format update

patch-1
Ritik Chaddha 2023-12-29 15:23:08 +05:30
parent 163e9a35c1
commit fe5733cf45
5 changed files with 8 additions and 9 deletions

View File

@ -4,7 +4,8 @@ info:
name: 360 Xintianqing - SQL Injection
author: SleepingBag945
severity: high
description: The Tianqing Terminal Security Management System, designed for government and enterprise use, faces a SQL injection vulnerability. This flaw could enable attackers to access sensitive database information. The vendor has addressed the issue with security bulletins and released patches for mitigation. Users are advised to apply the provided fixes promptly.
description: |
The Tianqing Terminal Security Management System, designed for government and enterprise use, faces a SQL injection vulnerability. This flaw could enable attackers to access sensitive database information.
reference:
- https://blog.51cto.com/u_9691128/4295047
- https://www.cnvd.org.cn/patchInfo/show/270651

View File

@ -4,7 +4,7 @@ info:
name: Collibra Properties Exposure
author: 0xPugazh
severity: high
description: Detected expoed Collibra Properties.
description: Detected exposed Collibra Properties.
reference:
- https://twitter.com/shaybt12/status/1662431219223605254
metadata:

View File

@ -4,9 +4,8 @@ info:
name: JK Status Manager - Detect
author: pdteam,DhiyaneshDk
severity: low
description: Exposed JKStatus manager which is a web-based tool that allows administrators to monitor and manage the connections between the Apache HTTP Server and the Tomcat application server.
description: |
Exposed JKStatus manager which is a web-based tool that allows administrators to monitor and manage the connections between the Apache HTTP Server and the Tomcat application server.
reference:
- https://github.com/PortSwigger/j2ee-scan/blob/master/src/main/java/burp/j2ee/issues/impl/JKStatus.java
metadata:

View File

@ -4,9 +4,8 @@ info:
name: Clockwork PHP page exposure
author: organiccrap
severity: high
description: Clockwork php page was exposed, which allows admins to profile and debug the application, view database queries, HTTP requests, and other details right from the browser's developer tools.
description: |
Clockwork php page was exposed, which allows admins to profile and debug the application, view database queries, HTTP requests, and other details right from the browser's developer tools.
reference:
- https://twitter.com/damian_89_/status/1250721398747791360
metadata:

View File

@ -4,7 +4,7 @@ info:
name: Discover development log files
author: geeknik
severity: info
description: development log file was exposed.
description: Development log file was exposed.
metadata:
max-request: 3
tags: logs,exposure,rails