daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Auto Generated CVE annotations [Thu Sep 29 13:52:24 UTC 2022] 🤖

patch-1
GitHub Action 2022-09-29 13:52:24 +00:00
parent a0e9a90878
commit cc11df1ede
22 changed files with 30 additions and 27 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
cves/2017/CVE-2017-8917.yaml
View File

@ -9,6 +9,7 @@ info:
reference:
- https://developer.joomla.org/security-centre/692-20170501-core-sql-injection.html
- https://nvd.nist.gov/vuln/detail/CVE-2017-8917
- http://www.securitytracker.com/id/1038522
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8

8
cves/2020/CVE-2020-20300.yaml
View File

@ -8,13 +8,15 @@ info:
reference:
- https://github.com/Y4er/Y4er.com/blob/15f49973707f9d526a059470a074cb6e38a0e1ba/content/post/weiphp-exp-sql.md
- https://nvd.nist.gov/vuln/detail/CVE-2020-20300
- https://github.com/Y4er/Y4er.com/blob/master/content/post/weiphp-exp-sql.md
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
cvss-score: 10.0
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2020-20300
cwe-id: CWE-89
metadata:
verified: true
shodan-query: http.html:"WeiPHP5.0"
verified: "true"
tags: weiphp,sql
requests:

2
cves/2020/CVE-2020-5192.yaml
View File

@ -3,7 +3,7 @@ id: CVE-2020-5192
info:
name: Hospital Management System 4.0 - SQL Injection
author: TenBird
severity: critical
severity: high
description: |
Hospital Management System 4.0 contains multiple SQL injection vulnerabilities because multiple pages and parameters do not validate user input. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
reference:

2
cves/2020/CVE-2020-8654.yaml
View File

@ -3,7 +3,7 @@ id: CVE-2020-8654
info:
name: EyesOfNetwork 5.1-5.3 - SQL Injection/Remote Code Execution
author: praetorian-thendrickson
severity: critical
severity: high
description: EyesOfNetwork 5.1 to 5.3 contains SQL injection and remote code execution vulnerabilities. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site. See also CVE-2020-8655, CVE-2020-8656, CVE-2020-8657, and CVE-2020-9465.
reference:
- https://github.com/h4knet/eonrce

2
cves/2021/CVE-2021-25104.yaml
View File

@ -3,7 +3,7 @@ id: CVE-2021-25104
info:
name: WordPress Ocean Extra <1.9.5 - Cross-Site Scripting
author: Akincibor
severity: high
severity: medium
description: WordPress Ocean Extra plugin before 1.9.5 contains a cross-site scripting vulnerability. The plugin does not escape generated links which are then used when the OceanWP theme is active.
reference:
- https://wpscan.com/vulnerability/2ee6f1d8-3803-42f6-9193-3dd8f416b558

2
cves/2021/CVE-2021-36873.yaml
View File

@ -3,7 +3,7 @@ id: CVE-2021-36873
info:
name: WordPress iQ Block Country <=1.2.11 - Cross-Site Scripting
author: theamanrawat
severity: high
severity: medium
description: |
WordPress iQ Block Country plugin 1.2.11 and prior contains a cross-site scripting vulnerability. An attacker can execute arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
reference:

4
cves/2021/CVE-2021-39320.yaml
View File

@ -3,7 +3,7 @@ id: CVE-2021-39320
info:
name: WordPress Under Construction <1.19 - Cross-Site Scripting
author: dhiyaneshDK
severity: high
severity: medium
description: |
WordPress Under Construction plugin before 1.19 contains a cross-site scripting vulnerability. The plugin echoes out the raw value of `$GLOBALS['PHP_SELF']` in the ucOptions.php file on certain configurations, including Apache+modPHP.
reference:
@ -16,7 +16,7 @@ info:
cve-id: CVE-2021-39320
cwe-id: CWE-79
metadata:
verified: true
verified: "true"
tags: cve,cve2021,wp-plugin,wpscan,wordpress,wp,xss,authenticated
requests:

2
cves/2021/CVE-2021-41878.yaml
View File

@ -3,7 +3,7 @@ id: CVE-2021-41878
info:
name: i-Panel Administration System 2.0 - Cross-Site Scripting
author: madrobot
severity: high
severity: medium
description: |
i-Panel Administration System 2.0 contains a cross-site scripting vulnerability that enables an attacker to execute arbitrary JavaScript code in the browser-based web console.
reference:

2
cves/2022/CVE-2022-31373.yaml
View File

@ -3,7 +3,7 @@ id: CVE-2022-31373
info:
name: SolarView Compact 6.00 - Cross-Site Scripting
author: ritikchaddha
severity: high
severity: medium
description: |
SolarView Compact 6.00 contains a cross-site scripting vulnerability via Solar_AiConf.php. An attacker can execute arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.
reference:

2
cves/2022/CVE-2022-32007.yaml
View File

@ -3,7 +3,7 @@ id: CVE-2022-32007
info:
name: Complete Online Job Search System 1.0 - SQL Injection
author: arafatansari
severity: critical
severity: high
description: |
Complete Online Job Search System 1.0 contains a SQL injection vulnerability via /eris/admin/company/index.php?view=edit&id=. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
reference:

2
cves/2022/CVE-2022-32015.yaml
View File

@ -3,7 +3,7 @@ id: CVE-2022-32015
info:
name: Complete Online Job Search System 1.0 - SQL Injection
author: arafatansari
severity: critical
severity: high
description: |
Complete Online Job Search System 1.0 contains a SQL injection vulnerability via /eris/index.php?q=category&search=. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
reference:

2
cves/2022/CVE-2022-32018.yaml
View File

@ -3,7 +3,7 @@ id: CVE-2022-32018
info:
name: Complete Online Job Search System 1.0 - SQL Injection
author: arafatansari
severity: critical
severity: high
description: |
Complete Online Job Search System 1.0 contains a SQL injection vulnerability via /eris/index.php?q=hiring&search=. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
reference:

4
cves/2022/CVE-2022-32022.yaml
View File

@ -3,13 +3,13 @@ id: CVE-2022-32022
info:
name: Car Rental Management System 1.0 - SQL Injection
author: arafatansari
severity: critical
severity: high
description: |
Car Rental Management System 1.0 contains an SQL injection vulnerability via /admin/ajax.php?action=login. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
reference:
- https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/car-rental-management-system/SQLi-1.md
- https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/car-rental-management-system/SQLi-1.md
- https://nvd.nist.gov/vuln/detail/CVE-2022-32022
- https://github.com/k0xx11/bug_report/blob/main/vendors/campcodes.com/car-rental-management-system/SQLi-1.md.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
cvss-score: 7.2

2
cves/2022/CVE-2022-32024.yaml
View File

@ -3,7 +3,7 @@ id: CVE-2022-32024
info:
name: Car Rental Management System 1.0 - SQL Injection
author: arafatansari
severity: critical
severity: high
description: |
Car Rental Management System 1.0 contains an SQL injection vulnerability via /booking.php?car_id=. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
reference:

2
cves/2022/CVE-2022-32025.yaml
View File

@ -3,7 +3,7 @@ id: CVE-2022-32025
info:
name: Car Rental Management System 1.0 - SQL Injection
author: arafatansari
severity: critical
severity: high
description: |
Car Rental Management System 1.0 contains an SQL injection vulnerability via /admin/view_car.php?id=. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
reference:

6
cves/2022/CVE-2022-32026.yaml
View File

@ -3,7 +3,7 @@ id: CVE-2022-32026
info:
name: Car Rental Management System 1.0 - SQL Injection
author: arafatansari
severity: critical
severity: high
description: |
Car Rental Management System 1.0 contains an SQL injection vulnerability via /admin/manage_booking.php?id=. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
reference:
@ -16,9 +16,9 @@ info:
cve-id: CVE-2022-32028
cwe-id: CWE-89
metadata:
verified: true
shodan-query: http.html:"Car Rental Management System"
comment: Login bypass is also possible using the payload- admin'+or+'1'%3D'1' in username.
shodan-query: http.html:"Car Rental Management System"
verified: "true"
tags: cve,cve2022,carrental,cms,sqli,authenticated
variables:

2
cves/2022/CVE-2022-32028.yaml
View File

@ -3,7 +3,7 @@ id: CVE-2022-32028
info:
name: Car Rental Management System 1.0 - SQL Injection
author: arafatansari
severity: critical
severity: high
description: |
Car Rental Management System 1.0 contains an SQL injection vulnerability via /admin/manage_user.php?id=. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
reference:

2
cves/2022/CVE-2022-34590.yaml
View File

@ -3,7 +3,7 @@ id: CVE-2022-34590
info:
name: Hospital Management System 1.0 - SQL Injection
author: arafatansari
severity: critical
severity: high
description: |
Hospital Management System 1.0 contains a SQL injection vulnerability via the editid parameter in /HMS/admin.php. An attacker can possibly obtain sensitive information from a database, modify data, and execute unauthorized administrative operations in the context of the affected site.
reference:

2
vulnerabilities/other/cvms-sqli.yaml
View File

@ -15,7 +15,7 @@ info:
cwe-id: CWE-89
metadata:
verified: true
tags: cvms,sqli,auth-bypass,cms,edb
tags: cvms,sqli,auth-bypass,cms,edb,packetstorm
requests:
- raw:

2
vulnerabilities/other/loancms-sqli.yaml
View File

@ -15,7 +15,7 @@ info:
cwe-id: CWE-89
metadata:
verified: true
tags: edb,loancms,sqli,auth-bypass,cms
tags: auth-bypass,cms,packetstorm,edb,loancms,sqli
requests:
- raw:

2
vulnerabilities/other/zms-auth-bypass.yaml
View File

@ -12,7 +12,7 @@ info:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
cvss-score: 10.0
cwe-id: CWE-89
tags: zms,edb,auth-bypass
tags: edb,auth-bypass,packetstorm,zms
requests:
- raw:

2
vulnerabilities/other/zms-sqli.yaml
View File

@ -15,7 +15,7 @@ info:
cwe-id: CWE-89
metadata:
verified: true
tags: zms,sqli,auth-bypass,cms,edb
tags: edb,packetstorm,zms,sqli,auth-bypass,cms
requests:
- raw: