Merge branch 'main' into master
commit
c4b2175c5a
|
@ -0,0 +1,30 @@
|
|||
# Set to true to add reviewers to pull requests
|
||||
addReviewers: true
|
||||
|
||||
# Set to true to add assignees to pull requests
|
||||
addAssignees: true
|
||||
|
||||
# A list of reviewers to be added to pull requests (GitHub user name)
|
||||
reviewers:
|
||||
- ritikchaddha
|
||||
- DhiyaneshGeek
|
||||
- pussycat0x
|
||||
|
||||
# A number of reviewers added to the pull request
|
||||
# Set 0 to add all the reviewers (default: 0)
|
||||
numberOfReviewers: 1
|
||||
|
||||
# A list of assignees, overrides reviewers if set
|
||||
assignees:
|
||||
- DhiyaneshGeek
|
||||
- pussycat0x
|
||||
- ritikchaddha
|
||||
|
||||
# A number of assignees to add to the pull request
|
||||
# Set to 0 to add all of the assignees.
|
||||
# Uses numberOfReviewers if unset.
|
||||
numberOfAssignees: 1
|
||||
|
||||
# A list of keywords to be skipped the process that add reviewers if pull requests include it
|
||||
# skipKeywords:
|
||||
# - wip
|
|
@ -0,0 +1,19 @@
|
|||
# To get started with Dependabot version updates, you'll need to specify which
|
||||
# package ecosystems to update and where the package manifests are located.
|
||||
# Please see the documentation for all configuration options:
|
||||
# https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
|
||||
|
||||
version: 2
|
||||
updates:
|
||||
|
||||
# Maintain dependencies for GitHub Actions
|
||||
- package-ecosystem: "github-actions"
|
||||
directory: "/"
|
||||
schedule:
|
||||
interval: "weekly"
|
||||
target-branch: "main"
|
||||
commit-message:
|
||||
prefix: "chore"
|
||||
include: "scope"
|
||||
labels:
|
||||
- "Type: Maintenance"
|
|
@ -0,0 +1,93 @@
|
|||
package main
|
||||
|
||||
import (
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
"os"
|
||||
"path/filepath"
|
||||
"strings"
|
||||
|
||||
"gopkg.in/yaml.v3"
|
||||
)
|
||||
|
||||
type Classification struct {
|
||||
CVSSScore string `yaml:"cvss-score,omitempty"`
|
||||
}
|
||||
|
||||
type Info struct {
|
||||
Name string `yaml:"name"`
|
||||
Severity string `yaml:"severity"`
|
||||
Description string `yaml:"description"`
|
||||
Classification Classification `yaml:"classification,omitempty"`
|
||||
}
|
||||
|
||||
type Data struct {
|
||||
ID string `yaml:"id"`
|
||||
Info Info `yaml:"info"`
|
||||
FilePath string `json:"file_path"`
|
||||
}
|
||||
|
||||
func main() {
|
||||
if len(os.Args) != 3 {
|
||||
fmt.Println("Usage: go run main.go <directory> <output_file>")
|
||||
os.Exit(1)
|
||||
}
|
||||
|
||||
directory := os.Args[1]
|
||||
outputFile := os.Args[2]
|
||||
|
||||
var data []Data
|
||||
|
||||
err := filepath.Walk(directory, func(path string, info os.FileInfo, err error) error {
|
||||
if strings.HasSuffix(path, ".yaml") || strings.HasSuffix(path, ".yml") {
|
||||
yamlFile, err := ioutil.ReadFile(path)
|
||||
if err != nil {
|
||||
fmt.Printf("Error reading YAML file %s: %v\n", path, err)
|
||||
return err
|
||||
}
|
||||
|
||||
var d Data
|
||||
err = yaml.Unmarshal(yamlFile, &d)
|
||||
if err != nil {
|
||||
fmt.Printf("Error unmarshalling YAML file %s: %v\n", path, err)
|
||||
return err
|
||||
}
|
||||
if d.Info.Classification.CVSSScore == "" {
|
||||
d.Info.Classification.CVSSScore = "N/A"
|
||||
}
|
||||
if d.Info.Classification == (Classification{}) {
|
||||
d.Info.Classification.CVSSScore = "N/A"
|
||||
}
|
||||
fpath := strings.Replace(path, "/home/runner/work/nuclei-templates/nuclei-templates/", "", 1)
|
||||
d.FilePath = fpath
|
||||
|
||||
data = append(data, d)
|
||||
}
|
||||
return nil
|
||||
})
|
||||
|
||||
if err != nil {
|
||||
fmt.Printf("Error reading directory: %v\n", err)
|
||||
os.Exit(1)
|
||||
}
|
||||
|
||||
var jsonData []byte
|
||||
for _, d := range data {
|
||||
temp, err := json.Marshal(d)
|
||||
if err != nil {
|
||||
fmt.Printf("Error marshalling JSON: %v\n", err)
|
||||
os.Exit(1)
|
||||
}
|
||||
jsonData = append(jsonData, temp...)
|
||||
jsonData = append(jsonData, byte('\n'))
|
||||
}
|
||||
err = ioutil.WriteFile(outputFile, jsonData, 0644)
|
||||
if err != nil {
|
||||
fmt.Printf("Error writing JSON data to file: %v\n", err)
|
||||
os.Exit(1)
|
||||
}
|
||||
|
||||
fmt.Println("JSON data written to", outputFile)
|
||||
}
|
||||
|
|
@ -10,6 +10,10 @@ jobs:
|
|||
deploy:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
# Wait for 5 minutes
|
||||
- name: Wait for 2 minutes
|
||||
run: sleep 120
|
||||
|
||||
- name: Purge cache
|
||||
uses: jakejarvis/cloudflare-purge-action@master
|
||||
env:
|
||||
|
|
|
@ -3,28 +3,26 @@ name: ✍🏻 CVE Annotate
|
|||
on:
|
||||
push:
|
||||
branches:
|
||||
- master
|
||||
- main
|
||||
paths:
|
||||
- 'cves/**.yaml'
|
||||
workflow_dispatch:
|
||||
|
||||
jobs:
|
||||
docs:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: actions/checkout@v3
|
||||
with:
|
||||
fetch-depth: 0
|
||||
|
||||
- name: Get Github tag
|
||||
id: meta
|
||||
run: |
|
||||
curl --silent "https://api.github.com/repos/projectdiscovery/nuclei/releases/latest" | jq -r .tag_name | xargs -I {} echo TAG={} >> $GITHUB_OUTPUT
|
||||
- name: Set up Go
|
||||
uses: actions/setup-go@v4
|
||||
with:
|
||||
go-version: 1.19
|
||||
|
||||
- name: Setup CVE annotate
|
||||
if: steps.meta.outputs.TAG != ''
|
||||
env:
|
||||
VERSION: ${{ steps.meta.outputs.TAG }}
|
||||
run: |
|
||||
wget -q https://github.com/projectdiscovery/nuclei/releases/download/${VERSION}/cve-annotate.zip
|
||||
sudo unzip cve-annotate.zip -d /usr/local/bin
|
||||
working-directory: /tmp
|
||||
- name: cve-annotate install
|
||||
run: go install -v github.com/projectdiscovery/nuclei/v2/cmd/cve-annotate@latest
|
||||
|
||||
- name: Generate CVE Annotations
|
||||
id: cve-annotate
|
||||
|
|
|
@ -0,0 +1,40 @@
|
|||
name: Generate JSON Metadata of CVE Templates
|
||||
|
||||
on:
|
||||
push:
|
||||
branches:
|
||||
- main
|
||||
paths:
|
||||
- 'cves/**'
|
||||
workflow_dispatch: # allows manual triggering of the workflow
|
||||
|
||||
jobs:
|
||||
cve2json:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@master
|
||||
- name: Set up Go
|
||||
uses: actions/setup-go@v4
|
||||
with:
|
||||
go-version: 1.19
|
||||
check-latest: true
|
||||
|
||||
- name: Run yaml2json.go to generate cves.json
|
||||
run: |
|
||||
go env -w GO111MODULE=off
|
||||
go get gopkg.in/yaml.v3
|
||||
go run .github/scripts/yaml2json.go $GITHUB_WORKSPACE/cves/ cves.json
|
||||
md5sum cves.json | cut -d' ' -f1 > cves.json-checksum.txt
|
||||
|
||||
- name: Commit files
|
||||
run: |
|
||||
git pull
|
||||
git add cves.json cves.json-checksum.txt
|
||||
git config --local user.email "action@github.com"
|
||||
git config --local user.name "GitHub Action"
|
||||
git commit -m "Auto Generated cves.json [$(date)] :robot:" -a
|
||||
|
||||
- name: Push changes
|
||||
uses: ad-m/github-push-action@master
|
||||
with:
|
||||
github_token: ${{ secrets.GITHUB_TOKEN }}
|
|
@ -3,7 +3,9 @@ name: 🥳 New Template List
|
|||
on:
|
||||
push:
|
||||
branches:
|
||||
- master
|
||||
- main
|
||||
paths:
|
||||
- '**.yaml'
|
||||
workflow_dispatch:
|
||||
|
||||
jobs:
|
||||
|
|
|
@ -22,7 +22,7 @@ jobs:
|
|||
fetch-depth: 0
|
||||
|
||||
- name: Set up Python
|
||||
uses: actions/setup-python@v2
|
||||
uses: actions/setup-python@v4
|
||||
with:
|
||||
python-version: "3.8"
|
||||
|
||||
|
|
|
@ -1,6 +1,10 @@
|
|||
name: ❄️ YAML Lint
|
||||
|
||||
on: [push, pull_request]
|
||||
on:
|
||||
pull_request:
|
||||
paths:
|
||||
- '**.yaml'
|
||||
workflow_dispatch:
|
||||
|
||||
jobs:
|
||||
build:
|
||||
|
@ -8,7 +12,7 @@ jobs:
|
|||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- name: Yamllint
|
||||
uses: karancode/yamllint-github-action@master
|
||||
uses: karancode/yamllint-github-action@v2.1.1
|
||||
with:
|
||||
yamllint_config_filepath: .yamllint
|
||||
yamllint_strict: false
|
||||
|
|
|
@ -2,18 +2,21 @@ name: 📝 Template Checksum
|
|||
|
||||
on:
|
||||
push:
|
||||
tags:
|
||||
- '*'
|
||||
workflow_dispatch:
|
||||
branches:
|
||||
- main
|
||||
paths:
|
||||
- '**.yaml'
|
||||
workflow_dispatch: # allows manual triggering of the workflow
|
||||
|
||||
jobs:
|
||||
build:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@master
|
||||
- uses: actions/setup-go@v2
|
||||
- name: Set up Go
|
||||
uses: actions/setup-go@v4
|
||||
with:
|
||||
go-version: 1.18
|
||||
go-version: 1.19
|
||||
|
||||
- name: install checksum generator
|
||||
run: |
|
||||
|
@ -35,4 +38,3 @@ jobs:
|
|||
uses: ad-m/github-push-action@master
|
||||
with:
|
||||
github_token: ${{ secrets.GITHUB_TOKEN }}
|
||||
branch: master
|
|
@ -3,16 +3,19 @@ name: 📑 Template-DB Indexer
|
|||
on:
|
||||
push:
|
||||
branches:
|
||||
- master
|
||||
- main
|
||||
paths:
|
||||
- '**.yaml'
|
||||
workflow_dispatch:
|
||||
|
||||
jobs:
|
||||
index:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/setup-go@v2
|
||||
- name: Set up Go
|
||||
uses: actions/setup-go@v4
|
||||
with:
|
||||
go-version: 1.17
|
||||
go-version: 1.19
|
||||
|
||||
- name: Installing Indexer
|
||||
run: |
|
||||
|
|
|
@ -1,26 +1,26 @@
|
|||
name: 🛠 Template Validate
|
||||
|
||||
on: [ push, pull_request ]
|
||||
on:
|
||||
pull_request:
|
||||
paths:
|
||||
- '**.yaml'
|
||||
workflow_dispatch:
|
||||
|
||||
jobs:
|
||||
build:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@v2
|
||||
- uses: actions/checkout@v3
|
||||
with:
|
||||
fetch-depth: 0
|
||||
|
||||
- name: Get Github tag
|
||||
id: meta
|
||||
run: |
|
||||
curl --silent "https://api.github.com/repos/projectdiscovery/nuclei/releases/latest" | jq -r .tag_name | xargs -I {} echo TAG={} >> $GITHUB_OUTPUT
|
||||
- name: Set up Go
|
||||
uses: actions/setup-go@v4
|
||||
with:
|
||||
go-version: 1.19
|
||||
|
||||
- name: Setup Nuclei
|
||||
if: steps.meta.outputs.TAG != ''
|
||||
env:
|
||||
VERSION: ${{ steps.meta.outputs.TAG }}
|
||||
run: |
|
||||
wget -q https://github.com/projectdiscovery/nuclei/releases/download/${VERSION}/nuclei_${VERSION:1}_linux_amd64.zip
|
||||
sudo unzip nuclei*.zip -d /usr/local/bin
|
||||
working-directory: /tmp
|
||||
- name: nuclei install
|
||||
run: go install -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei@latest
|
||||
|
||||
- name: Template Validation
|
||||
run: |
|
||||
|
|
|
@ -10,10 +10,14 @@ jobs:
|
|||
build:
|
||||
runs-on: ubuntu-latest
|
||||
steps:
|
||||
- uses: actions/checkout@master
|
||||
- uses: actions/setup-go@v2
|
||||
- uses: actions/checkout@v3
|
||||
with:
|
||||
go-version: 1.18
|
||||
fetch-depth: 0
|
||||
|
||||
- name: Set up Go
|
||||
uses: actions/setup-go@v4
|
||||
with:
|
||||
go-version: 1.19
|
||||
|
||||
- name: Installing Template Stats
|
||||
run: |
|
||||
|
@ -52,4 +56,3 @@ jobs:
|
|||
uses: ad-m/github-push-action@master
|
||||
with:
|
||||
github_token: ${{ secrets.GITHUB_TOKEN }}
|
||||
branch: master
|
|
@ -1,8 +1,10 @@
|
|||
name: ✨ WordPress Plugins - Update
|
||||
|
||||
on:
|
||||
schedule:
|
||||
- cron: "0 4 * * *" # every day at 4am UTC
|
||||
workflow_dispatch:
|
||||
|
||||
jobs:
|
||||
Update:
|
||||
runs-on: ubuntu-latest
|
||||
|
|
|
@ -0,0 +1,3 @@
|
|||
exposed-panels/aspect-control-panel.yaml
|
||||
misconfiguration/default-spx-key.yaml
|
||||
network/enumeration/beanstalk-service.yaml
|
|
@ -33,6 +33,5 @@ files:
|
|||
- cves/2020/CVE-2020-2036.yaml
|
||||
- cves/2020/CVE-2020-28351.yaml
|
||||
- cves/2021/CVE-2021-35265.yaml
|
||||
- vulnerabilities/generic/basic-xss-prober.yaml
|
||||
- vulnerabilities/oracle/oracle-ebs-xss.yaml
|
||||
- vulnerabilities/other/nginx-module-vts-xss.yaml
|
|
@ -3,7 +3,9 @@ extends: default
|
|||
|
||||
ignore: |
|
||||
.pre-commit-config.yml
|
||||
.github/workflows/*.yml
|
||||
.github/
|
||||
.git/
|
||||
*.yml
|
||||
|
||||
rules:
|
||||
document-start: disable
|
||||
|
@ -15,3 +17,5 @@ rules:
|
|||
require-starting-space: true
|
||||
ignore-shebangs: true
|
||||
min-spaces-from-content: 1
|
||||
empty-lines:
|
||||
max: 5
|
24
README.md
24
README.md
|
@ -41,19 +41,19 @@ An overview of the nuclei template project, including statistics on unique tags,
|
|||
## Nuclei Templates Top 10 statistics
|
||||
|
||||
| TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT |
|
||||
|-----------|-------|---------------|-------|------------------|-------|----------|-------|---------|-------|
|
||||
| cve | 1552 | dhiyaneshdk | 701 | cves | 1529 | info | 1671 | http | 4330 |
|
||||
| panel | 780 | daffainfo | 662 | exposed-panels | 782 | high | 1152 | file | 78 |
|
||||
| edb | 582 | pikpikcu | 344 | vulnerabilities | 520 | medium | 837 | network | 77 |
|
||||
| exposure | 551 | pdteam | 274 | misconfiguration | 361 | critical | 552 | dns | 17 |
|
||||
| xss | 543 | geeknik | 206 | technologies | 322 | low | 281 | | |
|
||||
| lfi | 519 | pussycat0x | 172 | exposures | 308 | unknown | 25 | | |
|
||||
| wordpress | 471 | dwisiswant0 | 171 | token-spray | 236 | | | | |
|
||||
| cve2021 | 370 | 0x_akoko | 170 | workflows | 190 | | | | |
|
||||
| wp-plugin | 366 | ritikchaddha | 164 | default-logins | 116 | | | | |
|
||||
| tech | 360 | princechaddha | 153 | file | 78 | | | | |
|
||||
|-----------|-------|--------------|-------|------------------|-------|----------|-------|---------|-------|
|
||||
| cve | 1734 | dhiyaneshdk | 799 | cves | 1713 | info | 2807 | http | 5646 |
|
||||
| panel | 870 | dwisiswant0 | 793 | exposed-panels | 862 | high | 1216 | file | 117 |
|
||||
| wordpress | 756 | daffainfo | 662 | osint | 630 | medium | 984 | network | 88 |
|
||||
| exposure | 652 | pikpikcu | 353 | technologies | 561 | critical | 645 | dns | 18 |
|
||||
| wp-plugin | 647 | pdteam | 276 | vulnerabilities | 550 | low | 215 | | |
|
||||
| osint | 635 | pussycat0x | 234 | misconfiguration | 428 | unknown | 24 | | |
|
||||
| xss | 608 | geeknik | 219 | exposures | 374 | | | | |
|
||||
| tech | 598 | ricardomaia | 214 | token-spray | 240 | | | | |
|
||||
| edb | 595 | ritikchaddha | 195 | workflows | 190 | | | | |
|
||||
| lfi | 533 | 0x_akoko | 179 | default-logins | 127 | | | | |
|
||||
|
||||
**335 directories, 5229 files**.
|
||||
**380 directories, 6318 files**.
|
||||
|
||||
</td>
|
||||
</tr>
|
||||
|
|
File diff suppressed because one or more lines are too long
5451
TEMPLATES-STATS.md
5451
TEMPLATES-STATS.md
File diff suppressed because it is too large
Load Diff
22
TOP-10.md
22
TOP-10.md
|
@ -1,12 +1,12 @@
|
|||
| TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT |
|
||||
|-----------|-------|---------------|-------|------------------|-------|----------|-------|---------|-------|
|
||||
| cve | 1552 | dhiyaneshdk | 701 | cves | 1529 | info | 1671 | http | 4330 |
|
||||
| panel | 780 | daffainfo | 662 | exposed-panels | 782 | high | 1152 | file | 78 |
|
||||
| edb | 582 | pikpikcu | 344 | vulnerabilities | 520 | medium | 837 | network | 77 |
|
||||
| exposure | 551 | pdteam | 274 | misconfiguration | 361 | critical | 552 | dns | 17 |
|
||||
| xss | 543 | geeknik | 206 | technologies | 322 | low | 281 | | |
|
||||
| lfi | 519 | pussycat0x | 172 | exposures | 308 | unknown | 25 | | |
|
||||
| wordpress | 471 | dwisiswant0 | 171 | token-spray | 236 | | | | |
|
||||
| cve2021 | 370 | 0x_akoko | 170 | workflows | 190 | | | | |
|
||||
| wp-plugin | 366 | ritikchaddha | 164 | default-logins | 116 | | | | |
|
||||
| tech | 360 | princechaddha | 153 | file | 78 | | | | |
|
||||
|-----------|-------|--------------|-------|------------------|-------|----------|-------|---------|-------|
|
||||
| cve | 1734 | dhiyaneshdk | 799 | cves | 1713 | info | 2807 | http | 5646 |
|
||||
| panel | 870 | dwisiswant0 | 793 | exposed-panels | 862 | high | 1216 | file | 117 |
|
||||
| wordpress | 756 | daffainfo | 662 | osint | 630 | medium | 984 | network | 88 |
|
||||
| exposure | 652 | pikpikcu | 353 | technologies | 561 | critical | 645 | dns | 18 |
|
||||
| wp-plugin | 647 | pdteam | 276 | vulnerabilities | 550 | low | 215 | | |
|
||||
| osint | 635 | pussycat0x | 234 | misconfiguration | 428 | unknown | 24 | | |
|
||||
| xss | 608 | geeknik | 219 | exposures | 374 | | | | |
|
||||
| tech | 598 | ricardomaia | 214 | token-spray | 240 | | | | |
|
||||
| edb | 595 | ritikchaddha | 195 | workflows | 190 | | | | |
|
||||
| lfi | 533 | 0x_akoko | 179 | default-logins | 127 | | | | |
|
||||
|
|
|
@ -0,0 +1,68 @@
|
|||
id: CNVD-2020-26585
|
||||
|
||||
info:
|
||||
name: Showdoc <2.8.6 - File Uploads
|
||||
author: pikpikcu,Co5mos
|
||||
severity: critical
|
||||
description: |
|
||||
ShowDoc is an online API and technical documentation tool that is very suitable for IT teams. Showdoc has a file upload vulnerability, which attackers can exploit to gain server permissions.
|
||||
reference:
|
||||
- https://vul.wangan.com/a/CNVD-2020-26585
|
||||
- https://blog.csdn.net/qq_48985780/article/details/122211136
|
||||
- https://github.com/star7th/showdoc/pull/1059
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L
|
||||
cvss-score: 9.9
|
||||
cwe-id: CWE-434
|
||||
metadata:
|
||||
verified: true
|
||||
fofa-query: app="ShowDoc"
|
||||
tags: cnvd,cnvd2020,showdoc,fileupload
|
||||
|
||||
requests:
|
||||
- raw:
|
||||
- |
|
||||
POST /index.php?s=/home/page/uploadImg HTTP/1.1
|
||||
Host: {{Hostname}}
|
||||
Content-Type: multipart/form-data; boundary=--------------------------835846770881083140190633
|
||||
|
||||
----------------------------835846770881083140190633
|
||||
Content-Disposition: form-data; name="editormd-image-file"; filename="{{randstr}}.<>txt"
|
||||
Content-Type: text/plain
|
||||
|
||||
test{{randstr}}
|
||||
----------------------------835846770881083140190633--
|
||||
|
||||
- |
|
||||
GET /Public//Uploads//{{date}}//{{file}} HTTP/1.1
|
||||
Host: {{Hostname}}
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: word
|
||||
part: body
|
||||
words:
|
||||
- "test{{randstr}}"
|
||||
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
||||
|
||||
extractors:
|
||||
- type: regex
|
||||
name: date
|
||||
part: body
|
||||
group: 1
|
||||
regex:
|
||||
- '(\d{4}-\d{2}-\d{2})\\/([a-f0-9]+\.txt)'
|
||||
internal: true
|
||||
|
||||
- type: regex
|
||||
name: file
|
||||
part: body
|
||||
group: 2
|
||||
regex:
|
||||
- '(\d{4}-\d{2}-\d{2})\\/([a-f0-9]+\.txt)'
|
||||
internal: true
|
||||
|
||||
# Enhanced by mp on 2022/05/30
|
|
@ -4,12 +4,12 @@ info:
|
|||
name: EEA - Information Disclosure
|
||||
author: pikpikcu
|
||||
severity: high
|
||||
description: EEA is susceptible to information disclosure.
|
||||
description: EEA is susceptible to information disclosure including the username and password.
|
||||
reference:
|
||||
- https://www.cnvd.org.cn/flaw/show/CNVD-2021-10543
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
||||
cvss-score: 5.3
|
||||
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
|
||||
cvss-score: 7.5
|
||||
cwe-id: CWE-200
|
||||
tags: config,exposure,cnvd,cnvd2021
|
||||
|
||||
|
|
|
@ -34,7 +34,7 @@ requests:
|
|||
internal: true
|
||||
group: 1
|
||||
regex:
|
||||
- '"verify_string":"(.*)"'
|
||||
- '"verify_string":"(.*?)"'
|
||||
|
||||
req-condition: true
|
||||
matchers:
|
||||
|
|
|
@ -0,0 +1 @@
|
|||
0b8c136254be187cf0afeb350ba4ff03
|
|
@ -7,7 +7,6 @@ info:
|
|||
description: Joomla! RSfiles 1.0.2 and earlier is susceptible to local file inclusion in index.php in the RSfiles component (com_rsfiles). This could allow remote attackers to arbitrarily read files via a .. (dot dot) in the path parameter in a files.display action.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/4307
|
||||
- https://www.cvedetails.com/cve/CVE-2007-4504
|
||||
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36222
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2007-4504
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,6 @@ info:
|
|||
description: Joomla! Image Browser 0.1.5 rc2 is susceptible to local file inclusion via com_imagebrowser which could allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the folder parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/6618
|
||||
- https://www.cvedetails.com/cve/CVE-2008-4668
|
||||
- http://web.archive.org/web/20210121183742/https://www.securityfocus.com/bid/31458/
|
||||
- http://securityreason.com/securityalert/4464
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2008-4668
|
||||
|
|
|
@ -7,7 +7,6 @@ info:
|
|||
description: Joomla! 2.0.0 RC2 and earlier are susceptible to local file inclusion in the eXtplorer module (com_extplorer) that allows remote attackers to read arbitrary files via a .. (dot dot) in the dir parameter in a show_error action.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/5435
|
||||
- https://www.cvedetails.com/cve/CVE-2008-4764
|
||||
- http://web.archive.org/web/20210121181347/https://www.securityfocus.com/bid/28764/
|
||||
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41873
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2008-4764
|
||||
|
|
|
@ -7,7 +7,6 @@ info:
|
|||
description: Joomla! ionFiles 4.4.2 is susceptible to local file inclusion in download.php in the ionFiles (com_ionfiles) that allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/6809
|
||||
- https://www.cvedetails.com/cve/CVE-2008-6080
|
||||
- http://web.archive.org/web/20140804231654/http://secunia.com/advisories/32377/
|
||||
- http://web.archive.org/web/20210121184101/https://www.securityfocus.com/bid/31877/
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2008-6080
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in captcha/captcha_image.php in the RWCards (com_rwcards) 3.0.11 component for Joomla! when magic_quotes_gpc is disabled allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the img parameter.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/6817
|
||||
- https://www.cvedetails.com/cve/CVE-2008-6172
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2008-6172
|
||||
- http://web.archive.org/web/20140804232841/http://secunia.com/advisories/32367/
|
||||
- http://web.archive.org/web/20210121184108/https://www.securityfocus.com/bid/31892/
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,6 @@ info:
|
|||
description: Joomla! Pro Desk Support Center (com_pro_desk) component 1.0 and 1.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the include_file parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/6980
|
||||
- https://www.cvedetails.com/cve/CVE-2008-6222
|
||||
- http://web.archive.org/web/20111223225601/http://secunia.com/advisories/32523/
|
||||
- http://web.archive.org/web/20210121184244/https://www.securityfocus.com/bid/32113/
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2008-6222
|
||||
|
|
|
@ -7,7 +7,6 @@ info:
|
|||
description: Joomla! Ideal MooFAQ 1.0 via com_moofaq allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter (local file inclusion).
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/8898
|
||||
- https://www.cvedetails.com/cve/CVE-2009-2015
|
||||
- http://web.archive.org/web/20210121191105/https://www.securityfocus.com/bid/35259/
|
||||
- http://www.vupen.com/english/advisories/2009/1530
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2009-2015
|
||||
|
|
|
@ -7,7 +7,6 @@ info:
|
|||
description: Joomla! JoomlaPraise Projectfork (com_projectfork) 2.0.10 allows remote attackers to read arbitrary files via local file inclusion in the section parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/8946
|
||||
- https://www.cvedetails.com/cve/CVE-2009-2100
|
||||
- http://web.archive.org/web/20210121191226/https://www.securityfocus.com/bid/35378/
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2009-2100
|
||||
|
||||
|
|
|
@ -7,7 +7,6 @@ info:
|
|||
description: Joomla! Agora 3.0.0b (com_agora) allows remote attackers to include and execute arbitrary local files via local file inclusion in the action parameter to the avatars page, reachable through index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/9564
|
||||
- https://www.cvedetails.com/cve/CVE-2009-3053
|
||||
- https://web.archive.org/web/20210120183330/https://www.securityfocus.com/bid/36207/
|
||||
- https://exchange.xforce.ibmcloud.com/vulnerabilities/52964
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2009-3053
|
||||
|
|
|
@ -7,9 +7,9 @@ info:
|
|||
description: Joomla! Roland Breedveld Album 1.14 (com_album) is susceptible to local file inclusion because it allows remote attackers to access arbitrary directories and have unspecified other impact via a .. (dot dot) in the target parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/9706
|
||||
- https://www.cvedetails.com/cve/CVE-2009-3318
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2009-3318
|
||||
- https://web.archive.org/web/20210121192413/https://www.securityfocus.com/bid/36441/
|
||||
- http://www.exploit-db.com/exploits/9706
|
||||
classification:
|
||||
cve-id: CVE-2009-3318
|
||||
tags: joomla,lfi,edb,cve,cve2009
|
||||
|
|
|
@ -8,9 +8,9 @@ info:
|
|||
Joomla! Portfolio Nexus 1.5 contains a remote file inclusion vulnerability in the inertialFATE iF (com_if_nexus) component that allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/33440
|
||||
- https://www.cvedetails.com/cve/CVE-2009-4679
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2009-4679
|
||||
- http://web.archive.org/web/20140722130146/http://secunia.com/advisories/37760/
|
||||
- http://www.exploit-db.com/exploits/10754
|
||||
classification:
|
||||
cve-id: CVE-2009-4679
|
||||
tags: cve,cve2009,joomla,lfi,nexus,edb
|
||||
|
|
|
@ -26,6 +26,6 @@ requests:
|
|||
- type: regex
|
||||
part: header
|
||||
regex:
|
||||
- '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
|
||||
- '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1
|
||||
|
||||
# Enhanced by mp on 2022/02/13
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in wgarcmin.cgi in WebGlimpse 2.18.7 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the DOC parameter.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/36994
|
||||
- https://www.cvedetails.com/cve/CVE-2009-5114
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2009-5114
|
||||
- http://websecurity.com.ua/2628/
|
||||
- https://exchange.xforce.ibmcloud.com/vulnerabilities/74321
|
||||
remediation: Apply all relevant security patches and product upgrades.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Bible Study (com_biblestudy) component 6.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter in a studieslist action to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/10943
|
||||
- https://www.cvedetails.com/cve/CVE-2010-0157
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-0157
|
||||
- http://web.archive.org/web/20151023032409/http://secunia.com/advisories/37896/
|
||||
- http://packetstormsecurity.org/1001-exploits/joomlabiblestudy-lfi.txt
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the ccNewsletter (com_ccnewsletter) component 1.0.5 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a ccnewsletter action to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11282
|
||||
- https://www.cvedetails.com/cve/CVE-2010-0467
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-0467
|
||||
- http://web.archive.org/web/20210121194037/https://www.securityfocus.com/bid/37987/
|
||||
- http://www.chillcreations.com/en/blog/ccnewsletter-joomla-newsletter/ccnewsletter-106-security-release.html
|
||||
remediation: Apply all relevant security patches and upgrades.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in includes/download.php in the JoomlaWorks AllVideos (Jw_allVideos) plugin 3.0 through 3.2 for Joomla! allows remote attackers to read arbitrary files via a ./../.../ (modified dot dot) in the file parameter.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11447
|
||||
- https://www.cvedetails.com/cve/CVE-2010-0696
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-0696
|
||||
- http://web.archive.org/web/20140805102632/http://secunia.com/advisories/38587/
|
||||
- http://www.joomlaworks.gr/content/view/77/34/
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php in the Core Design Scriptegrator plugin 1.4.1 for Joomla! allows remote attackers to read, and possibly include and execute, arbitrary files via directory traversal sequences in the files[] parameter.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11498
|
||||
- https://www.cvedetails.com/cve/CVE-2010-0759
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-0759
|
||||
- http://web.archive.org/web/20151104183037/http://secunia.com/advisories/38637/
|
||||
- http://web.archive.org/web/20210121194344/https://www.securityfocus.com/bid/38296/
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: Directory traversal vulnerability in the jVideoDirect (com_jvideodirect) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11089
|
||||
- https://www.cvedetails.com/cve/CVE-2010-0942
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-0942
|
||||
- http://packetstormsecurity.org/1001-exploits/joomlajvideodirect-traversal.txt
|
||||
remediation: Apply all relevant security patches and product upgrades.
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the JA Showcase (com_jashowcase) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a jashowcase action to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11090
|
||||
- https://www.cvedetails.com/cve/CVE-2010-0943
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-0943
|
||||
- http://web.archive.org/web/20210121193737/https://www.securityfocus.com/bid/37692/
|
||||
- http://web.archive.org/web/20140724215426/http://secunia.com/advisories/33486/
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the JCollection (com_jcollection) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11088
|
||||
- https://www.cvedetails.com/cve/CVE-2010-0944
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-0944
|
||||
- http://packetstormsecurity.org/1001-exploits/joomlajcollection-traversal.txt
|
||||
- http://www.exploit-db.com/exploits/11088
|
||||
remediation: Apply all relevant security patches and product upgrades.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the GCalendar (com_gcalendar) component 2.1.5 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11738
|
||||
- https://www.cvedetails.com/cve/CVE-2010-0972
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-0972
|
||||
- http://web.archive.org/web/20140804152652/http://secunia.com/advisories/38925/
|
||||
- http://www.exploit-db.com/exploits/11738
|
||||
remediation: Apply all relevant security patches and product upgrades.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the CARTwebERP (com_cartweberp) component 1.56.75 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/10942
|
||||
- https://www.cvedetails.com/cve/CVE-2010-0982
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-0982
|
||||
- http://web.archive.org/web/20210121193625/https://www.securityfocus.com/bid/37581/
|
||||
- http://web.archive.org/web/20151104182451/http://secunia.com/advisories/37917/
|
||||
remediation: Apply all relevant security patches and product upgrades.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Abbreviations Manager (com_abbrev) component 1.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/10948
|
||||
- https://www.cvedetails.com/cve/CVE-2010-0985
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-0985
|
||||
- http://web.archive.org/web/20210623092041/https://www.securityfocus.com/bid/37560
|
||||
- http://www.exploit-db.com/exploits/10948
|
||||
remediation: Apply all relevant security patches and product upgrades.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the RokDownloads (com_rokdownloads) component before 1.0.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11760
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1056
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1056
|
||||
- http://web.archive.org/web/20210121194803/https://www.securityfocus.com/bid/38741/
|
||||
- http://web.archive.org/web/20151023104850/http://secunia.com/advisories/38982/
|
||||
remediation: Apply all relevant security patches and product upgrades.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Community Polls (com_communitypolls) component 1.5.2, and possibly earlier, for Core Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11511
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1081
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1081
|
||||
- http://www.corejoomla.com/component/content/article/1-corejoomla-updates/40-community-polls-v153-security-release.html
|
||||
remediation: Apply all relevant security patches and product upgrades.
