Merge branch 'main' into master

patch-1
泰阿安全实验室 2023-04-12 21:42:14 +08:00 committed by GitHub
commit c4b2175c5a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
2329 changed files with 68709 additions and 10435 deletions

30
.github/auto_assign.yml vendored Normal file
View File

@ -0,0 +1,30 @@
# Set to true to add reviewers to pull requests
addReviewers: true
# Set to true to add assignees to pull requests
addAssignees: true
# A list of reviewers to be added to pull requests (GitHub user name)
reviewers:
- ritikchaddha
- DhiyaneshGeek
- pussycat0x
# A number of reviewers added to the pull request
# Set 0 to add all the reviewers (default: 0)
numberOfReviewers: 1
# A list of assignees, overrides reviewers if set
assignees:
- DhiyaneshGeek
- pussycat0x
- ritikchaddha
# A number of assignees to add to the pull request
# Set to 0 to add all of the assignees.
# Uses numberOfReviewers if unset.
numberOfAssignees: 1
# A list of keywords to be skipped the process that add reviewers if pull requests include it
# skipKeywords:
# - wip

19
.github/dependabot.yml vendored Normal file
View File

@ -0,0 +1,19 @@
# To get started with Dependabot version updates, you'll need to specify which
# package ecosystems to update and where the package manifests are located.
# Please see the documentation for all configuration options:
# https://help.github.com/github/administering-a-repository/configuration-options-for-dependency-updates
version: 2
updates:
# Maintain dependencies for GitHub Actions
- package-ecosystem: "github-actions"
directory: "/"
schedule:
interval: "weekly"
target-branch: "main"
commit-message:
prefix: "chore"
include: "scope"
labels:
- "Type: Maintenance"

93
.github/scripts/yaml2json.go vendored Normal file
View File

@ -0,0 +1,93 @@
package main
import (
"encoding/json"
"fmt"
"io/ioutil"
"os"
"path/filepath"
"strings"
"gopkg.in/yaml.v3"
)
type Classification struct {
CVSSScore string `yaml:"cvss-score,omitempty"`
}
type Info struct {
Name string `yaml:"name"`
Severity string `yaml:"severity"`
Description string `yaml:"description"`
Classification Classification `yaml:"classification,omitempty"`
}
type Data struct {
ID string `yaml:"id"`
Info Info `yaml:"info"`
FilePath string `json:"file_path"`
}
func main() {
if len(os.Args) != 3 {
fmt.Println("Usage: go run main.go <directory> <output_file>")
os.Exit(1)
}
directory := os.Args[1]
outputFile := os.Args[2]
var data []Data
err := filepath.Walk(directory, func(path string, info os.FileInfo, err error) error {
if strings.HasSuffix(path, ".yaml") || strings.HasSuffix(path, ".yml") {
yamlFile, err := ioutil.ReadFile(path)
if err != nil {
fmt.Printf("Error reading YAML file %s: %v\n", path, err)
return err
}
var d Data
err = yaml.Unmarshal(yamlFile, &d)
if err != nil {
fmt.Printf("Error unmarshalling YAML file %s: %v\n", path, err)
return err
}
if d.Info.Classification.CVSSScore == "" {
d.Info.Classification.CVSSScore = "N/A"
}
if d.Info.Classification == (Classification{}) {
d.Info.Classification.CVSSScore = "N/A"
}
fpath := strings.Replace(path, "/home/runner/work/nuclei-templates/nuclei-templates/", "", 1)
d.FilePath = fpath
data = append(data, d)
}
return nil
})
if err != nil {
fmt.Printf("Error reading directory: %v\n", err)
os.Exit(1)
}
var jsonData []byte
for _, d := range data {
temp, err := json.Marshal(d)
if err != nil {
fmt.Printf("Error marshalling JSON: %v\n", err)
os.Exit(1)
}
jsonData = append(jsonData, temp...)
jsonData = append(jsonData, byte('\n'))
}
err = ioutil.WriteFile(outputFile, jsonData, 0644)
if err != nil {
fmt.Printf("Error writing JSON data to file: %v\n", err)
os.Exit(1)
}
fmt.Println("JSON data written to", outputFile)
}

View File

@ -10,6 +10,10 @@ jobs:
deploy:
runs-on: ubuntu-latest
steps:
# Wait for 5 minutes
- name: Wait for 2 minutes
run: sleep 120
- name: Purge cache
uses: jakejarvis/cloudflare-purge-action@master
env:

View File

@ -3,28 +3,26 @@ name: ✍🏻 CVE Annotate
on:
push:
branches:
- master
- main
paths:
- 'cves/**.yaml'
workflow_dispatch:
jobs:
docs:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Get Github tag
id: meta
run: |
curl --silent "https://api.github.com/repos/projectdiscovery/nuclei/releases/latest" | jq -r .tag_name | xargs -I {} echo TAG={} >> $GITHUB_OUTPUT
- name: Set up Go
uses: actions/setup-go@v4
with:
go-version: 1.19
- name: Setup CVE annotate
if: steps.meta.outputs.TAG != ''
env:
VERSION: ${{ steps.meta.outputs.TAG }}
run: |
wget -q https://github.com/projectdiscovery/nuclei/releases/download/${VERSION}/cve-annotate.zip
sudo unzip cve-annotate.zip -d /usr/local/bin
working-directory: /tmp
- name: cve-annotate install
run: go install -v github.com/projectdiscovery/nuclei/v2/cmd/cve-annotate@latest
- name: Generate CVE Annotations
id: cve-annotate

40
.github/workflows/cve2json.yml vendored Normal file
View File

@ -0,0 +1,40 @@
name: Generate JSON Metadata of CVE Templates
on:
push:
branches:
- main
paths:
- 'cves/**'
workflow_dispatch: # allows manual triggering of the workflow
jobs:
cve2json:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@master
- name: Set up Go
uses: actions/setup-go@v4
with:
go-version: 1.19
check-latest: true
- name: Run yaml2json.go to generate cves.json
run: |
go env -w GO111MODULE=off
go get gopkg.in/yaml.v3
go run .github/scripts/yaml2json.go $GITHUB_WORKSPACE/cves/ cves.json
md5sum cves.json | cut -d' ' -f1 > cves.json-checksum.txt
- name: Commit files
run: |
git pull
git add cves.json cves.json-checksum.txt
git config --local user.email "action@github.com"
git config --local user.name "GitHub Action"
git commit -m "Auto Generated cves.json [$(date)] :robot:" -a
- name: Push changes
uses: ad-m/github-push-action@master
with:
github_token: ${{ secrets.GITHUB_TOKEN }}

View File

@ -3,7 +3,9 @@ name: 🥳 New Template List
on:
push:
branches:
- master
- main
paths:
- '**.yaml'
workflow_dispatch:
jobs:

View File

@ -22,7 +22,7 @@ jobs:
fetch-depth: 0
- name: Set up Python
uses: actions/setup-python@v2
uses: actions/setup-python@v4
with:
python-version: "3.8"

View File

@ -1,6 +1,10 @@
name: ❄️ YAML Lint
on: [push, pull_request]
on:
pull_request:
paths:
- '**.yaml'
workflow_dispatch:
jobs:
build:
@ -8,7 +12,7 @@ jobs:
steps:
- uses: actions/checkout@v2
- name: Yamllint
uses: karancode/yamllint-github-action@master
uses: karancode/yamllint-github-action@v2.1.1
with:
yamllint_config_filepath: .yamllint
yamllint_strict: false

View File

@ -2,18 +2,21 @@ name: 📝 Template Checksum
on:
push:
tags:
- '*'
workflow_dispatch:
branches:
- main
paths:
- '**.yaml'
workflow_dispatch: # allows manual triggering of the workflow
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@master
- uses: actions/setup-go@v2
- name: Set up Go
uses: actions/setup-go@v4
with:
go-version: 1.18
go-version: 1.19
- name: install checksum generator
run: |
@ -35,4 +38,3 @@ jobs:
uses: ad-m/github-push-action@master
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
branch: master

View File

@ -3,16 +3,19 @@ name: 📑 Template-DB Indexer
on:
push:
branches:
- master
- main
paths:
- '**.yaml'
workflow_dispatch:
jobs:
index:
runs-on: ubuntu-latest
steps:
- uses: actions/setup-go@v2
- name: Set up Go
uses: actions/setup-go@v4
with:
go-version: 1.17
go-version: 1.19
- name: Installing Indexer
run: |

View File

@ -1,26 +1,26 @@
name: 🛠 Template Validate
on: [ push, pull_request ]
on:
pull_request:
paths:
- '**.yaml'
workflow_dispatch:
jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v2
- uses: actions/checkout@v3
with:
fetch-depth: 0
- name: Get Github tag
id: meta
run: |
curl --silent "https://api.github.com/repos/projectdiscovery/nuclei/releases/latest" | jq -r .tag_name | xargs -I {} echo TAG={} >> $GITHUB_OUTPUT
- name: Set up Go
uses: actions/setup-go@v4
with:
go-version: 1.19
- name: Setup Nuclei
if: steps.meta.outputs.TAG != ''
env:
VERSION: ${{ steps.meta.outputs.TAG }}
run: |
wget -q https://github.com/projectdiscovery/nuclei/releases/download/${VERSION}/nuclei_${VERSION:1}_linux_amd64.zip
sudo unzip nuclei*.zip -d /usr/local/bin
working-directory: /tmp
- name: nuclei install
run: go install -v github.com/projectdiscovery/nuclei/v2/cmd/nuclei@latest
- name: Template Validation
run: |

View File

@ -10,10 +10,14 @@ jobs:
build:
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@master
- uses: actions/setup-go@v2
- uses: actions/checkout@v3
with:
go-version: 1.18
fetch-depth: 0
- name: Set up Go
uses: actions/setup-go@v4
with:
go-version: 1.19
- name: Installing Template Stats
run: |
@ -52,4 +56,3 @@ jobs:
uses: ad-m/github-push-action@master
with:
github_token: ${{ secrets.GITHUB_TOKEN }}
branch: master

View File

@ -1,8 +1,10 @@
name: ✨ WordPress Plugins - Update
on:
schedule:
- cron: "0 4 * * *" # every day at 4am UTC
workflow_dispatch:
jobs:
Update:
runs-on: ubuntu-latest

View File

@ -0,0 +1,3 @@
exposed-panels/aspect-control-panel.yaml
misconfiguration/default-spx-key.yaml
network/enumeration/beanstalk-service.yaml

View File

@ -33,6 +33,5 @@ files:
- cves/2020/CVE-2020-2036.yaml
- cves/2020/CVE-2020-28351.yaml
- cves/2021/CVE-2021-35265.yaml
- vulnerabilities/generic/basic-xss-prober.yaml
- vulnerabilities/oracle/oracle-ebs-xss.yaml
- vulnerabilities/other/nginx-module-vts-xss.yaml

View File

@ -3,7 +3,9 @@ extends: default
ignore: |
.pre-commit-config.yml
.github/workflows/*.yml
.github/
.git/
*.yml
rules:
document-start: disable
@ -15,3 +17,5 @@ rules:
require-starting-space: true
ignore-shebangs: true
min-spaces-from-content: 1
empty-lines:
max: 5

View File

@ -41,19 +41,19 @@ An overview of the nuclei template project, including statistics on unique tags,
## Nuclei Templates Top 10 statistics
| TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT |
|-----------|-------|---------------|-------|------------------|-------|----------|-------|---------|-------|
| cve | 1552 | dhiyaneshdk | 701 | cves | 1529 | info | 1671 | http | 4330 |
| panel | 780 | daffainfo | 662 | exposed-panels | 782 | high | 1152 | file | 78 |
| edb | 582 | pikpikcu | 344 | vulnerabilities | 520 | medium | 837 | network | 77 |
| exposure | 551 | pdteam | 274 | misconfiguration | 361 | critical | 552 | dns | 17 |
| xss | 543 | geeknik | 206 | technologies | 322 | low | 281 | | |
| lfi | 519 | pussycat0x | 172 | exposures | 308 | unknown | 25 | | |
| wordpress | 471 | dwisiswant0 | 171 | token-spray | 236 | | | | |
| cve2021 | 370 | 0x_akoko | 170 | workflows | 190 | | | | |
| wp-plugin | 366 | ritikchaddha | 164 | default-logins | 116 | | | | |
| tech | 360 | princechaddha | 153 | file | 78 | | | | |
|-----------|-------|--------------|-------|------------------|-------|----------|-------|---------|-------|
| cve | 1734 | dhiyaneshdk | 799 | cves | 1713 | info | 2807 | http | 5646 |
| panel | 870 | dwisiswant0 | 793 | exposed-panels | 862 | high | 1216 | file | 117 |
| wordpress | 756 | daffainfo | 662 | osint | 630 | medium | 984 | network | 88 |
| exposure | 652 | pikpikcu | 353 | technologies | 561 | critical | 645 | dns | 18 |
| wp-plugin | 647 | pdteam | 276 | vulnerabilities | 550 | low | 215 | | |
| osint | 635 | pussycat0x | 234 | misconfiguration | 428 | unknown | 24 | | |
| xss | 608 | geeknik | 219 | exposures | 374 | | | | |
| tech | 598 | ricardomaia | 214 | token-spray | 240 | | | | |
| edb | 595 | ritikchaddha | 195 | workflows | 190 | | | | |
| lfi | 533 | 0x_akoko | 179 | default-logins | 127 | | | | |
**335 directories, 5229 files**.
**380 directories, 6318 files**.
</td>
</tr>

File diff suppressed because one or more lines are too long

File diff suppressed because it is too large Load Diff

View File

@ -1,12 +1,12 @@
| TAG | COUNT | AUTHOR | COUNT | DIRECTORY | COUNT | SEVERITY | COUNT | TYPE | COUNT |
|-----------|-------|---------------|-------|------------------|-------|----------|-------|---------|-------|
| cve | 1552 | dhiyaneshdk | 701 | cves | 1529 | info | 1671 | http | 4330 |
| panel | 780 | daffainfo | 662 | exposed-panels | 782 | high | 1152 | file | 78 |
| edb | 582 | pikpikcu | 344 | vulnerabilities | 520 | medium | 837 | network | 77 |
| exposure | 551 | pdteam | 274 | misconfiguration | 361 | critical | 552 | dns | 17 |
| xss | 543 | geeknik | 206 | technologies | 322 | low | 281 | | |
| lfi | 519 | pussycat0x | 172 | exposures | 308 | unknown | 25 | | |
| wordpress | 471 | dwisiswant0 | 171 | token-spray | 236 | | | | |
| cve2021 | 370 | 0x_akoko | 170 | workflows | 190 | | | | |
| wp-plugin | 366 | ritikchaddha | 164 | default-logins | 116 | | | | |
| tech | 360 | princechaddha | 153 | file | 78 | | | | |
|-----------|-------|--------------|-------|------------------|-------|----------|-------|---------|-------|
| cve | 1734 | dhiyaneshdk | 799 | cves | 1713 | info | 2807 | http | 5646 |
| panel | 870 | dwisiswant0 | 793 | exposed-panels | 862 | high | 1216 | file | 117 |
| wordpress | 756 | daffainfo | 662 | osint | 630 | medium | 984 | network | 88 |
| exposure | 652 | pikpikcu | 353 | technologies | 561 | critical | 645 | dns | 18 |
| wp-plugin | 647 | pdteam | 276 | vulnerabilities | 550 | low | 215 | | |
| osint | 635 | pussycat0x | 234 | misconfiguration | 428 | unknown | 24 | | |
| xss | 608 | geeknik | 219 | exposures | 374 | | | | |
| tech | 598 | ricardomaia | 214 | token-spray | 240 | | | | |
| edb | 595 | ritikchaddha | 195 | workflows | 190 | | | | |
| lfi | 533 | 0x_akoko | 179 | default-logins | 127 | | | | |

View File

@ -0,0 +1,68 @@
id: CNVD-2020-26585
info:
name: Showdoc <2.8.6 - File Uploads
author: pikpikcu,Co5mos
severity: critical
description: |
ShowDoc is an online API and technical documentation tool that is very suitable for IT teams. Showdoc has a file upload vulnerability, which attackers can exploit to gain server permissions.
reference:
- https://vul.wangan.com/a/CNVD-2020-26585
- https://blog.csdn.net/qq_48985780/article/details/122211136
- https://github.com/star7th/showdoc/pull/1059
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L
cvss-score: 9.9
cwe-id: CWE-434
metadata:
verified: true
fofa-query: app="ShowDoc"
tags: cnvd,cnvd2020,showdoc,fileupload
requests:
- raw:
- |
POST /index.php?s=/home/page/uploadImg HTTP/1.1
Host: {{Hostname}}
Content-Type: multipart/form-data; boundary=--------------------------835846770881083140190633
----------------------------835846770881083140190633
Content-Disposition: form-data; name="editormd-image-file"; filename="{{randstr}}.<>txt"
Content-Type: text/plain
test{{randstr}}
----------------------------835846770881083140190633--
- |
GET /Public//Uploads//{{date}}//{{file}} HTTP/1.1
Host: {{Hostname}}
matchers-condition: and
matchers:
- type: word
part: body
words:
- "test{{randstr}}"
- type: status
status:
- 200
extractors:
- type: regex
name: date
part: body
group: 1
regex:
- '(\d{4}-\d{2}-\d{2})\\/([a-f0-9]+\.txt)'
internal: true
- type: regex
name: file
part: body
group: 2
regex:
- '(\d{4}-\d{2}-\d{2})\\/([a-f0-9]+\.txt)'
internal: true
# Enhanced by mp on 2022/05/30

View File

@ -4,12 +4,12 @@ info:
name: EEA - Information Disclosure
author: pikpikcu
severity: high
description: EEA is susceptible to information disclosure.
description: EEA is susceptible to information disclosure including the username and password.
reference:
- https://www.cnvd.org.cn/flaw/show/CNVD-2021-10543
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cvss-score: 5.3
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cwe-id: CWE-200
tags: config,exposure,cnvd,cnvd2021

View File

@ -34,7 +34,7 @@ requests:
internal: true
group: 1
regex:
- '"verify_string":"(.*)"'
- '"verify_string":"(.*?)"'
req-condition: true
matchers:

1713
cves.json Normal file

File diff suppressed because it is too large Load Diff

1
cves.json-checksum.txt Normal file
View File

@ -0,0 +1 @@
0b8c136254be187cf0afeb350ba4ff03

View File

@ -7,7 +7,6 @@ info:
description: Joomla! RSfiles 1.0.2 and earlier is susceptible to local file inclusion in index.php in the RSfiles component (com_rsfiles). This could allow remote attackers to arbitrarily read files via a .. (dot dot) in the path parameter in a files.display action.
reference:
- https://www.exploit-db.com/exploits/4307
- https://www.cvedetails.com/cve/CVE-2007-4504
- https://exchange.xforce.ibmcloud.com/vulnerabilities/36222
- https://nvd.nist.gov/vuln/detail/CVE-2007-4504
classification:

View File

@ -7,7 +7,6 @@ info:
description: Joomla! Image Browser 0.1.5 rc2 is susceptible to local file inclusion via com_imagebrowser which could allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the folder parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/6618
- https://www.cvedetails.com/cve/CVE-2008-4668
- http://web.archive.org/web/20210121183742/https://www.securityfocus.com/bid/31458/
- http://securityreason.com/securityalert/4464
- https://nvd.nist.gov/vuln/detail/CVE-2008-4668

View File

@ -7,7 +7,6 @@ info:
description: Joomla! 2.0.0 RC2 and earlier are susceptible to local file inclusion in the eXtplorer module (com_extplorer) that allows remote attackers to read arbitrary files via a .. (dot dot) in the dir parameter in a show_error action.
reference:
- https://www.exploit-db.com/exploits/5435
- https://www.cvedetails.com/cve/CVE-2008-4764
- http://web.archive.org/web/20210121181347/https://www.securityfocus.com/bid/28764/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/41873
- https://nvd.nist.gov/vuln/detail/CVE-2008-4764

View File

@ -7,7 +7,6 @@ info:
description: Joomla! ionFiles 4.4.2 is susceptible to local file inclusion in download.php in the ionFiles (com_ionfiles) that allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
reference:
- https://www.exploit-db.com/exploits/6809
- https://www.cvedetails.com/cve/CVE-2008-6080
- http://web.archive.org/web/20140804231654/http://secunia.com/advisories/32377/
- http://web.archive.org/web/20210121184101/https://www.securityfocus.com/bid/31877/
- https://nvd.nist.gov/vuln/detail/CVE-2008-6080

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in captcha/captcha_image.php in the RWCards (com_rwcards) 3.0.11 component for Joomla! when magic_quotes_gpc is disabled allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the img parameter.
reference:
- https://www.exploit-db.com/exploits/6817
- https://www.cvedetails.com/cve/CVE-2008-6172
- https://nvd.nist.gov/vuln/detail/CVE-2008-6172
- http://web.archive.org/web/20140804232841/http://secunia.com/advisories/32367/
- http://web.archive.org/web/20210121184108/https://www.securityfocus.com/bid/31892/
classification:

View File

@ -7,7 +7,6 @@ info:
description: Joomla! Pro Desk Support Center (com_pro_desk) component 1.0 and 1.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the include_file parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/6980
- https://www.cvedetails.com/cve/CVE-2008-6222
- http://web.archive.org/web/20111223225601/http://secunia.com/advisories/32523/
- http://web.archive.org/web/20210121184244/https://www.securityfocus.com/bid/32113/
- https://nvd.nist.gov/vuln/detail/CVE-2008-6222

View File

@ -7,7 +7,6 @@ info:
description: Joomla! Ideal MooFAQ 1.0 via com_moofaq allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter (local file inclusion).
reference:
- https://www.exploit-db.com/exploits/8898
- https://www.cvedetails.com/cve/CVE-2009-2015
- http://web.archive.org/web/20210121191105/https://www.securityfocus.com/bid/35259/
- http://www.vupen.com/english/advisories/2009/1530
- https://nvd.nist.gov/vuln/detail/CVE-2009-2015

View File

@ -7,7 +7,6 @@ info:
description: Joomla! JoomlaPraise Projectfork (com_projectfork) 2.0.10 allows remote attackers to read arbitrary files via local file inclusion in the section parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/8946
- https://www.cvedetails.com/cve/CVE-2009-2100
- http://web.archive.org/web/20210121191226/https://www.securityfocus.com/bid/35378/
- https://nvd.nist.gov/vuln/detail/CVE-2009-2100

View File

@ -7,7 +7,6 @@ info:
description: Joomla! Agora 3.0.0b (com_agora) allows remote attackers to include and execute arbitrary local files via local file inclusion in the action parameter to the avatars page, reachable through index.php.
reference:
- https://www.exploit-db.com/exploits/9564
- https://www.cvedetails.com/cve/CVE-2009-3053
- https://web.archive.org/web/20210120183330/https://www.securityfocus.com/bid/36207/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/52964
- https://nvd.nist.gov/vuln/detail/CVE-2009-3053

View File

@ -7,9 +7,9 @@ info:
description: Joomla! Roland Breedveld Album 1.14 (com_album) is susceptible to local file inclusion because it allows remote attackers to access arbitrary directories and have unspecified other impact via a .. (dot dot) in the target parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/9706
- https://www.cvedetails.com/cve/CVE-2009-3318
- https://nvd.nist.gov/vuln/detail/CVE-2009-3318
- https://web.archive.org/web/20210121192413/https://www.securityfocus.com/bid/36441/
- http://www.exploit-db.com/exploits/9706
classification:
cve-id: CVE-2009-3318
tags: joomla,lfi,edb,cve,cve2009

View File

@ -8,9 +8,9 @@ info:
Joomla! Portfolio Nexus 1.5 contains a remote file inclusion vulnerability in the inertialFATE iF (com_if_nexus) component that allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/33440
- https://www.cvedetails.com/cve/CVE-2009-4679
- https://nvd.nist.gov/vuln/detail/CVE-2009-4679
- http://web.archive.org/web/20140722130146/http://secunia.com/advisories/37760/
- http://www.exploit-db.com/exploits/10754
classification:
cve-id: CVE-2009-4679
tags: cve,cve2009,joomla,lfi,nexus,edb

View File

@ -26,6 +26,6 @@ requests:
- type: regex
part: header
regex:
- '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1
- '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1
# Enhanced by mp on 2022/02/13

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in wgarcmin.cgi in WebGlimpse 2.18.7 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the DOC parameter.
reference:
- https://www.exploit-db.com/exploits/36994
- https://www.cvedetails.com/cve/CVE-2009-5114
- https://nvd.nist.gov/vuln/detail/CVE-2009-5114
- http://websecurity.com.ua/2628/
- https://exchange.xforce.ibmcloud.com/vulnerabilities/74321
remediation: Apply all relevant security patches and product upgrades.

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the Bible Study (com_biblestudy) component 6.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter in a studieslist action to index.php.
reference:
- https://www.exploit-db.com/exploits/10943
- https://www.cvedetails.com/cve/CVE-2010-0157
- https://nvd.nist.gov/vuln/detail/CVE-2010-0157
- http://web.archive.org/web/20151023032409/http://secunia.com/advisories/37896/
- http://packetstormsecurity.org/1001-exploits/joomlabiblestudy-lfi.txt
remediation: Upgrade to a supported version.

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the ccNewsletter (com_ccnewsletter) component 1.0.5 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a ccnewsletter action to index.php.
reference:
- https://www.exploit-db.com/exploits/11282
- https://www.cvedetails.com/cve/CVE-2010-0467
- https://nvd.nist.gov/vuln/detail/CVE-2010-0467
- http://web.archive.org/web/20210121194037/https://www.securityfocus.com/bid/37987/
- http://www.chillcreations.com/en/blog/ccnewsletter-joomla-newsletter/ccnewsletter-106-security-release.html
remediation: Apply all relevant security patches and upgrades.

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in includes/download.php in the JoomlaWorks AllVideos (Jw_allVideos) plugin 3.0 through 3.2 for Joomla! allows remote attackers to read arbitrary files via a ./../.../ (modified dot dot) in the file parameter.
reference:
- https://www.exploit-db.com/exploits/11447
- https://www.cvedetails.com/cve/CVE-2010-0696
- https://nvd.nist.gov/vuln/detail/CVE-2010-0696
- http://web.archive.org/web/20140805102632/http://secunia.com/advisories/38587/
- http://www.joomlaworks.gr/content/view/77/34/
remediation: Upgrade to a supported version.

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php in the Core Design Scriptegrator plugin 1.4.1 for Joomla! allows remote attackers to read, and possibly include and execute, arbitrary files via directory traversal sequences in the files[] parameter.
reference:
- https://www.exploit-db.com/exploits/11498
- https://www.cvedetails.com/cve/CVE-2010-0759
- https://nvd.nist.gov/vuln/detail/CVE-2010-0759
- http://web.archive.org/web/20151104183037/http://secunia.com/advisories/38637/
- http://web.archive.org/web/20210121194344/https://www.securityfocus.com/bid/38296/
remediation: Upgrade to a supported version.

View File

@ -7,7 +7,7 @@ info:
description: Directory traversal vulnerability in the jVideoDirect (com_jvideodirect) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/11089
- https://www.cvedetails.com/cve/CVE-2010-0942
- https://nvd.nist.gov/vuln/detail/CVE-2010-0942
- http://packetstormsecurity.org/1001-exploits/joomlajvideodirect-traversal.txt
remediation: Apply all relevant security patches and product upgrades.
classification:

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the JA Showcase (com_jashowcase) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a jashowcase action to index.php.
reference:
- https://www.exploit-db.com/exploits/11090
- https://www.cvedetails.com/cve/CVE-2010-0943
- https://nvd.nist.gov/vuln/detail/CVE-2010-0943
- http://web.archive.org/web/20210121193737/https://www.securityfocus.com/bid/37692/
- http://web.archive.org/web/20140724215426/http://secunia.com/advisories/33486/
classification:

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the JCollection (com_jcollection) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/11088
- https://www.cvedetails.com/cve/CVE-2010-0944
- https://nvd.nist.gov/vuln/detail/CVE-2010-0944
- http://packetstormsecurity.org/1001-exploits/joomlajcollection-traversal.txt
- http://www.exploit-db.com/exploits/11088
remediation: Apply all relevant security patches and product upgrades.

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the GCalendar (com_gcalendar) component 2.1.5 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/11738
- https://www.cvedetails.com/cve/CVE-2010-0972
- https://nvd.nist.gov/vuln/detail/CVE-2010-0972
- http://web.archive.org/web/20140804152652/http://secunia.com/advisories/38925/
- http://www.exploit-db.com/exploits/11738
remediation: Apply all relevant security patches and product upgrades.

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the CARTwebERP (com_cartweberp) component 1.56.75 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/10942
- https://www.cvedetails.com/cve/CVE-2010-0982
- https://nvd.nist.gov/vuln/detail/CVE-2010-0982
- http://web.archive.org/web/20210121193625/https://www.securityfocus.com/bid/37581/
- http://web.archive.org/web/20151104182451/http://secunia.com/advisories/37917/
remediation: Apply all relevant security patches and product upgrades.

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the Abbreviations Manager (com_abbrev) component 1.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/10948
- https://www.cvedetails.com/cve/CVE-2010-0985
- https://nvd.nist.gov/vuln/detail/CVE-2010-0985
- http://web.archive.org/web/20210623092041/https://www.securityfocus.com/bid/37560
- http://www.exploit-db.com/exploits/10948
remediation: Apply all relevant security patches and product upgrades.

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the RokDownloads (com_rokdownloads) component before 1.0.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/11760
- https://www.cvedetails.com/cve/CVE-2010-1056
- https://nvd.nist.gov/vuln/detail/CVE-2010-1056
- http://web.archive.org/web/20210121194803/https://www.securityfocus.com/bid/38741/
- http://web.archive.org/web/20151023104850/http://secunia.com/advisories/38982/
remediation: Apply all relevant security patches and product upgrades.

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the Community Polls (com_communitypolls) component 1.5.2, and possibly earlier, for Core Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/11511
- https://www.cvedetails.com/cve/CVE-2010-1081
- https://nvd.nist.gov/vuln/detail/CVE-2010-1081
- http://www.corejoomla.com/component/content/article/1-corejoomla-updates/40-community-polls-v153-security-release.html
remediation: Apply all relevant security patches and product upgrades.
classification:

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the JE Form Creator (com_jeformcr) component for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via directory traversal sequences in the view parameter to index.php. NOTE -- the original researcher states that the affected product is JE Tooltip, not Form Creator; however, the exploit URL suggests that Form Creator is affected.
reference:
- https://www.exploit-db.com/exploits/11814
- https://www.cvedetails.com/cve/CVE-2010-1217
- https://nvd.nist.gov/vuln/detail/CVE-2010-1217
- http://www.packetstormsecurity.org/1003-exploits/joomlajetooltip-lfi.txt
- http://web.archive.org/web/20210624111408/https://www.securityfocus.com/bid/38866
remediation: Apply all relevant security patches and product upgrades.

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the JA News (com_janews) component 1.0 for Joomla! allows remote attackers to read arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/11757
- https://www.cvedetails.com/cve/CVE-2010-1219
- https://nvd.nist.gov/vuln/detail/CVE-2010-1219
- http://web.archive.org/web/20161009134632/http://secunia.com/advisories/38952
- http://web.archive.org/web/20210617075625/https://www.securityfocus.com/bid/38746
remediation: Upgrade to a supported version.

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in dwgraphs.php in the DecryptWeb DW Graphs (com_dwgraphs) component 1.0 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/11978
- https://www.cvedetails.com/cve/CVE-2010-1302
- https://nvd.nist.gov/vuln/detail/CVE-2010-1302
- http://web.archive.org/web/20210121195144/https://www.securityfocus.com/bid/39108/
- http://web.archive.org/web/20140805062036/http://secunia.com/advisories/39200/
remediation: Upgrade to a supported version.

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in userstatus.php in the User Status (com_userstatus) component 1.21.16 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/11998
- https://www.cvedetails.com/cve/CVE-2010-1304
- https://nvd.nist.gov/vuln/detail/CVE-2010-1304
- http://web.archive.org/web/20210518080735/https://www.securityfocus.com/bid/39174
- http://www.exploit-db.com/exploits/11998
remediation: Upgrade to a supported version.

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in jinventory.php in the JInventory (com_jinventory) component 1.23.02 and possibly other versions before 1.26.03, a module for Joomla!, allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/12065
- https://www.cvedetails.com/cve/CVE-2010-1305
- https://nvd.nist.gov/vuln/detail/CVE-2010-1305
- http://extensions.joomla.org/extensions/e-commerce/shopping-cart/7951
- http://web.archive.org/web/20140806165126/http://secunia.com/advisories/39351/
remediation: Upgrade to a supported version.

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the Picasa (com_joomlapicasa2) component 2.0 and 2.0.5 for Joomla! allows remote attackers to read arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/12058
- https://www.cvedetails.com/cve/CVE-2010-1306
- https://nvd.nist.gov/vuln/detail/CVE-2010-1306
- http://web.archive.org/web/20140805134149/http://secunia.com/advisories/39338/
- http://web.archive.org/web/20210121195240/https://www.securityfocus.com/bid/39200/
remediation: Upgrade to a supported version.

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the Magic Updater (com_joomlaupdater) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/12070
- https://www.cvedetails.com/cve/CVE-2010-1307
- https://nvd.nist.gov/vuln/detail/CVE-2010-1307
- http://web.archive.org/web/20140806154402/http://secunia.com/advisories/39348/
- http://www.vupen.com/english/advisories/2010/0806
remediation: Upgrade to a supported version.

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the SVMap (com_svmap) component 1.1.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/12066
- https://www.cvedetails.com/cve/CVE-2010-1308
- https://nvd.nist.gov/vuln/detail/CVE-2010-1308
- http://www.vupen.com/english/advisories/2010/0809
remediation: Upgrade to a supported version.
classification:

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the iJoomla News Portal (com_news_portal) component 1.5.x for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/12077
- https://www.cvedetails.com/cve/CVE-2010-1312
- https://nvd.nist.gov/vuln/detail/CVE-2010-1312
- http://web.archive.org/web/20140724200344/http://secunia.com/advisories/39289/
- http://packetstormsecurity.org/1004-exploits/joomlanewportal-lfi.txt
remediation: Upgrade to a supported version.

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the Seber Cart (com_sebercart) component 1.0.0.12 and 1.0.0.13 for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/12082
- https://www.cvedetails.com/cve/CVE-2010-1313
- https://nvd.nist.gov/vuln/detail/CVE-2010-1313
- http://web.archive.org/web/20210121195302/https://www.securityfocus.com/bid/39237/
- http://www.exploit-db.com/exploits/12082
remediation: Upgrade to a supported version.

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the Highslide JS (com_hsconfig) component 1.5 and 2.0.9 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/12086
- https://www.cvedetails.com/cve/CVE-2010-1314
- https://nvd.nist.gov/vuln/detail/CVE-2010-1314
- http://web.archive.org/web/20140724203458/http://secunia.com/advisories/39359/
- http://packetstormsecurity.org/1004-exploits/joomlahsconfig-lfi.txt
remediation: Upgrade to a supported version.

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in weberpcustomer.php in the webERPcustomer (com_weberpcustomer) component 1.2.1 and 1.x before 1.06.02 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/11999
- https://www.cvedetails.com/cve/CVE-2010-1315
- https://nvd.nist.gov/vuln/detail/CVE-2010-1315
- http://web.archive.org/web/20140801092842/http://secunia.com/advisories/39209/
- http://packetstormsecurity.org/1004-exploits/joomlaweberpcustomer-lfi.txt
remediation: Upgrade to a supported version.

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in jresearch.php in the J!Research (com_jresearch) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/33797
- https://www.cvedetails.com/cve/CVE-2010-1340
- https://nvd.nist.gov/vuln/detail/CVE-2010-1340
- http://web.archive.org/web/20210121195000/https://www.securityfocus.com/bid/38917/
- http://packetstormsecurity.org/1003-exploits/joomlajresearch-lfi.txt
remediation: Upgrade to a supported version.

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the Cookex Agency CKForms (com_ckforms) component 1.3.3 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/15453
- https://www.cvedetails.com/cve/CVE-2010-1345
- https://nvd.nist.gov/vuln/detail/CVE-2010-1345
- http://www.exploit-db.com/exploits/11785
remediation: Upgrade to a supported version.
classification:

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the JOOFORGE Jutebox (com_jukebox) component 1.0 and 1.7 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/12084
- https://www.cvedetails.com/cve/CVE-2010-1352
- https://nvd.nist.gov/vuln/detail/CVE-2010-1352
- http://web.archive.org/web/20140724194110/http://secunia.com/advisories/39357/
- http://packetstormsecurity.org/1004-exploits/joomlajukebox-lfi.txt
remediation: Upgrade to a supported version.

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the LoginBox Pro (com_loginbox) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/12068
- https://www.cvedetails.com/cve/CVE-2010-1353
- https://nvd.nist.gov/vuln/detail/CVE-2010-1353
- http://web.archive.org/web/20210121195246/https://www.securityfocus.com/bid/39212/
- http://www.vupen.com/english/advisories/2010/0808
classification:

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the VJDEO (com_vjdeo) component 1.0 and 1.0.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/12102
- https://www.cvedetails.com/cve/CVE-2010-1354
- https://nvd.nist.gov/vuln/detail/CVE-2010-1354
- http://packetstormsecurity.org/1004-exploits/joomlavjdeo-lfi.txt
- http://web.archive.org/web/20140724190841/http://secunia.com/advisories/39296/
remediation: Upgrade to a supported version.

View File

@ -0,0 +1,41 @@
id: CVE-2010-1429
info:
name: Red Hat JBoss Enterprise Application Platform - Sensitive Information Disclosure
author: R12W4N
severity: medium
description: |
Red Hat JBoss Enterprise Application Platform 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 is susceptible to sensitive information disclosure. A remote attacker can obtain sensitive information about "deployed web contexts" via a request to the status servlet, as demonstrated by a full=true query string. NOTE: this issue exists because of a CVE-2008-3273 regression.
reference:
- https://rhn.redhat.com/errata/RHSA-2010-0377.html
- https://nvd.nist.gov/vuln/detail/CVE-2010-1429
- https://nvd.nist.gov/vuln/detail/CVE-2008-3273
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cvss-score: 5.3
cve-id: CVE-2010-1429
cwe-id: CWE-200
metadata:
shodan-query: title:"JBoss"
verified: "true"
tags: cve,cve2010,jboss,eap,tomcat,exposure
requests:
- method: GET
path:
- "{{BaseURL}}/status?full=true"
matchers-condition: and
matchers:
- type: word
words:
- "JVM"
- "memory"
- "localhost/"
condition: and
- type: status
status:
- 200
# Enhanced by md on 2023/01/30

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the Photo Battle (com_photobattle) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files via the view parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/12232
- https://www.cvedetails.com/cve/CVE-2010-1461
- https://nvd.nist.gov/vuln/detail/CVE-2010-1461
- http://web.archive.org/web/20210518110953/https://www.securityfocus.com/bid/39504
- http://www.exploit-db.com/exploits/12232
remediation: Upgrade to a supported version.

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the Ternaria Informatica JProject Manager (com_jprojectmanager) component 1.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/12146
- https://www.cvedetails.com/cve/CVE-2010-1469
- https://nvd.nist.gov/vuln/detail/CVE-2010-1469
- http://packetstormsecurity.org/1004-exploits/joomlajprojectmanager-lfi.txt
- http://www.exploit-db.com/exploits/12146
remediation: Upgrade to a supported version.

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the Web TV (com_webtv) component 1.0 for Joomla! allows remote attackers to read arbitrary files and have possibly other unspecified impacts via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/12166
- https://www.cvedetails.com/cve/CVE-2010-1470
- https://nvd.nist.gov/vuln/detail/CVE-2010-1470
- http://web.archive.org/web/20140723205548/http://secunia.com/advisories/39405/
- http://www.exploit-db.com/exploits/12166
remediation: Upgrade to a supported version.

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the AddressBook (com_addressbook) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/12170
- https://www.cvedetails.com/cve/CVE-2010-1471
- https://nvd.nist.gov/vuln/detail/CVE-2010-1471
- http://www.vupen.com/english/advisories/2010/0862
classification:
cve-id: CVE-2010-1471

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the Daily Horoscope (com_horoscope) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/12167
- https://www.cvedetails.com/cve/CVE-2010-1472
- https://nvd.nist.gov/vuln/detail/CVE-2010-1472
- http://web.archive.org/web/20140723200143/http://secunia.com/advisories/39406/
- http://www.exploit-db.com/exploits/12167
remediation: Upgrade to a supported version.

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the Advertising (com_advertising) component 0.25 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/12171
- https://www.cvedetails.com/cve/CVE-2010-1473
- https://nvd.nist.gov/vuln/detail/CVE-2010-1473
- http://packetstormsecurity.org/1004-exploits/joomlaeasyadbanner-lfi.txt
- http://web.archive.org/web/20140723213338/http://secunia.com/advisories/39410/
remediation: Upgrade to a supported version.

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the Sweety Keeper (com_sweetykeeper) component 1.5.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/12182
- https://www.cvedetails.com/cve/CVE-2010-1474
- https://nvd.nist.gov/vuln/detail/CVE-2010-1474
- http://web.archive.org/web/20140723205926/http://secunia.com/advisories/39388/
- http://www.exploit-db.com/exploits/12182
classification:

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the Preventive & Reservation (com_preventive) component 1.0.5 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/12147
- https://www.cvedetails.com/cve/CVE-2010-1475
- https://nvd.nist.gov/vuln/detail/CVE-2010-1475
- http://web.archive.org/web/20140723203010/http://secunia.com/advisories/39285/
- http://www.exploit-db.com/exploits/12147
classification:

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the AlphaUserPoints (com_alphauserpoints) component 1.5.5 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the view parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/12150
- https://www.cvedetails.com/cve/CVE-2010-1476
- https://nvd.nist.gov/vuln/detail/CVE-2010-1476
- http://packetstormsecurity.org/1004-exploits/joomlaalphauserpoints-lfi.txt
- http://www.alphaplug.com/
remediation: Upgrade to a supported version.

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the Ternaria Informatica Jfeedback! (com_jfeedback) component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/12145
- https://www.cvedetails.com/cve/CVE-2010-1478
- https://nvd.nist.gov/vuln/detail/CVE-2010-1478
- http://web.archive.org/web/20140723205157/http://secunia.com/advisories/39262/
- http://web.archive.org/web/20210121195422/https://www.securityfocus.com/bid/39390/
remediation: Upgrade to a supported version.

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the MMS Blog (com_mmsblog) component 2.3.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/12318
- https://www.cvedetails.com/cve/CVE-2010-1491
- https://nvd.nist.gov/vuln/detail/CVE-2010-1491
- http://packetstormsecurity.org/1004-exploits/joomlammsblog-lfi.txt
- http://web.archive.org/web/20140724060325/http://secunia.com/advisories/39533/
remediation: Upgrade to a supported version.

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the AWDwall (com_awdwall) component 1.5.4 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/12113
- https://www.cvedetails.com/cve/CVE-2010-1494
- https://nvd.nist.gov/vuln/detail/CVE-2010-1494
- http://www.exploit-db.com/exploits/12113
remediation: Upgrade to a supported version.
classification:

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the Matamko (com_matamko) component 1.01 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/12286
- https://www.cvedetails.com/cve/CVE-2010-1495
- https://nvd.nist.gov/vuln/detail/CVE-2010-1495
- http://www.vupen.com/english/advisories/2010/0929
- http://packetstormsecurity.org/1004-exploits/joomlamatamko-lfi.txt
remediation: Upgrade to a supported version.

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the redSHOP (com_redshop) component 1.0.x for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/12054
- https://www.cvedetails.com/cve/CVE-2010-1531
- https://nvd.nist.gov/vuln/detail/CVE-2010-1531
- http://packetstormsecurity.org/1004-exploits/joomlaredshop-lfi.txt
remediation: Upgrade to a supported version.
classification:

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the givesight PowerMail Pro (com_powermail) component 1.5.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/12118
- https://www.cvedetails.com/cve/CVE-2010-1532
- https://nvd.nist.gov/vuln/detail/CVE-2010-1532
- http://packetstormsecurity.org/1004-exploits/joomlapowermail-lfi.txt
- http://web.archive.org/web/20210127202836/https://www.securityfocus.com/bid/39348/
remediation: Upgrade to a supported version.

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the TweetLA (com_tweetla) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/12142
- https://www.cvedetails.com/cve/CVE-2010-1533
- https://nvd.nist.gov/vuln/detail/CVE-2010-1533
- http://web.archive.org/web/20140723212810/http://secunia.com/advisories/39258/
- http://www.exploit-db.com/exploits/12142
remediation: Upgrade to a supported version.

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the Shoutbox Pro (com_shoutbox) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/12067
- https://www.cvedetails.com/cve/CVE-2010-1534
- https://nvd.nist.gov/vuln/detail/CVE-2010-1534
- http://web.archive.org/web/20210121195246/https://www.securityfocus.com/bid/39213/
- http://web.archive.org/web/20140724182459/http://secunia.com/advisories/39352/
remediation: Upgrade to a supported version

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the TRAVELbook (com_travelbook) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/12151
- https://www.cvedetails.com/cve/CVE-2010-1535
- https://nvd.nist.gov/vuln/detail/CVE-2010-1535
- http://web.archive.org/web/20140725030342/http://secunia.com/advisories/39254/
- http://www.exploit-db.com/exploits/12151
classification:

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in index.php in the MyBlog (com_myblog) component 3.0.329 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the task parameter.
reference:
- https://www.exploit-db.com/exploits/11625
- https://www.cvedetails.com/cve/CVE-2010-1540
- https://nvd.nist.gov/vuln/detail/CVE-2010-1540
- http://web.archive.org/web/20140721042709/http://secunia.com/advisories/38777/
- http://web.archive.org/web/20210121194559/https://www.securityfocus.com/bid/38530/
classification:

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the JA Comment (com_jacomment) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/12236
- https://www.cvedetails.com/cve/CVE-2010-1601
- https://nvd.nist.gov/vuln/detail/CVE-2010-1601
- http://web.archive.org/web/20140803084823/http://secunia.com/advisories/39472/
- http://packetstormsecurity.org/1004-exploits/joomlajacomment-lfi.txt
classification:

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the ZiMB Comment (com_zimbcomment) component 0.8.1 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/12283
- https://www.cvedetails.com/cve/CVE-2010-1602
- https://nvd.nist.gov/vuln/detail/CVE-2010-1602
- http://packetstormsecurity.org/1004-exploits/joomlazimbcomment-lfi.txt
classification:
cve-id: CVE-2010-1602

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the ZiMB Core (aka ZiMBCore or com_zimbcore) component 0.1 in the ZiMB Manager collection for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/12284
- https://www.cvedetails.com/cve/CVE-2010-1603
- https://nvd.nist.gov/vuln/detail/CVE-2010-1603
- http://web.archive.org/web/20210518112730/https://www.securityfocus.com/bid/39546
- http://www.vupen.com/english/advisories/2010/0931
remediation: Upgrade to a supported version.

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in wmi.php in the Webmoney Web Merchant Interface (aka WMI or com_wmi) component 1.5.0 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/12316
- https://www.cvedetails.com/cve/CVE-2010-1607
- https://nvd.nist.gov/vuln/detail/CVE-2010-1607
- http://web.archive.org/web/20210121195713/https://www.securityfocus.com/bid/39608/
- http://web.archive.org/web/20111227231442/http://secunia.com/advisories/39539/
classification:

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in graphics.php in the Graphics (com_graphics) component 1.0.6 and 1.5.0 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/12430
- https://www.cvedetails.com/cve/CVE-2010-1653
- https://nvd.nist.gov/vuln/detail/CVE-2010-1653
- http://packetstormsecurity.org/1004-exploits/joomlagraphics-lfi.txt
- http://web.archive.org/web/20210121195909/https://www.securityfocus.com/bid/39743/
classification:

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the Code-Garage NoticeBoard (com_noticeboard) component 1.3 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/12427
- https://www.cvedetails.com/cve/CVE-2010-1658
- https://nvd.nist.gov/vuln/detail/CVE-2010-1658
- http://www.vupen.com/english/advisories/2010/1007
classification:
cve-id: CVE-2010-1658

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the Arcade Games (com_arcadegames) component 1.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/12168
- https://www.cvedetails.com/cve/CVE-2010-1714
- https://nvd.nist.gov/vuln/detail/CVE-2010-1714
- http://packetstormsecurity.org/1004-exploits/joomlaarcadegames-lfi.txt
- http://web.archive.org/web/20140723192327/http://secunia.com/advisories/39413/
classification:

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the Online Examination (aka Online Exam or com_onlineexam) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/12174
- https://www.cvedetails.com/cve/CVE-2010-1715
- https://nvd.nist.gov/vuln/detail/CVE-2010-1715
- http://packetstormsecurity.org/1004-exploits/joomlaonlineexam-lfi.txt
classification:
cve-id: CVE-2010-1715

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the iF surfALERT (com_if_surfalert) component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/12291
- https://www.cvedetails.com/cve/CVE-2010-1717
- https://nvd.nist.gov/vuln/detail/CVE-2010-1717
- http://web.archive.org/web/20140805095004/http://secunia.com/advisories/39526/
- http://www.vupen.com/english/advisories/2010/0924
classification:

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in archeryscores.php in the Archery Scores (com_archeryscores) component 1.0.6 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/12282
- https://www.cvedetails.com/cve/CVE-2010-1718
- https://nvd.nist.gov/vuln/detail/CVE-2010-1718
- http://web.archive.org/web/20140805094212/http://secunia.com/advisories/39521/
- http://web.archive.org/web/20210121195621/https://www.securityfocus.com/bid/39545/
classification:

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the MT Fire Eagle (com_mtfireeagle) component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/12233
- https://www.cvedetails.com/cve/CVE-2010-1719
- https://nvd.nist.gov/vuln/detail/CVE-2010-1719
- http://www.exploit-db.com/exploits/12233
classification:
cve-id: CVE-2010-1719

View File

@ -7,7 +7,7 @@ info:
description: A directory traversal vulnerability in the Online Market (com_market) component 2.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
reference:
- https://www.exploit-db.com/exploits/12177
- https://www.cvedetails.com/cve/CVE-2010-1722
- https://nvd.nist.gov/vuln/detail/CVE-2010-1722
- http://web.archive.org/web/20140723201810/http://secunia.com/advisories/39409/
- http://www.exploit-db.com/exploits/12177
classification:

Some files were not shown because too many files have changed in this diff Show More