve-id: CVE-2006-2842
|
||||
tags: cve2006,lfi,squirrelmail,cve
|
||||
|
|
|
@ -9,7 +9,6 @@ info:
|
|||
- http://web.archive.org/web/20201208220614/https://www.securityfocus.com/archive/1/459590/100/0/threaded
|
||||
- https://web.archive.org/web/20210119080228/http://www.securityfocus.com/bid/22503
|
||||
- https://exchange.xforce.ibmcloud.com/vulnerabilities/32418
|
||||
- http://www.securityfocus.com/bid/22503
|
||||
classification:
|
||||
cve-id: CVE-2007-0885
|
||||
tags: cve,cve2007,jira,xss
|
||||
|
|
|
@ -9,7 +9,7 @@ info:
|
|||
- https://www.exploit-db.com/exploits/30090
|
||||
- http://lists.grok.org.uk/pipermail/full-disclosure/2007-May/063617.html
|
||||
- http://web.archive.org/web/20210130131735/https://www.securityfocus.com/bid/24182/
|
||||
- http://secunia.com/advisories/25446
|
||||
- http://web.archive.org/web/20161220160642/http://secunia.com/advisories/25446/
|
||||
classification:
|
||||
cve-id: CVE-2007-5728
|
||||
metadata:
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://exchange.xforce.ibmcloud.com/vulnerabilities/42546
|
||||
- http://web.archive.org/web/20210121181851/https://www.securityfocus.com/bid/29291/
|
||||
- http://secunia.com/advisories/30333
|
||||
- http://web.archive.org/web/20140724110348/http://secunia.com/advisories/30333/
|
||||
- http://securityreason.com/securityalert/3896
|
||||
classification:
|
||||
cve-id: CVE-2008-2398
|
||||
|
|
|
@ -9,7 +9,7 @@ info:
|
|||
reference:
|
||||
- http://www.cmsimple.com/forum/viewtopic.php?f=2&t=17
|
||||
- http://web.archive.org/web/20210121182016/https://www.securityfocus.com/bid/29450/
|
||||
- http://secunia.com/advisories/30463
|
||||
- http://web.archive.org/web/20140729144732/http://secunia.com:80/advisories/30463
|
||||
classification:
|
||||
cve-id: CVE-2008-2650
|
||||
tags: cve,cve2008,lfi
|
||||
|
|
|
@ -8,8 +8,8 @@ info:
|
|||
reference:
|
||||
- https://www.exploit-db.com/exploits/7363
|
||||
- http://web.archive.org/web/20210121184707/https://www.securityfocus.com/bid/32670/
|
||||
- http://secunia.com/advisories/33014
|
||||
- http://secunia.com/advisories/33263
|
||||
- http://web.archive.org/web/20160520063306/http://secunia.com/advisories/33014
|
||||
- http://web.archive.org/web/20151104173853/http://secunia.com/advisories/33263
|
||||
classification:
|
||||
cve-id: CVE-2008-5587
|
||||
metadata:
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://www.exploit-db.com/exploits/6809
|
||||
- https://www.cvedetails.com/cve/CVE-2008-6080
|
||||
- http://secunia.com/advisories/32377
|
||||
- http://web.archive.org/web/20140804231654/http://secunia.com/advisories/32377/
|
||||
- http://web.archive.org/web/20210121184101/https://www.securityfocus.com/bid/31877/
|
||||
classification:
|
||||
cve-id: CVE-2008-6080
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://www.exploit-db.com/exploits/6817
|
||||
- https://www.cvedetails.com/cve/CVE-2008-6172
|
||||
- http://secunia.com/advisories/32367
|
||||
- http://web.archive.org/web/20140804232841/http://secunia.com/advisories/32367/
|
||||
- http://web.archive.org/web/20210121184108/https://www.securityfocus.com/bid/31892/
|
||||
classification:
|
||||
cve-id: CVE-2008-6172
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://www.exploit-db.com/exploits/6980
|
||||
- https://www.cvedetails.com/cve/CVE-2008-6222
|
||||
- http://secunia.com/advisories/32523
|
||||
- http://web.archive.org/web/20111223225601/http://secunia.com/advisories/32523/
|
||||
- http://web.archive.org/web/20210121184244/https://www.securityfocus.com/bid/32113/
|
||||
classification:
|
||||
cve-id: CVE-2008-6222
|
||||
|
|
|
@ -9,7 +9,7 @@ info:
|
|||
- https://www.exploit-db.com/exploits/16154
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2009-0932?cpeVersion=2.2
|
||||
- http://cvs.horde.org/co.php/groupware/docs/groupware/CHANGES?r=1.28.2.5
|
||||
- http://secunia.com/advisories/33695
|
||||
- http://web.archive.org/web/20161228102217/http://secunia.com/advisories/33695
|
||||
classification:
|
||||
cve-id: CVE-2009-0932
|
||||
tags: cve,cve2009,horde,lfi,traversal
|
||||
|
|
|
@ -9,7 +9,6 @@ info:
|
|||
- https://www.exploit-db.com/exploits/8367
|
||||
- https://www.cvedetails.com/cve/CVE-2009-1496
|
||||
- http://web.archive.org/web/20210121190149/https://www.securityfocus.com/bid/34431/
|
||||
- http://www.securityfocus.com/bid/34431
|
||||
classification:
|
||||
cve-id: CVE-2009-1496
|
||||
tags: cve,cve2009,joomla,lfi
|
||||
|
|
|
@ -9,7 +9,6 @@ info:
|
|||
- https://www.exploit-db.com/exploits/8946
|
||||
- https://www.cvedetails.com/cve/CVE-2009-2100
|
||||
- http://web.archive.org/web/20210121191226/https://www.securityfocus.com/bid/35378/
|
||||
- http://www.securityfocus.com/bid/35378
|
||||
classification:
|
||||
cve-id: CVE-2009-2100
|
||||
tags: cve,cve2009,joomla,lfi
|
||||
|
|
|
@ -10,7 +10,7 @@ info:
|
|||
- https://www.exploit-db.com/exploits/33440
|
||||
- https://www.cvedetails.com/cve/CVE-2009-4679
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2009-4679
|
||||
- http://secunia.com/advisories/37760
|
||||
- http://web.archive.org/web/20140722130146/http://secunia.com/advisories/37760/
|
||||
classification:
|
||||
cve-id: CVE-2009-4679
|
||||
tags: cve,cve2009,joomla,lfi,nexus
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://www.exploit-db.com/exploits/10943
|
||||
- https://www.cvedetails.com/cve/CVE-2010-0157
|
||||
- http://secunia.com/advisories/37896
|
||||
- http://web.archive.org/web/20151023032409/http://secunia.com/advisories/37896/
|
||||
- http://packetstormsecurity.org/1001-exploits/joomlabiblestudy-lfi.txt
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://www.exploit-db.com/exploits/11447
|
||||
- https://www.cvedetails.com/cve/CVE-2010-0696
|
||||
- http://secunia.com/advisories/38587
|
||||
- http://web.archive.org/web/20140805102632/http://secunia.com/advisories/38587/
|
||||
- http://www.joomlaworks.gr/content/view/77/34/
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://www.exploit-db.com/exploits/11498
|
||||
- https://www.cvedetails.com/cve/CVE-2010-0759
|
||||
- http://secunia.com/advisories/38637
|
||||
- http://web.archive.org/web/20151104183037/http://secunia.com/advisories/38637/
|
||||
- http://web.archive.org/web/20210121194344/https://www.securityfocus.com/bid/38296/
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
|
|
|
@ -9,7 +9,7 @@ info:
|
|||
- https://www.exploit-db.com/exploits/11090
|
||||
- https://www.cvedetails.com/cve/CVE-2010-0943
|
||||
- http://web.archive.org/web/20210121193737/https://www.securityfocus.com/bid/37692/
|
||||
- http://secunia.com/advisories/33486
|
||||
- http://web.archive.org/web/20140724215426/http://secunia.com/advisories/33486/
|
||||
classification:
|
||||
cve-id: CVE-2010-0943
|
||||
tags: cve,cve2010,joomla,lfi
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://www.exploit-db.com/exploits/11738
|
||||
- https://www.cvedetails.com/cve/CVE-2010-0972
|
||||
- http://secunia.com/advisories/38925
|
||||
- http://web.archive.org/web/20140804152652/http://secunia.com/advisories/38925/
|
||||
- http://www.exploit-db.com/exploits/11738
|
||||
remediation: Apply all relevant security patches and product upgrades.
|
||||
classification:
|
||||
|
|
|
@ -9,7 +9,7 @@ info:
|
|||
- https://www.exploit-db.com/exploits/10942
|
||||
- https://www.cvedetails.com/cve/CVE-2010-0982
|
||||
- http://web.archive.org/web/20210121193625/https://www.securityfocus.com/bid/37581/
|
||||
- http://secunia.com/advisories/37917
|
||||
- http://web.archive.org/web/20151104182451/http://secunia.com/advisories/37917/
|
||||
remediation: Apply all relevant security patches and product upgrades.
|
||||
classification:
|
||||
cve-id: CVE-2010-0982
|
||||
|
|
|
@ -9,7 +9,7 @@ info:
|
|||
- https://www.exploit-db.com/exploits/10948
|
||||
- https://www.cvedetails.com/cve/CVE-2010-0985
|
||||
- http://web.archive.org/web/20210623092041/https://www.securityfocus.com/bid/37560
|
||||
- http://www.securityfocus.com/bid/37560
|
||||
- http://www.exploit-db.com/exploits/10948
|
||||
remediation: Apply all relevant security patches and product upgrades.
|
||||
classification:
|
||||
cve-id: CVE-2010-0985
|
||||
|
|
|
@ -9,7 +9,7 @@ info:
|
|||
- https://www.exploit-db.com/exploits/11760
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1056
|
||||
- http://web.archive.org/web/20210121194803/https://www.securityfocus.com/bid/38741/
|
||||
- http://secunia.com/advisories/38982
|
||||
- http://web.archive.org/web/20151023104850/http://secunia.com/advisories/38982/
|
||||
remediation: Apply all relevant security patches and product upgrades.
|
||||
classification:
|
||||
cve-id: CVE-2010-1056
|
||||
|
|
|
@ -9,7 +9,6 @@ info:
|
|||
- https://www.exploit-db.com/exploits/11511
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1081
|
||||
- http://www.corejoomla.com/component/content/article/1-corejoomla-updates/40-community-polls-v153-security-release.html
|
||||
- http://osvdb.org/62506
|
||||
remediation: Apply all relevant security patches and product upgrades.
|
||||
classification:
|
||||
cve-id: CVE-2010-1081
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://www.exploit-db.com/exploits/11757
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1219
|
||||
- http://secunia.com/advisories/38952
|
||||
- http://web.archive.org/web/20161009134632/http://secunia.com/advisories/38952
|
||||
- http://web.archive.org/web/20210617075625/https://www.securityfocus.com/bid/38746
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
|
|
|
@ -9,7 +9,7 @@ info:
|
|||
- https://www.exploit-db.com/exploits/11978
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1302
|
||||
- http://web.archive.org/web/20210121195144/https://www.securityfocus.com/bid/39108/
|
||||
- http://secunia.com/advisories/39200
|
||||
- http://web.archive.org/web/20140805062036/http://secunia.com/advisories/39200/
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
cve-id: CVE-2010-1302
|
||||
|
|
|
@ -9,7 +9,7 @@ info:
|
|||
- https://www.exploit-db.com/exploits/11998
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1304
|
||||
- http://web.archive.org/web/20210518080735/https://www.securityfocus.com/bid/39174
|
||||
- http://www.securityfocus.com/bid/39174
|
||||
- http://www.exploit-db.com/exploits/11998
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
cve-id: CVE-2010-1304
|
||||
|
|
|
@ -9,7 +9,7 @@ info:
|
|||
- https://www.exploit-db.com/exploits/12065
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1305
|
||||
- http://extensions.joomla.org/extensions/e-commerce/shopping-cart/7951
|
||||
- http://secunia.com/advisories/39351
|
||||
- http://web.archive.org/web/20140806165126/http://secunia.com/advisories/39351/
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
cve-id: CVE-2010-1305
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://www.exploit-db.com/exploits/12058
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1306
|
||||
- http://secunia.com/advisories/39338
|
||||
- http://web.archive.org/web/20140805134149/http://secunia.com/advisories/39338/
|
||||
- http://web.archive.org/web/20210121195240/https://www.securityfocus.com/bid/39200/
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://www.exploit-db.com/exploits/12070
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1307
|
||||
- http://secunia.com/advisories/39348
|
||||
- http://web.archive.org/web/20140806154402/http://secunia.com/advisories/39348/
|
||||
- http://www.vupen.com/english/advisories/2010/0806
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://www.exploit-db.com/exploits/12077
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1312
|
||||
- http://secunia.com/advisories/39289
|
||||
- http://web.archive.org/web/20140724200344/http://secunia.com/advisories/39289/
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlanewportal-lfi.txt
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
|
|
|
@ -9,7 +9,7 @@ info:
|
|||
- https://www.exploit-db.com/exploits/12082
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1313
|
||||
- http://web.archive.org/web/20210121195302/https://www.securityfocus.com/bid/39237/
|
||||
- http://www.securityfocus.com/bid/39237
|
||||
- http://www.exploit-db.com/exploits/12082
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
cve-id: CVE-2010-1313
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://www.exploit-db.com/exploits/12086
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1314
|
||||
- http://secunia.com/advisories/39359
|
||||
- http://web.archive.org/web/20140724203458/http://secunia.com/advisories/39359/
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlahsconfig-lfi.txt
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://www.exploit-db.com/exploits/11999
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1315
|
||||
- http://secunia.com/advisories/39209
|
||||
- http://web.archive.org/web/20140801092842/http://secunia.com/advisories/39209/
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlaweberpcustomer-lfi.txt
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://www.exploit-db.com/exploits/12084
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1352
|
||||
- http://secunia.com/advisories/39357
|
||||
- http://web.archive.org/web/20140724194110/http://secunia.com/advisories/39357/
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlajukebox-lfi.txt
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
|
|
|
@ -9,7 +9,7 @@ info:
|
|||
- https://www.exploit-db.com/exploits/12102
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1354
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlavjdeo-lfi.txt
|
||||
- http://secunia.com/advisories/39296
|
||||
- http://web.archive.org/web/20140724190841/http://secunia.com/advisories/39296/
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
cve-id: CVE-2010-1354
|
||||
|
|
|
@ -9,7 +9,7 @@ info:
|
|||
- https://www.exploit-db.com/exploits/12232
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1461
|
||||
- http://web.archive.org/web/20210518110953/https://www.securityfocus.com/bid/39504
|
||||
- http://www.securityfocus.com/bid/39504
|
||||
- http://www.exploit-db.com/exploits/12232
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
cve-id: CVE-2010-1461
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://www.exploit-db.com/exploits/12166
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1470
|
||||
- http://secunia.com/advisories/39405
|
||||
- http://web.archive.org/web/20140723205548/http://secunia.com/advisories/39405/
|
||||
- http://www.exploit-db.com/exploits/12166
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://www.exploit-db.com/exploits/12167
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1472
|
||||
- http://secunia.com/advisories/39406
|
||||
- http://web.archive.org/web/20140723200143/http://secunia.com/advisories/39406/
