daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #2788 from projectdiscovery/cves-cleanup 

Cves cleanup
patch-1
Sandeep Singh 2021-10-01 04:57:22 +05:30 committed by GitHub
parent 93c2fafc77 fe5fdf989e
commit c4e6e7a8a0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
6 changed files with 53 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
network/deprecated-sshv1-detection.yaml → cves/2001/CVE-2001-1473.yaml
View File

@ -1,14 +1,19 @@
id: deprecated-sshv1-detection
id: CVE-2001-1473
info:
name: Deprecated SSHv1 Protocol Detection
author: iamthefrogy
severity: medium
tags: network,ssh,openssh
severity: high
tags: network,ssh,openssh,cves,cves2001
description: SSHv1 is deprecated and has known cryptographic issues.
reference:
- https://www.kb.cert.org/vuls/id/684820
- https://nvd.nist.gov/vuln/detail/CVE-2001-1473
classification:
cvss-score: 7.4
cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
cve-id: CVE-2001-1473
cwe-id: CWE-310
network:
- host:

13
vulnerabilities/lsoft/listserv_maestro_rce.yaml → cves/2010/CVE-2010-1870.yaml
View File

@ -1,14 +1,19 @@
id: maestro-unauth-rce
id: CVE-2010-1870
info:
name: ListSERV Maestro <= 9.0-8 RCE
author: b0yd
severity: info
description: CVE-2010-1870 Struts based OGNL remote code execution in ListSERV Maestro before and including version 9.0-8.
description: Struts-based OGNL remote code execution in ListSERV Maestro before and including version 9.0-8.
reference:
- https://www.securifera.com/advisories/sec-2020-0001/
- https://packetstormsecurity.com/files/159643/listservmaestro-exec.txt
tags: rce,listserv,ognl
tags: rce,listserv,ognl,cves,cve2010
classification:
cvss-metrics: AV:N/AC:L/Au:N/C:N/I:P/A:N
cvss-score: 5.0
cve-id: CVE-2010-1870
cwe-id: CWE-917
requests:
- method: GET
@ -22,4 +27,4 @@ requests:
- 'LISTSERV Maestro\s+9\.0-[123456780]'
- 'LISTSERV Maestro\s+[5678]'
- 'Administration Hub 9\.0-[123456780]'
- 'Administration Hub [5678]'
- 'Administration Hub [5678]'

5
cves/2013/CVE-2013-7240.yaml
View File

@ -9,6 +9,11 @@ info:
- https://www.exploit-db.com/exploits/38936
- https://nvd.nist.gov/vuln/detail/CVE-2013-7240
tags: cve,cve2013,wordpress,wp-plugin,lfi
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cve-id: CVE-2013-7240
cwe-id: CWE-22
requests:
- method: GET

24
cves/2016/CVE-2016-4975.yaml Normal file
View File

@ -0,0 +1,24 @@
id: CVE-2016-4975
info:
name: Apache mod_userdir CRLF injection
author: melbadry9,nadino,xElkomy,sullo
severity: low
description: Apache CRLF injection allowing HTTP response splitting attacks on sites using mod_userdir.
tags: crlf,generic,cves,cve2016
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2016-4975
cwe-id: CWE-93
requests:
- method: GET
path:
- "{{BaseURL}}/~user/%0D%0ASet-Cookie:crlfinjection"
matchers:
- type: regex
regex:
- '(?m)^(?:Set-Cookie\s*?:(?:\s*?|.*?;\s*?))(crlfinjection=crlfinjection)(?:\s*?)(?:$|;)'
part: header

9
network/openssh5.3-detect.yaml → cves/2016/CVE-2016-6210.yaml
View File

@ -1,15 +1,20 @@
id: openssh5.3-detect
id: CVE-2016-6210
info:
name: OpenSSH 5.3 Detection
author: iamthefrogy
severity: low
severity: medium
tags: network,openssh
description: OpenSSH 5.3 is vulnerable to username enumeration and DoS vulnerabilities.
reference:
- http://seclists.org/fulldisclosure/2016/Jul/51
- https://security-tracker.debian.org/tracker/CVE-2016-6210
- http://openwall.com/lists/oss-security/2016/08/01/2
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 5.9
cve-id: CVE-2016-6210
cwe-id: CWE-200
network:
- host:

1
vulnerabilities/generic/crlf-injection.yaml
View File

@ -16,7 +16,6 @@ requests:
- "{{BaseURL}}/%0ASet-Cookie:crlfinjection=crlfinjection"
- "{{BaseURL}}/%3F%0DSet-Cookie%3Acrlfinjection=crlfinjection"
- "{{BaseURL}}/%0ASet-Cookie%3Acrlfinjection/.." # Apache
- "{{BaseURL}}/~user/%0D%0ASet-Cookie:crlfinjection" # CVE-2016-4975
- "{{BaseURL}}/?Page=%0D%0ASet-Cookie:crlfinjection=crlfinjection&_url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&callback=%0D%0ASet-Cookie:crlfinjection=crlfinjection&checkout_url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&content=%0D%0ASet-Cookie:crlfinjection=crlfinjection&continue=%0D%0ASet-Cookie:crlfinjection=crlfinjection&continueTo=%0D%0ASet-Cookie:crlfinjection=crlfinjection&counturl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&data=%0D%0ASet-Cookie:crlfinjection=crlfinjection&dest=%0D%0ASet-Cookie:crlfinjection=crlfinjection&dest_url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&dir=%0D%0ASet-Cookie:crlfinjection=crlfinjection&document=%0D%0ASet-Cookie:crlfinjection=crlfinjection&domain=%0D%0ASet-Cookie:crlfinjection=crlfinjection&done=%0D%0ASet-Cookie:crlfinjection=crlfinjection&download=%0D%0ASet-Cookie:crlfinjection=crlfinjection&feed=%0D%0ASet-Cookie:crlfinjection=crlfinjection&file=%0D%0ASet-Cookie:crlfinjection=crlfinjection&host=%0D%0ASet-Cookie:crlfinjection=crlfinjection&html=%0D%0ASet-Cookie:crlfinjection=crlfinjection&http=%0D%0ASet-Cookie:crlfinjection=crlfinjection&https=%0D%0ASet-Cookie:crlfinjection=crlfinjection&image=%0D%0ASet-Cookie:crlfinjection=crlfinjection&image_src=%0D%0ASet-Cookie:crlfinjection=crlfinjection&image_url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&imageurl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&include=%0D%0ASet-Cookie:crlfinjection=crlfinjection&media=%0D%0ASet-Cookie:crlfinjection=crlfinjection&navigation=%0D%0ASet-Cookie:crlfinjection=crlfinjection&next=%0D%0ASet-Cookie:crlfinjection=crlfinjection&open=%0D%0ASet-Cookie:crlfinjection=crlfinjection&out=%0D%0ASet-Cookie:crlfinjection=crlfinjection&page=%0D%0ASet-Cookie:crlfinjection=crlfinjection&page_url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&pageurl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&path=%0D%0ASet-Cookie:crlfinjection=crlfinjection&picture=%0D%0ASet-Cookie:crlfinjection=crlfinjection&port=%0D%0ASet-Cookie:crlfinjection=crlfinjection&proxy=%0D%0ASet-Cookie:crlfinjection=crlfinjection&redir=%0D%0ASet-Cookie:crlfinjection=crlfinjection&redirect=%0D%0ASet-Cookie:crlfinjection=crlfinjection&redirectUri&redirectUrl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&reference=%0D%0ASet-Cookie:crlfinjection=crlfinjection&referrer=%0D%0ASet-Cookie:crlfinjection=crlfinjection&req=%0D%0ASet-Cookie:crlfinjection=crlfinjection&request=%0D%0ASet-Cookie:crlfinjection=crlfinjection&retUrl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&return=%0D%0ASet-Cookie:crlfinjection=crlfinjection&returnTo=%0D%0ASet-Cookie:crlfinjection=crlfinjection&return_path=%0D%0ASet-Cookie:crlfinjection=crlfinjection&return_to=%0D%0ASet-Cookie:crlfinjection=crlfinjection&rurl=%0D%0ASet-Cookie:crlfinjection=crlfinjection&show=%0D%0ASet-Cookie:crlfinjection=crlfinjection&site=%0D%0ASet-Cookie:crlfinjection=crlfinjection&source=%0D%0ASet-Cookie:crlfinjection=crlfinjection&src=%0D%0ASet-Cookie:crlfinjection=crlfinjection&target=%0D%0ASet-Cookie:crlfinjection=crlfinjection&to=%0D%0ASet-Cookie:crlfinjection=crlfinjection&uri=%0D%0ASet-Cookie:crlfinjection=crlfinjection&url=%0D%0ASet-Cookie:crlfinjection=crlfinjection&val=%0D%0ASet-Cookie:crlfinjection=crlfinjection&validate=%0D%0ASet-Cookie:crlfinjection=crlfinjection&view=%0D%0ASet-Cookie:crlfinjection=crlfinjection&window=%0D%0ASet-Cookie:crlfinjection=crlfinjection&redirect_to=%0D%0ASet-Cookie:crlfinjection=crlfinjection"
- "{{BaseURL}}/?Test=%0D%0ASet-Cookie:crlfinjection=crlfinjection"