updated matcher & info

patch-1
Ritik Chaddha 2024-04-30 11:20:00 +05:30 committed by GitHub
parent 9f0cb88f00
commit cfbe83daba
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 6 additions and 4 deletions

View File

@ -1,7 +1,7 @@
id: CVE-2024-0235
info:
name: EventON (Free < 2.2.8, Premium < 4.5.5) - Unauthenticated Email Address Disclosure
name: EventON (Free < 2.2.8, Premium < 4.5.5) - Information Disclosure
author: princechaddha
severity: medium
description: |
@ -13,6 +13,7 @@ info:
reference:
- https://wpscan.com/vulnerability/e370b99a-f485-42bd-96a3-60432a15a4e9/
- https://github.com/fkie-cad/nvd-json-data-feeds
- https://nvd.nist.gov/vuln/detail/CVE-2024-0235
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cvss-score: 5.3
@ -27,8 +28,8 @@ info:
framework: wordpress
shodan-query: vuln:CVE-2023-2796
fofa-query: wp-content/plugins/eventon/
publicwww-query: "wp-content/plugins/eventon/"
tags: cve,cve2024,wp,wordpress,unauth,exposure,eventon,wpscan
publicwww-query: "/wp-content/plugins/eventon/"
tags: cve,cve2024,wp,wordpress,wp-plugin,exposure,eventon,wpscan
http:
- method: POST
@ -46,7 +47,8 @@ http:
part: body
words:
- '@'
- '"status":'
- 'status":"good'
- 'value='
- '"content":'
condition: and