format update
parent
163e9a35c1
commit
fe5733cf45
|
@ -4,7 +4,8 @@ info:
|
||||||
name: 360 Xintianqing - SQL Injection
|
name: 360 Xintianqing - SQL Injection
|
||||||
author: SleepingBag945
|
author: SleepingBag945
|
||||||
severity: high
|
severity: high
|
||||||
description: The Tianqing Terminal Security Management System, designed for government and enterprise use, faces a SQL injection vulnerability. This flaw could enable attackers to access sensitive database information. The vendor has addressed the issue with security bulletins and released patches for mitigation. Users are advised to apply the provided fixes promptly.
|
description: |
|
||||||
|
The Tianqing Terminal Security Management System, designed for government and enterprise use, faces a SQL injection vulnerability. This flaw could enable attackers to access sensitive database information.
|
||||||
reference:
|
reference:
|
||||||
- https://blog.51cto.com/u_9691128/4295047
|
- https://blog.51cto.com/u_9691128/4295047
|
||||||
- https://www.cnvd.org.cn/patchInfo/show/270651
|
- https://www.cnvd.org.cn/patchInfo/show/270651
|
||||||
|
|
|
@ -4,7 +4,7 @@ info:
|
||||||
name: Collibra Properties Exposure
|
name: Collibra Properties Exposure
|
||||||
author: 0xPugazh
|
author: 0xPugazh
|
||||||
severity: high
|
severity: high
|
||||||
description: Detected expoed Collibra Properties.
|
description: Detected exposed Collibra Properties.
|
||||||
reference:
|
reference:
|
||||||
- https://twitter.com/shaybt12/status/1662431219223605254
|
- https://twitter.com/shaybt12/status/1662431219223605254
|
||||||
metadata:
|
metadata:
|
||||||
|
|
|
@ -4,9 +4,8 @@ info:
|
||||||
name: JK Status Manager - Detect
|
name: JK Status Manager - Detect
|
||||||
author: pdteam,DhiyaneshDk
|
author: pdteam,DhiyaneshDk
|
||||||
severity: low
|
severity: low
|
||||||
description: Exposed JKStatus manager which is a web-based tool that allows administrators to monitor and manage the connections between the Apache HTTP Server and the Tomcat application server.
|
description: |
|
||||||
|
Exposed JKStatus manager which is a web-based tool that allows administrators to monitor and manage the connections between the Apache HTTP Server and the Tomcat application server.
|
||||||
|
|
||||||
reference:
|
reference:
|
||||||
- https://github.com/PortSwigger/j2ee-scan/blob/master/src/main/java/burp/j2ee/issues/impl/JKStatus.java
|
- https://github.com/PortSwigger/j2ee-scan/blob/master/src/main/java/burp/j2ee/issues/impl/JKStatus.java
|
||||||
metadata:
|
metadata:
|
||||||
|
|
|
@ -4,9 +4,8 @@ info:
|
||||||
name: Clockwork PHP page exposure
|
name: Clockwork PHP page exposure
|
||||||
author: organiccrap
|
author: organiccrap
|
||||||
severity: high
|
severity: high
|
||||||
description: Clockwork php page was exposed, which allows admins to profile and debug the application, view database queries, HTTP requests, and other details right from the browser's developer tools.
|
description: |
|
||||||
|
Clockwork php page was exposed, which allows admins to profile and debug the application, view database queries, HTTP requests, and other details right from the browser's developer tools.
|
||||||
|
|
||||||
reference:
|
reference:
|
||||||
- https://twitter.com/damian_89_/status/1250721398747791360
|
- https://twitter.com/damian_89_/status/1250721398747791360
|
||||||
metadata:
|
metadata:
|
||||||
|
|
|
@ -4,7 +4,7 @@ info:
|
||||||
name: Discover development log files
|
name: Discover development log files
|
||||||
author: geeknik
|
author: geeknik
|
||||||
severity: info
|
severity: info
|
||||||
description: development log file was exposed.
|
description: Development log file was exposed.
|
||||||
metadata:
|
metadata:
|
||||||
max-request: 3
|
max-request: 3
|
||||||
tags: logs,exposure,rails
|
tags: logs,exposure,rails
|
||||||
|
|
Loading…
Reference in New Issue