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the JE Form Creator (com_jeformcr) component for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via directory traversal sequences in the view parameter to index.php. NOTE -- the original researcher states that the affected product is JE Tooltip, not Form Creator; however, the exploit URL suggests that Form Creator is affected.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11814
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1217
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1217
|
||||
- http://www.packetstormsecurity.org/1003-exploits/joomlajetooltip-lfi.txt
|
||||
- http://web.archive.org/web/20210624111408/https://www.securityfocus.com/bid/38866
|
||||
remediation: Apply all relevant security patches and product upgrades.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the JA News (com_janews) component 1.0 for Joomla! allows remote attackers to read arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11757
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1219
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1219
|
||||
- http://web.archive.org/web/20161009134632/http://secunia.com/advisories/38952
|
||||
- http://web.archive.org/web/20210617075625/https://www.securityfocus.com/bid/38746
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in dwgraphs.php in the DecryptWeb DW Graphs (com_dwgraphs) component 1.0 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11978
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1302
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1302
|
||||
- http://web.archive.org/web/20210121195144/https://www.securityfocus.com/bid/39108/
|
||||
- http://web.archive.org/web/20140805062036/http://secunia.com/advisories/39200/
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in userstatus.php in the User Status (com_userstatus) component 1.21.16 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11998
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1304
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1304
|
||||
- http://web.archive.org/web/20210518080735/https://www.securityfocus.com/bid/39174
|
||||
- http://www.exploit-db.com/exploits/11998
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in jinventory.php in the JInventory (com_jinventory) component 1.23.02 and possibly other versions before 1.26.03, a module for Joomla!, allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12065
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1305
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1305
|
||||
- http://extensions.joomla.org/extensions/e-commerce/shopping-cart/7951
|
||||
- http://web.archive.org/web/20140806165126/http://secunia.com/advisories/39351/
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Picasa (com_joomlapicasa2) component 2.0 and 2.0.5 for Joomla! allows remote attackers to read arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12058
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1306
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1306
|
||||
- http://web.archive.org/web/20140805134149/http://secunia.com/advisories/39338/
|
||||
- http://web.archive.org/web/20210121195240/https://www.securityfocus.com/bid/39200/
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Magic Updater (com_joomlaupdater) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12070
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1307
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1307
|
||||
- http://web.archive.org/web/20140806154402/http://secunia.com/advisories/39348/
|
||||
- http://www.vupen.com/english/advisories/2010/0806
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the SVMap (com_svmap) component 1.1.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12066
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1308
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1308
|
||||
- http://www.vupen.com/english/advisories/2010/0809
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the iJoomla News Portal (com_news_portal) component 1.5.x for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12077
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1312
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1312
|
||||
- http://web.archive.org/web/20140724200344/http://secunia.com/advisories/39289/
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlanewportal-lfi.txt
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Seber Cart (com_sebercart) component 1.0.0.12 and 1.0.0.13 for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12082
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1313
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1313
|
||||
- http://web.archive.org/web/20210121195302/https://www.securityfocus.com/bid/39237/
|
||||
- http://www.exploit-db.com/exploits/12082
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Highslide JS (com_hsconfig) component 1.5 and 2.0.9 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12086
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1314
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1314
|
||||
- http://web.archive.org/web/20140724203458/http://secunia.com/advisories/39359/
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlahsconfig-lfi.txt
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in weberpcustomer.php in the webERPcustomer (com_weberpcustomer) component 1.2.1 and 1.x before 1.06.02 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11999
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1315
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1315
|
||||
- http://web.archive.org/web/20140801092842/http://secunia.com/advisories/39209/
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlaweberpcustomer-lfi.txt
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in jresearch.php in the J!Research (com_jresearch) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/33797
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1340
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1340
|
||||
- http://web.archive.org/web/20210121195000/https://www.securityfocus.com/bid/38917/
|
||||
- http://packetstormsecurity.org/1003-exploits/joomlajresearch-lfi.txt
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Cookex Agency CKForms (com_ckforms) component 1.3.3 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/15453
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1345
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1345
|
||||
- http://www.exploit-db.com/exploits/11785
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the JOOFORGE Jutebox (com_jukebox) component 1.0 and 1.7 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12084
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1352
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1352
|
||||
- http://web.archive.org/web/20140724194110/http://secunia.com/advisories/39357/
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlajukebox-lfi.txt
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the LoginBox Pro (com_loginbox) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12068
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1353
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1353
|
||||
- http://web.archive.org/web/20210121195246/https://www.securityfocus.com/bid/39212/
|
||||
- http://www.vupen.com/english/advisories/2010/0808
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the VJDEO (com_vjdeo) component 1.0 and 1.0.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12102
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1354
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1354
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlavjdeo-lfi.txt
|
||||
- http://web.archive.org/web/20140724190841/http://secunia.com/advisories/39296/
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -0,0 +1,41 @@
|
|||
id: CVE-2010-1429
|
||||
|
||||
info:
|
||||
name: Red Hat JBoss Enterprise Application Platform - Sensitive Information Disclosure
|
||||
author: R12W4N
|
||||
severity: medium
|
||||
description: |
|
||||
Red Hat JBoss Enterprise Application Platform 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 is susceptible to sensitive information disclosure. A remote attacker can obtain sensitive information about "deployed web contexts" via a request to the status servlet, as demonstrated by a full=true query string. NOTE: this issue exists because of a CVE-2008-3273 regression.
|
||||
reference:
|
||||
- https://rhn.redhat.com/errata/RHSA-2010-0377.html
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1429
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2008-3273
|
||||
classification:
|
||||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
|
||||
cvss-score: 5.3
|
||||
cve-id: CVE-2010-1429
|
||||
cwe-id: CWE-200
|
||||
metadata:
|
||||
shodan-query: title:"JBoss"
|
||||
verified: "true"
|
||||
tags: cve,cve2010,jboss,eap,tomcat,exposure
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
path:
|
||||
- "{{BaseURL}}/status?full=true"
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: word
|
||||
words:
|
||||
- "JVM"
|
||||
- "memory"
|
||||
- "localhost/"
|
||||
condition: and
|
||||
|
||||
- type: status
|
||||
status:
|
||||
- 200
|
||||
|
||||
# Enhanced by md on 2023/01/30
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Photo Battle (com_photobattle) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files via the view parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12232
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1461
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1461
|
||||
- http://web.archive.org/web/20210518110953/https://www.securityfocus.com/bid/39504
|
||||
- http://www.exploit-db.com/exploits/12232
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Ternaria Informatica JProject Manager (com_jprojectmanager) component 1.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12146
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1469
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1469
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlajprojectmanager-lfi.txt
|
||||
- http://www.exploit-db.com/exploits/12146
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Web TV (com_webtv) component 1.0 for Joomla! allows remote attackers to read arbitrary files and have possibly other unspecified impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12166
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1470
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1470
|
||||
- http://web.archive.org/web/20140723205548/http://secunia.com/advisories/39405/
|
||||
- http://www.exploit-db.com/exploits/12166
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the AddressBook (com_addressbook) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12170
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1471
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1471
|
||||
- http://www.vupen.com/english/advisories/2010/0862
|
||||
classification:
|
||||
cve-id: CVE-2010-1471
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Daily Horoscope (com_horoscope) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12167
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1472
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1472
|
||||
- http://web.archive.org/web/20140723200143/http://secunia.com/advisories/39406/
|
||||
- http://www.exploit-db.com/exploits/12167
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Advertising (com_advertising) component 0.25 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12171
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1473
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1473
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlaeasyadbanner-lfi.txt
|
||||
- http://web.archive.org/web/20140723213338/http://secunia.com/advisories/39410/
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Sweety Keeper (com_sweetykeeper) component 1.5.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12182
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1474
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1474
|
||||
- http://web.archive.org/web/20140723205926/http://secunia.com/advisories/39388/
|
||||
- http://www.exploit-db.com/exploits/12182
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Preventive & Reservation (com_preventive) component 1.0.5 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12147
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1475
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1475
|
||||
- http://web.archive.org/web/20140723203010/http://secunia.com/advisories/39285/
|
||||
- http://www.exploit-db.com/exploits/12147
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the AlphaUserPoints (com_alphauserpoints) component 1.5.5 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the view parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12150
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1476
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1476
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlaalphauserpoints-lfi.txt
|
||||
- http://www.alphaplug.com/
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Ternaria Informatica Jfeedback! (com_jfeedback) component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12145
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1478
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1478
|
||||
- http://web.archive.org/web/20140723205157/http://secunia.com/advisories/39262/
|
||||
- http://web.archive.org/web/20210121195422/https://www.securityfocus.com/bid/39390/
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the MMS Blog (com_mmsblog) component 2.3.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12318
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1491
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1491
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlammsblog-lfi.txt
|
||||
- http://web.archive.org/web/20140724060325/http://secunia.com/advisories/39533/
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the AWDwall (com_awdwall) component 1.5.4 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12113
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1494
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1494
|
||||
- http://www.exploit-db.com/exploits/12113
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Matamko (com_matamko) component 1.01 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12286
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1495
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1495
|
||||
- http://www.vupen.com/english/advisories/2010/0929
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlamatamko-lfi.txt
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the redSHOP (com_redshop) component 1.0.x for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12054
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1531
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1531
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlaredshop-lfi.txt
|
||||
remediation: Upgrade to a supported version.
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the givesight PowerMail Pro (com_powermail) component 1.5.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12118
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1532
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1532
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlapowermail-lfi.txt
|
||||
- http://web.archive.org/web/20210127202836/https://www.securityfocus.com/bid/39348/
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the TweetLA (com_tweetla) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12142
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1533
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1533
|
||||
- http://web.archive.org/web/20140723212810/http://secunia.com/advisories/39258/
|
||||
- http://www.exploit-db.com/exploits/12142
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Shoutbox Pro (com_shoutbox) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12067
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1534
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1534
|
||||
- http://web.archive.org/web/20210121195246/https://www.securityfocus.com/bid/39213/
|
||||
- http://web.archive.org/web/20140724182459/http://secunia.com/advisories/39352/
|
||||
remediation: Upgrade to a supported version
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the TRAVELbook (com_travelbook) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12151
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1535
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1535
|
||||
- http://web.archive.org/web/20140725030342/http://secunia.com/advisories/39254/
|
||||
- http://www.exploit-db.com/exploits/12151
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in index.php in the MyBlog (com_myblog) component 3.0.329 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the task parameter.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11625
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1540
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1540
|
||||
- http://web.archive.org/web/20140721042709/http://secunia.com/advisories/38777/
|
||||
- http://web.archive.org/web/20210121194559/https://www.securityfocus.com/bid/38530/
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the JA Comment (com_jacomment) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12236
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1601
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1601
|
||||
- http://web.archive.org/web/20140803084823/http://secunia.com/advisories/39472/
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlajacomment-lfi.txt
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the ZiMB Comment (com_zimbcomment) component 0.8.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12283
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1602
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1602
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlazimbcomment-lfi.txt
|
||||
classification:
|
||||
cve-id: CVE-2010-1602
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the ZiMB Core (aka ZiMBCore or com_zimbcore) component 0.1 in the ZiMB Manager collection for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12284
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1603
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1603
|
||||
- http://web.archive.org/web/20210518112730/https://www.securityfocus.com/bid/39546
|
||||
- http://www.vupen.com/english/advisories/2010/0931
|
||||
remediation: Upgrade to a supported version.
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in wmi.php in the Webmoney Web Merchant Interface (aka WMI or com_wmi) component 1.5.0 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12316
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1607
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1607
|
||||
- http://web.archive.org/web/20210121195713/https://www.securityfocus.com/bid/39608/
|
||||
- http://web.archive.org/web/20111227231442/http://secunia.com/advisories/39539/
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in graphics.php in the Graphics (com_graphics) component 1.0.6 and 1.5.0 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12430
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1653
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1653
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlagraphics-lfi.txt
|
||||
- http://web.archive.org/web/20210121195909/https://www.securityfocus.com/bid/39743/
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Code-Garage NoticeBoard (com_noticeboard) component 1.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12427
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1658
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1658
|
||||
- http://www.vupen.com/english/advisories/2010/1007
|
||||
classification:
|
||||
cve-id: CVE-2010-1658
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Arcade Games (com_arcadegames) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12168
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1714
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1714
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlaarcadegames-lfi.txt
|
||||
- http://web.archive.org/web/20140723192327/http://secunia.com/advisories/39413/
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Online Examination (aka Online Exam or com_onlineexam) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12174
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1715
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1715
|
||||
- http://packetstormsecurity.org/1004-exploits/joomlaonlineexam-lfi.txt
|
||||
classification:
|
||||
cve-id: CVE-2010-1715
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the iF surfALERT (com_if_surfalert) component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12291
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1717
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1717
|
||||
- http://web.archive.org/web/20140805095004/http://secunia.com/advisories/39526/
|
||||
- http://www.vupen.com/english/advisories/2010/0924
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in archeryscores.php in the Archery Scores (com_archeryscores) component 1.0.6 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12282
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1718
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1718
|
||||
- http://web.archive.org/web/20140805094212/http://secunia.com/advisories/39521/
|
||||
- http://web.archive.org/web/20210121195621/https://www.securityfocus.com/bid/39545/
|
||||
classification:
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the MT Fire Eagle (com_mtfireeagle) component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12233
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1719
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1719
|
||||
- http://www.exploit-db.com/exploits/12233
|
||||
classification:
|
||||
cve-id: CVE-2010-1719
|
||||
|
|
|
@ -7,7 +7,7 @@ info:
|
|||
description: A directory traversal vulnerability in the Online Market (com_market) component 2.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12177
|
||||
- https://www.cvedetails.com/cve/CVE-2010-1722
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2010-1722
|
||||
- http://web.archive.org/web/20140723201810/http://secunia.com/advisories/39409/
|
||||
- http://www.exploit-db.com/exploits/12177
|
||||
classification:
|
||||
|
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue