daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #3000 from nrathaus/master 

Add description
patch-1
Sandeep Singh 2021-10-26 19:32:07 +05:30 committed by GitHub
parent 0f1a9cf2b5 c9efc02223
commit c9552ceff2
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
12 changed files with 13 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
vulnerabilities/other/maccmsv10-backdoor.yaml
View File

@ -3,6 +3,7 @@ info:
name: Maccmsv10 Backdoor name: Maccmsv10 Backdoor
author: princechaddha author: princechaddha
severity: critical severity: critical
description: A backdoor has been found in Maccmsv10, the backdoor is accessible via the '/index.php/bbs/index/download' endpoint and the special 'getpwd' parameter value of 'WorldFilledWithLove'.
tags: maccmsv10,rce tags: maccmsv10,rce
requests: requests:

1
vulnerabilities/other/metinfo-lfi.yaml
View File

@ -4,6 +4,7 @@ info:
author: pikpikcu author: pikpikcu
severity: high severity: high
reference: https://paper.seebug.org/676/ reference: https://paper.seebug.org/676/
description: A vulnerability in MetInfo allows remote unauthenticated attackers access to locally stored files and their content.
tags: metinfo,lfi tags: metinfo,lfi
requests: requests:

1
vulnerabilities/other/opensns-rce.yaml
View File

@ -4,6 +4,7 @@ info:
name: OpenSNS Remote Code Execution Vulnerability name: OpenSNS Remote Code Execution Vulnerability
author: gy741 author: gy741
severity: critical severity: critical
description: A vulnerability in OpenSNS allows remote unauthenticated attackers to cause the product to execute arbitrary code via the 'shareBox' endpoint.
reference: reference:
- http://www.0dayhack.net/index.php/2417/ - http://www.0dayhack.net/index.php/2417/
- https://www.pwnwiki.org/index.php?title=OpenSNS_%E9%81%A0%E7%A8%8B%E4%BB%A3%E7%A2%BC%E5%9F%B7%E8%A1%8C%E6%BC%8F%E6%B4%9E - https://www.pwnwiki.org/index.php?title=OpenSNS_%E9%81%A0%E7%A8%8B%E4%BB%A3%E7%A2%BC%E5%9F%B7%E8%A1%8C%E6%BC%8F%E6%B4%9E

1
vulnerabilities/other/rockmongo-xss.yaml
View File

@ -4,6 +4,7 @@ info:
name: RockMongo V1.1.8 XSS name: RockMongo V1.1.8 XSS
author: pikpikcu author: pikpikcu
severity: medium severity: medium
description: A vulnerability in RockMongo allows attackers to inject arbitrary javascript into the response returned by the application.
reference: https://packetstormsecurity.com/files/136658/RockMongo-1.1.8-Cross-Site-Request-Forgery-Cross-Site-Scripting.html reference: https://packetstormsecurity.com/files/136658/RockMongo-1.1.8-Cross-Site-Request-Forgery-Cross-Site-Scripting.html
tags: rockmongo,xss tags: rockmongo,xss

1
vulnerabilities/other/ruijie-networks-lfi.yaml
View File

@ -4,6 +4,7 @@ info:
name: Ruijie Networks Switch eWeb S29_RGOS 11.4 LFI name: Ruijie Networks Switch eWeb S29_RGOS 11.4 LFI
author: pikpikcu author: pikpikcu
severity: high severity: high
description: A vulnerability in Ruijie Networks Switch allows remote unauthenticated attackers to access locally stored files and retrieve their content via the 'download.do' endpoint.
reference: https://exploit-db.com/exploits/48755 reference: https://exploit-db.com/exploits/48755
tags: ruijie,lfi tags: ruijie,lfi

1
vulnerabilities/other/seacms-rce.yaml
View File

@ -3,6 +3,7 @@ info:
name: SeaCMS V6.4.5 RCE name: SeaCMS V6.4.5 RCE
author: pikpikcu author: pikpikcu
severity: high severity: high
description: A vulnerability in SeaCMS allows remote unauthenticated attackers to execute arbitrary PHP code.
reference: https://mengsec.com/2018/08/06/SeaCMS-v6-45前台代码执行漏洞分析/ reference: https://mengsec.com/2018/08/06/SeaCMS-v6-45前台代码执行漏洞分析/
tags: seacms,rce tags: seacms,rce

1
vulnerabilities/other/sonicwall-sslvpn-shellshock.yaml
View File

@ -4,6 +4,7 @@ info:
name: Sonicwall SSLVPN ShellShock RCE name: Sonicwall SSLVPN ShellShock RCE
author: PR3R00T author: PR3R00T
severity: critical severity: critical
description: A vulnerability in Sonicwall SSLVPN contains a 'ShellShock' vulnerability which allows remote unauthenticated attackers to execute arbitrary commands.
reference: reference:
- https://twitter.com/chybeta/status/1353974652540882944 - https://twitter.com/chybeta/status/1353974652540882944
- https://darrenmartyn.ie/2021/01/24/visualdoor-sonicwall-ssl-vpn-exploit/ - https://darrenmartyn.ie/2021/01/24/visualdoor-sonicwall-ssl-vpn-exploit/

1
vulnerabilities/other/yapi-rce.yaml
View File

@ -5,6 +5,7 @@ info:
author: pikpikcu author: pikpikcu
severity: critical severity: critical
tags: yapi,rce tags: yapi,rce
description: A vulnerability in Yapi allows remote unauthenticated attackers to cause the product to execute arbitrary code.
reference: reference:
- https://www.secpulse.com/archives/162502.html - https://www.secpulse.com/archives/162502.html
- https://gist.github.com/pikpikcu/0145fb71203c8a3ad5c67b8aab47165b - https://gist.github.com/pikpikcu/0145fb71203c8a3ad5c67b8aab47165b

1
vulnerabilities/other/yarn-resourcemanager-rce.yaml
View File

@ -5,6 +5,7 @@ info:
author: pdteam author: pdteam
severity: low severity: low
tags: apache,rce tags: apache,rce
description: A vulnerability in Apache Yarn ResourceManager allows remote unauthenticated users to cause the product to execute arbitrary code.
reference: https://neerajsabharwal.medium.com/hadoop-yarn-hack-9a72cc1328b6 reference: https://neerajsabharwal.medium.com/hadoop-yarn-hack-9a72cc1328b6
requests: requests:

3
vulnerabilities/other/zhiyuan-oa-session-leak.yaml
View File

@ -1,9 +1,10 @@
id: zhiyuan-oa-session-leak id: zhiyuan-oa-session-leak
info: info:
name: Zhiyuan Oa Session Leak name: Zhiyuan OA Session Leak
author: pikpikcu author: pikpikcu
severity: medium severity: medium
description: A vulnerability in Zhiyuan OA allows remote unauthenticated users access to sensitive session information via the 'getSessionList.jsp' endpoint.
reference: https://www.zhihuifly.com/t/topic/3345 reference: https://www.zhihuifly.com/t/topic/3345
tags: zhiyuan,leak,disclosure tags: zhiyuan,leak,disclosure

1
vulnerabilities/other/zimbra-preauth-ssrf.yaml
View File

@ -4,6 +4,7 @@ info:
name: Zimbra Collaboration Suite (ZCS) - SSRF name: Zimbra Collaboration Suite (ZCS) - SSRF
author: gy741 author: gy741
severity: critical severity: critical
description: A vulnerability in Zimbra Collaboration Suite allows remote unauthenticated attackers to cause the product to include content returned by third-party servers and use it as its own code.
reference: reference:
- https://www.adminxe.com/2183.html - https://www.adminxe.com/2183.html
tags: zimbra,ssrf,oast tags: zimbra,ssrf,oast

1
vulnerabilities/other/zms-auth-bypass.yaml
View File

@ -4,6 +4,7 @@ info:
name: Zoo Management System 1.0 - Authentication Bypass name: Zoo Management System 1.0 - Authentication Bypass
author: dwisiswant0 author: dwisiswant0
severity: high severity: high
description: A vulnerability in Zoo Management allows remote attackers to bypass the authentication mechanism via an SQL injection vulnerability.
reference: https://www.exploit-db.com/exploits/48880 reference: https://www.exploit-db.com/exploits/48880
tags: auth-bypass,zms tags: auth-bypass,zms