daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #8724 from projectdiscovery/pussycat0x-patch-5 

Endpoint Update CVE-2023-49103
patch-1
Dhiyaneshwaran 2023-11-30 17:19:28 +05:30 committed by GitHub
parent ee271cf0eb a7457007c6
commit f8b1e66e22
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
http/cves/2023/CVE-2023-49103.yaml
View File

@ -10,7 +10,8 @@ info:
- https://github.com/creacitysec/CVE-2023-49103/blob/main/exploit.py
- https://nvd.nist.gov/vuln/detail/CVE-2023-49103
- https://owncloud.com/security-advisories/disclosure-of-sensitive-credentials-and-configuration-in-containerized-deployments/
- https://owncloud.org/security
- https://www.labs.greynoise.io//grimoire/2023-11-29-owncloud-redux/
- https://attackerkb.com/topics/G9urDj4Cg2/cve-2023-49103
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
cvss-score: 10
@ -28,7 +29,9 @@ http:
- method: GET
path:
- "{{BaseURL}}/owncloud/apps/graphapi/vendor/microsoft/microsoft-graph/tests/GetPhpInfo.php"
- "{{BaseURL}}/apps/graphapi/vendor/microsoft/microsoft-graph/tests/GetPhpInfo.php"
stop-at-first-match: true
matchers-condition: and
matchers:
- type: word