Fixed mistakes/typos in the templates.

Related nuclei tickets: * #259 - dynamic key-value field support for template information * #940 - new infos in template * #834 * RES-84
2021-08-19 15:30:14 +03:00 · 2021-08-19 15:30:14 +03:00 · e68d15ab63
parent cdf9451158
commit e68d15ab63
13 changed files with 14 additions and 14 deletions
--- a/cves/2015/CVE-2015-8813.yaml
+++ b/cves/2015/CVE-2015-8813.yaml
@ -5,7 +5,7 @@ info:
  author: emadshanab
  severity: high
  description: A Server Side Request Forgery (SSRF) vulnerability in Umbraco in Feedproxy.aspx allows attackers to send arbitrary HTTP GET requests.Once you change the URL to the http://local/Umbraco/feedproxy.aspx?url=http://127.0.0.1:80/index, you able to access the localhost application of the server
-  refrense: |
+  reference:
    - https://blog.securelayer7.net/umbraco-the-open-source-asp-net-cms-multiple-vulnerabilities/
    - https://nvd.nist.gov/vuln/detail/CVE-2015-8813
  tags: cve,cve2015,ssrf,oob
--- a/cves/2016/CVE-2016-0957.yaml
+++ b/cves/2016/CVE-2016-0957.yaml
@ -12,8 +12,8 @@ requests:
  - method: GET
    path:
      - "{{BaseURL}}/system/console?.css"
-    header:
-      - Authorization: "Basic YWRtaW46YWRtaW4K"
+    headers:
+      Authorization: "Basic YWRtaW46YWRtaW4K"

    matchers-condition: and
    matchers:
--- a/cves/2017/CVE-2017-16806.yaml
+++ b/cves/2017/CVE-2017-16806.yaml
@ -22,5 +22,5 @@ requests:
        regex:
          - "root:.*:0:0:"
          - "\\[(font|extension|file)s\\]"
-        conditon: or
+        condition: or
        part: body
--- a/cves/2018/CVE-2018-2894.yaml
+++ b/cves/2018/CVE-2018-2894.yaml
@ -19,4 +19,4 @@ requests:
        words:
          - "* Copyright (c) 2005,2013, Oracle"
          - "<title>settings</title>"
-        conditon: and
+        condition: and
--- a/cves/2019/CVE-2019-17558.yaml
+++ b/cves/2019/CVE-2019-17558.yaml
@ -3,7 +3,7 @@ info:
  name: Apache Solr 8.3.0 - Remote Code Execution via Velocity Template
  author: pikpikcu,madrobot
  severity: critical
-  refrense: https://nvd.nist.gov/vuln/detail/CVE-2019-17558
+  reference: https://nvd.nist.gov/vuln/detail/CVE-2019-17558
  tags: cve,cve2019,apache,rce,solr

 requests:
--- a/cves/2019/CVE-2019-18394.yaml
+++ b/cves/2019/CVE-2019-18394.yaml
@ -5,7 +5,7 @@ info:
  author: pdteam
  severity: critical
  description: A Server Side Request Forgery (SSRF) vulnerability in FaviconServlet.java in Ignite Realtime Openfire through 4.4.2 allows attackers to send arbitrary HTTP GET requests.
-  refrense: |
+  reference:
    - https://swarm.ptsecurity.com/openfire-admin-console/
    - https://github.com/igniterealtime/Openfire/pull/1497
  tags: cve,cve2019,ssrf,openfire,oob
--- a/cves/2019/CVE-2019-19985.yaml
+++ b/cves/2019/CVE-2019-19985.yaml
@ -5,7 +5,7 @@ info:
  author: KBA@SOGETI_ESEC,madrobot,dwisiswant0
  severity: medium
  description: The WordPress plugin, Email Subscribers & Newsletters, before 4.2.3 had a flaw that allowed unauthenticated file download with user information disclosure.
-  refrense: https://www.exploit-db.com/exploits/48698
+  reference: https://www.exploit-db.com/exploits/48698
  tags: cve,cve2019,wordpress,wp-plugin

 requests:
--- a/cves/2019/CVE-2019-20141.yaml
+++ b/cves/2019/CVE-2019-20141.yaml
@ -5,7 +5,7 @@ info:
  author: knassar702
  severity: medium
  description: An XSS issue was discovered in the Laborator Neon theme 2.0 for WordPress via the data/autosuggest-remote.php q parameter.
-  refrense: https://knassar7o2.blogspot.com/2019/12/neon-dashboard-cve-2019-20141.html
+  reference: https://knassar7o2.blogspot.com/2019/12/neon-dashboard-cve-2019-20141.html
  tags: cve,cve2019,xss

 requests:
--- a/exposed-panels/zte-panel.yaml
+++ b/exposed-panels/zte-panel.yaml
@ -16,7 +16,7 @@ requests:
          - "ZTE Corporation. All rights reserved. </div>"
          - '<form name="fLogin" id="fLogin" method="post"  onsubmit="return false;" action="">'
        part: body
-        condtion: and
+        condition: and

      - type: word
        words:
--- a/exposures/configs/exposed-gitignore.yaml
+++ b/exposures/configs/exposed-gitignore.yaml
@ -36,4 +36,4 @@ requests:
          - "image/"
        part: all
        negative: true
-        condtion: or
+        condition: or
--- a/vulnerabilities/other/etouch-v2-sqli.yaml
+++ b/vulnerabilities/other/etouch-v2-sqli.yaml
@ -4,7 +4,7 @@ info:
  author: princechaddha
  severity: high
  tags: etouch,sqli
-  refrence: |
+  reference:
    - https://github.com/mstxq17/CodeCheck/
    - https://www.anquanke.com/post/id/168991

--- a/vulnerabilities/other/jfrog-unauth-build-exposed.yaml
+++ b/vulnerabilities/other/jfrog-unauth-build-exposed.yaml
@ -4,7 +4,7 @@ info:
  name: JFrog Unauthentication Builds
  author: dhiyaneshDK
  severity: medium
-  referemce: https://github.com/jaeles-project/jaeles-signatures/blob/master/common/jfrog-unauth-build-exposed.yaml
+  reference: https://github.com/jaeles-project/jaeles-signatures/blob/master/common/jfrog-unauth-build-exposed.yaml
  tags: jfrog

 requests:
--- a/vulnerabilities/other/zms-auth-bypass.yaml
+++ b/vulnerabilities/other/zms-auth-bypass.yaml
@ -4,7 +4,7 @@ info:
  name: Zoo Management System 1.0 - Authentication Bypass
  author: dwisiswant0
  severity: high
-  refernce: https://www.exploit-db.com/exploits/48880
+  reference: https://www.exploit-db.com/exploits/48880

 requests:
  - raw: