daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
10,062 Commits
17 Branches
0 Tags
165 MiB
Commit Graph

4 Commits (b9392d5a3e49c7b28ebe9c57fef28a7720a33473)

Author SHA1 Message Date
Ice3man543 e9f728c321 Added cve annotations + severity adjustments 2021-09-10 16:56:40 +05:30
forgedhallpass f55d6b75e1 Removed pipe (|) character from references, because the structure requires it to be a string slice, not a string 
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
 2021-08-19 16:59:12 +03:00
sandeep ebf1653d65 Update CVE-2021-36380.yaml 2021-08-02 01:33:10 +05:30
GwanYeong Kim 0678e7d233 Create CVE-2021-36380.yaml 
The /cgi/networkDiag.cgi script directly incorporated user-controllable parameters within a shell command, allowing an attacker to manipulate the resulting command by injecting valid OS command input. The following POST request injects a new command that instructs the server to establish a reverse TCP connection to another system, allowing the establishment of an interactive remote shell session.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2021-08-01 03:10:49 +09:00