Merge branch 'main' into broken-CVE-2021-40438
commit
e30066ad7b
|
@ -3,6 +3,14 @@ on:
|
|||
push:
|
||||
paths:
|
||||
- '.new-additions'
|
||||
- 'http/cves/2015/CVE-2015-2794.yaml'
|
||||
- 'http/cves/2023/CVE-2023-42343.yaml'
|
||||
- 'http/cves/2023/CVE-2023-46574.yaml'
|
||||
- 'http/exposures/docker-daemon-exposed.yaml'
|
||||
- 'http/token-spray/api-openai.yaml'
|
||||
- 'http/vulnerabilities/ruijie/ruijie-nmc-sync-rce.yaml'
|
||||
- 'http/vulnerabilities/ruijie/ruijie-rg-eg-web-mis-rce.yaml'
|
||||
- 'http/vulnerabilities/yonyou/yonyou-ksoa-dept-sqli.yaml'
|
||||
workflow_dispatch:
|
||||
jobs:
|
||||
triggerRemoteWorkflow:
|
||||
|
|
|
@ -1,2 +1,19 @@
|
|||
cloud/enum/aws-app-enum.yaml
|
||||
cloud/enum/aws-s3-bucket-enum.yaml
|
||||
cloud/enum/azure-db-enum.yaml
|
||||
cloud/enum/azure-vm-cloud-enum.yaml
|
||||
cloud/enum/azure-website-enum.yaml
|
||||
cloud/enum/gcp-app-engine-enum.yaml
|
||||
cloud/enum/gcp-bucket-enum.yaml
|
||||
cloud/enum/gcp-firebase-app-enum.yaml
|
||||
cloud/enum/gcp-firebase-rtdb-enum.yaml
|
||||
http/cves/2015/CVE-2015-2794.yaml
|
||||
http/cves/2023/CVE-2023-41109.yaml
|
||||
http/cves/2023/CVE-2023-42343.yaml
|
||||
http/cves/2023/CVE-2023-46574.yaml
|
||||
http/exposures/docker-daemon-exposed.yaml
|
||||
http/token-spray/api-openai.yaml
|
||||
http/vulnerabilities/ruijie/ruijie-nmc-sync-rce.yaml
|
||||
http/vulnerabilities/ruijie/ruijie-rg-eg-web-mis-rce.yaml
|
||||
http/vulnerabilities/yonyou/yonyou-ksoa-dept-sqli.yaml
|
||||
network/misconfig/erlang-daemon.yaml
|
||||
|
|
|
@ -0,0 +1,37 @@
|
|||
id: aws-app-enum
|
||||
|
||||
info:
|
||||
name: AWS Apps - Cloud Enumeration
|
||||
author: initstring
|
||||
severity: info
|
||||
description: |
|
||||
Searches for AWS apps (WorkDocs, WorkMail, Connect, etc.)
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 1
|
||||
tags: cloud,cloud-enum,aws
|
||||
|
||||
self-contained: true
|
||||
|
||||
variables:
|
||||
BaseDNS: "awsapps.com"
|
||||
|
||||
http:
|
||||
- raw:
|
||||
- |
|
||||
GET https://{{wordlist}}.{{BaseDNS}} HTTP/1.1
|
||||
Host: {{wordlist}}.{{BaseDNS}}
|
||||
|
||||
redirects: false
|
||||
|
||||
attack: batteringram
|
||||
threads: 10
|
||||
|
||||
matchers:
|
||||
- type: status
|
||||
name: "Registered AWS App"
|
||||
status:
|
||||
- 200
|
||||
- 302
|
||||
condition: or
|
||||
# digest: 490a0046304402206cc21deaf3d479badf5b8b46dbe3448bd60ec76fc64503726d554051cca8a9bc02204dba37b6781d1c66eca341ac1c6c7a5041cfb376832d862700a864cc91af8870:922c64590222798bb761d5b6d8e72950
|
|
@ -0,0 +1,41 @@
|
|||
id: aws-s3-bucket-enum
|
||||
|
||||
info:
|
||||
name: AWS S3 Buckets - Cloud Enumeration
|
||||
author: initstring
|
||||
severity: info
|
||||
description: |
|
||||
Searches for open and protected buckets in AWS S3
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 1
|
||||
tags: cloud,cloud-enum,aws
|
||||
|
||||
self-contained: true
|
||||
|
||||
variables:
|
||||
BaseDNS: "s3.amazonaws.com"
|
||||
|
||||
http:
|
||||
- raw:
|
||||
- |
|
||||
GET http://{{wordlist}}.{{BaseDNS}} HTTP/1.1
|
||||
Host: {{wordlist}}.{{BaseDNS}}
|
||||
|
||||
redirects: false
|
||||
|
||||
attack: batteringram
|
||||
threads: 10
|
||||
|
||||
matchers-condition: or
|
||||
matchers:
|
||||
- type: status
|
||||
name: "Open AWS S3 Bucket"
|
||||
status:
|
||||
- 200
|
||||
|
||||
- type: status
|
||||
name: "Protected AWS S3 Bucket"
|
||||
status:
|
||||
- 403
|
||||
# digest: 4b0a00483046022100c0cbb1d95cb9a7d7b9bd7a4bf578af739426ab59afa3faa001104c29c4ff999e022100cdfc9930e3c0ae01086792f1391ff33c22070722d3bd874d1e3f87f31c938a17:922c64590222798bb761d5b6d8e72950
|
|
@ -0,0 +1,32 @@
|
|||
id: azure-db-enum
|
||||
|
||||
info:
|
||||
name: Azure Databases - Cloud Enumeration
|
||||
author: initstring
|
||||
severity: info
|
||||
description: |
|
||||
Searches for Azure databases via their registered DNS names
|
||||
metadata:
|
||||
verified: true
|
||||
max-request: 1
|
||||
tags: cloud,cloud-enum,azure
|
||||
|
||||
self-contained: true
|
||||
|
||||
variables:
|
||||
BaseDNS: "database.windows.net"
|
||||
|
||||
dns:
|
||||
- name: "{{wordlist}}.{{BaseDNS}}"
|
||||
type: A
|
||||
class: inet
|
||||
|
||||
recursion: true
|
||||
|
||||
attack: batteringram
|
||||
matchers:
|
||||
- type: word
|
||||
part: answer
|
||||
words:
|
||||
- "IN\tA"
|
||||
# digest: 4a0a004730450221008d5f64c419db15f1c1bce4a802f395bdcc44847f878890831869236c37a1678002205d7502015cece8506d34b9c319643441e334856c7fd34e1baa70a6a6942f134e:922c64590222798bb761d5b6d8e72950
|
|
@ -0,0 +1,65 @@
|
|||
id: azure-vm-cloud-enum
|
||||
|
||||
info:
|
||||
name: Azure Virtual Machines - Cloud Enumeration
|
||||
author: initstring
|
||||
severity: info
|
||||
description: |
|
||||
Searches for Azure virtual machines via their registered DNS names.
|
||||
metadata:
|
||||
verified: true
|
||||
tags: cloud,cloud-enum,azure
|
||||
|
||||
self-contained: true
|
||||
|
||||
variables:
|
||||
BaseDNS: "cloudapp.azure.com"
|
||||
regionname:
|
||||
- eastasia
|
||||
- southeastasia
|
||||
- centralus
|
||||
- eastus
|
||||
- eastus2
|
||||
- westus
|
||||
- northcentralus
|
||||
- southcentralus
|
||||
- northeurope
|
||||
- westeurope
|
||||
- japanwest
|
||||
- japaneast
|
||||
- brazilsouth
|
||||
- australiaeast
|
||||
- australiasoutheast
|
||||
- southindia
|
||||
- centralindia
|
||||
- westindia
|
||||
- canadacentral
|
||||
- canadaeast
|
||||
- uksouth
|
||||
- ukwest
|
||||
- westcentralus
|
||||
- westus2
|
||||
- koreacentral
|
||||
- koreasouth
|
||||
- francecentral
|
||||
- francesouth
|
||||
- australiacentral
|
||||
- australiacentral2
|
||||
- southafricanorth
|
||||
- southafricawest
|
||||
|
||||
dns:
|
||||
- name: "{{wordlist}}.{{regionname}}.{{BaseDNS}}"
|
||||
type: A
|
||||
class: inet
|
||||
|
||||
recursion: true
|
||||
|
||||
attack: batteringram
|
||||
|
||||
matchers:
|
||||
- type: word
|
||||
part: answer
|
||||
words:
|
||||
- "IN\tA"
|
||||
# digest: 4b0a004830460221008d223bfdb3585e335e8282ca206945a6f7704dab4a2899d3410229bf0db7132d022100b9de9af2b393a559575b67a5b25b6334fe8cddd1ceed5059ee634dc3b0292d50:922c64590222798bb761d5b6d8e72950
|
|
@ -0,0 +1,36 @@
|
|||
id: azure-website-enum
|
||||
|
||||
info:
|
||||
name: Azure Websites - Cloud Enumeration
|
||||
author: initstring
|
||||
severity: info
|
||||
description: |
|
||||
Searches for Azure websites that are registered and responding.
|
||||
metadata:
|
||||
verified: true
|
||||
tags: cloud,azure
|
||||
|
||||
self-contained: true
|
||||
|
||||
variables:
|
||||
BaseDNS: "azurewebsites.net"
|
||||
|
||||
http:
|
||||
- raw:
|
||||
- |
|
||||
GET https://{{wordlist}}.{{BaseDNS}} HTTP/1.1
|
||||
Host: {{wordlist}}.{{BaseDNS}}
|
||||
|
||||
redirects: false
|
||||
|
||||
attack: batteringram
|
||||
threads: 10
|
||||
|
||||
matchers:
|
||||
- type: status
|
||||
name: "Available Azure Website"
|
||||
status:
|
||||
- 200
|
||||
- 302
|
||||
condition: or
|
||||
# digest: 490a00463044022001ff1a4cff9e33f3817df1e824a00e35f76c6f8e22cd34e3616e452978dc46f702200913c7710eba2b3df98325a1bb7da86b55cde6d4a3d7199a7d952f1f7988a3fa:922c64590222798bb761d5b6d8e72950
|
|
@ -0,0 +1,42 @@
|
|||
id: gcp-app-engine-enum
|
||||
|
||||
info:
|
||||
name: GCP App Engine (Appspot) - Cloud Enumeration
|
||||
author: initstring
|
||||
severity: info
|
||||
description: |
|
||||
Searches for App Engine Apps in GCP.
|
||||
metadata:
|
||||
verified: true
|
||||
tags: cloud,cloud-enum,gcp
|
||||
|
||||
self-contained: true
|
||||
|
||||
variables:
|
||||
BaseDNS: "appspot.com"
|
||||
loginRedirect: "accounts.google.com"
|
||||
|
||||
http:
|
||||
- raw:
|
||||
- |
|
||||
GET https://{{wordlist}}.{{BaseDNS}} HTTP/1.1
|
||||
Host: {{wordlist}}.{{BaseDNS}}
|
||||
|
||||
redirects: false
|
||||
|
||||
attack: batteringram
|
||||
threads: 10
|
||||
|
||||
matchers:
|
||||
- type: dsl
|
||||
name: "Open GCP App Engine App"
|
||||
dsl:
|
||||
- "status_code==200"
|
||||
|
||||
- type: dsl
|
||||
name: "Protected GCP App Engine App"
|
||||
dsl:
|
||||
- "status_code==302"
|
||||
- contains(location, "login")
|
||||
condition: and
|
||||
# digest: 490a0046304402204edc5a3fc90ff80b8397219e37a716d5b582c9821dbb0edda2c52c585aa241ca022067b0c7178f7f345975f765bdd56afc967505028e459ed113c8fbd450a1dcb76a:922c64590222798bb761d5b6d8e72950
|
|
@ -0,0 +1,39 @@
|
|||
id: gcp-bucket-enum
|
||||
|
||||
info:
|
||||
name: GCP Buckets - Cloud Enumeration
|
||||
author: initstring
|
||||
severity: info
|
||||
description: |
|
||||
Searches for open and protected buckets in GCP.
|
||||
metadata:
|
||||
verified: true
|
||||
tags: cloud,cloud-enum,gcp
|
||||
|
||||
self-contained: true
|
||||
|
||||
variables:
|
||||
BaseDNS: "storage.googleapis.com"
|
||||
|
||||
http:
|
||||
- raw:
|
||||
- |
|
||||
GET http://{{wordlist}}.{{BaseDNS}} HTTP/1.1
|
||||
Host: {{wordlist}}.{{BaseDNS}}
|
||||
|
||||
redirects: false
|
||||
|
||||
attack: batteringram
|
||||
threads: 10
|
||||
|
||||
matchers:
|
||||
- type: status
|
||||
name: "Open GCP Bucket"
|
||||
status:
|
||||
- 200
|
||||
|
||||
- type: status
|
||||
name: "Protected GCP Bucket"
|
||||
status:
|
||||
- 403
|
||||
# digest: 490a004630440220549241cfe0dbdadf24bcbdabd6cbf8e82a45bea577710e8409da53f3bdef37d202203bab8b09dea7b68aafc32f8214b331ee6dc4dbe85c0e7a34693b8062dec6fb6a:922c64590222798bb761d5b6d8e72950
|
|
@ -0,0 +1,34 @@
|
|||
id: gcp-firebase-app-enum
|
||||
|
||||
info:
|
||||
name: GCP Firebase Apps - Cloud Enumeration
|
||||
author: initstring
|
||||
severity: info
|
||||
description: |
|
||||
Searches for Firebase Apps in GCP.
|
||||
metadata:
|
||||
verified: true
|
||||
tags: cloud,cloud-enum,gcp
|
||||
|
||||
self-contained: true
|
||||
|
||||
variables:
|
||||
BaseDNS: "firebaseapp.com"
|
||||
|
||||
http:
|
||||
- raw:
|
||||
- |
|
||||
GET https://{{wordlist}}.{{BaseDNS}} HTTP/1.1
|
||||
Host: {{wordlist}}.{{BaseDNS}}
|
||||
|
||||
redirects: false
|
||||
|
||||
attack: batteringram
|
||||
threads: 10
|
||||
|
||||
matchers:
|
||||
- type: status
|
||||
name: "Open GCP Firebase App"
|
||||
status:
|
||||
- 200
|
||||
# digest: 490a004630440220721a516d58d71b3c20990c97c22986fd212caafa366f2641bdb4fe9df0a53f9802205ecd4bfcda0808d5002e9d1194e0ec0f4d2b2f2140170c0df4ffb11372a6470f:922c64590222798bb761d5b6d8e72950
|
|
@ -0,0 +1,50 @@
|
|||
id: gcp-firebase-rtdb-enum
|
||||
|
||||
info:
|
||||
name: GCP Firebase Realtime Database - Cloud Enumeration
|
||||
author: initstring
|
||||
severity: info
|
||||
description: |
|
||||
Searches for Firebase Realtime Databases in GCP.
|
||||
metadata:
|
||||
verified: true
|
||||
tags: cloud,cloud-enum,gcp
|
||||
|
||||
self-contained: true
|
||||
|
||||
variables:
|
||||
BaseDNS: "firebaseio.com"
|
||||
|
||||
http:
|
||||
- raw:
|
||||
- |
|
||||
GET https://{{wordlist}}.{{BaseDNS}}/.json HTTP/1.1
|
||||
Host: {{wordlist}}.{{BaseDNS}}
|
||||
|
||||
redirects: false
|
||||
|
||||
attack: batteringram
|
||||
threads: 10
|
||||
|
||||
matchers-condition: or
|
||||
matchers:
|
||||
- type: status
|
||||
name: "Open GCP Firebase RTDB"
|
||||
status:
|
||||
- 200
|
||||
|
||||
- type: status
|
||||
name: "Protected GCP Firebase RTDB"
|
||||
status:
|
||||
- 401
|
||||
|
||||
- type: status
|
||||
name: "Payment GCP on Google Firebase RTDB"
|
||||
status:
|
||||
- 402
|
||||
|
||||
- type: status
|
||||
name: "Deactivated GCP Firebase RTDB"
|
||||
status:
|
||||
- 423
|
||||
# digest: 490a0046304402200dcb47ae02c77c619eea0d95a6ab7dc9f2be071cea09abee3a7ab748b11e561c022034956ced05346f9cfcc9d425d92fa1242c979572e8ae02030496597f64ccfe82:922c64590222798bb761d5b6d8e72950
|
|
@ -271,6 +271,7 @@
|
|||
{"ID":"CVE-2015-2166","Info":{"Name":"Ericsson Drutt MSDP - Local File Inclusion","Severity":"medium","Description":"Ericsson Drutt Mobile Service Delivery Platform (MSDP) 4, 5, and 6 allows remote attackers to read arbitrary files via a ..%2f (dot dot encoded slash) in the default URI in the Instance Monitor.","Classification":{"CVSSScore":"5"}},"file_path":"http/cves/2015/CVE-2015-2166.yaml"}
|
||||
{"ID":"CVE-2015-2196","Info":{"Name":"WordPress Spider Calendar \u003c=1.4.9 - SQL Injection","Severity":"high","Description":"WordPress Spider Calendar plugin through 1.4.9 is susceptible to SQL injection. An attacker can execute arbitrary SQL commands via the cat_id parameter in a spiderbigcalendar_month action to wp-admin/admin-ajax.php, thus making it possible to obtain sensitive information, modify data, and/or execute unauthorized administrative operations.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2015/CVE-2015-2196.yaml"}
|
||||
{"ID":"CVE-2015-2755","Info":{"Name":"WordPress AB Google Map Travel \u003c=3.4 - Stored Cross-Site Scripting","Severity":"medium","Description":"WordPress AB Google Map Travel plugin through 3.4 contains multiple stored cross-site scripting vulnerabilities. The plugin allows an attacker to hijack the administrator authentication for requests via the (1) lat (Latitude), (2) long (Longitude), (3) map_width, (4) map_height, or (5) zoom (Map Zoom) parameters in the ab_map_options page to wp-admin/admin.php.\n","Classification":{"CVSSScore":"6.8"}},"file_path":"http/cves/2015/CVE-2015-2755.yaml"}
|
||||
{"ID":"CVE-2015-2794","Info":{"Name":"DotNetNuke 07.04.00 - Administration Authentication Bypass","Severity":"critical","Description":"The installation wizard in DotNetNuke (DNN) before 7.4.1 allows remote attackers to reinstall the application and gain SuperUser access via a direct request to Install/InstallWizard.aspx.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2015/CVE-2015-2794.yaml"}
|
||||
{"ID":"CVE-2015-2807","Info":{"Name":"Navis DocumentCloud \u003c0.1.1 - Cross-Site Scripting","Severity":"medium","Description":"Navis DocumentCloud plugin before 0.1.1 for WordPress contains a reflected cross-site scripting vulnerability in js/window.php which allows remote attackers to inject arbitrary web script or HTML via the wpbase parameter.","Classification":{"CVSSScore":"4.3"}},"file_path":"http/cves/2015/CVE-2015-2807.yaml"}
|
||||
{"ID":"CVE-2015-2863","Info":{"Name":"Kaseya Virtual System Administrator - Open Redirect","Severity":"medium","Description":"Kaseya Virtual System Administrator 7.x before 7.0.0.29, 8.x before 8.0.0.18, 9.0 before 9.0.0.14, and 9.1 before 9.1.0.4 are susceptible to an open redirect vulnerability. An attacker can redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.\n","Classification":{"CVSSScore":"4.3"}},"file_path":"http/cves/2015/CVE-2015-2863.yaml"}
|
||||
{"ID":"CVE-2015-2996","Info":{"Name":"SysAid Help Desk \u003c15.2 - Local File Inclusion","Severity":"high","Description":"SysAid Help Desk before 15.2 contains multiple local file inclusion vulnerabilities which can allow remote attackers to read arbitrary files via .. (dot dot) in the fileName parameter of getGfiUpgradeFile or cause a denial of service (CPU and memory consumption) via .. (dot dot) in the fileName parameter of calculateRdsFileChecksum.\n","Classification":{"CVSSScore":"8.5"}},"file_path":"http/cves/2015/CVE-2015-2996.yaml"}
|
||||
|
|
|
@ -1 +1 @@
|
|||
94707e96d497767157be7c0c5b06fac3
|
||||
8ba13563d80d4c1e36d4b6dff2c7f027
|
||||
|
|
|
@ -4,6 +4,8 @@ info:
|
|||
name: 360 Xintianqing - SQL Injection
|
||||
author: SleepingBag945
|
||||
severity: high
|
||||
description: |
|
||||
The Tianqing Terminal Security Management System, designed for government and enterprise use, faces a SQL injection vulnerability. This flaw could enable attackers to access sensitive database information.
|
||||
reference:
|
||||
- https://blog.51cto.com/u_9691128/4295047
|
||||
- https://www.cnvd.org.cn/patchInfo/show/270651
|
||||
|
@ -38,5 +40,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
|
||||
# digest: 4a0a00473045022006cca5f941e35ce5c204962052c2d4eb74627fc58d6de9b9976b967b1643ea8f022100e2b50bf34a6ee4636802796f5b1e866212a29264161bbc98a5553a60186651d1:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4b0a00483046022100e6b9c102bfc4fd3eaa2d00c82e03d07f7309513da8828cc6c303d4d071c2d5540221009d3c3f3d937d8ac546abaa6d94a3aee02d5c4c7c8831dfbce456591d4b252eda:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: r3naissance
|
||||
severity: medium
|
||||
description: Frontpage Server Extensions allows remote attackers to determine the name of the anonymous account via an RPC POST request to shtml.dll in the /_vti_bin/ virtual directory.
|
||||
impact: |
|
||||
High: Remote code execution or denial of service.
|
||||
remediation: Upgrade to the latest version.
|
||||
reference:
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2000-0114
|
||||
|
@ -39,4 +41,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 490a004630440220080130ec958d5667203f63c2fb769d081d8684edeb1132b8114624eb9cefeeeb022015c92a448c22916bdc29de05205539f746ae2fc9b6b641b54ef2b913d151c11f:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4b0a00483046022100d75cf6bb5b96928d10a267c9d3b68c6d215cafe2f946fc1e3c6faa5ba73986d1022100cf0262c0fa9aa5da8c6f8751c553cc77be07ca9fc62f3aec8bb35a8b9f16b490:922c64590222798bb761d5b6d8e72950
|
|
@ -6,6 +6,8 @@ info:
|
|||
severity: critical
|
||||
description: |
|
||||
HTTP server for Cisco IOS 11.3 to 12.2 allows attackers to bypass authentication and execute arbitrary commands, when local authorization is being used, by specifying a high access level in the URL.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability could lead to unauthorized access to the affected device.
|
||||
remediation: |
|
||||
Apply the appropriate patch or upgrade to a fixed version of the Cisco IOS software.
|
||||
reference:
|
||||
|
@ -47,4 +49,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 490a00463044022058d9a8ffc9ad0c9eb0fa65e129eec136d44e8e6582b68665220d55745cff08270220209369d1debe9d289316990990aee95bdaa71cd748bcd23d1f7189442c298347:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a0047304502201446b3c9bf46dead91bf4ef4ad77cbe180d6d69fb175901a10fa0c1ede45e8640221009f8fada5bf28bf8ede431e3ef75a13367f4164a18df286db6e1528ed038181da:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: dhiyaneshDk
|
||||
severity: high
|
||||
description: The Virtual Keyboard plugin for SquirrelMail 1.2.6/1.2.7 is prone to a cross-site scripting vulnerability because it fails to properly sanitize user-supplied input.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary script code in the context of the victim's browser, potentially leading to session hijacking, data theft, or other malicious activities.
|
||||
remediation: |
|
||||
Upgrade to a patched version of SquirrelMail or apply the necessary security patches to mitigate the XSS vulnerability.
|
||||
reference:
|
||||
|
@ -53,4 +55,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022100919662cf99fc2c8685a185341929e70c52f2d6e4708bffe8294fe45d56f7cb81022071b199174fe64ab885ef44d2c7d1e298ea1ee34b6eab5737b7afb1bd0b713799:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a004730450220097cefba0b33bb087a8dba970ed43866b17c92bfc316e2e3d619b9b6485b57710221009ad2de84214b6c521984839454d0766d906957945e2b51dce527cd4c0cc82c50:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: dhiyaneshDk
|
||||
severity: medium
|
||||
description: Multiple cross-site scripting (XSS) vulnerabilities in SquirrelMail 1.4.2 allow remote attackers to execute arbitrary script and possibly steal authentication information via multiple attack vectors, including the mailbox parameter in compose.php.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser, leading to session hijacking, phishing attacks, or defacement of the SquirrelMail interface.
|
||||
remediation: Upgrade to the latest version.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/24068
|
||||
|
@ -46,4 +48,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 490a0046304402205d3c4477a61a53a5207dd95d10b69b27e255779626d269dd24c329d22d574969022037aecc3ef5111112878affc3d64765c06c484c318e8435b97dcf1f44c9c9daac:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4b0a004830460221009838e283e3afa06a62182a21bc8b0059f223c7716b521ee426f5a5971f3feadf022100dd82c1e652cb490cb66a1a96bc0aca2beecdf45fedf86f75b5376ac8fc69c6d3:922c64590222798bb761d5b6d8e72950
|
|
@ -6,6 +6,8 @@ info:
|
|||
severity: medium
|
||||
description: |
|
||||
Multiple cross-site scripting (XSS) vulnerabilities in Open Bulletin Board (OpenBB) 1.0.6 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) redirect parameter to member.php, (2) to parameter to myhome.php (3) TID parameter to post.php, or (4) redirect parameter to index.php.
|
||||
impact: |
|
||||
Successful exploitation of these vulnerabilities could lead to unauthorized access, phishing attacks, and potential data theft.
|
||||
remediation: |
|
||||
Upgrade to a patched version of Open Bulletin Board (OpenBB) or apply necessary security patches to mitigate the vulnerabilities.
|
||||
reference:
|
||||
|
@ -37,4 +39,4 @@ http:
|
|||
part: header
|
||||
regex:
|
||||
- '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$'
|
||||
# digest: 4a0a004730450220464a4d9ce1d6cbeaf71f551a06fd319a5a15203f7c40b1228809ef413ce6d869022100cb853dd541a12cbe5b12d10daaebc247d1b20e32d173b410d5191367fb6f5839:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100aa37066896608be1f1389ed813b9756b52f89f2581a494bf04c0e91f743d7cd3022012425b62227648da21636d2b3acaa1fdb865e29f57e39c13c84e0e2511f4c908:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: CasperGN
|
||||
severity: medium
|
||||
description: Lotus Domino R5 and R6 WebMail with 'Generate HTML for all fields' enabled (which is by default) allows remote attackers to read the HTML source to obtain sensitive information including the password hash in the HTTPPassword field, the password change date in the HTTPPasswordChangeDate field, and the client Lotus Domino release in the ClntBld field (a different vulnerability than CVE-2005-2696).
|
||||
impact: |
|
||||
The vulnerability can lead to the disclosure of sensitive information, potentially compromising user privacy and system security.
|
||||
remediation: Ensure proper firewalls are in place within your environment to prevent public exposure of the names.nsf database and other sensitive files.
|
||||
reference:
|
||||
- http://www.cybsec.com/vuln/default_configuration_information_disclosure_lotus_domino.pdf
|
||||
|
@ -42,4 +44,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022100c31e97e6801605f82c05e1819cf99bdb1e7ad21b859fbf96bab1d67b1496832302201de7a5c5f9fd1f832a121691d1c419464c4d56aa1261f00b415c933633470308:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a0047304502202fa68c993471257cf8942b7addbd0c8ba10500cf91c42f00109404cec47f6af0022100e5d9e9567e00ffecb85211757541b21325517ca1cba3705fa3c8e4437bf71706:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: pikpikcu
|
||||
severity: critical
|
||||
description: Horde Groupware contains an administrative account with a blank password, which allows remote attackers to gain access.
|
||||
impact: |
|
||||
An attacker can gain unauthorized access to sensitive administrative functions and potentially compromise the entire system.
|
||||
remediation: |
|
||||
Apply the latest security patches or upgrade to a patched version of Horde Groupware to fix the vulnerability.
|
||||
reference:
|
||||
|
@ -45,4 +47,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022100c038f1228140ac219d52db4ac935001c95f9c1d446165668109ce4beee89ce54022053555ab9030c57883e97f6b5387e415d1116add7b8c7d61fcf0f53f8f63abb6d:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022012df863c30fb119eab34b1e075cfc549f79b962d5ee0256cc191605f184b042c022100ee6d6910021f8368041415f1c29568a224afa0bd4c90711c6ecef91e15f67a13:922c64590222798bb761d5b6d8e72950
|
|
@ -6,6 +6,8 @@ info:
|
|||
severity: medium
|
||||
description: |
|
||||
frameset.htm in the BSP runtime in SAP Web Application Server (WAS) 6.10 through 7.00 allows remote attackers to log users out and redirect them to arbitrary web sites via a close command in the sap-sessioncmd parameter and a URL in the sap-exiturl parameter.
|
||||
impact: |
|
||||
An attacker can exploit this vulnerability to redirect users to malicious websites, leading to phishing attacks.
|
||||
remediation: |
|
||||
Apply the latest security patches and updates provided by SAP to fix the open redirect vulnerability.
|
||||
reference:
|
||||
|
@ -40,4 +42,4 @@ http:
|
|||
part: header
|
||||
regex:
|
||||
- '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$'
|
||||
# digest: 490a0046304402201ed65f33515c85457e0554acc0db27813e67680002c76547791a87a2528ee8f702200cf156ab25abae0ba9b6284d127206b2afbbf1449ef60b0bd8d1643a3ab35938:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4b0a00483046022100bd85215e179a268944da628fd2825c25be84f1d781f2eb54871fa7e3e13d9e9e022100d3ddb1c0a27197923318f0dd20a6ba42024cfd43b86ef1ab690f72558f0d6c36:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: geeknik
|
||||
severity: medium
|
||||
description: Cofax 2.0 RC3 and earlier contains a cross-site scripting vulnerability in search.htm which allows remote attackers to inject arbitrary web script or HTML via the searchstring parameter.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability could allow an attacker to execute malicious scripts in the context of the victim's browser, potentially leading to session hijacking, defacement, or theft of sensitive information.
|
||||
remediation: |
|
||||
Upgrade to a version of Cofax that is not affected by this vulnerability or apply the necessary patches provided by the vendor.
|
||||
reference:
|
||||
|
@ -40,4 +42,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 490a004630440220109614eef224949e56be06ed96b7253bf9eeaaaca6b3e4d13bad94f187f50763022025be825f048689d4e2fb40c8cab4f5be2a16e56a263e77a4c10b8b718f948edc:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a0047304502207b167d92c80698ced12089ab60b5599c68ac644764fc7c498b54ba3b419645a7022100df03e54fcb0545995de5efa160937f4291cc667f1492d78e48ce8afcff374056:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: geeknik
|
||||
severity: medium
|
||||
description: Cherokee HTTPD 0.5 and earlier contains a cross-site scripting vulnerability which allows remote attackers to inject arbitrary web script or HTML via a malformed request that generates an HTTP 400 error, which is not properly handled when the error message is generated.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary script code in the context of the victim's browser, potentially leading to session hijacking, defacement, or theft of sensitive information.
|
||||
remediation: |
|
||||
Upgrade to a patched version of Cherokee HTTPD or apply the necessary security patches to mitigate the XSS vulnerability.
|
||||
reference:
|
||||
|
@ -45,4 +47,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 490a00463044022033ff4b2d0618993f110bdcee1826f352569694a911159307a8f47963b4726556022038d273a79b3532c7f80935bec832c34c7892f005e3108ecc80ca91912b3eb12e:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a0047304502200a624286010449dfbca736566eca4b83ef242b54957df99d637e088e9f74d226022100df79ccce801ecbe05018cb6c9e29bc7f6acf5836a0f68bc4640d5c55a8fdbdbf:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: dhiyaneshDk
|
||||
severity: high
|
||||
description: SquirrelMail 1.4.6 and earlier versions are susceptible to a PHP local file inclusion vulnerability in functions/plugin.php if register_globals is enabled and magic_quotes_gpc is disabled. This allows remote attackers to execute arbitrary PHP code via a URL in the plugins array parameter.
|
||||
impact: |
|
||||
An attacker can exploit this vulnerability to read sensitive files on the server, potentially leading to unauthorized access or information disclosure.
|
||||
remediation: |
|
||||
Upgrade Squirrelmail to a version higher than 1.4.6 or apply the necessary patches to fix the LFI vulnerability.
|
||||
reference:
|
||||
|
@ -41,4 +43,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4b0a00483046022100cf681f51c8fd7ad8f71ddb5ab7fbf70ab26af8ef9f4e1eecf899ef7e15a9cfc7022100fd0d57febf53d04624632cee41a8d0d9e2d2fccd8fb7fa76c099ec12679f4da0:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022070351a9e8db3cd73242680b18ba040226de4685b2c47e1382a982513fb0fc4f6022100e11c42b749f6d407caa47bb25997db8749ff4658e5d89ccf2215774153751083:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: medium
|
||||
description: Joomla! RSfiles 1.0.2 and earlier is susceptible to local file inclusion in index.php in the RSfiles component (com_rsfiles). This could allow remote attackers to arbitrarily read files via a .. (dot dot) in the path parameter in a files.display action.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability can lead to unauthorized access to sensitive files and potential remote code execution.
|
||||
remediation: |
|
||||
Upgrade to the latest version of Joomla! RSfiles or apply the necessary patches provided by the vendor.
|
||||
reference:
|
||||
|
@ -39,4 +41,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a004730450220712fc391a3e3be1f9f89f83c89ca00e016a1ae009e593ef7f256bc272a71792f022100eddfcc0868a4e91ff4b82eaa8fa52e5f192d150f48f12b868d02d656b1a5f363:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4b0a00483046022100b096332d183a0234d0cbd3bfbc4b5149fddfbfe961ca49519ef85975a12413e50221008eee0c4a8fbdcd33a40800400dd5bd396f02ffb63cb375616260a0d10b0fce8d:922c64590222798bb761d5b6d8e72950
|
|
@ -6,6 +6,8 @@ info:
|
|||
severity: medium
|
||||
description: |
|
||||
Apache Struts support in OpenSymphony XWork before 1.2.3, and 2.x before 2.0.4, as used in WebWork and Apache Struts, recursively evaluates all input as an Object-Graph Navigation Language (OGNL) expression when altSyntax is enabled, which allows remote attackers to cause a denial of service (infinite loop) or execute arbitrary code via for"m input beginning with a "%{" sequence and ending with a "}" character.
|
||||
impact: |
|
||||
Remote code execution
|
||||
remediation: |
|
||||
Update to the latest version of Apache Struts2
|
||||
reference:
|
||||
|
@ -49,4 +51,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022063c92b81235f315f81680c3e5e93dc814dfe125814e43dcb6cff373d90d06df2022100a730d9a5439ccba872f1932b6625658746e1dedae50d3d88b40a0e484f9399cd:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100efb00dfbe2fbe5543741c32ac6e81e36f307f5d67597644c0e036fb51692ea570220191deb545db561480334ffe98f010ae2ca82883fae8e71451c75675f56ee4501:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: dhiyaneshDK
|
||||
severity: medium
|
||||
description: phpPgAdmin 3.5 to 4.1.1, and possibly 4.1.2, is vulnerable to cross-site scripting and allows remote attackers to inject arbitrary web script or HTML via certain input available in PHP_SELF in (1) redirect.php, possibly related to (2) login.php, which are different vectors than CVE-2007-2865.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser, potentially leading to session hijacking, defacement, or theft of sensitive information.
|
||||
remediation: |
|
||||
Upgrade to a patched version of phpPgAdmin or apply the necessary security patches provided by the vendor.
|
||||
reference:
|
||||
|
@ -50,4 +52,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4b0a00483046022100ad3097a5f6494d45fc14b874469d62f42b9c84b273bc97b0688766f2d713b972022100e9ef7b1933fd6aa3ae8272f3d178f59cab4f4f5998bf9faaa1791557fec4245c:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100dc5ae294908867ea9cfb3d84402f9150ea3eba52581a1435594505653c59b4a902202749fa215a1e51172d887e6a52ca776e6530f8537f8df687fba7ed249836eb6e:922c64590222798bb761d5b6d8e72950
|
|
@ -6,6 +6,8 @@ info:
|
|||
severity: high
|
||||
description: |
|
||||
PHP remote file inclusion vulnerability in modules/syntax_highlight.php in the Sniplets 1.1.2 and 1.2.2 plugin for WordPress allows remote attackers to execute arbitrary PHP code via a URL in the libpath parameter.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability can lead to unauthorized access to sensitive files, remote code execution, and potential compromise of the entire WordPress installation.
|
||||
remediation: |
|
||||
Update WordPress Sniplets to the latest version or apply the patch provided by the vendor to mitigate the LFI vulnerability.
|
||||
reference:
|
||||
|
@ -45,4 +47,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022100db5f69276d7187ac5e9ccd8fd496e438c208ccece891c346d8bde457e12843ed02204a3892717752fadf89f73626fb71fb105db24ea7b2a8f774024dc523cbaa3831:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a0047304502202baf6dbc687b03d671808dd265b4bd483e0db5122a79101074736b0280a3b8a6022100fe1672451273fca5b4feda5dac2ed3961821928bc670fa6690bb5a5816910bd2:922c64590222798bb761d5b6d8e72950
|
|
@ -6,6 +6,8 @@ info:
|
|||
severity: medium
|
||||
description: |
|
||||
WordPress Sniplets 1.1.2 and 1.2.2 plugin contains a cross-site scripting vulnerability which allows remote attackers to inject arbitrary web script or HTML via the text parameter to warning.php, notice.php, and inset.php in view/sniplets/, and possibly modules/execute.php; via the url parameter to view/admin/submenu.php; and via the page parameter to view/admin/pager.php.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability could allow an attacker to inject malicious scripts into web pages viewed by users, leading to potential data theft, session hijacking, or defacement of the affected website.
|
||||
remediation: |
|
||||
Update WordPress Sniplets plugin to the latest version available, which addresses the XSS vulnerability.
|
||||
reference:
|
||||
|
@ -48,4 +50,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 490a00463044022009e0335783eef020014410f2e510ddaeb0729cbd858f61bd7142e3099b53a47e022064cfb538a41735c933bef0eec4be787cb021a3e82f3ed2904ecaecb8b3f60015:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100d8a1715cd99d2a316fc96a49ad96d5fcb9e60d314fa0227f341da5c5964d63d1022034fc66ce4d2ff88c7bbaad9997d6a4da683cffe1a97d693b84d3918d4654d340:922c64590222798bb761d5b6d8e72950
|
|
@ -6,6 +6,8 @@ info:
|
|||
severity: medium
|
||||
description: |
|
||||
Open redirect vulnerability in exchweb/bin/redir.asp in Microsoft Outlook Web Access (OWA) for Exchange Server 2003 SP2 (aka build 6.5.7638) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the URL parameter.
|
||||
impact: |
|
||||
An attacker can exploit this vulnerability to trick users into visiting malicious websites, leading to potential phishing attacks.
|
||||
remediation: |
|
||||
Apply the necessary security patches or upgrade to a newer version of Microsoft Exchange Server.
|
||||
reference:
|
||||
|
@ -40,4 +42,4 @@ http:
|
|||
part: header
|
||||
regex:
|
||||
- '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$'
|
||||
# digest: 4b0a00483046022100ea8393f7c2fcb36e817067e028b4eb79d7da58d6cb3df979f437089ae9ec5b44022100b5b40586f3165ddb2cbf5e9678ec12ed29ef4c8039ab93e0a5b04f0aa31a595e:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 490a00463044022042de3ed0e9fbe496c588f3edb67152006b98090716fbf000556dc8edaf836bf9022056dc3d31d210a950d8ddc0f728c2e9712fe5ec45775636b0fbb655b92a58e095:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: unstabl3
|
||||
severity: medium
|
||||
description: AppServ Open Project 2.5.10 and earlier contains a cross-site scripting vulnerability in index.php which allows remote attackers to inject arbitrary web script or HTML via the appservlang parameter.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability could allow an attacker to inject malicious scripts into web pages viewed by users, leading to potential data theft, session hijacking, or defacement of the affected website.
|
||||
remediation: |
|
||||
Upgrade to a patched version of AppServ Open Project (>=2.5.11) or apply the necessary security patches provided by the vendor.
|
||||
reference:
|
||||
|
@ -45,4 +47,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a0047304502204c02560c678b8087c28bfeed200bf5f25dc9f74261527fa9d7a2fb3b146becf8022100dee5ed65d2accf8d9f2bd7d38d04efb7b5eb7e70f8a26b9ebb580f3c5279e580:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 490a00463044022042436195e99587054a6a10ee089470c1fadab498fe1b556fc0cdcde579d92d5602201b1af0719bba0f8007ca800e10004e6be93d7ec53b7ec4fe0f627c5372dcdca9:922c64590222798bb761d5b6d8e72950
|
|
@ -6,6 +6,8 @@ info:
|
|||
severity: medium
|
||||
description: |
|
||||
CMSimple 3.1 is susceptible to local file inclusion via cmsimple/cms.php when register_globals is enabled which allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the sl parameter to index.php. NOTE: this can be leveraged for remote file execution by including adm.php and then invoking the upload action. NOTE: on 20080601, the vendor patched 3.1 without changing the version number.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability can lead to unauthorized access to sensitive files, remote code execution, and potential compromise of the entire system.
|
||||
remediation: |
|
||||
Upgrade CMSimple to a patched version or apply the necessary security patches provided by the vendor.
|
||||
reference:
|
||||
|
@ -45,4 +47,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a0047304502203023e84e303b4688ad150f602ceea289a63ee29df8e12b9f39e6ebac23772d86022100f6e29101c5642afe45708838994bce4898278fe0adfb03b7b2124b7f0ceef30f:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4b0a00483046022100bbdf518966c75a44af19b519ed2a3d642aced2b7aaff600afa01c21c5509066f0221009c184332053f598d45bba3340388cadda4c7c8b8dabdb66884deea62912365b3:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: critical
|
||||
description: Joomla! Image Browser 0.1.5 rc2 is susceptible to local file inclusion via com_imagebrowser which could allow remote attackers to include and execute arbitrary local files via a .. (dot dot) in the folder parameter to index.php.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability could allow an attacker to read sensitive files on the server, leading to unauthorized access and potential data leakage.
|
||||
remediation: |
|
||||
Upgrade to a patched version of Joomla! Image Browser or apply the necessary security patches to mitigate the LFI vulnerability.
|
||||
reference:
|
||||
|
@ -40,4 +42,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 490a0046304402202feaa0d486d5070e9e7bfd4efd73233251cc5396a98dfc67390f6a5630c2e633022010d10fb2d53407cc4f72002217767dfdf8eef452f44b74b5fe6c27a5029e9c99:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 490a0046304402206851937b7e99292685636e8eef2e6b0b33d2b8d19446ba160013767d605e5fbb0220103e5f70323feb34b2b691f0e0fc3c7c89a457f0e351756ea16091a69d38e1c7:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: dhiyaneshDK
|
||||
severity: medium
|
||||
description: phpPgAdmin 4.2.1 is vulnerable to local file inclusion in libraries/lib.inc.php when register globals is enabled. Remote attackers can read arbitrary files via a .. (dot dot) in the _language parameter to index.php.
|
||||
impact: |
|
||||
An attacker can exploit this vulnerability to read sensitive files on the server and potentially execute arbitrary code.
|
||||
remediation: |
|
||||
Upgrade phpPgAdmin to a version higher than 4.2.1 or apply the necessary patches provided by the vendor.
|
||||
reference:
|
||||
|
@ -42,4 +44,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022033f0c2315a611613fda0fb73c18a12113fa19156574aefbf477b092d512c58710221009494212e159047a9d4f26d0d900af8c3a6c04abb2086da29e47e858052513990:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100ad5280aa6eac0929495f63d9882328a6c7dfd9bc0e135183d17a7c4cbc1e741e02203c987c6747a3bd616cd71adf3e491eeaee52d52f4dc1c2e0d5041d063956d83c:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: medium
|
||||
description: Joomla! ionFiles 4.4.2 is susceptible to local file inclusion in download.php in the ionFiles (com_ionfiles) that allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability can lead to unauthorized access to sensitive files and potential remote code execution.
|
||||
remediation: |
|
||||
Update Joomla! ionFiles to the latest version or apply the provided patch to mitigate the vulnerability.
|
||||
reference:
|
||||
|
@ -39,4 +41,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022100c9a4ffd62555b868c4f74ccec0a683f901fce786056f157a2b745ae2d175c6c902200803e8831676633b7e4035222f60a624ca213872992d2bdf3e6024bc574be95a:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100e01b4968812ad7ad9b056cd634b2606c5650c02cf33012f5aef863b48bc969340220533ab0def58e9b6e81e56a8ae60e8116c2a03ef694aa21fc9601afd4798bce87:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: medium
|
||||
description: A directory traversal vulnerability in captcha/captcha_image.php in the RWCards (com_rwcards) 3.0.11 component for Joomla! when magic_quotes_gpc is disabled allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the img parameter.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability could allow an attacker to read sensitive files on the server, leading to unauthorized access and potential data leakage.
|
||||
remediation: |
|
||||
Update Joomla! Component RWCards to the latest version to mitigate the vulnerability.
|
||||
reference:
|
||||
|
@ -39,4 +41,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4b0a0048304602210095f2553fda2f3bf455c5d6646d07cd536a1461506147b3d9f7c73b2c95aaa238022100cd50381518519c3903ec58739cca597e15d2f61c984c96e95876e26a79b860b7:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100aef3f723e04346fa7a2f8ac6c5abcf0174ca81a3aeb442367ae4d018f6ff964d0220337061d4274cc4456d6d13a49d5c1782ecb4b44cade9063e2389ffe246990c55:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: medium
|
||||
description: Joomla! Pro Desk Support Center (com_pro_desk) component 1.0 and 1.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the include_file parameter to index.php.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability can lead to unauthorized access, sensitive information disclosure, and potential remote code execution.
|
||||
remediation: |
|
||||
Apply the latest security patches or upgrade to a patched version of Joomla! ProDesk to mitigate the vulnerability.
|
||||
reference:
|
||||
|
@ -39,4 +41,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022100e1afab8f9b7ea6d75940642627e9093d1248edb6b7f67043b5d83c2234eab0ea02206f00bafb8c8bdd919ddfde1f0d342b74d4d12749e255eca7e04072de4c509453:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4b0a00483046022100fff4f0725abf21bcf55b6825cfd022b20b75e41e680ce18e4b08169f2923f78102210092bfa1840e5d2b94020d6226d2bbb157df2c1f344bef122db55ec8da3aba7044:922c64590222798bb761d5b6d8e72950
|
|
@ -6,6 +6,8 @@ info:
|
|||
severity: medium
|
||||
description: |
|
||||
Parallels H-Sphere 3.0.0 P9 and 3.1 P1 contains multiple cross-site scripting vulnerabilities in login.php in webshell4. An attacker can inject arbitrary web script or HTML via the err, errorcode, and login parameters, thus allowing theft of cookie-based authentication credentials and launch of other attacks.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary script code in the context of the affected website, potentially leading to session hijacking, defacement, or theft of sensitive information.
|
||||
remediation: |
|
||||
Apply the latest security patches or upgrade to a newer version of Parallels H-Sphere to mitigate the XSS vulnerability.
|
||||
reference:
|
||||
|
@ -51,4 +53,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4b0a00483046022100b80eb05b64f804b1723e8d639c5985bc0aa09179c5f49be126abebb760da43db022100cda31ba602da0faee37f3838369448ee852a5c9a1b2c14cf70103dd503be9475:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 490a0046304402202610c0f8d75d86e21ed6b2d7639a5f879540ed64700ccef63d61d5c49545056802200ccac5c2868b1a18b7542ad02343694a9839c8aa827db9bfde1ab7ba81d1844c:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: geeknik
|
||||
severity: medium
|
||||
description: nweb2fax 0.2.7 and earlier allow remote attackers to read arbitrary files via the id parameter submitted to comm.php and the var_filename parameter submitted to viewrq.php.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability can lead to unauthorized access to sensitive information, including configuration files, credentials, and other sensitive data.
|
||||
remediation: |
|
||||
Upgrade to a patched version of nweb2fax or apply the necessary security patches provided by the vendor.
|
||||
reference:
|
||||
|
@ -42,4 +44,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022100854eb0a19f68fd8f0c16b795237778394d481fedef431451051251d791f7e7d202203cc01a5cbd10885ed29bef8ebf64d830be1f221982512b569ffd9a9a79fdc8b4:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4b0a00483046022100f317aa209617a0ac0f5b27dc38710858835641d5769cd8499709bad9cc17fa84022100b0cb6a925a432d6b22fd4ee7412c7fb438956de1fe797d92627665c8aee77a32:922c64590222798bb761d5b6d8e72950
|
|
@ -6,6 +6,8 @@ info:
|
|||
severity: medium
|
||||
description: |
|
||||
Devalcms 1.4a contains a cross-site scripting vulnerability in the currentpath parameter of the index.php file.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary JavaScript code in the context of the victim's browser, leading to session hijacking, defacement, or theft of sensitive information.
|
||||
remediation: |
|
||||
Upgrade to the latest version to mitigate this vulnerability.
|
||||
reference:
|
||||
|
@ -48,4 +50,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 500
|
||||
# digest: 4a0a0047304502201dea20a32ebb693d393be0d294a74bfb5b9eecb6827a8f58f157213a60428483022100e6ccfd9ff53c1724d243de900f9df24ec006a615484403dbdafa7537a3f0adca:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 490a00463044022060c1d7a1d7f167f4a7725386e3770f50fc41cf720cfb3766a490be90bbfc632902207e45517728eabf9310ab9dc5a100c296a85431a2f94ce584aefb7d6c05833a1f:922c64590222798bb761d5b6d8e72950
|
|
@ -6,6 +6,8 @@ info:
|
|||
severity: medium
|
||||
description: |
|
||||
Open redirect vulnerability in cs.html in the Autonomy (formerly Verity) Ultraseek search engine allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via the url parameter.
|
||||
impact: |
|
||||
An attacker can craft a malicious URL that redirects users to a malicious website, leading to potential phishing attacks.
|
||||
remediation: |
|
||||
Apply the vendor-supplied patch or upgrade to a newer version of Autonomy Ultraseek that addresses the open redirect vulnerability.
|
||||
reference:
|
||||
|
@ -38,4 +40,4 @@ http:
|
|||
part: header
|
||||
regex:
|
||||
- '(?m)^(?:Location\s*?:\s*?)(?:http?://|//)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh.*$'
|
||||
# digest: 4a0a0047304502203ea8208e5f9c9a959ba132a829842ec16412e7e89e96459e772d992c1a0b419c022100bd66f70af78b54921981fa5210b7501871ae6c713617a56758b1f9b014f98e92:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022051577f83aae8349027a0a3bfc2ed4386c0b9e1c09644dc0ddd098802e023c7e0022100e69fe1be6eeae6d3523eaf92aa776f94d0e42396edf72f348c0378ef7cd1da9c:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: geeknik
|
||||
severity: critical
|
||||
description: ZeroShell 1.0beta11 and earlier via cgi-bin/kerbynet allows remote attackers to execute arbitrary commands through shell metacharacters in the type parameter in a NoAuthREQ x509List action.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability allows remote attackers to execute arbitrary code on the affected system.
|
||||
remediation: |
|
||||
Upgrade to a patched version of ZeroShell.
|
||||
reference:
|
||||
|
@ -37,4 +39,4 @@ http:
|
|||
part: body
|
||||
regex:
|
||||
- "root:.*:0:0:"
|
||||
# digest: 490a0046304402203105e50de1b89b0165f438c48a50bd8a44fa30fe03592c5339c4a2949854804f02205fe7cbf331da5c49f1ac8be6ab55653b4358eb25d9be80a5c5df917c3cf205a2:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100c159232e524cc33af61389e36bdf93790ac051100d465a44d101fed437d6d01902204c3f4b377b80d05a6d606971b970a5f55e7a05e99e48a7ded66295d9c1c523c2:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: pikpikcu
|
||||
severity: medium
|
||||
description: Horde before 3.2.4 and 3.3.3 and Horde Groupware before 1.1.5 are susceptible to local file inclusion in framework/Image/Image.php because it allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the Horde_Image driver name.
|
||||
impact: |
|
||||
An attacker can exploit this vulnerability to read sensitive files on the server.
|
||||
remediation: |
|
||||
Apply the latest security patches or upgrade to a patched version of Horde/Horde Groupware.
|
||||
reference:
|
||||
|
@ -41,4 +43,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022100a48cabc5ed3721b402591d4860fd38d126b7e940ba2c6425733a7625ad7cabea0220690367ee6216c533f32eee62a5df670afffdd17227db036d876ae0a981872bdb:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100907faaad405c2236acd897cde184a91ef45ebbb033646c1c1e188b95abf7c2c202207c5a4151cd8bfbbf28ff42b726095b019cc0d25d4d1e2105313cc0a7cbd516a9:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: princechaddha
|
||||
severity: high
|
||||
description: PhpMyAdmin Scripts 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 are susceptible to a remote code execution in setup.php that allows remote attackers to inject arbitrary PHP code into a configuration file via the save action. Combined with the ability to save files on server, this can allow unauthenticated users to execute arbitrary PHP code.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability can lead to unauthorized access, data leakage, and potential compromise of the affected system.
|
||||
remediation: |
|
||||
Update PhpMyAdmin to the latest version or apply the necessary patches.
|
||||
reference:
|
||||
|
@ -47,4 +49,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a004730450221008e02fe97aa25d53673b25be320c0bb7d2c2f5de32b0479a6642d19caeac3176302204fbb68c73be955fb7ee136f5de9ba91f1183b932cd44a37339a3cb3629f682ff:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022072b55f94dd31deffee60f3cb3634845a62d55cb762cc7ff386cbb87e86628a46022100f409fca70224214acee88679b54a62d491ea8aa4097e70f6ae316fefbf08c8dc:922c64590222798bb761d5b6d8e72950
|
|
@ -6,6 +6,8 @@ info:
|
|||
severity: medium
|
||||
description: |
|
||||
Joomla! Cmimarketplace 0.1 is susceptible to local file inclusion because com_cmimarketplace allows remote attackers to list arbitrary directories via a .. (dot dot) in the viewit parameter to index.php.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability can lead to unauthorized access to sensitive files and potential remote code execution.
|
||||
remediation: |
|
||||
Apply the latest patch or upgrade to a newer version of Joomla! Cmimarketplace to mitigate the vulnerability.
|
||||
reference:
|
||||
|
@ -39,4 +41,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4b0a00483046022100bf287275ed797bae0cb3d5d4acfc9b8e5bd3828436e45f96592c55c65cb1baa4022100ef79bc142d4be9f1c8cdca1b30e44293bf696b5686318e5ae13a18638f2267ad:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100c631ca9827b32f40f6e831f6b142d509929a3a274aaa2539bd9a3bc70a6a277902202282dc777de13ade8043e5e0b684506c08b0f8362cece8841ae64f2d12922f4c:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: high
|
||||
description: Cisco Linksys WVC54GCA 1.00R22/1.00R24 is susceptible to local file inclusion in adm/file.cgi because it allows remote attackers to read arbitrary files via a %2e. (encoded dot dot) or an absolute pathname in the next_file parameter.
|
||||
impact: |
|
||||
An attacker can exploit this vulnerability to read sensitive files on the device, potentially leading to unauthorized access or information disclosure.
|
||||
remediation: |
|
||||
Apply the latest firmware update provided by Cisco to fix the local file inclusion vulnerability.
|
||||
reference:
|
||||
|
@ -41,4 +43,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022072672def0c3c68dd608f3004581175afa8c339fb1dbe169c26b79537cc7a0619022100c7d94e2588ae1fc4f1093b3f7e02e4d2aa8e3d985506056636a77e58ba170c1f:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4b0a004830460221009c71a1215235e49ed75ae5b6eeee4ad1e9cf5c5fbc2255aa4d4100800dbcc4ba022100814e7f6abe3bd9504fea75427a7595f0867986ff0f82ad2a6723448d3890a0ab:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: princechaddha
|
||||
severity: medium
|
||||
description: Adobe ColdFusion Server 8.0.1 and earlier contain multiple cross-site scripting vulnerabilities which allow remote attackers to inject arbitrary web script or HTML via (1) the startRow parameter to administrator/logviewer/searchlog.cfm, or the query string to (2) wizards/common/_logintowizard.cfm, (3) wizards/common/_authenticatewizarduser.cfm, or (4) administrator/enter.cfm.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary script code in the victim's browser, potentially leading to session hijacking, defacement, or theft of sensitive information.
|
||||
remediation: |
|
||||
Upgrade Adobe Coldfusion to a version higher than 8.0.1 or apply the necessary patches provided by the vendor.
|
||||
reference:
|
||||
|
@ -48,4 +50,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022100f880585c3b7a9bf4bace78a0d12cc7b59987555063071d3b42d5a6ec991e5fc402206d9ea98a5964a7b6b3fd001ec59a4a6a4018795896552e88707057bbf2984cf1:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4b0a00483046022100bcb065b4315286d0190f8d478c738b86bc6bbf0a9eee7e6b4c473e41e01c1802022100c1f7c414f91bd4fa0876cc2bd72f1be77b892b1d20003177d66640667e38aa3b:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: high
|
||||
description: Joomla! Ideal MooFAQ 1.0 via com_moofaq allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter (local file inclusion).
|
||||
impact: |
|
||||
The vulnerability allows an attacker to include arbitrary files from the local file system, potentially leading to unauthorized access, information disclosure.
|
||||
remediation: |
|
||||
Update Joomla! MooFAQ to the latest version or apply the official patch provided by the vendor.
|
||||
reference:
|
||||
|
@ -39,4 +41,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022100ecd994a0eb2717ce10c4b5c91e5280c1fd8fac39010ab27a6e7dd81ad84421d3022061a0659d0ab3cf0e69480b1407ab7d15ea63da4942aa97535f935fe18c40d1ae:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100d8c26e00ba2ed5716865bac39ee41243548410e07a5e04e196f13ecb86b5f6f0022029bacb42734f85338a1131945160673281e9ebda83ca881f2aba07019b4c2330:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: medium
|
||||
description: Joomla! JoomlaPraise Projectfork (com_projectfork) 2.0.10 allows remote attackers to read arbitrary files via local file inclusion in the section parameter to index.php.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability can lead to unauthorized access to sensitive files, remote code execution, and potential compromise of the entire Joomla! installation.
|
||||
remediation: |
|
||||
Upgrade to a patched version of JoomlaPraise Projectfork or apply the necessary security patches to mitigate the LFI vulnerability.
|
||||
reference:
|
||||
|
@ -38,4 +40,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4b0a00483046022100843946ac00e19969b2641e5f8b8c44b890e6dd8226f04c95aa84a62843d6219b0221009a53d57de2bfea8a7b8bb17dd7fd7b8ae9299a4080a7610269331a945dc481df:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4b0a0048304602210091f181784616328a479c0a45ea51ca6e3ec45cf35125c50b1a74018f9dd535a7022100dc27152143b4d3818133866645b2e1e1f647b142875a267d0667d9e9c7c867f9:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: medium
|
||||
description: Joomla! Agora 3.0.0b (com_agora) allows remote attackers to include and execute arbitrary local files via local file inclusion in the action parameter to the avatars page, reachable through index.php.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability can lead to unauthorized access, sensitive information disclosure, and potential remote code execution.
|
||||
remediation: |
|
||||
Apply the latest security patches or upgrade to a patched version of Joomla! Agora to mitigate the vulnerability.
|
||||
reference:
|
||||
|
@ -40,4 +42,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4b0a00483046022100b811a5bc6dc389222b5a3b2f6348b1bcdc4da180e2f621afdd6b06581e7db2be022100f760318fa5da56e59b4164508d2560e355438a21041091b07eb695f19467d51d:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100a1f28b173218b3d629d38aced121196c827be859dc4aca670b95c7b18307b430022049aa913dbdffabe7a2c1cf439f0b580f53add89ba434c8ad0a2a22652bd51bc4:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: high
|
||||
description: Joomla! Roland Breedveld Album 1.14 (com_album) is susceptible to local file inclusion because it allows remote attackers to access arbitrary directories and have unspecified other impact via a .. (dot dot) in the target parameter to index.php.
|
||||
impact: |
|
||||
The vulnerability allows an attacker to include arbitrary files from the local file system, potentially leading to unauthorized access, data disclosure.
|
||||
remediation: |
|
||||
Update to the latest version of Joomla! Roland Breedveld Album and apply any available patches or security updates.
|
||||
reference:
|
||||
|
@ -39,4 +41,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022025c84025809994ed122c6b1eee98bcf3d7b45244c28b2e007708b624f8fed7ca022100e65d6b60af4d2ac032f3e91762da0bb8d31027cf10958a2c6de7112ec4c2aa69:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a0047304502205a8d55e39ef2ea81aef6917c75f74e1c17a628dc7048d68593bbf43b03dc8d86022100ebf7f9db037558e784a25d3fbb3d33cd5aaaa5cfef70c4974e29a2bc48f623b8:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: high
|
||||
description: Joomla! Omilen Photo Gallery (com_omphotogallery) component Beta 0.5 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the controller parameter to index.php.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability can lead to unauthorized access to sensitive files and potential remote code execution.
|
||||
remediation: |
|
||||
Upgrade to a patched version of Joomla! Omilen Photo Gallery or apply the necessary security patches to mitigate the LFI vulnerability.
|
||||
reference:
|
||||
|
@ -40,4 +42,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022100cc34793390f6a455392251d314e76db191c695bb242f901992f2fed5d30deb2a02203db9da85de2f6409024c76ec318dee40be8344b6c1484486afbb1a6986bcf231:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 490a004630440220039a98604f42ee7ccff3678a04d529befe9dd08295868ac0d4e6e725a91cbfd10220045ad4a883e12545de1290ad6fed5f97abefbc452ac43de71e42e1904acbebb7:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: geeknik
|
||||
severity: high
|
||||
description: KR-Web 1.1b2 and prior contain a remote file inclusion vulnerability via adm/krgourl.php, which allows remote attackers to execute arbitrary PHP code via a URL in the DOCUMENT_ROOT parameter.
|
||||
impact: |
|
||||
An attacker can exploit this vulnerability to include arbitrary files from remote servers, leading to remote code execution or information disclosure.
|
||||
remediation: |
|
||||
Upgrade to a patched version of KR-Web or apply the necessary security patches to fix the remote file inclusion vulnerability.
|
||||
reference:
|
||||
|
@ -42,4 +44,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4b0a00483046022100a31c2cc438bd399b0ff46d0737df967df4f8636a9545dacfb35f4c0fd16fbfe8022100d8ff3adcae6bbe7f02f215edf09b98d9890993edad83c73ddbfad540d5862f9e:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4b0a00483046022100f241e186edb9af52a94d640b6a9e57852c75c54669bd59af1aafb3cf6ee08258022100c680d5c1c0b6b27a520c2401d2c1aa0a9978874b840bf8f52c24ba6fc4c50121:922c64590222798bb761d5b6d8e72950
|
|
@ -6,6 +6,8 @@ info:
|
|||
severity: high
|
||||
description: |
|
||||
Joomla! Portfolio Nexus 1.5 contains a remote file inclusion vulnerability in the inertialFATE iF (com_if_nexus) component that allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary code on the target system.
|
||||
remediation: |
|
||||
Apply the latest security patches and updates provided by Joomla! to fix the Remote File Inclusion vulnerability.
|
||||
reference:
|
||||
|
@ -40,4 +42,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a004730450221008b806c6b509027ab419fab38023c2270cef1e3f60dc3b633fcacb5f8983dd8cf02205a10ec21151ba918555d2ea46f2e687dc5d87cec0d39ebc0a0b57409e230999f:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100fd99275b8ffe3388f14498c542a677e467dc6409ffdede89b682d47aa5e98d8b02205e878695cd94db9f7e485d448c02aa9df416a8c7cfd6d160dc8197f103e279d7:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: pdteam
|
||||
severity: medium
|
||||
description: An open redirect vulnerability in awredir.pl in AWStats < 6.95 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.
|
||||
impact: |
|
||||
Allows attackers to redirect users to malicious websites or phishing pages.
|
||||
remediation: Apply all relevant security patches and product upgrades.
|
||||
reference:
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2009-5020
|
||||
|
@ -35,4 +37,4 @@ http:
|
|||
part: header
|
||||
regex:
|
||||
- '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/L403F0/1
|
||||
# digest: 4a0a00473045022014c3212369c069e74aced2e09cce019e7e3b3886dfccc0ba176b48f527d4b043022100f78dc1e0ff2cac698e269f9ef77e3fcdcd42093d0b5e83408b716fe56dc61a24:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 490a0046304402200bd227f253fce18d4e4dd678a4cc08f7497a6058e0f1f1b544eb1e5ba22785f7022069b1097b262d7b9c4eb7fc023566c7c5ed00eba4c26e9dbf4400cbb4b4b9cc58:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: medium
|
||||
description: A directory traversal vulnerability in wgarcmin.cgi in WebGlimpse 2.18.7 and earlier allows remote attackers to read arbitrary files via a .. (dot dot) in the DOC parameter.
|
||||
impact: |
|
||||
An attacker can view, modify, or delete sensitive files on the server, potentially leading to unauthorized access or data leakage.
|
||||
remediation: Apply all relevant security patches and product upgrades.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/36994
|
||||
|
@ -39,4 +41,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022100b6c44cb3482f8af652dee916a6c29922919394156205dd5af4613be52de7636c0220267ff1847f78cf578c20c01583d01239ad9f6e99849d7ba6c676758599057209:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100c11864aea146ea6435caa4fa55436335832385d19a76a69f9b1e4d0715768f20022064458c5f14208af4e71638abc8560be81a228ca423a9dfbcf3bed250a4e70ed8:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: high
|
||||
description: A directory traversal vulnerability in the Bible Study (com_biblestudy) component 6.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter in a studieslist action to index.php.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability can lead to unauthorized access to sensitive files and potential remote code execution.
|
||||
remediation: Upgrade to the latest version to mitigate this vulnerability.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/10943
|
||||
|
@ -38,4 +40,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4b0a00483046022100ceeedcc9f9dd5600c7fc59e5441a85a74f2cf464291aaaf3aff0e3a10ff69453022100d99175c115a1b1205fa7d13ea7fc618f6db58e8b226011dfc16aa015c67b1064:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4b0a00483046022100862d6d8773869cf58419d323a548a4fe4934ffe52e1a773f8332d9c8bbb0efb60221008df16010b4804b0f237b8798cc9cdc67311efd336768a46455967917e0f4bac8:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: pikpikcu
|
||||
severity: critical
|
||||
description: Apache Axis2, as used in dswsbobje.war in SAP BusinessObjects Enterprise XI 3.2, CA ARCserve D2D r15, and other products, has a default password of axis2 for the admin account, which makes it easier for remote attackers to execute arbitrary code by uploading a crafted web service.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability can lead to unauthorized access to sensitive information or the ability to modify or delete data.
|
||||
remediation: |
|
||||
Disable or restrict access to the Axis2 web interface, or apply the necessary patches or updates provided by the vendor.
|
||||
reference:
|
||||
|
@ -59,4 +61,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4b0a004830460221008aeb0223b59b1f43d1b5d86891682f6fdabd96f95cf747888a3ea67ea2d961a0022100ebb625cdd128e413ab38e6562e20e3b8cebdf838ac95c99355133af62512e6a0:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4b0a00483046022100da41e43897f5784bf8aa6bc1dfb5721db7618454aaf6c4182246a13b30b47a86022100ca97f29ef3b646a1cdf2f366ed582fdbfcf01a0a1c1c32ba84089c386e96edf1:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: medium
|
||||
description: A directory traversal vulnerability in the ccNewsletter (com_ccnewsletter) component 1.0.5 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a ccnewsletter action to index.php.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability could allow an attacker to read sensitive files on the server, leading to unauthorized access and potential data leakage.
|
||||
remediation: Apply all relevant security patches and upgrades.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11282
|
||||
|
@ -40,4 +42,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a0047304502204dc0e897ea68285bef1f12bcf5834d2cf101e68c156ce46626c2a06f4985d407022100822e5427795b4bd8e13344064b70a624e097115c521a1eea3ec95769751e9e83:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 490a0046304402200df40dfac907595943e5906f98bfab1609a82ae9c703da4b7d0fb4ea5284c2b9022073136420b9d293e938fbbd6db582642f6c0f5836eda85d321af7e0855670c72b:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: medium
|
||||
description: A directory traversal vulnerability in includes/download.php in the JoomlaWorks AllVideos (Jw_allVideos) plugin 3.0 through 3.2 for Joomla! allows remote attackers to read arbitrary files via a ./../.../ (modified dot dot) in the file parameter.
|
||||
impact: |
|
||||
An attacker can exploit this vulnerability to retrieve arbitrary files from the server.
|
||||
remediation: Upgrade to the latest version to mitigate this vulnerability.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11447
|
||||
|
@ -39,4 +41,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4b0a00483046022100aecd172f508073b0b8d64784bcb420de171daff3e0a8732d29ac71488c81596f022100f9b3c9f9ed1f055178cca21e303628b061871cbbd562c6202a00d7a71ced76e5:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100801f99e10fa7f37fb9a01ff4c8eb0a4b11e2193c7e16b9c3b8a0c50ca6e4a242022077c086d823e3b8131dff5b37562334ce5fb778ead2312cb35f1b49c8fc26f8fc:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: high
|
||||
description: A directory traversal vulnerability in plugins/system/cdscriptegrator/libraries/highslide/js/jsloader.php in the Core Design Scriptegrator plugin 1.4.1 for Joomla! allows remote attackers to read, and possibly include and execute, arbitrary files via directory traversal sequences in the files[] parameter.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability could allow an attacker to read sensitive files on the server, leading to unauthorized access or information disclosure.
|
||||
remediation: Upgrade to the latest version to mitigate this vulnerability.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11498
|
||||
|
@ -39,4 +41,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 490a0046304402205591d9316f159c3eb27f1e668e68d61205761aaa141dbe50f406eb90e779fa5602207db633a31bf0a118f73eed7a38df4e593557497eafcd2199a5435cf7bf09c1d4:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 490a004630440220255aee4e219ee166e143888630a4e6af23c3e9b385d922dd866339bdc5d96be2022071f5391c8ceecfede26dd5441388c1f6728c9f693e05b50f408851b94f23f21a:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: medium
|
||||
description: Directory traversal vulnerability in the jVideoDirect (com_jvideodirect) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
impact: |
|
||||
An attacker can exploit this vulnerability to read arbitrary files on the server.
|
||||
remediation: Apply all relevant security patches and product upgrades.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11089
|
||||
|
@ -39,4 +41,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 490a00463044022006730e9bc41d35c653ab87390772b2a4df527eb5cb3c9344d8dd31c4a2fc4f4202201c6ad57ef58398872f397ae0061c50864c955cd569b5f40316da8f32f5f15289:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 490a00463044022078b7a4981e20f380f36effbae103d8a364963690fa024b7b4b7f0a7731eb4faa022074cef19a8c876a25c892881ca87de44f31f764fac0538c01c8de31916e40390c:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: medium
|
||||
description: A directory traversal vulnerability in the JA Showcase (com_jashowcase) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter in a jashowcase action to index.php.
|
||||
impact: |
|
||||
An attacker can exploit this vulnerability to read arbitrary files on the server.
|
||||
remediation: |
|
||||
Update to the latest version of Joomla! Component com_jashowcase to fix the directory traversal vulnerability.
|
||||
reference:
|
||||
|
@ -39,4 +41,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022100b4abc2e6bac634509e9798e53e57b2bf8a45ca56ea0a39fd25d23d5cdffeabe102204899c1bede7831fe28b97c5b8da0cc7813575cd66ce76771af9cda761cfefc91:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100fe6e90550c4cac8714140e552ca1f8dffae1d1cf10acfda1fc2a4f1eeb04e6070220261fe0eb98e8dd254ca2bcec2deb3e7ca3c6a2bb20a00488f400c2ba4764814d:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: medium
|
||||
description: A directory traversal vulnerability in the JCollection (com_jcollection) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
impact: |
|
||||
An attacker can exploit this vulnerability to read arbitrary files on the server.
|
||||
remediation: Apply all relevant security patches and product upgrades.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11088
|
||||
|
@ -40,4 +42,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4b0a0048304602210093fe6fc6aafb9aae82395913f89c943a912983b9c5963c6f58f9b5fa0209f5c9022100f3694c1e8c9202a4cf29516761dba19426b82ac5ac959b3c88540c780c35b698:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a0047304502210087ecb7ece9df8ee3e3e0fc6760a67762868e12f33b0c59f6ea3bc3ccc135a1b10220607ba4bacb84ca32dd3502bcd9973930e71855eb417a6afbb0bc270df349b136:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: high
|
||||
description: A directory traversal vulnerability in the GCalendar (com_gcalendar) component 2.1.5 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability could allow an attacker to read sensitive files on the server, leading to unauthorized access or information disclosure.
|
||||
remediation: Apply all relevant security patches and product upgrades.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11738
|
||||
|
@ -39,4 +41,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4b0a00483046022100a6b583f7a3d7c073b0520d3c46a03a8381d6af0c086b1e37d29a024ce3a4736f022100cceb855f29d8dbef1c720e88cc3b9e57f023e4eeed5ff44b55a8b3c5f105e020:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4b0a00483046022100835d6327ecf3d8a79d891ab1671b58279390bedc0356214c4e0de666716a7abf022100e97639abcc162d391b35333f8165ab636eb06cff21510992ef20035e525b535f:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: medium
|
||||
description: A directory traversal vulnerability in the CARTwebERP (com_cartweberp) component 1.56.75 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
impact: |
|
||||
Allows an attacker to read arbitrary files on the server, leading to potential information disclosure and further exploitation.
|
||||
remediation: Apply all relevant security patches and product upgrades.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/10942
|
||||
|
@ -37,4 +39,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 490a0046304402207804d47856db88004e7d770a6b9e4905869a3bf0bb5f80c77a0db3fc02ab2e0702207ef90a49afdf02b83e9ae8900297deec4d77ec96ed9e67afa4ad99a64d3c1da5:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022004764a55873eedeef437f72de5243dc952d7938bf93ba6a44be94b1e3203d4b40221009e8e1775682357e291ce78522ca980a6d8238ef79e4e6f7cf72548f7e5bec5aa:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: high
|
||||
description: A directory traversal vulnerability in the Abbreviations Manager (com_abbrev) component 1.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability can lead to unauthorized access to sensitive files and potential remote code execution.
|
||||
remediation: Apply all relevant security patches and product upgrades.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/10948
|
||||
|
@ -39,4 +41,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022055b85a1187baab16c8619c44f333fa95a769f02d9c90cdc3b92da9af37ea765c022100ec5a4ddaf568dd08d9c499fa59981a08562d8b461b1d21bb0dc8d0479619d3b1:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4b0a00483046022100f11e7c1ef169ed3e6f170b354e5066def58df0ecb303905be2cb692bc749d50f022100bc2fa70ab2d2506cdd3c9d9a30d099823223d9a45ca34c9ebef974f8ebb45242:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: medium
|
||||
description: A directory traversal vulnerability in the RokDownloads (com_rokdownloads) component before 1.0.1 for Joomla! allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability can lead to unauthorized access to sensitive files.
|
||||
remediation: Apply all relevant security patches and product upgrades.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11760
|
||||
|
@ -39,4 +41,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022100a460424f7d97033dcbe266eb3791229f7a28b8fc530061e37d85ab04597effb002200a8c83bccd2fed2c3c8bfe321e68864093f992bda6481aa461d52b0a581836f2:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a0047304502206f23347fc78c49c9e4569468806b46c1f3a0a646c189a57c6e021e848668bc52022100d08e6c11bd627fc6eb6668dd39684ae70f76f50186063a230f92a15306a6dafe:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: medium
|
||||
description: A directory traversal vulnerability in the Community Polls (com_communitypolls) component 1.5.2, and possibly earlier, for Core Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability can lead to unauthorized access to sensitive files, remote code execution, and potential compromise of the entire Joomla! installation.
|
||||
remediation: Apply all relevant security patches and product upgrades.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11511
|
||||
|
@ -38,4 +40,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022100de73743eee8e218a64f00aee1fe51a44879f19bcc8b23166f946f07745624b6d02200c0609ad7c96266004a9dbd6ffe741bfeb5bfd2af21dc17c18c71b2b1deea71d:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100e30cde27274d020eca121c42cb054cc13396f5f6f7ec473d9e230814405ba65f02207f6f47e4db6c69be8b7442d0214777a30b8b37a8b5f04dd07b5e7e12bd3c3ee5:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: medium
|
||||
description: A directory traversal vulnerability in the JE Form Creator (com_jeformcr) component for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via directory traversal sequences in the view parameter to index.php. NOTE -- the original researcher states that the affected product is JE Tooltip, not Form Creator; however, the exploit URL suggests that Form Creator is affected.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability can lead to unauthorized access to sensitive files.
|
||||
remediation: Apply all relevant security patches and product upgrades.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11814
|
||||
|
@ -39,4 +41,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4b0a00483046022100bd055bd6502d4b4a22b3f99f8b75ae7fd4d249a00d2d63062d041dd7dc23747d022100f3d3a5787ce5a40534d37ac4cde47925775cf0f453c8048bad186baee48a0e4d:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 490a0046304402204b0e6fbebe96039eec5eb535b07e2d769ebf29d714105a0e8516df81a99580eb02200d0bce9a850e85fdf23c0adde163f704107a4b53554740537a0b640c66956d6f:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: medium
|
||||
description: A directory traversal vulnerability in the JA News (com_janews) component 1.0 for Joomla! allows remote attackers to read arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability can lead to unauthorized access to sensitive files and potential remote code execution.
|
||||
remediation: Upgrade to the latest version to mitigate this vulnerability.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11757
|
||||
|
@ -38,4 +40,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 490a00463044022028b9258dfa53cbf4a25f22b1a2d54ca076fd0af9d1b91249b029d848b42cbc7002202aba1a085f6eeb87eacccc07c59515c2e66ae771bd35fee5cedb8b8aa36620a7:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a004730450220596ef1369c12f8e3a916e8f9e33299432b1178e9ce95fde59ddc34f77142d2f7022100e9739fb2c8ce4e2826687b0ebd6931d92e35a1568effea53043306c97259db88:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: medium
|
||||
description: A directory traversal vulnerability in dwgraphs.php in the DecryptWeb DW Graphs (com_dwgraphs) component 1.0 for Joomla! allows remote attackers to read arbitrary files via directory traversal sequences in the controller parameter to index.php.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability could allow an attacker to read sensitive files on the server, leading to unauthorized access or information disclosure.
|
||||
remediation: Upgrade to the latest version to mitigate this vulnerability.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11978
|
||||
|
@ -37,4 +39,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a004730450220346626db9d1e2e9dc2cb7b66f34fd4785e75af4d9d5f7c6643cb298e1be166ad022100a2d43a822439066dbbd49736f821a4ffa4128015862c28991a7e243f7d511cfd:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100b57708e6b86599b708a873726d3263ce9e0d49d0e76391bb6e037a1e4937404e02205933cbacd47892558c18c7db7b4e88a0b4baec456d1c7c5491d0e2c9866f4c1c:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: medium
|
||||
description: A directory traversal vulnerability in jinventory.php in the JInventory (com_jinventory) component 1.23.02 and possibly other versions before 1.26.03, a module for Joomla!, allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability can lead to unauthorized access to sensitive files.
|
||||
remediation: Upgrade to the latest version to mitigate this vulnerability.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12065
|
||||
|
@ -40,4 +42,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022100e0a4475a7c35058ce79f49d108bb180242d90cc120c530dd911afd5c66f8a9dc022076d45a27b53fd0cafb5d7adac7596d2f6b6c776544037f7117ba2e8693824aec:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4b0a00483046022100e7b04454a6bb69f264e4dd4754eee56b3022c4c5ac84e46575de2bb39dcd4a51022100956719ea0bbde43fd2079b3d401d9f87038ff2daa9c9f264755da2c0fc2a9aae:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: high
|
||||
description: A directory traversal vulnerability in the Picasa (com_joomlapicasa2) component 2.0 and 2.0.5 for Joomla! allows remote attackers to read arbitrary local files via a .. (dot dot) in the controller parameter to index.php.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability can lead to unauthorized access to sensitive files.
|
||||
remediation: Upgrade to the latest version to mitigate this vulnerability.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12058
|
||||
|
@ -38,4 +40,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4b0a00483046022100db8f60e834d718a187a6affc3ddd8cb07625e1fb067e4d68b5a6f6bab98a0eb3022100b6da76ed5c5b35f5529aa45b95f8de9cc608a6c066dd69264579dc8b909dd0bb:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4b0a00483046022100e1f4f0060c68c73b81b05fa0c036c433de7e7de661c13e245b6519b209dd0686022100f724f0853fa864ea201f7b3377b3a7ae4bafc82fb0db4544f09b7092d505e11c:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: medium
|
||||
description: A directory traversal vulnerability in the Magic Updater (com_joomlaupdater) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability can lead to unauthorized access to sensitive files.
|
||||
remediation: Upgrade to the latest version to mitigate this vulnerability.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12070
|
||||
|
@ -39,4 +41,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022048439f47a8b21a74b4b97fa613ad972080db3db4fe053230262199d82317045c022100eadd5c390ee4731465f6f514079896cd72f934fd9895315d895f65374aea4e72:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a0047304502204ea305e21cf6b002e44afd364c3d21030b96316a544c492604ec10f5ff96ecac022100cca452f129982dde163f273a63e54d06d5e6496eef9837cb8c2de19cbe2f74cc:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: medium
|
||||
description: A directory traversal vulnerability in the SVMap (com_svmap) component 1.1.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability can lead to unauthorized access to sensitive files.
|
||||
remediation: Upgrade to the latest version to mitigate this vulnerability.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12066
|
||||
|
@ -38,4 +40,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 490a0046304402206a9af6404f873c9d3a57fe9df213511138f01fd29e3ea7105a802d41cf78924102205cb464a7bda81580894d76175190846c791dc1cd402a21817590737b159112e2:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 490a00463044022064827a2b3a8d58ef4a2a3c46803548cec0052632c4c7f8d21f18118ebd14b3c6022058eb78319f044f69ba50ef4e0d899e39e70636966010a842185bd8f281387cc8:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: medium
|
||||
description: A directory traversal vulnerability in the iJoomla News Portal (com_news_portal) component 1.5.x for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability could allow an attacker to read sensitive files on the server, leading to unauthorized access and potential data leakage.
|
||||
remediation: Upgrade to the latest version to mitigate this vulnerability.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12077
|
||||
|
@ -38,4 +40,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4b0a00483046022100f17626c6c2fb265ab27fa0646a728898f1b0c9f3fa847a9fb431a0e39fa82e8b022100f8103d182a1847d338a89d951149a9075835a9588ed011933dfed7688f480995:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100867fd351a2a90244ed77e8046adc2180f92604b75e069d398751668b18310e9802202d41ba7430bbc6e96d855278855e1aefd1286ec09c836f3de9de918bde460e87:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: medium
|
||||
description: A directory traversal vulnerability in the Seber Cart (com_sebercart) component 1.0.0.12 and 1.0.0.13 for Joomla!, when magic_quotes_gpc is disabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability can lead to unauthorized access to sensitive files, remote code execution, and compromise of the Joomla! CMS.
|
||||
remediation: Upgrade to the latest version to mitigate this vulnerability.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12082
|
||||
|
@ -38,4 +40,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022100fd165e012bb572dc265b83b5ca8b9c947ddf01bea06fde0c71635d59e7c796e0022013898e8cab7e473e13999ca183c3d97e6bc26290443ddbae95c4946d4faf0ef0:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 490a00463044022069608b00d6cce302d41960d97e53dffd2328158a421962cdc5d326a3c65c13d60220253869fcf736190901161cb37df82fd67626fa6b943ac18ade19c1ade10bcba0:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: medium
|
||||
description: A directory traversal vulnerability in the Highslide JS (com_hsconfig) component 1.5 and 2.0.9 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability can lead to unauthorized access to sensitive files.
|
||||
remediation: Upgrade to the latest version to mitigate this vulnerability.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12086
|
||||
|
@ -38,4 +40,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022100c6e61051c3e71766db8c93f1cba690d9e313100d617e7e936a55e737e9bfb3a802206edbc197346bf2a84a7297e202c7b67251c8f0546df7eb690cfaaa5d18b11595:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 490a0046304402203ab74f27464637000a111771ceabe7ebf60c232bbce13a6e98a322da6de8bee8022004e7174b83c84a10ed6ef3361845038a32769c167a8c9af5e13cf68801097e59:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: medium
|
||||
description: A directory traversal vulnerability in weberpcustomer.php in the webERPcustomer (com_weberpcustomer) component 1.2.1 and 1.x before 1.06.02 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability could allow an attacker to read sensitive files on the server, potentially leading to unauthorized access or information disclosure.
|
||||
remediation: Upgrade to the latest version to mitigate this vulnerability.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/11999
|
||||
|
@ -39,4 +41,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4b0a00483046022100935bdcc2bd3179773fce042c4a61ef810c9d2f814a47b93881e7c146477ff010022100a764011c1841a4d9b132ac59b8dfdb0592de77768416839b1f9c5f345112fb51:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100dc7c7d05af07a16c8189bdfeedfdefc06822cfb29f3b88ef920758007b104b2702200f9367dbbdc9cff4443413464334b1c74617dc88858f43e18aa91c25673c5203:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: medium
|
||||
description: A directory traversal vulnerability in jresearch.php in the J!Research (com_jresearch) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
impact: |
|
||||
The vulnerability allows an attacker to include arbitrary local files, leading to remote code execution or sensitive information disclosure.
|
||||
remediation: Upgrade to the latest version to mitigate this vulnerability.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/33797
|
||||
|
@ -39,4 +41,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022100e147f2ff0fcbc48bff40b1ff5321883b2cc1adc91b31edfbb2600c5a8263862402201d97ad50b2b9fde2cff5a0c0239416196581f96dc8d5eff323bec0845867888b:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4b0a004830460221008fe8611cd1efc4f804b1ee87a4214c6c9b21fc126850ea0f1f125c3338f0ed18022100b42e613cc4df538c18194ca7642095e0466c2d796db442442718dadcae08c21c:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: medium
|
||||
description: A directory traversal vulnerability in the Cookex Agency CKForms (com_ckforms) component 1.3.3 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
impact: |
|
||||
The LFI vulnerability can lead to unauthorized access to sensitive files, potentially exposing sensitive information.
|
||||
remediation: Upgrade to the latest version to mitigate this vulnerability.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/15453
|
||||
|
@ -38,4 +40,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 490a0046304402203bd1daa526a86b54b75dd6e090df43e78b56b22d1ddbff6a1ef56f04466f7e5b0220739e8df81fe0c2e77b397f7d2e0b4e334394ce071ea6a71f9168fea8414a941f:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4b0a00483046022100df0e15dc8ad751dfc509ae1b4143e07b3fb4ed6a605f8ade6971a5802196c61e022100e1d144cc199d7989faa57edff4c8b453911e79d83078f283231bc8863acab853:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: medium
|
||||
description: A directory traversal vulnerability in the JOOFORGE Jutebox (com_jukebox) component 1.0 and 1.7 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability can lead to unauthorized access to sensitive files.
|
||||
remediation: Upgrade to the latest version to mitigate this vulnerability.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12084
|
||||
|
@ -38,4 +40,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022100cfca9f9c725e410d29e54e6b5d02eedb50e515395715de8019d2c3314e3cf3d302202df3ddf237a67c191f3bde94abc572e0a3ffe5dc0f56dbcf14e0921c3bc8d812:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a004730450220499958bd8b65329c91db733607eda67f42e998529c2f50d7bd31533e2f16099f0221009a946f09a949fae53df09425fbda4d4ed20e2bbe6efff9498d618febbfa13ba7:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: medium
|
||||
description: A directory traversal vulnerability in the LoginBox Pro (com_loginbox) component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the view parameter to index.php.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability can lead to unauthorized access to sensitive files.
|
||||
remediation: |
|
||||
Apply the latest security patches or updates provided by Joomla! to fix the LFI vulnerability in LoginBox component.
|
||||
reference:
|
||||
|
@ -40,4 +42,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4b0a004830460221008d048e5078f229b37cb81e90eaf130150a30ba619c876b18220cd4e112a07930022100c9c281d897386357f77dd4b97c302ab1490dc0a2c85ac217b57c888b3a82f978:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4b0a00483046022100a72b93687ae905cb435bd660f819c05235fbbba93843921d66c92829f89326e5022100fa0275f518da4c827f358b9e50a65d64a79c88d9575fb5c2345c113944b2b673:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: medium
|
||||
description: A directory traversal vulnerability in the VJDEO (com_vjdeo) component 1.0 and 1.0.1 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability can lead to unauthorized access to sensitive files.
|
||||
remediation: Upgrade to the latest version to mitigate this vulnerability.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12102
|
||||
|
@ -39,4 +41,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022100e7ffeef32693f6aaa1b9e73715026da5c9cc7ae3faeeba9b011d109229d4d711022043a4839f8f123a837925e5cbb0dbcd262d27ed75f3e07bd926872ccf644d6f44:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4b0a00483046022100b5d1dc1258511f9a3bbcbb0f0046814c02884c77cd78b0aeb5347a539fd1704202210092074be1dceaa45c5bec4c8cdebe96901e5956aeff8bb2296f16b5e79131c0a9:922c64590222798bb761d5b6d8e72950
|
|
@ -6,6 +6,8 @@ info:
|
|||
severity: medium
|
||||
description: |
|
||||
Red Hat JBoss Enterprise Application Platform 4.2 before 4.2.0.CP09 and 4.3 before 4.3.0.CP08 is susceptible to sensitive information disclosure. A remote attacker can obtain sensitive information about "deployed web contexts" via a request to the status servlet, as demonstrated by a full=true query string. NOTE: this issue exists because of a CVE-2008-3273 regression.
|
||||
impact: |
|
||||
An attacker can exploit this vulnerability to gain access to sensitive information, potentially leading to further attacks.
|
||||
remediation: |
|
||||
Apply the necessary patches or updates provided by Red Hat to fix the vulnerability.
|
||||
reference:
|
||||
|
@ -47,4 +49,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022100cdc0f292decb28743adf2f23fffa226f0cfd208303a82282a13b1d34c1342f3e02204329a76e1cb2adadd04c7c271fc5fa03ea4030315e839638599a046a5ee65c9b:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100eeb17d0a55fe9c292ed360d93e7dc16c7902595cadb704b45bded9319b572a7b022025cecd4333e92104c46103332061db86c2f1fb967473f61b7cd1f0f37afdc41d:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: medium
|
||||
description: A directory traversal vulnerability in the Photo Battle (com_photobattle) component 1.0.1 for Joomla! allows remote attackers to read arbitrary files via the view parameter to index.php.
|
||||
impact: |
|
||||
The LFI vulnerability can lead to unauthorized access to sensitive files, remote code execution, and compromise of the Joomla! application.
|
||||
remediation: Upgrade to the latest version to mitigate this vulnerability.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12232
|
||||
|
@ -38,4 +40,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4b0a00483046022100e85030cf632a155f98ccd3f5428e6c94f85503b2707ebe8c899f9efcb0af1ba1022100b682c31513f0e846c2ee8df5221596ebfe97005c4c2e2e939d6e2891ac80b27e:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a0047304502210096d617b9e4bee8999116e4486ab5679a0f8a0e2c3499f80dfbd7e82d29148637022052f87a0ce7cd16e33e9ff539425d1f7229f81901d825193e4586e89a021a2f87:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: medium
|
||||
description: A directory traversal vulnerability in the Ternaria Informatica JProject Manager (com_jprojectmanager) component 1.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impact via a .. (dot dot) in the controller parameter to index.php.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability can lead to unauthorized access to sensitive files, remote code execution, and potential compromise of the entire Joomla! installation.
|
||||
remediation: Upgrade to the latest version to mitigate this vulnerability.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12146
|
||||
|
@ -39,4 +41,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a004730450220509cc2f4146534580c7a7913594d4ef19b77fd1c74f0e0d29f242ebf6d537c08022100eb4cc1d1d8e3eac73b3a16e6bd7201945be29c95421c8d152f8af462e85066be:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a0047304502207a230c9a42e5a5c8bb0d395087e0aca9cefd7285a167fa42c9a5a93b14c46d88022100e8550828a91b082e4c908b27285a1ef13d48a2f7580ec020f4ab09aecec205e1:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: high
|
||||
description: A directory traversal vulnerability in the Web TV (com_webtv) component 1.0 for Joomla! allows remote attackers to read arbitrary files and have possibly other unspecified impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability could allow an attacker to read sensitive files on the server, potentially leading to unauthorized access or information disclosure.
|
||||
remediation: Upgrade to the latest version to mitigate this vulnerability.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12166
|
||||
|
@ -39,4 +41,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022033273cdd3751604b219df79fef83b2a2db3cf41a006ebab132c3830ceca3d425022100e304d2b821ca739759d57be72ff0e9c59814d16e0666d337ac2fb4b458c175ec:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a0047304502210090ded558efdc68efdfc4f1021042fe040fd9623e489a797a51ae65dca54add4d022036194cfa1b5329324aac1be6674cbcd60f3f2f02ce8109881a3575f46e7f4929:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: high
|
||||
description: A directory traversal vulnerability in the AddressBook (com_addressbook) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability can lead to unauthorized access to sensitive files.
|
||||
remediation: |
|
||||
Update to the latest version of Joomla! Component Address Book or apply the necessary patches to fix the LFI vulnerability.
|
||||
reference:
|
||||
|
@ -39,4 +41,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a0047304502210098fd435fd7ff07962ed5ecb7ad76b65b3dae0a06d576d7845b5495a5b706059e02205eb795796f5fe00743d1e3bc7f48d3c196e1590c792b75dcfdc1b7547e8b2d39:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 490a0046304402207abe352a0287053462859d617d5bd1fad54ddcac4ece82145ff93edb42ea650d0220645a86c6f1c30a29acafb429ee6448d393085220af5a5749ff0c71b29114a1d0:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: high
|
||||
description: A directory traversal vulnerability in the Daily Horoscope (com_horoscope) component 1.5.0 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability can lead to unauthorized access to sensitive files and potentially execute arbitrary code.
|
||||
remediation: Upgrade to the latest version to mitigate this vulnerability.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12167
|
||||
|
@ -39,4 +41,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022100d7ecff15693dcc6ba114f6d0d873f07201f187f4caf25f0e5358e6c48f3a158d022056dbab57d855141513e2fd556ceb44f45df93528c1af8d2aacfa57015bd86945:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100a968e604f3d5eb04a9d0d2b89e3a82a0abfaf1175bdac3d8cc895972c44b442b02201c5bbbefc7883b0bc96f5ffc6096d834707dcc79a31426f6d0a8f90c0c5394d1:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: medium
|
||||
description: A directory traversal vulnerability in the Advertising (com_advertising) component 0.25 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability can lead to unauthorized access to sensitive files, remote code execution, and potential compromise of the entire Joomla! installation.
|
||||
remediation: Upgrade to the latest version to mitigate this vulnerability.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12171
|
||||
|
@ -38,4 +40,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4b0a00483046022100d8b5aff97935929d851f2dd64b4d5f439dbb135651412c45bda3b4d3cecfa09d022100b691dfb257d7493f6f77958108d5ff0293326faf008105be0505feccb6dd50b7:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a0047304502202e2f5d6ac3b345ee3cfa7384339109d6498d73396a041237ba62f85526c5755b022100a131f30562e84b03ddfb91b97024de09c91c88583778ffeeeb1feb0787c279c9:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: medium
|
||||
description: A directory traversal vulnerability in the Sweety Keeper (com_sweetykeeper) component 1.5.x for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability can lead to unauthorized access to sensitive files.
|
||||
remediation: |
|
||||
Update to the latest version of Joomla! Component Sweetykeeper or apply the necessary patches to fix the LFI vulnerability.
|
||||
reference:
|
||||
|
@ -40,4 +42,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 490a0046304402204dfe9e502a57e3e916593caf6ae1ab12d5cfe1a70bee11c5af267d6697516c9a02201c43a3e7c17e20f7e27061439acf0f3149516160d37295a7b5c0a3fccea39819:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 490a0046304402203fac14474eded012145b6cc5d2952b23724d33d7a6533cb251a4ff33a6a7403e022046a06cd61e75005c10d20e74a8989cb3b5b7b7279333ef5743ec00241aa04eef:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: medium
|
||||
description: A directory traversal vulnerability in the Preventive & Reservation (com_preventive) component 1.0.5 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
impact: |
|
||||
The LFI vulnerability can allow an attacker to read arbitrary files on the server, potentially exposing sensitive information or executing malicious code.
|
||||
remediation: |
|
||||
Update to the latest version of Joomla! Component Preventive And Reservation and apply any available patches or fixes to mitigate the LFI vulnerability.
|
||||
reference:
|
||||
|
@ -40,4 +42,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 490a004630440220347d65e25b5cbb302e9d5c17cd657658391d5a8a0a9af81cedbcba316b32f27c02204a31659e2975ec31b519c73c1528294a159f14bcacbe2d810dfd611310873822:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 490a0046304402205121f2e892c037b7ac973a0080003faa18a9c705a9a025279a23a5942b4a362902204df0392cc98a96774f98772e99e110f26e6e3a2afc572f453bffd4305d0d6e90:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: medium
|
||||
description: A directory traversal vulnerability in the AlphaUserPoints (com_alphauserpoints) component 1.5.5 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the view parameter to index.php.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability can lead to unauthorized access to sensitive files and potential remote code execution.
|
||||
remediation: Upgrade to the latest version to mitigate this vulnerability.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12150
|
||||
|
@ -39,4 +41,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022100a2269cd1a53c24c6af0a68b496ff1b58b824e0d9255746297ae1f3504c06c090022013fd2262d9d0190dbfb2d6ccd01eb44c559b7f073d64df1c96f40717e864d8e5:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a00473045022100d5417a03479c8004cc8a34cbb7abdbe70cdd7a851a528792d72560c471d52e8e022013f0d023748d6b1e1c3bf7582cc10d8f230a60aa0f03d58a4cb5ace89cccbc52:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: medium
|
||||
description: A directory traversal vulnerability in the Ternaria Informatica Jfeedback! (com_jfeedback) component 1.2 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability can lead to unauthorized access to sensitive files.
|
||||
remediation: Upgrade to the latest version to mitigate this vulnerability.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12145
|
||||
|
@ -37,4 +39,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022071fef327ece73af4e957ebdacb2f283ddcf0666206beeb7d6e7675bff6a4a680022100b2eb72abc7691d8444931c4c42bdda1bfb8cfcf31a3d52d5dc9e360e39f8e311:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a004730450221008141ca5c007f7e8cef45d147c64118c92755dbe18bad5efacb93ba4bee5f784102205acdbd62f9d1e6b512ddc3f4ce80f249330376fad2ddac92fd2968cbf1090103:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: medium
|
||||
description: A directory traversal vulnerability in the MMS Blog (com_mmsblog) component 2.3.0 for Joomla! allows remote attackers to read arbitrary files and possibly have unspecified other impacts via a .. (dot dot) in the controller parameter to index.php.
|
||||
impact: |
|
||||
The LFI vulnerability can lead to unauthorized access to sensitive files, remote code execution, and compromise of the Joomla! CMS.
|
||||
remediation: Upgrade to the latest version to mitigate this vulnerability.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12318
|
||||
|
@ -39,4 +41,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4b0a0048304602210099c131a4be3b851face18f6292bd13bac9b76ebf6a9575080d389fba020855fa0221009d80872f5b43b6ac579ed968ef752215290aa43a8fdb5febb7d322d300ee2cec:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4b0a00483046022100d829381add883dd1d5af538546bab9cfd00e470a806b5543ae8731c1621a8395022100f8dc253e35b6cc1342ee3b3a5e3f8292439de7542ef702b51140cc83fcf147df:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: medium
|
||||
description: A directory traversal vulnerability in the AWDwall (com_awdwall) component 1.5.4 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability can lead to unauthorized access to sensitive files.
|
||||
remediation: Upgrade to the latest version to mitigate this vulnerability.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12113
|
||||
|
@ -40,4 +42,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022100d3eaa3e347e6a2d8632599d435f90a88248f4c5f70d0bbce63138bf06521ec98022064c5ce2112150b47e8ed672aeb937f6a4a7518a2ea6eb7e8aa6f24a41f936c52:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a004730450221009ba34cfc30e2696d2f60567dfda7a22293776c64a3fec9689f2b5d44e69b7da5022055c4c0938d9a9cee5e650c746792770cdfe8bdbb9584093dc0247acb1cafa355:922c64590222798bb761d5b6d8e72950
|
|
@ -5,6 +5,8 @@ info:
|
|||
author: daffainfo
|
||||
severity: high
|
||||
description: A directory traversal vulnerability in the Matamko (com_matamko) component 1.01 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the controller parameter to index.php.
|
||||
impact: |
|
||||
Successful exploitation of this vulnerability can lead to unauthorized access to sensitive files, remote code execution, and potential compromise of the entire Joomla! installation.
|
||||
remediation: Upgrade to the latest version to mitigate this vulnerability.
|
||||
reference:
|
||||
- https://www.exploit-db.com/exploits/12286
|
||||
|
@ -39,4 +41,4 @@ http:
|
|||
- type: status
|
||||
status:
|
||||
- 200
|
||||
# digest: 4a0a00473045022100c10fbc9874082966906af3524ab31606fcf801ea2cfb768869dc213399ed866d022058fedfcd23f360fac72d00c1d9eb14e3028d75300c60dc34eda86e57744ade68:922c64590222798bb761d5b6d8e72950
|
||||
# digest: 4a0a0047304502204bc942e036cac7325edc601114a5bed76a616e7848e29f355f99aaa6b41d2526022100d8473b1793386d25bc4d72b6be8233568b651c311b9c109a28847ed26c4c8b77:922c64590222798bb761d5b6d8e72950
|
Some files were not shown because too many files have changed in this diff Show More
Loading…
Reference in New Issue