|
||||
- http://www.exploit-db.com/exploits/12167
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
|
|
|
@ -9,7 +9,7 @@ info:
|
|||
- https://www.exploit-db.com/exploits/12171
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1473
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlaeasyadbanner-lfi.txt
|
||||
- http://secunia.com/advisories/39410
|
||||
- http://web.archive.org/web/20140723213338/http://secunia.com/advisories/39410/
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
cve-id: CVE-2010-1473
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://www.exploit-db.com/exploits/12182
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1474
|
||||
- http://secunia.com/advisories/39388
|
||||
- http://web.archive.org/web/20140723205926/http://secunia.com/advisories/39388/
|
||||
- http://www.exploit-db.com/exploits/12182
|
||||
classification:
|
||||
cve-id: CVE-2010-1474
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://www.exploit-db.com/exploits/12147
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1475
|
||||
- http://secunia.com/advisories/39285
|
||||
- http://web.archive.org/web/20140723203010/http://secunia.com/advisories/39285/
|
||||
- http://www.exploit-db.com/exploits/12147
|
||||
classification:
|
||||
cve-id: CVE-2010-1475
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://www.exploit-db.com/exploits/12145
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1478
|
||||
- http://secunia.com/advisories/39262
|
||||
- http://web.archive.org/web/20140723205157/http://secunia.com/advisories/39262/
|
||||
- http://web.archive.org/web/20210121195422/https://www.securityfocus.com/bid/39390/
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
|
|
|
@ -9,7 +9,7 @@ info:
|
|||
- https://www.exploit-db.com/exploits/12318
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1491
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlammsblog-lfi.txt
|
||||
- http://secunia.com/advisories/39533
|
||||
- http://web.archive.org/web/20140724060325/http://secunia.com/advisories/39533/
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
cve-id: CVE-2010-1491
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://www.exploit-db.com/exploits/12142
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1533
|
||||
- http://secunia.com/advisories/39258
|
||||
- http://web.archive.org/web/20140723212810/http://secunia.com/advisories/39258/
|
||||
- http://www.exploit-db.com/exploits/12142
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
|
|
|
@ -9,7 +9,7 @@ info:
|
|||
- https://www.exploit-db.com/exploits/12067
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1534
|
||||
- http://web.archive.org/web/20210121195246/https://www.securityfocus.com/bid/39213/
|
||||
- http://secunia.com/advisories/39352
|
||||
- http://web.archive.org/web/20140724182459/http://secunia.com/advisories/39352/
|
||||
remediation: Upgrade to a supported version
|
||||
classification:
|
||||
cve-id: CVE-2010-1534
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://www.exploit-db.com/exploits/12151
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1535
|
||||
- http://secunia.com/advisories/39254
|
||||
- http://web.archive.org/web/20140725030342/http://secunia.com/advisories/39254/
|
||||
- http://www.exploit-db.com/exploits/12151
|
||||
classification:
|
||||
cve-id: CVE-2010-1535
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://www.exploit-db.com/exploits/11625
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1540
|
||||
- http://secunia.com/advisories/38777
|
||||
- http://web.archive.org/web/20140721042709/http://secunia.com/advisories/38777/
|
||||
- http://web.archive.org/web/20210121194559/https://www.securityfocus.com/bid/38530/
|
||||
classification:
|
||||
cve-id: CVE-2010-1540
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://www.exploit-db.com/exploits/12236
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1601
|
||||
- http://secunia.com/advisories/39472
|
||||
- http://web.archive.org/web/20140803084823/http://secunia.com/advisories/39472/
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlajacomment-lfi.txt
|
||||
classification:
|
||||
cve-id: CVE-2010-1601
|
||||
|
|
|
@ -9,7 +9,7 @@ info:
|
|||
- https://www.exploit-db.com/exploits/12316
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1607
|
||||
- http://web.archive.org/web/20210121195713/https://www.securityfocus.com/bid/39608/
|
||||
- http://secunia.com/advisories/39539
|
||||
- http://web.archive.org/web/20111227231442/http://secunia.com/advisories/39539/
|
||||
classification:
|
||||
cve-id: CVE-2010-1607
|
||||
tags: cve,cve2010,joomla,lfi
|
||||
|
|
|
@ -9,7 +9,6 @@ info:
|
|||
- https://www.exploit-db.com/exploits/12427
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1658
|
||||
- http://www.vupen.com/english/advisories/2010/1007
|
||||
- http://secunia.com/advisories/39600
|
||||
classification:
|
||||
cve-id: CVE-2010-1658
|
||||
tags: cve,cve2010,joomla,lfi
|
||||
|
|
|
@ -9,7 +9,7 @@ info:
|
|||
- https://www.exploit-db.com/exploits/12168
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1714
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlaarcadegames-lfi.txt
|
||||
- http://secunia.com/advisories/39413
|
||||
- http://web.archive.org/web/20140723192327/http://secunia.com/advisories/39413/
|
||||
classification:
|
||||
cve-id: CVE-2010-1714
|
||||
tags: cve,cve2010,joomla,lfi
|
||||
|
|
|
@ -9,7 +9,6 @@ info:
|
|||
- https://www.exploit-db.com/exploits/12174
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1715
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlaonlineexam-lfi.txt
|
||||
- http://www.osvdb.org/63659
|
||||
classification:
|
||||
cve-id: CVE-2010-1715
|
||||
tags: cve,cve2010,joomla,lfi
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://www.exploit-db.com/exploits/12291
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1717
|
||||
- http://secunia.com/advisories/39526
|
||||
- http://web.archive.org/web/20140805095004/http://secunia.com/advisories/39526/
|
||||
- http://www.vupen.com/english/advisories/2010/0924
|
||||
classification:
|
||||
cve-id: CVE-2010-1717
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://www.exploit-db.com/exploits/12282
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1718
|
||||
- http://secunia.com/advisories/39521
|
||||
- http://web.archive.org/web/20140805094212/http://secunia.com/advisories/39521/
|
||||
- http://web.archive.org/web/20210121195621/https://www.securityfocus.com/bid/39545/
|
||||
classification:
|
||||
cve-id: CVE-2010-1718
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://www.exploit-db.com/exploits/12177
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1722
|
||||
- http://secunia.com/advisories/39409
|
||||
- http://web.archive.org/web/20140723201810/http://secunia.com/advisories/39409/
|
||||
- http://www.exploit-db.com/exploits/12177
|
||||
classification:
|
||||
cve-id: CVE-2010-1722
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://www.exploit-db.com/exploits/12289
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1723
|
||||
- http://secunia.com/advisories/39524
|
||||
- http://web.archive.org/web/20140805101847/http://secunia.com/advisories/39524/
|
||||
- http://www.exploit-db.com/exploits/12289
|
||||
classification:
|
||||
cve-id: CVE-2010-1723
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://www.exploit-db.com/exploits/11851
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1875
|
||||
- http://secunia.com/advisories/39074
|
||||
- http://web.archive.org/web/20140802140355/http://secunia.com/advisories/39074/
|
||||
- http://web.archive.org/web/20210121194939/https://www.securityfocus.com/bid/38912/
|
||||
classification:
|
||||
cve-id: CVE-2010-1875
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://www.exploit-db.com/exploits/12239
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1952
|
||||
- http://secunia.com/advisories/39475
|
||||
- http://web.archive.org/web/20151016194238/http://secunia.com/advisories/39475/
|
||||
- http://www.exploit-db.com/exploits/12239
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
|
|
|
@ -9,7 +9,7 @@ info:
|
|||
- https://www.exploit-db.com/exploits/12238
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1955
|
||||
- http://web.archive.org/web/20210121195552/https://www.securityfocus.com/bid/39508/
|
||||
- http://secunia.com/advisories/39473
|
||||
- http://web.archive.org/web/20140803091440/http://secunia.com/advisories/39473/
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
cve-id: CVE-2010-1955
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://www.exploit-db.com/exploits/12285
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1956
|
||||
- http://secunia.com/advisories/39522
|
||||
- http://web.archive.org/web/20140805105431/http://secunia.com/advisories/39522/
|
||||
- http://www.exploit-db.com/exploits/12285
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
|
|
|
@ -9,7 +9,7 @@ info:
|
|||
- https://www.exploit-db.com/exploits/12083
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1977
|
||||
- http://web.archive.org/web/20210121195306/https://www.securityfocus.com/bid/39243/
|
||||
- http://secunia.com/advisories/39356
|
||||
- http://web.archive.org/web/20140724201603/http://secunia.com/advisories/39356/
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
cve-id: CVE-2010-1977
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://www.exploit-db.com/exploits/12088
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1979
|
||||
- http://secunia.com/advisories/39360
|
||||
- http://web.archive.org/web/20140724185517/http://secunia.com/advisories/39360/
|
||||
- http://www.exploit-db.com/exploits/12088
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://www.exploit-db.com/exploits/12121
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1982
|
||||
- http://secunia.com/advisories/39202
|
||||
- http://web.archive.org/web/20140723233933/http://secunia.com/advisories/39202/
|
||||
- http://web.archive.org/web/20210121195400/https://www.securityfocus.com/bid/39343/
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://packetstormsecurity.com/files/89654/Joomla-Percha-Categories-Tree-0.6-Local-File-Inclusion.html
|
||||
- https://www.cvedetails.com/cve/CVE-2010-2033
|
||||
- http://secunia.com/advisories/39873
|
||||
- http://web.archive.org/web/20140805143014/http://secunia.com/advisories/39873/
|
||||
- http://web.archive.org/web/20210615115919/https://www.securityfocus.com/bid/40244
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://www.exploit-db.com/exploits/12607
|
||||
- https://www.cvedetails.com/cve/CVE-2010-2128
|
||||
- http://secunia.com/advisories/39832
|
||||
- http://web.archive.org/web/20140801195113/http://secunia.com/advisories/39832/
|
||||
- http://www.exploit-db.com/exploits/12607
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://www.exploit-db.com/exploits/10946
|
||||
- https://www.cvedetails.com/cve/CVE-2010-2259
|
||||
- http://secunia.com/advisories/37866
|
||||
- http://web.archive.org/web/20140724121430/http://secunia.com/advisories/37866/
|
||||
- http://www.exploit-db.com/exploits/10946
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
|
|
|
@ -9,7 +9,7 @@ info:
|
|||
- http://web.archive.org/web/20210120195654/https://www.securityfocus.com/bid/40550/info
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-2307
|
||||
- https://www.exploit-db.com/exploits/12865
|
||||
- http://www.osvdb.org/65249
|
||||
- http://www.exploit-db.com/exploits/12865
|
||||
remediation: Upgrade to a supported product version.
|
||||
classification:
|
||||
cve-id: CVE-2010-2307
|
||||
|
|
|
@ -8,8 +8,8 @@ info:
|
|||
reference:
|
||||
- https://www.exploit-db.com/exploits/13981
|
||||
- https://www.cvedetails.com/cve/CVE-2010-2507
|
||||
- http://secunia.com/advisories/40297
|
||||
- http://osvdb.org/65674
|
||||
- http://web.archive.org/web/20140805070317/http://secunia.com/advisories/40297/
|
||||
- http://packetstormsecurity.org/1006-exploits/joomlapicasa2gallery-lfi.txt
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
cve-id: CVE-2010-2507
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://www.exploit-db.com/exploits/14845
|
||||
- https://www.cvedetails.com/cve/CVE-2010-3203
|
||||
- http://secunia.com/advisories/41187
|
||||
- http://web.archive.org/web/20150105095919/http://secunia.com:80/advisories/41187/
|
||||
- http://www.exploit-db.com/exploits/14845
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://www.exploit-db.com/exploits/15585
|
||||
- https://www.cvedetails.com/cve/CVE-2010-4769
|
||||
- http://secunia.com/advisories/42324
|
||||
- http://web.archive.org/web/20140803011658/http://secunia.com/advisories/42324/
|
||||
- http://web.archive.org/web/20210121210048/https://www.securityfocus.com/bid/44992/
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
|
|
|
@ -9,7 +9,7 @@ info:
|
|||
- https://www.exploit-db.com/exploits/34788
|
||||
- https://www.cvedetails.com/cve/CVE-2010-5278
|
||||
- http://packetstormsecurity.org/1009-exploits/modx202pl-lfi.txt
|
||||
- http://secunia.com/advisories/41638
|
||||
- http://web.archive.org/web/20140803154716/http://secunia.com/advisories/41638/
|
||||
classification:
|
||||
cve-id: CVE-2010-5278
|
||||
tags: cve,cve2010,lfi
|
||||
|
|
|
@ -9,7 +9,7 @@ info:
|
|||
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-1669
|
||||
- https://www.exploit-db.com/exploits/17119
|
||||
- http://web.archive.org/web/20210121212348/https://www.securityfocus.com/bid/47146/
|
||||
- http://www.securityfocus.com/bid/47146
|
||||
- http://www.exploit-db.com/exploits/17119
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
cve-id: CVE-2011-1669
|
||||
|
|
|
@ -9,7 +9,7 @@ info:
|
|||
- https://www.exploit-db.com/exploits/35945
|
||||
- https://www.cvedetails.com/cve/CVE-2011-2744
|
||||
- http://www.openwall.com/lists/oss-security/2011/07/13/6
|
||||
- http://secunia.com/advisories/45184
|
||||
- http://web.archive.org/web/20140723162411/http://secunia.com/advisories/45184/
|
||||
classification:
|
||||
cve-id: CVE-2011-2744
|
||||
tags: cve,cve2011,lfi,chyrp
|
||||
|
|
|
@ -11,7 +11,7 @@ info:
|
|||
- http://www.ocert.org/advisories/ocert-2011-001.html
|
||||
- http://www.openwall.com/lists/oss-security/2011/07/13/6
|
||||
- http://web.archive.org/web/20210121214023/https://www.securityfocus.com/bid/48672/
|
||||
- http://secunia.com/advisories/45184
|
||||
- http://web.archive.org/web/20140723162411/http://secunia.com/advisories/45184/
|
||||
- http://securityreason.com/securityalert/8312
|
||||
- https://exchange.xforce.ibmcloud.com/vulnerabilities/68565
|
||||
- http://web.archive.org/web/20201207104106/https://www.securityfocus.com/archive/1/518890/100/0/threaded
|
||||
|
|
|
@ -9,7 +9,6 @@ info:
|
|||
- https://nvd.nist.gov/vuln/detail/CVE-2011-4336
|
||||
- http://web.archive.org/web/20210328232945/https://www.securityfocus.com/bid/48806/info
|
||||
- https://seclists.org/bugtraq/2011/Nov/140
|
||||
- https://www.securityfocus.com/bid/48806/info
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
|
||||
|
|
|
@ -9,7 +9,6 @@ info:
|
|||
- https://nvd.nist.gov/vuln/detail/CVE-2011-4618
|
||||
- http://web.archive.org/web/20210121070605/https://www.securityfocus.com/archive/1/520589
|
||||
- http://wordpress.org/support/topic/wordpress-advanced-text-widget-plugin-cross-site-scripting-vulnerabilities
|
||||
- http://www.securityfocus.com/archive/1/520589
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
cve-id: CVE-2011-4618
|
||||
|
|
|
@ -9,7 +9,6 @@ info:
|
|||
- https://nvd.nist.gov/vuln/detail/CVE-2011-4624
|
||||
- http://www.openwall.com/lists/oss-security/2011/12/23/2
|
||||
- http://plugins.trac.wordpress.org/changeset/469785
|
||||
- http://archives.neohapsis.com/archives/bugtraq/2011-12/0180.html
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
cve-id: CVE-2011-4624
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://www.exploit-db.com/exploits/36598
|
||||
- https://www.cvedetails.com/cve/CVE-2011-4804
|
||||
- http://secunia.com/advisories/46844
|
||||
- http://web.archive.org/web/20140802122115/http://secunia.com/advisories/46844/
|
||||
- http://web.archive.org/web/20210121214308/https://www.securityfocus.com/bid/48944/
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
|
|
|
@ -9,7 +9,6 @@ info:
|
|||
- https://nvd.nist.gov/vuln/detail/CVE-2011-5181
|
||||
- http://web.archive.org/web/20210123155244/https://www.securityfocus.com/bid/50778/
|
||||
- http://wordpress.org/extend/plugins/clickdesk-live-support-chat-plugin/changelog/
|
||||
- http://www.securityfocus.com/bid/50778
|
||||
classification:
|
||||
cve-id: CVE-2011-5181
|
||||
tags: cve,cve2011,wordpress,xss,wp-plugin
|
||||
|
|
|
@ -8,8 +8,7 @@ info:
|
|||
reference:
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2011-5265
|
||||
- http://web.archive.org/web/20210123103000/https://www.securityfocus.com/bid/50779/
|
||||
- http://osvdb.org/77337
|
||||
- http://www.securityfocus.com/bid/50779
|
||||
- https://exchange.xforce.ibmcloud.com/vulnerabilities/71468
|
||||
classification:
|
||||
cve-id: CVE-2011-5265
|
||||
tags: cve,cve2011,wordpress,xss,wp-plugin
|
||||
|
|
|
@ -9,7 +9,7 @@ info:
|
|||
- https://cwiki.apache.org/confluence/display/WW/S2-008 https://blog.csdn.net/weixin_43416469/article/details/113850545
|
||||
- http://www.exploit-db.com/exploits/18329
|
||||
- https://lists.immunityinc.com/pipermail/dailydave/2012-January/000011.html
|
||||
- http://secunia.com/advisories/47393
|
||||
- http://web.archive.org/web/20150110183326/http://secunia.com:80/advisories/47393
|
||||
remediation: Developers should immediately upgrade to at least Struts 2.3.18.
|
||||
classification:
|
||||
cve-id: CVE-2012-0392
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://packetstormsecurity.com/files/108631/
|
||||
- https://www.cvedetails.com/cve/CVE-2012-0896
|
||||
- http://secunia.com/advisories/47529
|
||||
- http://web.archive.org/web/20140804110141/http://secunia.com/advisories/47529/
|
||||
- http://plugins.trac.wordpress.org/changeset/488883/count-per-day
|
||||
classification:
|
||||
cve-id: CVE-2012-0896
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- https://www.exploit-db.com/exploits/18435
|
||||
- https://www.cvedetails.com/cve/CVE-2012-0981
|
||||
- http://secunia.com/advisories/47802
|
||||
- http://web.archive.org/web/20151016200610/http://secunia.com/advisories/47802/
|
||||
- http://www.exploit-db.com/exploits/18435
|
||||
classification:
|
||||
cve-id: CVE-2012-0981
|
||||
|
|
|
@ -9,7 +9,7 @@ info:
|
|||
- https://www.exploit-db.com/exploits/36650
|
||||
- https://www.cvedetails.com/cve/CVE-2012-0991
|
||||
- http://web.archive.org/web/20210121221715/https://www.securityfocus.com/bid/51788/
|
||||
- http://osvdb.org/78729
|
||||
- http://www.open-emr.org/wiki/index.php/OpenEMR_Patches
|
||||
classification:
|
||||
cve-id: CVE-2012-0991
|
||||
tags: cve,cve2012,lfi,openemr,traversal
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A cross-site scripting vulnerability in index.php in the WP-FaceThumb plugin 0.1 for WordPress allows remote attackers to inject arbitrary web script or HTML via the pagination_wp_facethumb parameter.
|
||||
reference:
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2012-2371
|
||||
- http://secunia.com/advisories/49143
|
||||
- http://web.archive.org/web/20140805090129/http://secunia.com/advisories/49143/
|
||||
- http://www.openwall.com/lists/oss-security/2012/05/15/12
|
||||
- http://packetstormsecurity.org/files/112658/WordPress-WP-FaceThumb-Gallery-0.1-Cross-Site-Scripting.html
|
||||
classification:
|
||||
|
|
|
@ -8,8 +8,8 @@ info:
|
|||
reference:
|
||||
- https://www.exploit-db.com/exploits/37129
|
||||
- https://www.cvedetails.com/cve/CVE-2012-4253
|
||||
- http://www.osvdb.org/81609
|
||||
- http://www.osvdb.org/81615
|
||||
- http://packetstormsecurity.org/files/112304/MySQLDumper-1.24.4-LFI-XSS-CSRF-Code-Execution-Traversal.html
|
||||
- https://exchange.xforce.ibmcloud.com/vulnerabilities/75286
|
||||
classification:
|
||||
cve-id: CVE-2012-4253
|
||||
tags: cve,cve2012,lfi
|
||||
|
|
|
@ -8,8 +8,8 @@ info:
|
|||
reference:
|
||||
- http://web.archive.org/web/20210121082432/https://www.securityfocus.com/bid/52841/info
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2012-4889
|
||||
- http://osvdb.org/80873
|
||||
- http://osvdb.org/80872
|
||||
- http://packetstormsecurity.org/files/111474/VL-437.txt
|
||||
- http://www.vulnerability-lab.com/get_content.php?id=437
|
||||
classification:
|
||||
cve-id: CVE-2012-4889
|
||||
tags: cve,cve2012,xss,manageengine
|
||||
|
|
|
@ -8,7 +8,6 @@ info:
|
|||
reference:
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2013-2287
|
||||
- https://www.dognaedis.com/vulns/DGS-SEC-16.html
|
||||
- http://osvdb.org/90840
|
||||
classification:
|
||||
cve-id: CVE-2013-2287
|
||||
tags: cve,cve2013,wordpress,xss,wp-plugin
|
||||
|
|
|
@ -9,7 +9,7 @@ info:
|
|||
- https://nvd.nist.gov/vuln/detail/CVE-2013-4625
|
||||
- https://packetstormsecurity.com/files/122535/WordPress-Duplicator-0.4.4-Cross-Site-Scripting.html
|
||||
- https://seclists.org/bugtraq/2013/Jul/160
|
||||
- http://osvdb.org/95627
|
||||
- https://www.htbridge.com/advisory/HTB23162
|
||||
remediation: Upgrade to Duplicator 0.4.5 or later.
|
||||
classification:
|
||||
cve-id: CVE-2013-4625
|
||||
|
|
|
@ -9,7 +9,7 @@ info:
|
|||
- https://nvd.nist.gov/vuln/detail/CVE-2013-7091
|
||||
- https://www.exploit-db.com/exploits/30085
|
||||
- https://www.exploit-db.com/exploits/30472
|
||||
- http://osvdb.org/100747
|
||||
- http://www.exploit-db.com/exploits/30085
|
||||
classification:
|
||||
cve-id: CVE-2013-7091
|
||||
tags: cve,cve2013,zimbra,lfi
|
||||
|
|
|
@ -9,7 +9,7 @@ info:
|
|||
- https://www.exploit-db.com/exploits/30865
|
||||
- https://www.cvedetails.com/cve/CVE-2014-10037
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2014-10037
|
||||
- http://osvdb.org/show/osvdb/102204
|
||||
- http://www.exploit-db.com/exploits/30865
|
||||
classification:
|
||||
cve-id: CVE-2014-10037
|
||||
tags: cve,cve2014,lfi
|
||||
|
|
|
@ -10,7 +10,7 @@ info:
|
|||
- https://cwiki.apache.org/confluence/display/WW/S2-032
|
||||
- https://struts.apache.org/docs/s2-032.html
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2016-3081
|
||||
- http://www.securitytracker.com/id/1035665
|
||||
- http://web.archive.org/web/20211207042547/https://securitytracker.com/id/1035665
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
|
||||
cvss-score: 8.1
|
||||
|
|
|
@ -8,7 +8,7 @@ info:
|
|||
reference:
|
||||
- http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2017-10075
|
||||
- http://www.securitytracker.com/id/1038940
|
||||
- http://web.archive.org/web/20211206074610/https://securitytracker.com/id/1038940
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:L/A:N
|
||||
cvss-score: 8.2
|
||||
|
|
|
@ -9,7 +9,7 @@ info:
|
|||
- https://seclists.org/fulldisclosure/2018/Mar/5
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2017-12544
|
||||
- https://support.hpe.com/hpsc/doc/public/display?docId=emr_na-hpesbmu03753en_us
|
||||
- http://www.securitytracker.com/id/1039437
|
||||
- http://web.archive.org/web/20211206092413/https://securitytracker.com/id/1039437
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
|
||||
cvss-score: 5.4
|
||||
|
|
|
@ -9,7 +9,7 @@ info:
|
|||
reference:
|
||||
- https://github.com/vulhub/vulhub/tree/master/tomcat/CVE-2017-12615
|
||||
- https://lists.apache.org/thread.html/8fcb1e2d5895413abcf266f011b9918ae03e0b7daceb118ffbf23f8c@%3Cannounce.tomcat.apache.org%3E
|
||||
- http://www.securitytracker.com/id/1039392
|
||||
- http://web.archive.org/web/20211206035549/https://securitytracker.com/id/1039392
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2017-12615
|
||||
- http://web.archive.org/web/20210616200000/https://www.securityfocus.com/bid/100901
|
||||
classification:
|
||||
|
|
|
@ -10,7 +10,7 @@ info:
|
|||
- https://twitter.com/sec715/status/1406779605055270914
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2017-12794
|
||||
- https://www.djangoproject.com/weblog/2017/sep/05/security-releases/
|
||||
- http://www.securitytracker.com/id/1039264
|
||||
- http://web.archive.org/web/20211207172022/https://securitytracker.com/id/1039264
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
|
||||
cvss-score: 6.1
|
||||
|
|
|
@ -10,7 +10,7 @@ info:
|
|||
- https://www.cvedetails.com/cve/CVE-2017-8917/
|
||||
- https://developer.joomla.org/security-centre/692-20170501-core-sql-injection.html
|
||||
- http://web.archive.org/web/20210421142819/https://www.securityfocus.com/bid/98515
|
||||
- http://www.securitytracker.com/id/1038522
|
||||
- http://web.archive.org/web/20211207050608/https://securitytracker.com/id/1038522
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
||||
cvss-score: 9.8
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue