daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Updated all templates tags with technologies (#3478) 

* Updated tags for template sonicwall-email-security-detect.yaml

* Updated tags for template detect-sentry.yaml

* Updated tags for template kong-detect.yaml

* Updated tags for template openam-detect.yaml

* Updated tags for template shiro-detect.yaml

* Updated tags for template iplanet-web-server.yaml

* Updated tags for template graylog-api-browser.yaml

* Updated tags for template prtg-detect.yaml

* Updated tags for template node-red-detect.yaml

* Updated tags for template abyss-web-server.yaml

* Updated tags for template geo-webserver.yaml

* Updated tags for template autobahn-python-detect.yaml

* Updated tags for template default-lighttpd-page.yaml

* Updated tags for template microsoft-iis-8.yaml

* Updated tags for template lucee-detect.yaml

* Updated tags for template php-proxy-detect.yaml

* Updated tags for template jenkins-detect.yaml

* Updated tags for template cockpit-detect.yaml

* Updated tags for template csrfguard-detect.yaml

* Updated tags for template dwr-index-detect.yaml

* Updated tags for template netsweeper-webadmin-detect.yaml

* Updated tags for template weblogic-detect.yaml

* Updated tags for template s3-detect.yaml

* Updated tags for template tileserver-gl.yaml

* Updated tags for template springboot-actuator.yaml

* Updated tags for template terraform-detect.yaml

* Updated tags for template redmine-cli-detect.yaml

* Updated tags for template mrtg-detect.yaml

* Updated tags for template tableau-server-detect.yaml

* Updated tags for template magmi-detect.yaml

* Updated tags for template oidc-detect.yaml

* Updated tags for template tor-socks-proxy.yaml

* Updated tags for template synology-web-station.yaml

* Updated tags for template herokuapp-detect.yaml

* Updated tags for template gunicorn-detect.yaml

* Updated tags for template sql-server-reporting.yaml

* Updated tags for template google-bucket-service.yaml

* Updated tags for template kubernetes-mirantis.yaml

* Updated tags for template kubernetes-enterprise-manager.yaml

* Updated tags for template oracle-iplanet-web-server.yaml

* Updated tags for template dell-idrac7-detect.yaml

* Updated tags for template dell-idrac6-detect.yaml

* Updated tags for template dell-idrac9-detect.yaml

* Updated tags for template dell-idrac8-detect.yaml

* Updated tags for template apache-guacamole.yaml

* Updated tags for template aws-cloudfront-service.yaml

* Updated tags for template aws-bucket-service.yaml

* Updated tags for template nginx-linux-page.yaml

* Updated tags for template telerik-fileupload-detect.yaml

* Updated tags for template telerik-dialoghandler-detect.yaml

* Updated tags for template htaccess-config.yaml

* Updated tags for template microsoft-azure-error.yaml

* Updated tags for template detect-options-method.yaml

* Updated tags for template unpatched-coldfusion.yaml

* Updated tags for template moodle-changelog.yaml

* Updated tags for template detect-dns-over-https.yaml

* Updated tags for template CVE-2019-19134.yaml

* Updated tags for template CVE-2019-3929.yaml

* Updated tags for template CVE-2019-19908.yaml

* Updated tags for template CVE-2019-10475.yaml

* Updated tags for template CVE-2019-17382.yaml

* Updated tags for template CVE-2019-16332.yaml

* Updated tags for template CVE-2019-14974.yaml

* Updated tags for template CVE-2019-19368.yaml

* Updated tags for template CVE-2019-12725.yaml

* Updated tags for template CVE-2019-15501.yaml

* Updated tags for template CVE-2019-9733.yaml

* Updated tags for template CVE-2019-14322.yaml

* Updated tags for template CVE-2019-9955.yaml

* Updated tags for template CVE-2019-0230.yaml

* Updated tags for template CVE-2019-10232.yaml

* Updated tags for template CVE-2019-17506.yaml

* Updated tags for template CVE-2019-8449.yaml

* Updated tags for template CVE-2019-12593.yaml

* Updated tags for template CVE-2019-10092.yaml

* Updated tags for template CVE-2019-1821.yaml

* Updated tags for template CVE-2019-3401.yaml

* Updated tags for template CVE-2019-16662.yaml

* Updated tags for template CVE-2019-5418.yaml

* Updated tags for template CVE-2016-4975.yaml

* Updated tags for template CVE-2016-1000137.yaml

* Updated tags for template CVE-2016-7552.yaml

* Updated tags for template CVE-2016-10956.yaml

* Updated tags for template CVE-2016-1000146.yaml

* Updated tags for template CVE-2013-2251.yaml

* Updated tags for template CVE-2013-1965.yaml

* Updated tags for template CVE-2014-2323.yaml

* Updated tags for template CVE-2014-5111.yaml

* Updated tags for template CVE-2014-2962.yaml

* Updated tags for template CVE-2014-4561.yaml

* Updated tags for template CVE-2014-4558.yaml

* Updated tags for template CVE-2014-3120.yaml

* Updated tags for template CVE-2007-5728.yaml

* Updated tags for template CVE-2009-4679.yaml

* Updated tags for template CVE-2009-1558.yaml

* Updated tags for template CVE-2009-4202.yaml

* Updated tags for template CVE-2009-0932.yaml

* Updated tags for template CVE-2015-2068.yaml

* Updated tags for template CVE-2015-8813.yaml

* Updated tags for template CVE-2015-7450.yaml

* Updated tags for template CVE-2015-2067.yaml

* Updated tags for template CVE-2015-3306.yaml

* Updated tags for template CVE-2015-3337.yaml

* Updated tags for template CVE-2015-1427.yaml

* Updated tags for template CVE-2015-1503.yaml

* Updated tags for template CVE-2015-1880.yaml

* Updated tags for template CVE-2018-3810.yaml

* Updated tags for template CVE-2018-18069.yaml

* Updated tags for template CVE-2018-17246.yaml

* Updated tags for template CVE-2018-10141.yaml

* Updated tags for template CVE-2018-16341.yaml

* Updated tags for template CVE-2018-18777.yaml

* Updated tags for template CVE-2018-15138.yaml

* Updated tags for template CVE-2018-11784.yaml

* Updated tags for template CVE-2018-16299.yaml

* Updated tags for template CVE-2018-7251.yaml

* Updated tags for template CVE-2018-1273.yaml

* Updated tags for template CVE-2018-1271.yaml

* Updated tags for template CVE-2018-11759.yaml

* Updated tags for template CVE-2018-3167.yaml

* Updated tags for template CVE-2018-7490.yaml

* Updated tags for template CVE-2018-2628.yaml

* Updated tags for template CVE-2018-13380.yaml

* Updated tags for template CVE-2018-2893.yaml

* Updated tags for template CVE-2018-5316.yaml

* Updated tags for template CVE-2018-20985.yaml

* Updated tags for template CVE-2018-10818.yaml

* Updated tags for template CVE-2018-1000861.yaml

* Updated tags for template CVE-2018-0296.yaml

* Updated tags for template CVE-2018-19458.yaml

* Updated tags for template CVE-2018-3760.yaml

* Updated tags for template CVE-2018-12998.yaml

* Updated tags for template CVE-2018-9118.yaml

* Updated tags for template CVE-2018-1000130.yaml

* Updated tags for template CVE-2008-6668.yaml

* Updated tags for template CVE-2017-7269.yaml

* Updated tags for template CVE-2017-1000170.yaml

* Updated tags for template CVE-2017-16877.yaml

* Updated tags for template CVE-2017-1000486.yaml

* Updated tags for template CVE-2017-9822.yaml

* Updated tags for template CVE-2017-0929.yaml

* Updated tags for template CVE-2017-7921.yaml

* Updated tags for template CVE-2017-14535.yaml

* Updated tags for template CVE-2017-5521.yaml

* Updated tags for template CVE-2017-12637.yaml

* Updated tags for template CVE-2017-12635.yaml

* Updated tags for template CVE-2017-11610.yaml

* Updated tags for template CVE-2021-20114.yaml

* Updated tags for template CVE-2021-40856.yaml

* Updated tags for template CVE-2021-21972.yaml

* Updated tags for template CVE-2021-31602.yaml

* Updated tags for template CVE-2021-41773.yaml

* Updated tags for template CVE-2021-37704.yaml

* Updated tags for template CVE-2021-45046.yaml

* Updated tags for template CVE-2021-26084.yaml

* Updated tags for template CVE-2021-27931.yaml

* Updated tags for template CVE-2021-24291.yaml

* Updated tags for template CVE-2021-41648.yaml

* Updated tags for template CVE-2021-37216.yaml

* Updated tags for template CVE-2021-22005.yaml

* Updated tags for template CVE-2021-37573.yaml

* Updated tags for template CVE-2021-31755.yaml

* Updated tags for template CVE-2021-43287.yaml

* Updated tags for template CVE-2021-24274.yaml

* Updated tags for template CVE-2021-33564.yaml

* Updated tags for template CVE-2021-22145.yaml

* Updated tags for template CVE-2021-24237.yaml

* Updated tags for template CVE-2021-44848.yaml

* Updated tags for template CVE-2021-25646.yaml

* Updated tags for template CVE-2021-21816.yaml

* Updated tags for template CVE-2021-41649.yaml

* Updated tags for template CVE-2021-41291.yaml

* Updated tags for template CVE-2021-41293.yaml

* Updated tags for template CVE-2021-21801.yaml

* Updated tags for template CVE-2021-29156.yaml

* Updated tags for template CVE-2021-34370.yaml

* Updated tags for template CVE-2021-27132.yaml

* Updated tags for template CVE-2021-28151.yaml

* Updated tags for template CVE-2021-26812.yaml

* Updated tags for template CVE-2021-21985.yaml

* Updated tags for template CVE-2021-43778.yaml

* Updated tags for template CVE-2021-25281.yaml

* Updated tags for template CVE-2021-40539.yaml

* Updated tags for template CVE-2021-36749.yaml

* Updated tags for template CVE-2021-21234.yaml

* Updated tags for template CVE-2021-33221.yaml

* Updated tags for template CVE-2021-42013.yaml

* Updated tags for template CVE-2021-33807.yaml

* Updated tags for template CVE-2021-44228.yaml

* Updated tags for template CVE-2012-0896.yaml

* Updated tags for template CVE-2012-0991.yaml

* Updated tags for template CVE-2012-0392.yaml

* Updated tags for template CVE-2012-4940.yaml

* Updated tags for template CVE-2012-1226.yaml

* Updated tags for template CVE-2012-4878.yaml

* Updated tags for template CVE-2010-1304.yaml

* Updated tags for template CVE-2010-1217.yaml

* Updated tags for template CVE-2010-0759.yaml

* Updated tags for template CVE-2010-2307.yaml

* Updated tags for template CVE-2010-4231.yaml

* Updated tags for template CVE-2010-2861.yaml

* Updated tags for template CVE-2010-4282.yaml

* Updated tags for template CVE-2010-1302.yaml

* Updated tags for template CVE-2010-1461.yaml

* Updated tags for template CVE-2020-4463.yaml

* Updated tags for template CVE-2020-1943.yaml

* Updated tags for template CVE-2020-36289.yaml

* Updated tags for template CVE-2020-17518.yaml

* Updated tags for template CVE-2020-12800.yaml

* Updated tags for template CVE-2020-10770.yaml

* Updated tags for template CVE-2020-17506.yaml

* Updated tags for template CVE-2020-11547.yaml

* Updated tags for template CVE-2020-11034.yaml

* Updated tags for template CVE-2020-24589.yaml

* Updated tags for template CVE-2020-9054.yaml

* Updated tags for template CVE-2020-28976.yaml

* Updated tags for template CVE-2020-16952.yaml

* Updated tags for template CVE-2020-24312.yaml

* Updated tags for template CVE-2020-8512.yaml

* Updated tags for template CVE-2020-14179.yaml

* Updated tags for template CVE-2020-6308.yaml

* Updated tags for template CVE-2020-35846.yaml

* Updated tags for template CVE-2020-7318.yaml

* Updated tags for template CVE-2020-2140.yaml

* Updated tags for template CVE-2020-5410.yaml

* Updated tags for template CVE-2020-5777.yaml

* Updated tags for template CVE-2020-13700.yaml

* Updated tags for template CVE-2020-5775.yaml

* Updated tags for template CVE-2020-13167.yaml

* Updated tags for template CVE-2020-35848.yaml

* Updated tags for template CVE-2020-9484.yaml

* Updated tags for template CVE-2020-15505.yaml

* Updated tags for template CVE-2020-9047.yaml

* Updated tags for template CVE-2020-17519.yaml

* Updated tags for template CVE-2020-17505.yaml

* Updated tags for template CVE-2020-9376.yaml

* Updated tags for template CVE-2020-8497.yaml

* Updated tags for template CVE-2020-14092.yaml

* Updated tags for template CVE-2020-10148.yaml

* Updated tags for template CVE-2020-35847.yaml

* Updated tags for template CVE-2020-12116.yaml

* Updated tags for template CVE-2020-11930.yaml

* Updated tags for template CVE-2020-24186.yaml

* Updated tags for template CVE-2020-9496.yaml

* Updated tags for template CVE-2020-35489.yaml

* Updated tags for template CVE-2020-26413.yaml

* Updated tags for template CVE-2020-2096.yaml

* misc updates

* misc update

* more updates

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
patch-1
Pathtaga 2022-01-04 20:34:16 +01:00 committed by GitHub
parent 8f323a55eb
commit e281e5bf88
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
543 changed files with 1601 additions and 1599 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
cnvd/CNVD-2020-62422.yaml
View File

@ -5,7 +5,7 @@ info:
author: pikpikcu
severity: medium
reference: https://blog.csdn.net/m0_46257936/article/details/113150699
tags: lfi,cnvd
tags: lfi,cnvd,seeyon
requests:
- method: GET
@ -26,4 +26,4 @@ requests:
words:
- "ctpDataSource.password"
condition: and
part: body
part: body

2
cves/2007/CVE-2007-5728.yaml
View File

@ -5,7 +5,7 @@ info:
author: dhiyaneshDK
severity: medium
description: Cross-site scripting (XSS) vulnerability in phpPgAdmin 3.5 to 4.1.1, and possibly 4.1.2, allows remote attackers to inject arbitrary web script or HTML via certain input available in PHP_SELF in (1) redirect.php, possibly related to (2) login.php, different vectors than CVE-2007-2865.
tags: cve,cve2007,xss,pgadmin
tags: cve,cve2007,xss,pgadmin,phppgadmin
reference: https://www.exploit-db.com/exploits/30090
metadata:
shodan-query: 'http.title:"phpPgAdmin"'

2
cves/2008/CVE-2008-6668.yaml
View File

@ -8,7 +8,7 @@ info:
- https://nvd.nist.gov/vuln/detail/CVE-2008-6668
author: geeknik
severity: high
tags: nweb2fax,lfi,cve,cve2008
tags: nweb2fax,lfi,cve,cve2008,traversal
requests:
- method: GET

2
cves/2009/CVE-2009-0932.yaml
View File

@ -9,7 +9,7 @@ info:
reference:
- https://www.exploit-db.com/exploits/16154
- https://nvd.nist.gov/vuln/detail/CVE-2009-0932?cpeVersion=2.2
tags: cve,cve2009,horde,lfi
tags: cve,cve2009,horde,lfi,traversal
requests:
- method: GET

2
cves/2009/CVE-2009-1558.yaml
View File

@ -6,7 +6,7 @@ info:
severity: high
description: Directory traversal vulnerability in adm/file.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 allows remote attackers to read arbitrary files via a %2e. (encoded dot dot) or an absolute pathname in the next_file parameter.
reference: https://www.exploit-db.com/exploits/32954
tags: cve,cve2009,iot,lfi
tags: cve,cve2009,iot,lfi,linksys,camera,cisco,firmware,traversal
requests:
- method: GET

4
cves/2009/CVE-2009-4202.yaml
View File

@ -8,7 +8,7 @@ info:
reference:
- https://www.exploit-db.com/exploits/8870
- https://www.cvedetails.com/cve/CVE-2009-4202
tags: cve,cve2009,joomla,lfi
tags: cve,cve2009,joomla,lfi,photo
requests:
- method: GET
@ -24,4 +24,4 @@ requests:
- type: status
status:
- 200
- 200

4
cves/2009/CVE-2009-4679.yaml
View File

@ -8,7 +8,7 @@ info:
reference: |
- https://www.exploit-db.com/exploits/33440
- https://www.cvedetails.com/cve/CVE-2009-4679
tags: cve,cve2009,joomla,lfi
tags: cve,cve2009,joomla,lfi,nexus
requests:
- method: GET
@ -24,4 +24,4 @@ requests:
- type: status
status:
- 200
- 200

4
cves/2010/CVE-2010-0759.yaml
View File

@ -8,7 +8,7 @@ info:
reference:
- https://www.exploit-db.com/exploits/11498
- https://www.cvedetails.com/cve/CVE-2010-0759
tags: cve,cve2010,joomla,lfi
tags: cve,cve2010,joomla,lfi,plugin
requests:
- method: GET
@ -24,4 +24,4 @@ requests:
- type: status
status:
- 200
- 200

4
cves/2010/CVE-2010-1217.yaml
View File

@ -8,7 +8,7 @@ info:
reference:
- https://www.exploit-db.com/exploits/11814
- https://www.cvedetails.com/cve/CVE-2010-1217
tags: cve,cve2010,joomla,lfi
tags: cve,cve2010,joomla,lfi,plugin
requests:
- method: GET
@ -24,4 +24,4 @@ requests:
- type: status
status:
- 200
- 200

4
cves/2010/CVE-2010-1302.yaml
View File

@ -8,7 +8,7 @@ info:
reference:
- https://www.exploit-db.com/exploits/11978
- https://www.cvedetails.com/cve/CVE-2010-1302
tags: cve,cve2010,joomla,lfi
tags: cve,cve2010,joomla,lfi,graph
requests:
- method: GET
@ -24,4 +24,4 @@ requests:
- type: status
status:
- 200
- 200

2
cves/2010/CVE-2010-1304.yaml
View File

@ -8,7 +8,7 @@ info:
reference:
- https://www.exploit-db.com/exploits/11998
- https://www.cvedetails.com/cve/CVE-2010-1304
tags: cve,cve2010,joomla,lfi
tags: cve,cve2010,joomla,lfi,status
requests:
- method: GET

4
cves/2010/CVE-2010-1461.yaml
View File

@ -8,7 +8,7 @@ info:
reference: |
- https://www.exploit-db.com/exploits/12232
- https://www.cvedetails.com/cve/CVE-2010-1461
tags: cve,cve2010,joomla,lfi
tags: cve,cve2010,joomla,lfi,photo
requests:
- method: GET
@ -24,4 +24,4 @@ requests:
- type: status
status:
- 200
- 200

2
cves/2010/CVE-2010-2307.yaml
View File

@ -8,7 +8,7 @@ info:
reference:
- https://www.securityfocus.com/bid/40550/info
- https://nvd.nist.gov/vuln/detail/CVE-2010-2307
tags: cve,cve2010,iot,lfi
tags: cve,cve2010,iot,lfi,motorola
requests:
- method: GET

2
cves/2010/CVE-2010-2861.yaml
View File

@ -8,7 +8,7 @@ info:
reference:
- https://github.com/vulhub/vulhub/tree/master/coldfusion/CVE-2010-2861
- http://www.adobe.com/support/security/bulletins/apsb10-18.html
tags: cve,cve2010,coldfusion,lfi
tags: cve,cve2010,coldfusion,lfi,adobe
requests:
- method: GET

2
cves/2010/CVE-2010-4231.yaml
View File

@ -8,7 +8,7 @@ info:
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2010-4231
- https://www.exploit-db.com/exploits/15505
tags: cve,cve2010,iot,lfi
tags: cve,cve2010,iot,lfi,camera
requests:
- method: GET

4
cves/2010/CVE-2010-4282.yaml
View File

@ -8,7 +8,7 @@ info:
reference:
- https://www.exploit-db.com/exploits/15643
- https://www.cvedetails.com/cve/CVE-2010-4282
tags: cve,cve2010,lfi,joomla
tags: cve,cve2010,lfi,joomla,phpshowtime
requests:
- method: GET
@ -24,4 +24,4 @@ requests:
- type: status
status:
- 200
- 200

4
cves/2012/CVE-2012-0392.yaml
View File

@ -6,7 +6,7 @@ info:
severity: critical
description: The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the parameter-name whitelist, which allows remote attackers to execute arbitrary commands via a crafted HTTP Cookie header that triggers Java code execution through a static method.
reference: https://blog.csdn.net/weixin_43416469/article/details/113850545
tags: cve,cve2012,apache,rce,struts
tags: cve,cve2012,apache,rce,struts,java
requests:
- method: GET
@ -22,4 +22,4 @@ requests:
- type: status
status:
- 200
- 200

2
cves/2012/CVE-2012-0896.yaml
View File

@ -8,7 +8,7 @@ info:
reference:
- https://packetstormsecurity.com/files/108631/
- https://www.cvedetails.com/cve/CVE-2012-0896
tags: cve,cve2012,lfi,wordpress,wp-plugin
tags: cve,cve2012,lfi,wordpress,wp-plugin,traversal
requests:
- method: GET

2
cves/2012/CVE-2012-0991.yaml
View File

@ -8,7 +8,7 @@ info:
reference:
- https://www.exploit-db.com/exploits/36650
- https://www.cvedetails.com/cve/CVE-2012-0991
tags: cve,cve2012,lfi,openemr
tags: cve,cve2012,lfi,openemr,traversal
requests:
- method: GET

4
cves/2012/CVE-2012-1226.yaml
View File

@ -8,7 +8,7 @@ info:
reference:
- https://www.exploit-db.com/exploits/36873
- https://www.cvedetails.com/cve/CVE-2012-1226
tags: cve,cve2012,lfi
tags: cve,cve2012,lfi,dolibarr,traversal
requests:
- method: GET
@ -24,4 +24,4 @@ requests:
- type: status
status:
- 200
- 200

2
cves/2012/CVE-2012-4878.yaml
View File

@ -8,7 +8,7 @@ info:
reference:
- https://www.exploit-db.com/exploits/37034
- https://www.cvedetails.com/cve/CVE-2012-4878
tags: cve,cve2012,lfi
tags: cve,cve2012,lfi,traversal
requests:
- method: GET

4
cves/2012/CVE-2012-4940.yaml
View File

@ -6,7 +6,7 @@ info:
severity: high
description: Multiple directory traversal vulnerabilities in the View Log Files component in Axigen Free Mail Server allow remote attackers to read or delete arbitrary files via a .. (dot dot) in (1) the fileName parameter in a download action to source/loggin/page_log_dwn_file.hsp, or the fileName parameter in (2) an edit action or (3) a delete action to the default URI.
reference: https://www.exploit-db.com/exploits/37996
tags: cve,cve2012,axigen,lfi
tags: cve,cve2012,axigen,lfi,mail
requests:
- method: GET
@ -22,4 +22,4 @@ requests:
- "bit app support"
- "fonts"
- "extensions"
condition: and
condition: and

2
cves/2013/CVE-2013-1965.yaml
View File

@ -6,7 +6,7 @@ info:
severity: critical
description: Apache Struts Showcase App 2.0.0 through 2.3.13, as used in Struts 2 before 2.3.14.3, allows remote attackers to execute arbitrary OGNL code via a crafted parameter name that is not properly handled when invoking a redirect.
reference: http://struts.apache.org/development/2.x/docs/s2-012.html
tags: cve,cve2013,apache,rce,struts
tags: cve,cve2013,apache,rce,struts,ognl
requests:
- method: POST

2
cves/2013/CVE-2013-2251.yaml
View File

@ -6,7 +6,7 @@ info:
severity: critical
description: In Struts 2 before 2.3.15.1 the information following "action:", "redirect:", or "redirectAction:" is not properly sanitized. Since said information will be evaluated as an OGNL expression against the value stack, this introduces the possibility to inject server side code.
reference: http://struts.apache.org/release/2.3.x/docs/s2-016.html
tags: cve,cve2013,rce,struts,apache
tags: cve,cve2013,rce,struts,apache,ognl
requests:
- raw:

2
cves/2014/CVE-2014-2323.yaml
View File

@ -6,7 +6,7 @@ info:
reference: https://download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt
author: geeknik
severity: critical
tags: cve,cve2014,sqli,lighttpd
tags: cve,cve2014,sqli,lighttpd,injection
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.80

2
cves/2014/CVE-2014-2962.yaml
View File

@ -6,7 +6,7 @@ info:
severity: high
description: Path traversal vulnerability in the webproc cgi module on the Belkin N150 F9K1009 v1 router with firmware before 1.00.08 allows remote attackers to read arbitrary files via a full pathname in the getpage parameter.
reference: https://www.exploit-db.com/exploits/38488
tags: cve,cve2014,lfi,router
tags: cve,cve2014,lfi,router,firmware,traversal
requests:
- method: GET

2
cves/2014/CVE-2014-3120.yaml
View File

@ -9,7 +9,7 @@ info:
reference:
- https://github.com/vulhub/vulhub/tree/master/elasticsearch/CVE-2014-3120
- https://www.elastic.co/blog/logstash-1-4-3-released
tags: cve,cve2014,elastic,rce
tags: cve,cve2014,elastic,rce,elasticsearch
requests:
- raw:

4
cves/2014/CVE-2014-4558.yaml
View File

@ -7,7 +7,7 @@ info:
reference: |
- https://wpscan.com/vulnerability/37d7936a-165f-4c37-84a6-7ba5b59a0301
- https://nvd.nist.gov/vuln/detail/CVE-2014-4558
tags: cve,cve2014,wordpress,wp-plugin,xss
tags: cve,cve2014,wordpress,wp-plugin,xss,woocommerce
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.10
@ -34,4 +34,4 @@ requests:
- type: status
status:
- 200
- 200

4
cves/2014/CVE-2014-4561.yaml
View File

@ -7,7 +7,7 @@ info:
reference: |
- https://wpscan.com/vulnerability/5c358ef6-8059-4767-8bcb-418a45b2352d
- https://nvd.nist.gov/vuln/detail/CVE-2014-4561
tags: cve,cve2014,wordpress,wp-plugin,xss
tags: cve,cve2014,wordpress,wp-plugin,xss,weather
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.10
@ -34,4 +34,4 @@ requests:
- type: status
status:
- 200
- 200

4
cves/2014/CVE-2014-5111.yaml
View File

@ -8,7 +8,7 @@ info:
reference: |
- https://www.exploit-db.com/exploits/39351
- https://www.cvedetails.com/cve/CVE-2014-5111
tags: cve,cve2014,lfi
tags: cve,cve2014,lfi,trixbox
requests:
- method: GET
@ -24,4 +24,4 @@ requests:
- type: status
status:
- 200
- 200

2
cves/2015/CVE-2015-1427.yaml
View File

@ -8,7 +8,7 @@ info:
reference:
- https://blog.csdn.net/JiangBuLiu/article/details/94457980
- http://www.elasticsearch.com/blog/elasticsearch-1-4-3-1-3-8-released/
tags: cve,cve2015,elastic,rce
tags: cve,cve2015,elastic,rce,elasticsearch
requests:
- raw:

2
cves/2015/CVE-2015-1503.yaml
View File

@ -13,7 +13,7 @@ info:
cvss-score: 7.5
cve-id: CVE-2015-1503
cwe-id: CWE-200
tags: cve,cve2015,icewarp,lfi
tags: cve,cve2015,icewarp,lfi,mail
requests:
- method: GET

2
cves/2015/CVE-2015-1880.yaml
View File

@ -30,4 +30,4 @@ requests:
- type: word
words:
- "text/html"
part: header
part: header

2
cves/2015/CVE-2015-2067.yaml
View File

@ -8,7 +8,7 @@ info:
reference:
- https://www.exploit-db.com/exploits/35996
- https://nvd.nist.gov/vuln/detail/CVE-2015-2067
tags: cve,cve2015,lfi,magento,magmi
tags: cve,cve2015,lfi,magento,magmi,plugin
requests:
- method: GET

2
cves/2015/CVE-2015-2068.yaml
View File

@ -8,7 +8,7 @@ info:
reference:
- https://www.exploit-db.com/exploits/35996
- https://nvd.nist.gov/vuln/detail/CVE-2015-2068
tags: cve,cve2015,magento,magmi,xss
tags: cve,cve2015,magento,magmi,xss,plugin
requests:
- method: GET

4
cves/2015/CVE-2015-3306.yaml
View File

@ -6,7 +6,7 @@ info:
severity: high
reference: https://github.com/t0kx/exploit-CVE-2015-3306
description: The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read and write to arbitrary files via the site cpfr and site cpto commands.
tags: cve,cve2015,ftp,rce,network
tags: cve,cve2015,ftp,rce,network,proftpd
network:
- inputs:
@ -26,4 +26,4 @@ network:
- type: word
words:
- "Copy successful"
part: raw
part: raw

2
cves/2015/CVE-2015-3337.yaml
View File

@ -6,7 +6,7 @@ info:
severity: high
description: Directory traversal vulnerability in Elasticsearch before 1.4.5 and 1.5.x before 1.5.2, when a site plugin is enabled, allows remote attackers to read arbitrary files via unspecified vectors.
reference: https://www.exploit-db.com/exploits/37054/
tags: cve,cve2015,elastic,lfi
tags: cve,cve2015,elastic,lfi,elasticsearch,plugin
requests:
- method: GET

2
cves/2015/CVE-2015-7450.yaml
View File

@ -9,7 +9,7 @@ info:
- https://github.com/Coalfire-Research/java-deserialization-exploits/blob/main/WebSphere/websphere_rce.py
- https://foxglovesecurity.com/2015/11/06/what-do-weblogic-websphere-jboss-jenkins-opennms-and-your-application-have-in-common-this-vulnerability/
- https://nvd.nist.gov/vuln/detail/CVE-2015-7450
tags: cve,cve2015,websphere,deserialization,rce,oast
tags: cve,cve2015,websphere,deserialization,rce,oast,ibm,java
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.80

4
cves/2015/CVE-2015-8813.yaml
View File

@ -8,7 +8,7 @@ info:
reference:
- https://blog.securelayer7.net/umbraco-the-open-source-asp-net-cms-multiple-vulnerabilities/
- https://nvd.nist.gov/vuln/detail/CVE-2015-8813
tags: cve,cve2015,ssrf,oast
tags: cve,cve2015,ssrf,oast,umbraco
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:N
cvss-score: 8.20
@ -24,4 +24,4 @@ requests:
- type: word
part: interactsh_protocol # Confirms the HTTP Interaction
words:
- "http"
- "http"

2
cves/2016/CVE-2016-1000137.yaml
View File

@ -5,7 +5,7 @@ info:
author: daffainfo
severity: medium
reference: http://www.vapidlabs.com/wp/wp_advisory.php?v=658
tags: cve,cve2016,wordpress,xss,wp-plugin
tags: cve,cve2016,wordpress,xss,wp-plugin,maps
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.10

2
cves/2016/CVE-2016-1000146.yaml
View File

@ -5,7 +5,7 @@ info:
author: daffainfo
severity: medium
reference: https://nvd.nist.gov/vuln/detail/CVE-2016-1000146
tags: cve,cve2016,wordpress,xss,wp-plugin
tags: cve,cve2016,wordpress,xss,wp-plugin,mail
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.10

2
cves/2016/CVE-2016-10956.yaml
View File

@ -8,7 +8,7 @@ info:
reference:
- https://cxsecurity.com/issue/WLB-2016080220
- https://wpvulndb.com/vulnerabilities/8609
tags: cve,cve2016,wordpress,wp-plugin,lfi
tags: cve,cve2016,wordpress,wp-plugin,lfi,mail
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.50

2
cves/2016/CVE-2016-4975.yaml
View File

@ -5,7 +5,7 @@ info:
author: melbadry9,nadino,xElkomy,sullo
severity: low
description: Apache CRLF injection allowing HTTP response splitting attacks on sites using mod_userdir.
tags: crlf,generic,cves,cve2016
tags: crlf,generic,cves,cve2016,apache
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1

2
cves/2016/CVE-2016-7552.yaml
View File

@ -6,7 +6,7 @@ info:
severity: critical
description: On the Trend Micro Threat Discovery Appliance 2.6.1062r1, directory traversal when processing a session_id cookie allows a remote, unauthenticated attacker to delete arbitrary files as root. This can be used to bypass authentication or cause a DoS.
reference: https://gist.github.com/malerisch/5de8b408443ee9253b3954a62a8d97b4
tags: cve,cve2016,lfi
tags: cve,cve2016,lfi,auth,bypass
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.80

4
cves/2017/CVE-2017-0929.yaml
View File

@ -13,7 +13,7 @@ info:
cvss-score: 7.50
cve-id: CVE-2017-0929
cwe-id: CWE-918
tags: cve,cve2017,oast,ssrf,dnn
tags: cve,cve2017,oast,ssrf,dnn,dotnetnuke
requests:
- method: GET
@ -29,4 +29,4 @@ requests:
- type: status
status:
- 500
- 500

4
cves/2017/CVE-2017-1000170.yaml
View File

@ -6,7 +6,7 @@ info:
severity: high
reference: https://www.exploit-db.com/exploits/49693
description: jqueryFileTree 2.1.5 and older Directory Traversal
tags: cve,cve2017,wordpress,wp-plugin,lfi
tags: cve,cve2017,wordpress,wp-plugin,lfi,jquery
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.50
@ -28,4 +28,4 @@ requests:
part: body
- type: status
status:
- 200
- 200

4
cves/2017/CVE-2017-1000486.yaml
View File

@ -10,7 +10,7 @@ info:
- https://github.com/pimps/CVE-2017-1000486
- https://blog.mindedsecurity.com/2016/02/rce-in-oracle-netbeans-opensource.html
- https://nvd.nist.gov/vuln/detail/CVE-2017-1000486
tags: cve,cve2017,primetek,rce
tags: cve,cve2017,primetek,rce,injection
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.80
@ -32,4 +32,4 @@ requests:
- type: word
words:
- 'Mogwailabs: CHECKCHECK'
part: header
part: header

2
cves/2017/CVE-2017-11610.yaml
View File

@ -10,7 +10,7 @@ info:
- https://nvd.nist.gov/vuln/detail/CVE-2017-11610
metadata:
shodan-query: 'http.title:"Supervisor Status"'
tags: cve,cve2017,rce,supervisor,oast
tags: cve,cve2017,rce,supervisor,oast,xmlrpc
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
cvss-score: 8.80

2
cves/2017/CVE-2017-12635.yaml
View File

@ -6,7 +6,7 @@ info:
severity: critical
description: Due to differences in the Erlang-based JSON parser and JavaScript-based JSON parser, it is possible in Apache CouchDB before 1.7.0 and 2.x before 2.1.1 to submit _users documents with duplicate keys for 'roles' used for access control within the database, including the special case '_admin' role, that denotes administrative users. In combination with CVE-2017-12636 (Remote Code Execution), this can be used to give non-admin users access to arbitrary shell commands on the server as the database system user. The JSON parser differences result in behaviour that if two 'roles' keys are available in the JSON, the second one will be used for authorising the document write, but the first 'roles' key is used for subsequent authorization for the newly created user. By design, users can not assign themselves roles. The vulnerability allows non-admin users to give themselves admin privileges.
reference: https://github.com/assalielmehdi/CVE-2017-12635
tags: cve,cve2017,couchdb
tags: cve,cve2017,couchdb,apache
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.80

2
cves/2017/CVE-2017-12637.yaml
View File

@ -5,7 +5,7 @@ info:
author: apt-mirror
severity: high
description: Directory traversal vulnerability in scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS in SAP NetWeaver Application Server Java 7.5 allows remote attackers to read arbitrary files via a .. (dot dot) in the query string, as exploited in the wild in August 2017, aka SAP Security Note 2486657.
tags: cve,cve2017,sap,lfi
tags: cve,cve2017,sap,lfi,java,traversal
reference:
- https://www.cvedetails.com/cve/CVE-2017-12637/
- https://nvd.nist.gov/vuln/detail/CVE-2017-12637

2
cves/2017/CVE-2017-14535.yaml
View File

@ -7,7 +7,7 @@ info:
reference:
- https://secur1tyadvisory.wordpress.com/2018/02/11/trixbox-os-command-injection-vulnerability-cve-2017-14535/
- https://www.exploit-db.com/exploits/49913
tags: cve,cve2017,trixbox,rce
tags: cve,cve2017,trixbox,rce,injection
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
cvss-score: 8.80

2
cves/2017/CVE-2017-16877.yaml
View File

@ -6,7 +6,7 @@ info:
severity: high
description: ZEIT Next.js before 2.4.1 has directory traversal under the /_next and /static request namespace, allowing attackers to obtain sensitive information.
reference: https://medium.com/@theRaz0r/arbitrary-file-reading-in-next-js-2-4-1-34104c4e75e9
tags: cve,cve2017,nextjs,lfi
tags: cve,cve2017,nextjs,lfi,traversal
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.50

2
cves/2017/CVE-2017-5521.yaml
View File

@ -7,7 +7,7 @@ info:
reference:
- https://www.cvedetails.com/cve/CVE-2017-5521/
- https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/cve-2017-5521-bypassing-authentication-on-netgear-routers/
tags: cve,cve2017,auth-bypass
tags: cve,cve2017,auth-bypass,netgear
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 8.10

2
cves/2017/CVE-2017-7269.yaml
View File

@ -8,7 +8,7 @@ info:
reference:
- https://blog.0patch.com/2017/03/0patching-immortal-cve-2017-7269.html
- https://github.com/danigargu/explodingcan/blob/master/explodingcan.py
tags: cve,cve2017,rce
tags: cve,cve2017,rce,windows
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.80

2
cves/2017/CVE-2017-7921.yaml
View File

@ -7,7 +7,7 @@ info:
reference:
- http://www.hikvision.com/us/about_10805.html
- https://ics-cert.us-cert.gov/advisories/ICSA-17-124-01
tags: cve,cve2017,auth-bypass
tags: cve,cve2017,auth-bypass,hikvision
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
cvss-score: 10.00

4
cves/2017/CVE-2017-9822.yaml
View File

@ -5,7 +5,7 @@ info:
author: milo2012
severity: high
description: DotNetNuke (DNN) versions between 5.0.0 - 9.3.0 are affected to deserialization vulnerability that leads to Remote Code Execution (RCE)
tags: cve,cve2017,dotnetnuke,bypass
tags: cve,cve2017,dotnetnuke,bypass,rce,deserialization
reference: https://github.com/murataydemir/CVE-2017-9822
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
@ -33,4 +33,4 @@ requests:
- type: status
status:
- 404
- 404

2
cves/2018/CVE-2018-0296.yaml
View File

@ -4,7 +4,7 @@ info:
name: Cisco ASA path traversal vulnerability
author: organiccrap
severity: high
tags: cve,cve2018,cisco,lfi
tags: cve,cve2018,cisco,lfi,traversal
reference: https://github.com/yassineaboukir/CVE-2018-0296
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

2
cves/2018/CVE-2018-1000130.yaml
View File

@ -5,7 +5,7 @@ info:
author: milo2012
severity: high
description: A JNDI Injection vulnerability exists in Jolokia agent in the proxy mode that allows a remote attacker to run arbitrary Java code on the server.
tags: cve,cve2018,jolokia,rce
tags: cve,cve2018,jolokia,rce,jndi,proxy
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 8.10

2
cves/2018/CVE-2018-1000861.yaml
View File

@ -5,7 +5,7 @@ info:
author: dhiyaneshDK,pikpikcu
severity: critical
reference: https://github.com/vulhub/vulhub/tree/master/jenkins/CVE-2018-1000861
tags: cve,cve2018,jenkin,rce
tags: cve,cve2018,jenkin,rce,jenkins
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.80

2
cves/2018/CVE-2018-10141.yaml
View File

@ -32,4 +32,4 @@ requests:
- type: status
status:
- 200
- 200

2
cves/2018/CVE-2018-10818.yaml
View File

@ -8,7 +8,7 @@ info:
reference:
- https://www.vpnmentor.com/blog/critical-vulnerability-found-majority-lg-nas-devices/
- https://medium.com/@0x616163/lg-n1a1-unauthenticated-remote-command-injection-cve-2018-14839-9d2cf760e247
tags: cve,cve2018,lg-nas,rce,oast
tags: cve,cve2018,lg-nas,rce,oast,injection
requests:
- raw:

2
cves/2018/CVE-2018-11759.yaml
View File

@ -6,7 +6,7 @@ info:
severity: high
description: The Apache Web Server (httpd) specific code that normalised the requested path before matching it to the URI-worker map in Apache Tomcat JK (mod_jk) Connector 1.2.0 to 1.2.44 did not handle some edge cases correctly. If only a sub-set of the URLs supported by Tomcat were exposed via httpd, then it was possible for a specially constructed request to expose application functionality through the reverse proxy that was not intended for clients accessing the application via the reverse proxy. It was also possible in some configurations for a specially constructed request to bypass the access controls configured in httpd. While there is some overlap between this issue and CVE-2018-1323, they are not identical.
reference: https://github.com/immunIT/CVE-2018-11759
tags: cve,cve2018,apache,tomcat
tags: cve,cve2018,apache,tomcat,status
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.50

2
cves/2018/CVE-2018-11784.yaml
View File

@ -6,7 +6,7 @@ info:
description: Apache Tomcat versions prior to 9.0.12, 8.5.34, and 7.0.91 are prone to an open-redirection vulnerability because it fails to properly sanitize user-supplied input.
reference: https://lists.apache.org/thread.html/23134c9b5a23892a205dc140cdd8c9c0add233600f76b313dda6bd75@%3Cannounce.tomcat.apache.org%3E
severity: medium
tags: tomcat,redirect,cve,cve2018
tags: tomcat,redirect,cve,cve2018,apache
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N
cvss-score: 4.30

2
cves/2018/CVE-2018-1271.yaml
View File

@ -5,7 +5,7 @@ info:
author: hetroublemakr
severity: medium
reference: https://medium.com/@knownsec404team/analysis-of-spring-mvc-directory-traversal-vulnerability-cve-2018-1271-b291bdb6be0d
tags: cve,cve2018,spring,lfi
tags: cve,cve2018,spring,lfi,traversal
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 5.90

2
cves/2018/CVE-2018-1273.yaml
View File

@ -12,7 +12,7 @@ info:
specially crafted request parameters against Spring Data REST backed HTTP resources
or using Spring Datas projection-based request payload binding hat can lead to a remote code execution attack.
reference: https://nvd.nist.gov/vuln/detail/CVE-2018-1273
tags: cve,cve2018,vmware,rce
tags: cve,cve2018,vmware,rce,spring
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.80

2
cves/2018/CVE-2018-12998.yaml
View File

@ -9,7 +9,7 @@ info:
- https://github.com/unh3x/just4cve/issues/10
- http://packetstormsecurity.com/files/148635/Zoho-ManageEngine-13-13790-build-XSS-File-Read-File-Deletion.html
- https://nvd.nist.gov/vuln/detail/CVE-2018-12998
tags: cve,cve2018,zoho,xss
tags: cve,cve2018,zoho,xss,manageengine
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.10

2
cves/2018/CVE-2018-13380.yaml
View File

@ -6,7 +6,7 @@ info:
severity: medium
description: A Cross-site Scripting (XSS) vulnerability in Fortinet FortiOS 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, 5.4.0 to 5.4.12, 5.2 and below versions under SSL VPN web portal allows attacker to execute unauthorized malicious script code via the error or message handling parameters.
reference: https://nvd.nist.gov/vuln/detail/CVE-2018-13380
tags: cve,cve2018,fortios,xss
tags: cve,cve2018,fortios,xss,fortinet
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.10

2
cves/2018/CVE-2018-15138.yaml
View File

@ -12,7 +12,7 @@ info:
cvss-score: 7.5
cve-id: CVE-2018-15138
cwe-id: CWE-22
tags: cve,cve2018,ericsson,lfi
tags: cve,cve2018,ericsson,lfi,traversal
requests:
- method: GET

2
cves/2018/CVE-2018-16299.yaml
View File

@ -6,7 +6,7 @@ info:
severity: high
description: The Localize My Post plugin 1.0 for WordPress allows Directory Traversal via the ajax/include.php file parameter.
reference: https://www.exploit-db.com/exploits/45439
tags: wordpress,cve2018,cve,lfi
tags: wordpress,cve2018,cve,lfi,plugin
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.50

4
cves/2018/CVE-2018-16341.yaml
View File

@ -5,7 +5,7 @@ info:
author: madrobot
severity: high
description: Nuxeo Authentication Bypass Remote Code Execution < 10.3 using a SSTI
tags: cve,cve2018,nuxeo,ssti,rce
tags: cve,cve2018,nuxeo,ssti,rce,bypass
requests:
- method: GET
@ -15,4 +15,4 @@ requests:
- type: word
words:
- "31333333337"
part: body
part: body

2
cves/2018/CVE-2018-17246.yaml
View File

@ -7,7 +7,7 @@ info:
reference:
- https://nvd.nist.gov/vuln/detail/CVE-2018-17246
- https://github.com/vulhub/vulhub/blob/master/kibana/CVE-2018-17246/README.md
tags: cve,cve2018,lfi
tags: cve,cve2018,lfi,kibana
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.80

2
cves/2018/CVE-2018-18069.yaml
View File

@ -5,7 +5,7 @@ info:
author: nadino
severity: medium
description: process_forms in the WPML (aka sitepress-multilingual-cms) plugin through 3.6.3 for WordPress has XSS via any locale_file_name_ parameter (such as locale_file_name_en) in an authenticated theme-localization.php request to wp-admin/admin.php.
tags: cve,cve2018,wordpress,xss
tags: cve,cve2018,wordpress,xss,plugin
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.10

2
cves/2018/CVE-2018-18777.yaml
View File

@ -9,7 +9,7 @@ info:
allows remote authenticated users to bypass intended SecurityManager restrictions and list a parent directory via a /..
(slash dot dot) in a pathname used by a web application. NOTE: this is a deprecated product.
reference: https://www.exploit-db.com/exploits/45755
tags: cve,cve2018,microstrategy,lfi
tags: cve,cve2018,microstrategy,lfi,traversal
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
cvss-score: 4.30

2
cves/2018/CVE-2018-19458.yaml
View File

@ -8,7 +8,7 @@ info:
reference:
- https://www.exploit-db.com/exploits/45780
- https://www.cvedetails.com/cve/CVE-2018-19458
tags: cve,cve2018,lfi
tags: cve,cve2018,lfi,proxy
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.50

2
cves/2018/CVE-2018-20985.yaml
View File

@ -8,7 +8,7 @@ info:
- https://www.pluginvulnerabilities.com/2018/12/06/our-improved-proactive-monitoring-has-now-caught-a-local-file-inclusion-lfi-vulnerability-as-well/
- https://www.cvedetails.com/cve/CVE-2018-20985/
severity: critical
tags: cve,cve2018,wordpress,lfi
tags: cve,cve2018,wordpress,lfi,plugin
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.80

2
cves/2018/CVE-2018-2628.yaml
View File

@ -5,7 +5,7 @@ info:
author: milo2012
severity: critical
reference: https://www.nc-lp.com/blog/weaponize-oracle-weblogic-server-poc-cve-2018-2628
tags: cve,cve2018,oracle,weblogic,network
tags: cve,cve2018,oracle,weblogic,network,deserialization
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.80

2
cves/2018/CVE-2018-2893.yaml
View File

@ -4,7 +4,7 @@ info:
name: Oracle WebLogic Server Deserialization RCE (CVE-2018-2893)
author: milo2012
severity: critical
tags: cve,cve2018,weblogic,network
tags: cve,cve2018,weblogic,network,deserialization,rce,oracle
reference: https://www.anquanke.com/post/id/152164, https://vulners.com/nessus/WEBLOGIC_CVE_2018_2893.NASL
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

2
cves/2018/CVE-2018-3167.yaml
View File

@ -5,7 +5,7 @@ info:
author: geeknik
severity: medium
description: https://medium.com/@x41x41x41/unauthenticated-ssrf-in-oracle-ebs-765bd789a145
tags: cve,cve2018,oracle,ebs,ssrf
tags: cve,cve2018,oracle,ebs,ssrf,blind
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
cvss-score: 5.30

2
cves/2018/CVE-2018-3760.yaml
View File

@ -12,7 +12,7 @@ info:
description: |
Ruby On Rails is a well-known Ruby Web development framework, which uses Sprockets as a static file server in development environment. Sprockets is a Ruby library that compiles and distributes static resource files.
There is a path traversal vulnerability caused by secondary decoding in Sprockets 3.7.1 and lower versions. An attacker can use %252e%252e/ to access the root directory and read or execute any file on the target server.
tags: cve,cve2018,rails,lfi
tags: cve,cve2018,rails,lfi,ruby
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.50

4
cves/2018/CVE-2018-3810.yaml
View File

@ -5,7 +5,7 @@ info:
author: princechaddha
severity: critical
reference: https://www.exploit-db.com/exploits/43420
tags: wordpress,cve,cve2018
tags: wordpress,cve,cve2018,google
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.80
@ -40,4 +40,4 @@ requests:
- type: status
status:
- 200
- 200

2
cves/2018/CVE-2018-5316.yaml
View File

@ -6,7 +6,7 @@ info:
severity: medium
description: The SagePay Server Gateway for WooCommerce plugin before 1.0.9 for WordPress has XSS via the includes/pages/redirect.php page parameter.
reference: https://nvd.nist.gov/vuln/detail/CVE-2018-5316
tags: cve,cve2018,wordpress,xss,wp-plugin
tags: cve,cve2018,wordpress,xss,wp-plugin,woocommerce
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.10

2
cves/2018/CVE-2018-7251.yaml
View File

@ -4,7 +4,7 @@ info:
name: AnchorCMS Error Log Exposure
author: pdteam
severity: critical
tags: cve,cve2018,anchorcms,logs
tags: cve,cve2018,anchorcms,logs,error
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.80

2
cves/2018/CVE-2018-7490.yaml
View File

@ -4,7 +4,7 @@ info:
name: uWSGI PHP Plugin Directory Traversal
author: madrobot
severity: high
tags: cve,cve2018,uwsgi,php,lfi
tags: cve,cve2018,uwsgi,php,lfi,plugin
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.50

2
cves/2018/CVE-2018-9118.yaml
View File

@ -6,7 +6,7 @@ info:
severity: high
description: Affected by this vulnerability is an unknown functionality of the file exports/download.php. The manipulation of the argument filename with the input value leads to a directory traversal vulnerability
reference: https://www.exploit-db.com/exploits/44417
tags: wordpress,wp-plugin,lfi,cve,cve2018
tags: wordpress,wp-plugin,lfi,cve,cve2018,traversal
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.50

2
cves/2019/CVE-2019-0230.yaml
View File

@ -8,7 +8,7 @@ info:
- https://cwiki.apache.org/confluence/display/WW/S2-059
- https://www.tenable.com/blog/cve-2019-0230-apache-struts-potential-remote-code-execution-vulnerability
severity: critical
tags: struts,rce,cve,cve2019
tags: struts,rce,cve,cve2019,apache
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.80

4
cves/2019/CVE-2019-10092.yaml
View File

@ -8,7 +8,7 @@ info:
reference:
- https://github.com/DrunkenShells/Disclosures/tree/master/CVE-2019-10092-Limited%20Cross-Site%20Scripting%20in%20mod_proxy%20Error%20Page-Apache%20httpd
- https://httpd.apache.org/security/vulnerabilities_24.html
tags: cve,cve2019,apache,htmli
tags: cve,cve2019,apache,htmli,injection
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.10
@ -22,4 +22,4 @@ requests:
matchers:
- type: word
words:
- "<a href=\"/\\google.com/evil.html\">"
- "<a href=\"/\\google.com/evil.html\">"

2
cves/2019/CVE-2019-10232.yaml
View File

@ -8,7 +8,7 @@ info:
reference:
- https://www.synacktiv.com/ressources/advisories/GLPI_9.3.3_SQL_Injection.pdf
- https://github.com/glpi-project/glpi/commit/684d4fc423652ec7dde21cac4d41c2df53f56b3c
tags: cve,cve2019,glpi,sqli
tags: cve,cve2019,glpi,sqli,injection
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.80

4
cves/2019/CVE-2019-10475.yaml
View File

@ -4,7 +4,7 @@ info:
name: Jenkins build-metrics plugin 1.3 - 'label' Cross-Site Scripting
author: madrobot
severity: medium
tags: cve,cve2019,jenkins,xss
tags: cve,cve2019,jenkins,xss,plugin
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.10
@ -33,4 +33,4 @@ requests:
- type: word
words:
- "text/html"
part: header
part: header

4
cves/2019/CVE-2019-12593.yaml
View File

@ -5,7 +5,7 @@ info:
author: pikpikcu
severity: high
description: IceWarp Mail Server through 10.4.4 is prone to a local file inclusion vulnerability via webmail/calendar/minimizer/index.php?style=..%5c directory traversal.
tags: cve,cve2019,lfi
tags: cve,cve2019,lfi,icewarp
reference:
- https://github.com/JameelNabbo/exploits/blob/master/IceWarp%20%3C%3D10.4.4%20local%20file%20include.txt
- https://nvd.nist.gov/vuln/detail/CVE-2019-12593
@ -33,4 +33,4 @@ requests:
- type: word
words:
- "[intl]"
- "root:x:0"
- "root:x:0"

2
cves/2019/CVE-2019-12725.yaml
View File

@ -12,7 +12,7 @@ info:
reference:
- https://www.tarlogic.com/advisories/zeroshell-rce-root.txt
- https://github.com/X-C3LL/PoC-CVEs/blob/master/CVE-2019-12725/ZeroShell-RCE-EoP.py
tags: cve,cve2019,rce
tags: cve,cve2019,rce,zeroshell
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.80

4
cves/2019/CVE-2019-14322.yaml
View File

@ -4,7 +4,7 @@ info:
name: Odoo 12.0 - Local File Inclusion
author: madrobot
severity: high
tags: cve,cve2019,lfi
tags: cve,cve2019,lfi,odoo
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.50
@ -34,4 +34,4 @@ requests:
- "fonts"
- "extensions"
condition: and
part: body
part: body

2
cves/2019/CVE-2019-14974.yaml
View File

@ -4,7 +4,7 @@ info:
name: SugarCRM Enterprise 9.0.0 - Cross-Site Scripting
author: madrobot
severity: medium
tags: cve,cve2019,xss
tags: cve,cve2019,xss,sugarcrm
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.10

2
cves/2019/CVE-2019-15501.yaml
View File

@ -8,7 +8,7 @@ info:
- https://www.exploit-db.com/exploits/47302
- http://www.lsoft.com/manuals/16.5/LISTSERV16.5-2018a_WhatsNew.pdf
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-15501
tags: cve,cve2019,xss
tags: cve,cve2019,xss,listserv
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.10

2
cves/2019/CVE-2019-16332.yaml
View File

@ -8,7 +8,7 @@ info:
reference:
- https://plugins.trac.wordpress.org/changeset/2152730
- https://wordpress.org/plugins/api-bearer-auth/#developers
tags: cve,cve2019,wordpress,xss,wp-plugin
tags: cve,cve2019,wordpress,xss,wp-plugin,auth
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.10

2
cves/2019/CVE-2019-16662.yaml
View File

@ -5,7 +5,7 @@ info:
author: pikpikcu
severity: critical
reference: https://shells.systems/rconfig-v3-9-2-authenticated-and-unauthenticated-rce-cve-2019-16663-and-cve-2019-16662/
tags: cve,cve2019,rce,intrusive
tags: cve,cve2019,rce,intrusive,rconfig
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.80

2
cves/2019/CVE-2019-17382.yaml
View File

@ -6,7 +6,7 @@ info:
severity: critical
description: An issue was discovered in zabbix.php?action=dashboard.view&dashboardid=1 in Zabbix through 4.4. An attacker can bypass the login page and access the dashboard page, and then create a Dashboard, Report, Screen, or Map without any Username/Password (i.e., anonymously). All created elements (Dashboard/Report/Screen/Map) are accessible by other users and by an admin.
reference: https://www.exploit-db.com/exploits/47467
tags: cve,cve2019,zabbix,fuzz
tags: cve,cve2019,zabbix,fuzz,bypass,login
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
cvss-score: 9.10

4
cves/2019/CVE-2019-17506.yaml
View File

@ -6,7 +6,7 @@ info:
severity: critical
description: There are some web interfaces without authentication requirements on D-Link DIR-868L B1-2.03 and DIR-817LW A1-1.04 routers. An attacker can get the router's username and password (and other information) via a DEVICE.ACCOUNT value for SERVICES in conjunction with AUTHORIZED_GROUP=1%0a to getcfg.php. This could be used to control the router remotely.
reference: https://github.com/dahua966/Routers-vuls/blob/master/DIR-868/name%26passwd.py
tags: cve,cve2019,dlink
tags: cve,cve2019,dlink,router
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.80
@ -33,4 +33,4 @@ requests:
- "</password>"
- "DEVICE.ACCOUNT"
part: body
condition: and
condition: and

2
cves/2019/CVE-2019-1821.yaml
View File

@ -10,7 +10,7 @@ info:
- https://nvd.nist.gov/vuln/detail/CVE-2019-1821
metadata:
shodan-query: 'http.title:"prime infrastructure"'
tags: cve,cve2019,rce,fileupload,unauth,intrusive
tags: cve,cve2019,rce,fileupload,unauth,intrusive,cisco
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.80

2
cves/2019/CVE-2019-19134.yaml
View File

@ -6,7 +6,7 @@ info:
severity: medium
description: The Hero Maps Premium plugin 2.2.1 and prior for WordPress is prone to unauthenticated XSS via the views/dashboard/index.php p parameter because it fails to sufficiently sanitize user-supplied input - https://wpscan.com/vulnerability/24b83ce5-e3b8-4262-b087-a2dfec014985
reference: https://wpscan.com/vulnerability/d179f7fe-e3e7-44b3-9bf8-aab2e90dbe01
tags: cve,cve2019,wordpress,xss,wp-plugin
tags: cve,cve2019,wordpress,xss,wp-plugin,maps
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.10

2
cves/2019/CVE-2019-19368.yaml
View File

@ -6,7 +6,7 @@ info:
severity: medium
description: A Reflected Cross Site Scripting was discovered in the Login page of Rumpus FTP Web File Manager 8.2.9.1. An attacker can exploit it by sending a crafted link to end users and can execute arbitrary Javascripts
reference: https://github.com/harshit-shukla/CVE-2019-19368/
tags: cve,cve2019,xss
tags: cve,cve2019,xss,ftp
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.10

Some files were not shown because too many files have changed in this diff Show More