daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Added CPE and EPSS Score to CVE Templates

patch-1
sandeep 2023-04-12 16:25:48 +05:30
parent 664333e392
commit e23aa9800b
1127 changed files with 2247 additions and 193 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
cves/2010/CVE-2010-0467.yaml
View File

@ -16,6 +16,7 @@ info:
cvss-score: 5.8
cve-id: CVE-2010-0467
cwe-id: CWE-22
epss-score: 0.0586
tags: cve,cve2010,joomla,lfi,edb
requests:

2
cves/2010/CVE-2010-4239.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 9.8
cve-id: CVE-2010-4239
cwe-id: CWE-20
cpe: cpe:2.3:a:tiki:tikiwiki_cms\/groupware:*:*:*:*:*:*:*:*
epss-score: 0.00641
tags: cve,cve2010,tikiwiki,lfi
requests:

2
cves/2011/CVE-2011-4336.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 6.1
cve-id: CVE-2011-4336
cwe-id: CWE-79
cpe: cpe:2.3:a:tiki:tikiwiki_cms\/groupware:*:*:*:*:*:*:*:*
epss-score: 0.00182
tags: seclists,cve,cve2011,xss,tikiwiki
requests:

2
cves/2013/CVE-2013-7285.yaml
View File

@ -16,6 +16,8 @@ info:
cvss-score: 9.8
cve-id: CVE-2013-7285
cwe-id: CWE-78
cpe: cpe:2.3:a:xstream_project:xstream:*:*:*:*:*:*:*:*
epss-score: 0.33561
tags: cve,cve2013,xstream,deserialization,rce,oast
requests:

2
cves/2014/CVE-2014-1203.yaml
View File

@ -14,6 +14,8 @@ info:
cvss-score: 9.8
cve-id: CVE-2014-1203
cwe-id: CWE-77
cpe: cpe:2.3:a:eyou:eyou:*:*:*:*:*:*:*:*
epss-score: 0.02045
tags: seclists,rce,eyou
requests:

1
cves/2014/CVE-2014-2323.yaml
View File

@ -15,6 +15,7 @@ info:
cvss-score: 9.8
cve-id: CVE-2014-2323
cwe-id: CWE-89
epss-score: 0.97012
tags: lighttpd,injection,seclists,cve,cve2014,sqli
requests:

2
cves/2014/CVE-2014-4535.yaml
View File

@ -14,6 +14,8 @@ info:
cvss-score: 6.1
cve-id: CVE-2014-4535
cwe-id: CWE-79
cpe: cpe:2.3:a:import_legacy_media_project:import_legacy_media:*:*:*:*:*:*:*:*
epss-score: 0.00135
tags: wpscan,cve,cve2014,wordpress,wp-plugin,xss,unauth
requests:

2
cves/2014/CVE-2014-4536.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 6.1
cve-id: CVE-2014-4536
cwe-id: CWE-79
cpe: cpe:2.3:a:katz:infusionsoft_gravity_forms:*:*:*:*:*:*:*:*
epss-score: 0.00149
metadata:
google-query: inurl:"/wp-content/plugins/infusionsoft/Infusionsoft/"
tags: wpscan,cve,cve2014,wordpress,wp-plugin,xss,unauth

2
cves/2014/CVE-2014-4539.yaml
View File

@ -14,6 +14,8 @@ info:
cvss-score: 6.1
cve-id: CVE-2014-4539
cwe-id: CWE-79
cpe: cpe:2.3:a:movies_project:movies:*:*:*:*:*:*:*:*
epss-score: 0.00135
tags: wordpress,wp-plugin,xss,wpscan,cve,cve2014,unauth
requests:

2
cves/2014/CVE-2014-4544.yaml
View File

@ -14,6 +14,8 @@ info:
cvss-score: 6.1
cve-id: CVE-2014-4544
cwe-id: CWE-79
cpe: cpe:2.3:a:podcast_channels_project:podcast_channels:*:*:*:*:*:*:*:*
epss-score: 0.00118
tags: wpscan,cve,cve2014,wordpress,wp-plugin,xss,unauth
requests:

2
cves/2014/CVE-2014-4550.yaml
View File

@ -14,6 +14,8 @@ info:
cvss-score: 6.1
cve-id: CVE-2014-4550
cwe-id: CWE-79
cpe: cpe:2.3:a:visualshortcodes:ninja:*:*:*:*:*:*:*:*
epss-score: 0.00135
metadata:
google-query: inurl:"/wp-content/plugins/shortcode-ninja"
tags: wordpress,wp-plugin,xss,wpscan,cve,cve2014,unauth

2
cves/2014/CVE-2014-4558.yaml
View File

@ -14,6 +14,8 @@ info:
cvss-score: 6.1
cve-id: CVE-2014-4558
cwe-id: CWE-79
cpe: cpe:2.3:a:cybercompany:swipehq-payment-gateway-woocommerce:*:*:*:*:*:*:*:*
epss-score: 0.00135
tags: wpscan,cve,cve2014,wordpress,wp-plugin,xss,woocommerce,unauth
requests:

2
cves/2014/CVE-2014-4561.yaml
View File

@ -14,6 +14,8 @@ info:
cvss-score: 6.1
cve-id: CVE-2014-4561
cwe-id: CWE-79
cpe: cpe:2.3:a:ultimate-weather_project:ultimate-weather:*:*:*:*:*:*:*:*
epss-score: 0.00098
tags: cve,cve2014,wordpress,wp-plugin,xss,weather,wpscan,unauth
requests:

2
cves/2014/CVE-2014-4592.yaml
View File

@ -14,6 +14,8 @@ info:
cvss-score: 6.1
cve-id: CVE-2014-4592
cwe-id: CWE-79
cpe: cpe:2.3:a:czepol:wp-planet:*:*:*:*:*:*:*:*
epss-score: 0.00135
metadata:
google-query: inurl:"/wp-content/plugins/wp-planet"
tags: cve2014,wordpress,wp-plugin,xss,wpscan,cve,unauth

2
cves/2014/CVE-2014-6271.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 9.8
cve-id: CVE-2014-6271
cwe-id: CWE-78
cpe: cpe:2.3:a:gnu:bash:*:*:*:*:*:*:*:*
epss-score: 0.9756
tags: cve,cve2014,rce,shellshock,kev
requests:

2
cves/2014/CVE-2014-6287.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 9.8
cve-id: CVE-2014-6287
cwe-id: CWE-94
cpe: cpe:2.3:a:rejetto:http_file_server:*:*:*:*:*:*:*:*
epss-score: 0.97414
metadata:
shodan-query: http.favicon.hash:2124459909
verified: "true"

2
cves/2014/CVE-2014-9606.yaml
View File

@ -14,6 +14,8 @@ info:
cvss-score: 6.1
cve-id: CVE-2014-9606
cwe-id: CWE-79
cpe: cpe:2.3:a:netsweeper:netsweeper:*:*:*:*:*:*:*:*
epss-score: 0.00102
tags: cve2014,netsweeper,xss,packetstorm,cve
requests:

2
cves/2014/CVE-2014-9607.yaml
View File

@ -14,6 +14,8 @@ info:
cvss-score: 6.1
cve-id: CVE-2014-9607
cwe-id: CWE-79
cpe: cpe:2.3:a:netsweeper:netsweeper:*:*:*:*:*:*:*:*
epss-score: 0.00102
tags: packetstorm,cve,cve2014,netsweeper,xss
requests:

2
cves/2014/CVE-2014-9608.yaml
View File

@ -14,6 +14,8 @@ info:
cvss-score: 6.1
cve-id: CVE-2014-9608
cwe-id: CWE-79
cpe: cpe:2.3:a:netsweeper:netsweeper:*:*:*:*:*:*:*:*
epss-score: 0.00102
tags: cve,cve2014,netsweeper,xss,packetstorm
requests:

2
cves/2014/CVE-2014-9609.yaml
View File

@ -14,6 +14,8 @@ info:
cvss-score: 5.3
cve-id: CVE-2014-9609
cwe-id: CWE-22
cpe: cpe:2.3:a:netsweeper:netsweeper:*:*:*:*:*:*:*:*
epss-score: 0.00149
tags: cve2014,netsweeper,lfi,packetstorm,cve
requests:

2
cves/2014/CVE-2014-9614.yaml
View File

@ -14,6 +14,8 @@ info:
cvss-score: 9.8
cve-id: CVE-2014-9614
cwe-id: CWE-798
cpe: cpe:2.3:a:netsweeper:netsweeper:*:*:*:*:*:*:*:*
epss-score: 0.01015
tags: cve,cve2014,netsweeper,default-login,packetstorm
requests:

2
cves/2014/CVE-2014-9615.yaml
View File

@ -14,6 +14,8 @@ info:
cvss-score: 6.1
cve-id: CVE-2014-9615
cwe-id: CWE-79
cpe: cpe:2.3:a:netsweeper:netsweeper:*:*:*:*:*:*:*:*
epss-score: 0.00102
tags: cve,cve2014,netsweeper,xss,packetstorm
requests:

2
cves/2014/CVE-2014-9617.yaml
View File

@ -14,6 +14,8 @@ info:
cvss-score: 6.1
cve-id: CVE-2014-9617
cwe-id: CWE-601
cpe: cpe:2.3:a:netsweeper:netsweeper:*:*:*:*:*:*:*:*
epss-score: 0.00109
tags: cve,cve2014,netsweeper,redirect,packetstorm
requests:

2
cves/2015/CVE-2015-9414.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 6.1
cve-id: CVE-2015-9414
cwe-id: CWE-79
cpe: cpe:2.3:a:wpsymposiumpro:wp-symposium:*:*:*:*:*:*:*:*
epss-score: 0.00111
metadata:
google-query: inurl:"/wp-content/plugins/wp-symposium"
tags: xss,wpscan,cve,cve2015,wordpress,wp-plugin

2
cves/2015/CVE-2015-9480.yaml
View File

@ -13,6 +13,8 @@ info:
cvss-score: 7.5
cve-id: CVE-2015-9480
cwe-id: CWE-22
cpe: cpe:2.3:a:robot-cpa:robotcpa:*:*:*:*:*:*:*:*
epss-score: 0.14215
metadata:
google-query: inurl:"/wp-content/plugins/robotcpa"
tags: wp-plugin,lfi,edb,cve,cve2015,wordpress

1
cves/2016/CVE-2016-10033.yaml
View File

@ -15,6 +15,7 @@ info:
cvss-score: 9.8
cve-id: CVE-2016-10033
cwe-id: CWE-77
epss-score: 0.97459
tags: cve,cve2016,rce,edb,wordpress
requests:

2
cves/2016/CVE-2016-10940.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 7.2
cve-id: CVE-2016-10940
cwe-id: CWE-89
cpe: cpe:2.3:a:zm-gallery_project:zm-gallery:*:*:*:*:*:*:*:*
epss-score: 0.00841
tags: wpscan,cve,cve2016,sqli,wp,wordpress,wp-plugin,authenticated
requests:

2
cves/2016/CVE-2016-10956.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 7.5
cve-id: CVE-2016-10956
cwe-id: CWE-20
cpe: cpe:2.3:a:mail-masta_project:mail-masta:*:*:*:*:*:*:*:*
epss-score: 0.01011
metadata:
google-query: inurl:"/wp-content/plugins/mail-masta"
tags: cve,cve2016,wordpress,wp-plugin,lfi,mail

2
cves/2016/CVE-2016-10960.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 8.8
cve-id: CVE-2016-10960
cwe-id: CWE-20
cpe: cpe:2.3:a:joomlaserviceprovider:wsecure:*:*:*:*:*:*:*:*
epss-score: 0.01389
metadata:
google-query: inurl:"/wp-content/plugins/wsecure"
tags: cve,cve2016,wordpress,wp-plugin,rce

2
cves/2016/CVE-2016-10993.yaml
View File

@ -14,6 +14,8 @@ info:
cvss-score: 5.4
cve-id: CVE-2016-10993
cwe-id: CWE-79
cpe: cpe:2.3:a:scoreme_project:scoreme:*:*:*:*:*:*:*:*
epss-score: 0.00257
tags: cve,cve2016,wordpress,wp-theme,xss
requests:

2
cves/2017/CVE-2017-1000170.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 7.5
cve-id: CVE-2017-1000170
cwe-id: CWE-22
cpe: cpe:2.3:a:jqueryfiletree_project:jqueryfiletree:*:*:*:*:*:*:*:*
epss-score: 0.74745
tags: cve,cve2017,wordpress,wp-plugin,lfi,jquery,edb,packetstorm
requests:

1
cves/2017/CVE-2017-12629.yaml
View File

@ -15,6 +15,7 @@ info:
cvss-score: 9.8
cve-id: CVE-2017-12629
cwe-id: CWE-611
epss-score: 0.97449
tags: oast,xxe,vulhub,cve,cve2017,solr,apache
requests:

2
cves/2017/CVE-2017-12637.yaml
View File

@ -14,6 +14,8 @@ info:
cvss-score: 7.5
cve-id: CVE-2017-12637
cwe-id: CWE-22
cpe: cpe:2.3:a:sap:netweaver_application_server_java:*:*:*:*:*:*:*:*
epss-score: 0.00648
metadata:
shodan-query: http.favicon.hash:-266008933
tags: cve,cve2017,sap,lfi,java,traversal

2
cves/2017/CVE-2017-14535.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 8.8
cve-id: CVE-2017-14535
cwe-id: CWE-78
cpe: cpe:2.3:a:netfortris:trixbox:*:*:*:*:*:*:*:*
epss-score: 0.04
tags: cve,cve2017,trixbox,rce,injection,edb
requests:

5
cves/2017/CVE-2017-14537.yaml
View File

@ -9,12 +9,15 @@ info:
- https://secur1tyadvisory.wordpress.com/2018/02/13/trixbox-multiple-path-traversal-vulnerabilities-cve-2017-14537/
- https://nvd.nist.gov/vuln/detail/CVE-2017-14537
- https://sourceforge.net/projects/asteriskathome/
- http://packetstormsecurity.com/files/162853/Trixbox-2.8.0.4-Path-Traversal.html
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
cvss-score: 6.5
cve-id: CVE-2017-14537
cwe-id: CWE-22
tags: cve,cve2017,trixbox,lfi
cpe: cpe:2.3:a:netfortris:trixbox:*:*:*:*:*:*:*:*
epss-score: 0.01679
tags: cve,cve2017,trixbox,lfi,packetstorm
requests:
- raw:

1
cves/2017/CVE-2017-14651.yaml
View File

@ -15,6 +15,7 @@ info:
cvss-score: 4.8
cve-id: CVE-2017-14651
cwe-id: CWE-79
epss-score: 0.00141
tags: cve,cve2017,wso2,xss
requests:

2
cves/2017/CVE-2017-15363.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 7.5
cve-id: CVE-2017-15363
cwe-id: CWE-22
cpe: cpe:2.3:a:luracast:restler:*:*:*:*:*:*:*:*
epss-score: 0.04393
tags: cve,cve2017,restler,lfi,edb
requests:

2
cves/2017/CVE-2017-18598.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 6.1
cve-id: CVE-2017-18598
cwe-id: CWE-79
cpe: cpe:2.3:a:designmodo:qards:*:*:*:*:*:*:*:*
epss-score: 0.00094
tags: wp-plugin,oast,wpscan,cve,cve2017,wordpress,ssrf,xss
requests:

2
cves/2017/CVE-2017-18638.yaml
View File

@ -16,6 +16,8 @@ info:
cvss-score: 7.5
cve-id: CVE-2017-18638
cwe-id: CWE-918
cpe: cpe:2.3:a:graphite_project:graphite:*:*:*:*:*:*:*:*
epss-score: 0.00639
tags: cve,cve2017,graphite,ssrf,oast
requests:

1
cves/2017/CVE-2017-3881.yaml
View File

@ -16,6 +16,7 @@ info:
cvss-score: 9.8
cve-id: CVE-2017-3881
cwe-id: CWE-20
epss-score: 0.97431
tags: cve2017,cisco,rce,network,kev,msf,cve
network:

2
cves/2017/CVE-2017-5689.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2017-5689
cpe: cpe:2.3:o:intel:active_management_technology_firmware:*:*:*:*:*:*:*:*
epss-score: 0.9746
metadata:
shodan-query: title:"Active Management Technology"
verified: "true"

2
cves/2017/CVE-2017-7615.yaml
View File

@ -22,6 +22,8 @@ info:
cvss-score: 8.8
cve-id: CVE-2017-7615
cwe-id: CWE-640
cpe: cpe:2.3:a:mantisbt:mantisbt:*:*:*:*:*:*:*:*
epss-score: 0.97472
tags: cve,cve2017,mantisbt,unauth,edb
requests:

2
cves/2017/CVE-2017-9791.yaml
View File

@ -14,6 +14,8 @@ info:
cvss-score: 9.8
cve-id: CVE-2017-9791
cwe-id: CWE-20
cpe: cpe:2.3:a:apache:struts:*:*:*:*:*:*:*:*
epss-score: 0.9753
tags: cve,cve2017,apache,rce,struts,kev
requests:

2
cves/2017/CVE-2017-9822.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 8.8
cve-id: CVE-2017-9822
cwe-id: CWE-20
cpe: cpe:2.3:a:dnnsoftware:dotnetnuke:*:*:*:*:*:*:*:*
epss-score: 0.97311
tags: cve,cve2017,dotnetnuke,bypass,rce,deserialization,kev
requests:

2
cves/2017/CVE-2017-9833.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 7.5
cve-id: CVE-2017-9833
cwe-id: CWE-22
cpe: cpe:2.3:a:boa:boa:*:*:*:*:*:*:*:*
epss-score: 0.90626
tags: boa,lfr,lfi,cve,cve2017,edb
requests:

1
cves/2017/CVE-2017-9841.yaml
View File

@ -16,6 +16,7 @@ info:
cvss-score: 9.8
cve-id: CVE-2017-9841
cwe-id: CWE-94
epss-score: 0.9749
tags: cve,cve2017,php,phpunit,rce,kev
requests:

1
cves/2018/CVE-2018-0127.yaml
View File

@ -15,6 +15,7 @@ info:
cvss-score: 9.8
cve-id: CVE-2018-0127
cwe-id: CWE-306
epss-score: 0.13216
tags: cve,cve2018,cisco,router
requests:

1
cves/2018/CVE-2018-0296.yaml
View File

@ -16,6 +16,7 @@ info:
cvss-score: 7.5
cve-id: CVE-2018-0296
cwe-id: CWE-22
epss-score: 0.97492
tags: edb,cve,cve2018,cisco,lfi,traversal,asa,kev
requests:

2
cves/2018/CVE-2018-1000533.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 9.8
cve-id: CVE-2018-1000533
cwe-id: CWE-20
cpe: cpe:2.3:a:gitlist:gitlist:*:*:*:*:*:*:*:*
epss-score: 0.97249
tags: git,cve,cve2018,gitlist,vulhub,rce
requests:

1
cves/2018/CVE-2018-1000861.yaml
View File

@ -15,6 +15,7 @@ info:
cvss-score: 9.8
cve-id: CVE-2018-1000861
cwe-id: CWE-502
epss-score: 0.97348
tags: kev,vulhub,cve,cve2018,rce,jenkins
requests:

2
cves/2018/CVE-2018-12613.yaml
View File

@ -16,6 +16,8 @@ info:
cvss-score: 8.8
cve-id: CVE-2018-12613
cwe-id: CWE-287
cpe: cpe:2.3:a:phpmyadmin:phpmyadmin:*:*:*:*:*:*:*:*
epss-score: 0.97516
tags: vulhub,edb,cve,cve2018,phpmyadmin,lfi
requests:

2
cves/2018/CVE-2018-12634.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 9.8
cve-id: CVE-2018-12634
cwe-id: CWE-200
cpe: cpe:2.3:a:circontrol:circarlife_scada:*:*:*:*:*:*:*:*
epss-score: 0.96925
tags: cve,cve2018,scada,circontrol,circarlife,logs,edb
requests:

1
cves/2018/CVE-2018-1271.yaml
View File

@ -16,6 +16,7 @@ info:
cvss-score: 5.9
cve-id: CVE-2018-1271
cwe-id: CWE-22
epss-score: 0.01676
tags: cve,cve2018,spring,lfi,traversal
requests:

1
cves/2018/CVE-2018-12998.yaml
View File

@ -14,6 +14,7 @@ info:
cvss-score: 6.1
cve-id: CVE-2018-12998
cwe-id: CWE-79
epss-score: 0.97193
tags: cve,cve2018,zoho,xss,manageengine,packetstorm
requests:

4
cves/2018/CVE-2018-13379.yaml
View File

@ -14,9 +14,11 @@ info:
cvss-score: 9.8
cve-id: CVE-2018-13379
cwe-id: CWE-22
cpe: cpe:2.3:o:fortinet:fortios:*:*:*:*:*:*:*:*
epss-score: 0.975
metadata:
verified: true
shodan-query: http.html:"/remote/login" "xxxxxxxx"
verified: "true"
tags: cve,cve2018,fortios,lfi,kev
requests:

1
cves/2018/CVE-2018-13380.yaml
View File

@ -15,6 +15,7 @@ info:
cvss-score: 6.1
cve-id: CVE-2018-13380
cwe-id: CWE-79
epss-score: 0.00122
tags: cve,cve2018,fortios,xss,fortinet
requests:

2
cves/2018/CVE-2018-13980.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 5.5
cve-id: CVE-2018-13980
cwe-id: CWE-22
cpe: cpe:2.3:a:zeta-producer:zeta_producer:*:*:*:*:*:*:*:*
epss-score: 0.00089
tags: cve,cve2018,lfi,edb,packetstorm
requests:

2
cves/2018/CVE-2018-16668.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 5.3
cve-id: CVE-2018-16668
cwe-id: CWE-287
cpe: cpe:2.3:a:circontrol:circarlife_scada:*:*:*:*:*:*:*:*
epss-score: 0.00376
tags: cve,cve2018,circarlife,scada,iot,disclosure,edb
requests:

2
cves/2018/CVE-2018-16763.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 9.8
cve-id: CVE-2018-16763
cwe-id: CWE-74
cpe: cpe:2.3:a:thedaylightstudio:fuel_cms:*:*:*:*:*:*:*:*
epss-score: 0.88022
tags: cve,cve2018,fuelcms,rce,edb
requests:

2
cves/2018/CVE-2018-16836.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 9.8
cve-id: CVE-2018-16836
cwe-id: CWE-22
cpe: cpe:2.3:a:rubedo_project:rubedo:*:*:*:*:*:*:*:*
epss-score: 0.25354
tags: cve,cve2018,rubedo,lfi,edb
requests:

4
cves/2018/CVE-2018-17254.yaml
View File

@ -8,12 +8,14 @@ info:
reference:
- http://packetstormsecurity.com/files/161683/Joomla-JCK-Editor-6.4.4-SQL-Injection.html
- https://www.exploit-db.com/exploits/45423/
remediation: Update or remove the affected plugin.
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2018-17254
cwe-id: CWE-89
remediation: Update or remove the affected plugin.
cpe: cpe:2.3:a:arkextensions:jck_editor:*:*:*:*:*:*:*:*
epss-score: 0.8697
tags: cve,cve2018,packetstorm,edb,joomla,sqli
requests:

2
cves/2018/CVE-2018-17431.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 9.8
cve-id: CVE-2018-17431
cwe-id: CWE-287
cpe: cpe:2.3:a:comodo:unified_threat_management_firewall:*:*:*:*:*:*:*:*
epss-score: 0.09083
tags: cve2018,comodo,rce,edb,cve
requests:

2
cves/2018/CVE-2018-19365.yaml
View File

@ -14,6 +14,8 @@ info:
cvss-score: 9.1
cve-id: CVE-2018-19365
cwe-id: CWE-22
cpe: cpe:2.3:a:wowza:streaming_engine:*:*:*:*:*:*:*:*
epss-score: 0.01368
tags: cve,cve2018,wowza,lfi
requests:

2
cves/2018/CVE-2018-20470.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 7.5
cve-id: CVE-2018-20470
cwe-id: CWE-22
cpe: cpe:2.3:a:sahipro:sahi_pro:*:*:*:*:*:*:*:*
epss-score: 0.74871
tags: cve,cve2018,lfi,packetstorm
requests:

2
cves/2018/CVE-2018-3714.yaml
View File

@ -13,6 +13,8 @@ info:
cvss-score: 6.5
cve-id: CVE-2018-3714
cwe-id: CWE-22
cpe: cpe:2.3:a:node-srv_project:node-srv:*:*:*:*:*:*:*:*
epss-score: 0.01196
tags: cve,cve2018,nodejs,lfi,hackerone
requests:

2
cves/2018/CVE-2018-6910.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 7.5
cve-id: CVE-2018-6910
cwe-id: CWE-668
cpe: cpe:2.3:a:dedecms:dedecms:*:*:*:*:*:*:*:*
epss-score: 0.03033
tags: cve,cve2018,dedecms
requests:

1
cves/2018/CVE-2018-7602.yaml
View File

@ -14,6 +14,7 @@ info:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2018-7602
epss-score: 0.97425
metadata:
shodan-query: http.component:"drupal"
tags: cve2018,drupal,authenticated,kev,cisa,vulhub,edb,cve

2
cves/2018/CVE-2018-8006.yaml
View File

@ -22,6 +22,8 @@ info:
cvss-score: 6.1
cve-id: CVE-2018-8006
cwe-id: CWE-79
cpe: cpe:2.3:a:apache:activemq:*:*:*:*:*:*:*:*
epss-score: 0.97273
tags: cve,cve2018,apache,activemq,xss
requests:

2
cves/2018/CVE-2018-8770.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 5.3
cve-id: CVE-2018-8770
cwe-id: CWE-200
cpe: cpe:2.3:a:cobub:razor:*:*:*:*:*:*:*:*
epss-score: 0.00282
tags: cve,cve2018,cobub,razor,exposure,edb
requests:

1
cves/2019/CVE-2019-0230.yaml
View File

@ -15,6 +15,7 @@ info:
cvss-score: 9.8
cve-id: CVE-2019-0230
cwe-id: CWE-915
epss-score: 0.84527
tags: tenable,packetstorm,struts,rce,cve,cve2019,apache
requests:

1
cves/2019/CVE-2019-10092.yaml
View File

@ -15,6 +15,7 @@ info:
cvss-score: 6.1
cve-id: CVE-2019-10092
cwe-id: CWE-79
epss-score: 0.00639
tags: cve,cve2019,apache,htmli,injection
requests:

2
cves/2019/CVE-2019-10405.yaml
View File

@ -14,6 +14,8 @@ info:
cvss-score: 5.4
cve-id: CVE-2019-10405
cwe-id: CWE-79
cpe: cpe:2.3:a:jenkins:jenkins:*:*:*:*:*:*:*:*
epss-score: 0.0073
metadata:
shodan-query: http.favicon.hash:81586312
tags: cve,cve2019,jenkins

2
cves/2019/CVE-2019-10475.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 6.1
cve-id: CVE-2019-10475
cwe-id: CWE-79
cpe: cpe:2.3:a:jenkins:build-metrics:*:*:*:*:*:*:*:*
epss-score: 0.97272
tags: cve,cve2019,jenkins,xss,plugin,packetstorm
requests:

2
cves/2019/CVE-2019-10692.yaml
View File

@ -16,6 +16,8 @@ info:
cvss-score: 9.8
cve-id: CVE-2019-10692
cwe-id: CWE-89
cpe: cpe:2.3:a:codecabin:wp_google_maps:*:*:*:*:*:*:*:*
epss-score: 0.97416
metadata:
verified: "true"
tags: cve,cve2019,wp,wp-plugin,unauth,sqli,wordpress,googlemaps,wpscan

2
cves/2019/CVE-2019-10758.yaml
View File

@ -14,6 +14,8 @@ info:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
cvss-score: 9.9
cve-id: CVE-2019-10758
cpe: cpe:2.3:a:mongo-express_project:mongo-express:*:*:*:*:*:*:*:*
epss-score: 0.97363
metadata:
shodan-query: http.title:"Mongo Express"
tags: vulhub,cve,cve2019,mongo,mongo-express,kev

2
cves/2019/CVE-2019-11248.yaml
View File

@ -17,6 +17,8 @@ info:
cvss-score: 8.2
cve-id: CVE-2019-11248
cwe-id: CWE-862
cpe: cpe:2.3:a:kubernetes:kubernetes:*:*:*:*:*:*:*:*
epss-score: 0.80033
tags: cve,cve2019,debug,kubernetes,kubelet,devops,unauth,disclosure
requests:

5
cves/2019/CVE-2019-11510.yaml
View File

@ -9,12 +9,15 @@ info:
- https://blog.orange.tw/2019/09/attacking-ssl-vpn-part-3-golden-pulse-secure-rce-chain.html
- https://kb.pulsesecure.net/articles/Pulse_Security_Advisories/SA44101/
- https://nvd.nist.gov/vuln/detail/CVE-2019-11510
- http://packetstormsecurity.com/files/154176/Pulse-Secure-SSL-VPN-8.1R15.1-8.2-8.3-9.0-Arbitrary-File-Disclosure.html
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
cvss-score: 10
cve-id: CVE-2019-11510
cwe-id: CWE-22
tags: cve,cve2019,pulsesecure,lfi,kev
cpe: cpe:2.3:a:pulsesecure:pulse_connect_secure:*:*:*:*:*:*:*:*
epss-score: 0.97517
tags: packetstorm,cve,cve2019,pulsesecure,lfi,kev
requests:
- method: GET

5
cves/2019/CVE-2019-11580.yaml
View File

@ -9,13 +9,16 @@ info:
- https://github.com/jas502n/CVE-2019-11580
- https://jira.atlassian.com/browse/CWD-5388
- https://nvd.nist.gov/vuln/detail/CVE-2019-11580
- http://packetstormsecurity.com/files/163810/Atlassian-Crowd-pdkinstall-Remote-Code-Execution.html
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2019-11580
cpe: cpe:2.3:a:atlassian:crowd:*:*:*:*:*:*:*:*
epss-score: 0.97451
metadata:
shodan-query: http.component:"Atlassian Jira"
tags: cve,cve2019,atlassian,rce,kev,cisa
tags: kev,cisa,packetstorm,cve,cve2019,atlassian,rce
requests:
- method: GET

4
cves/2019/CVE-2019-12962.yaml
View File

@ -16,9 +16,11 @@ info:
cvss-score: 6.1
cve-id: CVE-2019-12962
cwe-id: CWE-79
cpe: cpe:2.3:a:livezilla:livezilla:*:*:*:*:*:*:*:*
epss-score: 0.20689
metadata:
shodan-query: http.html:LiveZilla
verified: true
verified: "true"
tags: xss,edb,packetstorm,cve,cve2019,livezilla

1
cves/2019/CVE-2019-13101.yaml
View File

@ -15,6 +15,7 @@ info:
cvss-score: 9.8
cve-id: CVE-2019-13101
cwe-id: CWE-306
epss-score: 0.04204
tags: edb,cve,cve2019,dlink,router,iot
requests:

2
cves/2019/CVE-2019-13392.yaml
View File

@ -14,6 +14,8 @@ info:
cvss-score: 6.1
cve-id: CVE-2019-13392
cwe-id: CWE-79
cpe: cpe:2.3:a:mindpalette:natemail:*:*:*:*:*:*:*:*
epss-score: 0.0014
tags: cve,cve2019,natemail,xss
requests:

2
cves/2019/CVE-2019-14205.yaml
View File

@ -17,6 +17,8 @@ info:
cvss-score: 7.5
cve-id: CVE-2019-14205
cwe-id: CWE-22
cpe: cpe:2.3:a:nevma:adaptive_images:*:*:*:*:*:*:*:*
epss-score: 0.03445
tags: cve,cve2019,wordpress,wp-plugin,lfi,wp
requests:

2
cves/2019/CVE-2019-14223.yaml
View File

@ -14,6 +14,8 @@ info:
cvss-score: 6.1
cve-id: CVE-2019-14223
cwe-id: CWE-601
cpe: cpe:2.3:a:alfresco:alfresco:*:*:*:*:*:*:*:*
epss-score: 0.00188
tags: cve,cve2019,redirect,alfresco
requests:

2
cves/2019/CVE-2019-14251.yaml
View File

@ -14,6 +14,8 @@ info:
cvss-score: 7.5
cve-id: CVE-2019-14251
cwe-id: CWE-22
cpe: cpe:2.3:a:temenos:t24:*:*:*:*:*:*:*:*
epss-score: 0.01417
tags: cve,cve2019,temenos,lfi,unauth
requests:

1
cves/2019/CVE-2019-14322.yaml
View File

@ -15,6 +15,7 @@ info:
cvss-score: 7.5
cve-id: CVE-2019-14322
cwe-id: CWE-22
epss-score: 0.49367
tags: cve2019,lfi,odoo,packetstorm,cve
requests:

2
cves/2019/CVE-2019-14530.yaml
View File

@ -16,6 +16,8 @@ info:
cvss-score: 8.8
cve-id: CVE-2019-14530
cwe-id: CWE-22
cpe: cpe:2.3:a:open-emr:openemr:*:*:*:*:*:*:*:*
epss-score: 0.94591
metadata:
verified: "true"
tags: lfi,authenticated,edb,cve,cve2019,openemr

2
cves/2019/CVE-2019-15107.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 9.8
cve-id: CVE-2019-15107
cwe-id: CWE-78
cpe: cpe:2.3:a:webmin:webmin:*:*:*:*:*:*:*:*
epss-score: 0.97524
tags: cve,cve2019,webmin,rce,kev,edb
requests:

2
cves/2019/CVE-2019-15858.yaml
View File

@ -16,6 +16,8 @@ info:
cvss-score: 8.8
cve-id: CVE-2019-15858
cwe-id: CWE-306
cpe: cpe:2.3:a:webcraftic:woody_ad_snippets:*:*:*:*:*:*:*:*
epss-score: 0.02375
tags: cve,cve2019,wordpress,wp-plugin,xss,wp
requests:

1
cves/2019/CVE-2019-15859.yaml
View File

@ -15,6 +15,7 @@ info:
cvss-score: 9.8
cve-id: CVE-2019-15859
cwe-id: CWE-200
epss-score: 0.06381
tags: seclists,packetstorm,cve,cve2019,disclosure,socomec,diris,iot
requests:

2
cves/2019/CVE-2019-16097.yaml
View File

@ -16,6 +16,8 @@ info:
cvss-score: 6.5
cve-id: CVE-2019-16097
cwe-id: CWE-862
cpe: cpe:2.3:a:linuxfoundation:harbor:*:*:*:*:*:*:*:*
epss-score: 0.96843
tags: cve,cve2019,intrusive,harbor
requests:

2
cves/2019/CVE-2019-16123.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 7.5
cve-id: CVE-2019-16123
cwe-id: CWE-22
cpe: cpe:2.3:a:kartatopia:piluscart:*:*:*:*:*:*:*:*
epss-score: 0.56807
tags: piluscart,lfi,packetstorm,edb,cve,cve2019
requests:

2
cves/2019/CVE-2019-16278.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 9.8
cve-id: CVE-2019-16278
cwe-id: CWE-22
cpe: cpe:2.3:a:nazgul:nostromo_nhttpd:*:*:*:*:*:*:*:*
epss-score: 0.97411
tags: edb,cve,cve2019,rce,packetstorm
requests:

1
cves/2019/CVE-2019-16313.yaml
View File

@ -14,6 +14,7 @@ info:
cvss-score: 7.5
cve-id: CVE-2019-16313
cwe-id: CWE-798
epss-score: 0.02088
tags: cve,cve2019,exposure,router,iot
requests:

5
cves/2019/CVE-2019-16332.yaml
View File

@ -9,12 +9,15 @@ info:
- https://plugins.trac.wordpress.org/changeset/2152730
- https://wordpress.org/plugins/api-bearer-auth/#developers
- https://nvd.nist.gov/vuln/detail/CVE-2019-16332
- https://packetstormsecurity.com/files/154369/WordPress-API-Bearer-Auth-20181229-Cross-Site-Scripting.html
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2019-16332
cwe-id: CWE-79
tags: cve,cve2019,wordpress,xss,wp-plugin,auth
cpe: cpe:2.3:a:api_bearer_auth_project:api_bearer_auth:*:*:*:*:*:*:*:*
epss-score: 0.00271
tags: packetstorm,cve,cve2019,wordpress,xss,wp-plugin,auth
requests:
- method: GET

2
cves/2019/CVE-2019-16525.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 6.1
cve-id: CVE-2019-16525
cwe-id: CWE-79
cpe: cpe:2.3:a:checklist:checklist:*:*:*:*:*:*:*:*
epss-score: 0.00289
tags: xss,wp-plugin,packetstorm,cve,cve2019,wordpress
requests:

1
cves/2019/CVE-2019-1653.yaml
View File

@ -18,6 +18,7 @@ info:
cvss-score: 7.5
cve-id: CVE-2019-1653
cwe-id: CWE-200
epss-score: 0.97569
tags: kev,edb,cve,cve2019,cisco,router,exposure
requests:

5
cves/2019/CVE-2019-16662.yaml
View File

@ -9,12 +9,15 @@ info:
- https://shells.systems/rconfig-v3-9-2-authenticated-and-unauthenticated-rce-cve-2019-16663-and-cve-2019-16662/
- https://nvd.nist.gov/vuln/detail/CVE-2019-16662
- https://drive.google.com/open?id=1OXI5cNuwWqc6y-7BgNCfYHgFPK2cpvnu
- http://packetstormsecurity.com/files/154999/rConfig-3.9.2-Remote-Code-Execution.html
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2019-16662
cwe-id: CWE-78
tags: cve,cve2019,rce,intrusive,rconfig
cpe: cpe:2.3:a:rconfig:rconfig:*:*:*:*:*:*:*:*
epss-score: 0.97495
tags: intrusive,rconfig,packetstorm,cve,cve2019,rce
requests:
- method: GET

2
cves/2019/CVE-2019-16759.yaml
View File

@ -15,6 +15,8 @@ info:
cvss-score: 9.8
cve-id: CVE-2019-16759
cwe-id: CWE-94
cpe: cpe:2.3:a:vbulletin:vbulletin:*:*:*:*:*:*:*:*
epss-score: 0.97528
metadata:
shodan-query: http.component:"vBulletin"
verified: "true"

1
cves/2019/CVE-2019-16920.yaml
View File

@ -16,6 +16,7 @@ info:
cvss-score: 9.8
cve-id: CVE-2019-16920
cwe-id: CWE-78
epss-score: 0.96885
tags: cve,cve2019,dlink,rce,router,unauth,kev
requests:

2
cves/2019/CVE-2019-16931.yaml
View File

@ -16,6 +16,8 @@ info:
cvss-score: 6.1
cve-id: CVE-2019-16931
cwe-id: CWE-79
cpe: cpe:2.3:a:themeisle:visualizer:*:*:*:*:*:*:*:*
epss-score: 0.00244
metadata:
verified: "true"
tags: cve,cve2019,wp-plugin,wordpress,wp,xss,unauth,wpscan

Some files were not shown because too many files have changed in this diff Show More