Skip to content

Commit

Permalink
20241110
Browse files Browse the repository at this point in the history
  • Loading branch information
actions-user committed Nov 10, 2024
1 parent d49338d commit 79ef547
Show file tree
Hide file tree
Showing 56 changed files with 3,241 additions and 1 deletion.
2 changes: 1 addition & 1 deletion date.txt
Original file line number Diff line number Diff line change
@@ -1 +1 @@
20241109
20241110
54 changes: 54 additions & 0 deletions poc.txt
Original file line number Diff line number Diff line change
Expand Up @@ -13329,6 +13329,7 @@
./poc/cve/CVE-2018-3811.yaml
./poc/cve/CVE-2018-3949.yaml
./poc/cve/CVE-2018-5158-67138bc530fcbd1f4c3ec3156662b94e.yaml
./poc/cve/CVE-2018-5158.yaml
./poc/cve/CVE-2018-5212-59e996aca253b8dbc7622830c74fc5ac.yaml
./poc/cve/CVE-2018-5212.yaml
./poc/cve/CVE-2018-5213-5a9a30619727343de8e3e76ab65500e8.yaml
Expand Down Expand Up @@ -33734,15 +33735,20 @@
./poc/cve/CVE-2024-10250-381303a6df453508271ce4a14d6f5e15.yaml
./poc/cve/CVE-2024-10250.yaml
./poc/cve/CVE-2024-10261-13a111b77ff7242b7fd206b696ded4b9.yaml
./poc/cve/CVE-2024-10261.yaml
./poc/cve/CVE-2024-10263-5a599dd7d83925469bc803c5aabfa610.yaml
./poc/cve/CVE-2024-10263.yaml
./poc/cve/CVE-2024-10265-0929159890a98e464224f2d4b3ca4054.yaml
./poc/cve/CVE-2024-10266-c7464e0e6f14d3d02fbbef631b0fa0d8.yaml
./poc/cve/CVE-2024-10266.yaml
./poc/cve/CVE-2024-10269-de3e977fc48c497bbd319154dc08b47e.yaml
./poc/cve/CVE-2024-10269.yaml
./poc/cve/CVE-2024-10284-678b4260d3f280e8339a3c114f9bd9d3.yaml
./poc/cve/CVE-2024-10284.yaml
./poc/cve/CVE-2024-10285-0149e578f9b391b0d38534038361bcfd.yaml
./poc/cve/CVE-2024-10285.yaml
./poc/cve/CVE-2024-10294-1131fa6d3c45d258c35e83876ed4fab3.yaml
./poc/cve/CVE-2024-10294.yaml
./poc/cve/CVE-2024-10310-08ea151b2594c4d66f1066377ac5bb02.yaml
./poc/cve/CVE-2024-10310.yaml
./poc/cve/CVE-2024-10312-50ebf94b7cedccb9e13dff934ff93b48.yaml
Expand All @@ -33762,6 +33768,7 @@
./poc/cve/CVE-2024-10343-4b62a3038a6fc336914f3ddb9e620492.yaml
./poc/cve/CVE-2024-10343.yaml
./poc/cve/CVE-2024-10352-49be0f8c340584233e5750fb27ab436d.yaml
./poc/cve/CVE-2024-10352.yaml
./poc/cve/CVE-2024-10357-4f61676917f036bdaefc6591bc3b8254.yaml
./poc/cve/CVE-2024-10357.yaml
./poc/cve/CVE-2024-10360-45e78583db6193210a4d94e69731df68.yaml
Expand Down Expand Up @@ -33808,13 +33815,15 @@
./poc/cve/CVE-2024-1047-fb93f34e53916d4f4fd53ff72b0a2a6f.yaml
./poc/cve/CVE-2024-1047.yaml
./poc/cve/CVE-2024-10470-03018950e373c0e8746e1508abb3b26d.yaml
./poc/cve/CVE-2024-10470.yaml
./poc/cve/CVE-2024-10482-845ce866c54cd77aff0707f285c1d085.yaml
./poc/cve/CVE-2024-10482.yaml
./poc/cve/CVE-2024-1049-0e66fa189b7475aa8bef5ee2db21f9f7.yaml
./poc/cve/CVE-2024-1049.yaml
./poc/cve/CVE-2024-1050-27175c3a9c41e19f3b6754fd15e6284b.yaml
./poc/cve/CVE-2024-1050.yaml
./poc/cve/CVE-2024-10508-9305c56dd865940b821d574327597953.yaml
./poc/cve/CVE-2024-10508.yaml
./poc/cve/CVE-2024-1051-5e8b58bda7c4c85d551a1bc3c6ff7348.yaml
./poc/cve/CVE-2024-1051.yaml
./poc/cve/CVE-2024-1053-ecc5e07de79c654d2248cf4b93e3241f.yaml
Expand All @@ -33830,6 +33839,7 @@
./poc/cve/CVE-2024-10544-09e7902ad0b8f33d5cc3104966bee93f.yaml
./poc/cve/CVE-2024-10544.yaml
./poc/cve/CVE-2024-10547-91ad0f702b882575a68f7cd6df342c13.yaml
./poc/cve/CVE-2024-10547.yaml
./poc/cve/CVE-2024-1055-d648797daf2d40f2e3020df2557ea8d6.yaml
./poc/cve/CVE-2024-1055.yaml
./poc/cve/CVE-2024-1056-67c2890890023e1dcaf3fcf02b7286ad.yaml
Expand All @@ -33839,31 +33849,45 @@
./poc/cve/CVE-2024-1058-ee29f13d5975fd520360e5ea7be92c39.yaml
./poc/cve/CVE-2024-1058.yaml
./poc/cve/CVE-2024-10586-1ccc6f2723a2f31b8fd563fbe61fe46e.yaml
./poc/cve/CVE-2024-10586.yaml
./poc/cve/CVE-2024-10588-29f46f138336461b1ce42b72ea92eb56.yaml
./poc/cve/CVE-2024-10588.yaml
./poc/cve/CVE-2024-10589-3949f6625a5239536ec744810016b1a6.yaml
./poc/cve/CVE-2024-10589.yaml
./poc/cve/CVE-2024-1061-c2234d6b671e34ecc87aded4a14cc4c8.yaml
./poc/cve/CVE-2024-1061.yaml
./poc/cve/CVE-2024-10621-89e331c9a7f37c94baf30ce317cf3d01.yaml
./poc/cve/CVE-2024-10621.yaml
./poc/cve/CVE-2024-10625-5167bc875e4f94945fdaeb2883e90899.yaml
./poc/cve/CVE-2024-10625.yaml
./poc/cve/CVE-2024-10626-4415d810b5ea3b86fe306f003ed4cee5.yaml
./poc/cve/CVE-2024-10626.yaml
./poc/cve/CVE-2024-10627-1c85a579db4c49a8c9cbe80724b7af26.yaml
./poc/cve/CVE-2024-10627.yaml
./poc/cve/CVE-2024-10640-88364cdc0e1cf13f113175b2a7c50048.yaml
./poc/cve/CVE-2024-10640.yaml
./poc/cve/CVE-2024-10647-f9db24370dab16c6bbf61c415c445725.yaml
./poc/cve/CVE-2024-10647.yaml
./poc/cve/CVE-2024-10667-6064fccbb90759e6e25f1362294add93.yaml
./poc/cve/CVE-2024-10667.yaml
./poc/cve/CVE-2024-10669-49437bffcf6782e8d80520956dcb05d6.yaml
./poc/cve/CVE-2024-10669.yaml
./poc/cve/CVE-2024-10673-682d2c4bd20eb7eb32fe9db89c67f59d.yaml
./poc/cve/CVE-2024-10673.yaml
./poc/cve/CVE-2024-10674-d13865d5abb138523bd7d89fc89087c4.yaml
./poc/cve/CVE-2024-10674.yaml
./poc/cve/CVE-2024-1068-9cafdd7123cc13ec1ddd7f5534904f5e.yaml
./poc/cve/CVE-2024-1068.yaml
./poc/cve/CVE-2024-10683-734140ef8839eb2d2a43ce550e9b8229.yaml
./poc/cve/CVE-2024-10683.yaml
./poc/cve/CVE-2024-10687-d9989207d8a257bce53d182b8cda1c6d.yaml
./poc/cve/CVE-2024-10687.yaml
./poc/cve/CVE-2024-10688-4e865d55bfaf7ccff8ab4229b44e4c7b.yaml
./poc/cve/CVE-2024-10688.yaml
./poc/cve/CVE-2024-1069-eade4f165a3dd4a95074ea430cf7d5a1.yaml
./poc/cve/CVE-2024-1069.yaml
./poc/cve/CVE-2024-10693-c432d0b08f287a25140732c41d4a1ed1.yaml
./poc/cve/CVE-2024-10693.yaml
./poc/cve/CVE-2024-1070-2eaf969a3130409b034463b1e7ec7297.yaml
./poc/cve/CVE-2024-1070.yaml
./poc/cve/CVE-2024-10709-645acc80e460ffaad4f2931d5b432c17.yaml
Expand All @@ -33887,22 +33911,29 @@
./poc/cve/CVE-2024-1076-9a7188ec2ba0e2d447a5f9982f48db9b.yaml
./poc/cve/CVE-2024-1076.yaml
./poc/cve/CVE-2024-10770-c34a4a3efec7f5f02bdebaace96e792d.yaml
./poc/cve/CVE-2024-10770.yaml
./poc/cve/CVE-2024-10779-f8150ef97cd762cd2d6fce01feb0e70f.yaml
./poc/cve/CVE-2024-10779.yaml
./poc/cve/CVE-2024-1078-39f90c2cfcf5b03de5f108a21d5273bb.yaml
./poc/cve/CVE-2024-1078.yaml
./poc/cve/CVE-2024-1079-1f12a336fd8362a1410d8995316f8026.yaml
./poc/cve/CVE-2024-1079.yaml
./poc/cve/CVE-2024-1080-15318692234db11db0354155dd2f2282.yaml
./poc/cve/CVE-2024-1080.yaml
./poc/cve/CVE-2024-10801-59de47daf066d816c4d3a83b622ff763.yaml
./poc/cve/CVE-2024-10801.yaml
./poc/cve/CVE-2024-1081-417d6d8bd1123c156873fbb60bca6fb8.yaml
./poc/cve/CVE-2024-1081.yaml
./poc/cve/CVE-2024-10814-58a03019f7199f16ebf4bd1bc27b3541.yaml
./poc/cve/CVE-2024-10814.yaml
./poc/cve/CVE-2024-1083-c1752d7dc982e1f95b105684a32a4387.yaml
./poc/cve/CVE-2024-1083.yaml
./poc/cve/CVE-2024-10837-822bdf929bf75cae072305d22ba83f9d.yaml
./poc/cve/CVE-2024-10837.yaml
./poc/cve/CVE-2024-10871-3abebd3d0d3c0d4b34bfc18904a9b258.yaml
./poc/cve/CVE-2024-10871.yaml
./poc/cve/CVE-2024-10876-f300389f76c0355cb02ef700103816ef.yaml
./poc/cve/CVE-2024-10876.yaml
./poc/cve/CVE-2024-1088-58bbbe61468292a1146bbabf2501df14.yaml
./poc/cve/CVE-2024-1088.yaml
./poc/cve/CVE-2024-1089-ce90f27cd01de10f75a7bcd4f5c14347.yaml
Expand All @@ -33921,6 +33952,7 @@
./poc/cve/CVE-2024-1094.yaml
./poc/cve/CVE-2024-1095-741eaa5507c75edbe90bc3ba4e40e5a9.yaml
./poc/cve/CVE-2024-1095.yaml
./poc/cve/CVE-2024-10958-b9e22eaad7c9ca71f94e8afa6dc3ff9c.yaml
./poc/cve/CVE-2024-1106-e0b64108a671aa7f40b4913cd13de8d0.yaml
./poc/cve/CVE-2024-1106.yaml
./poc/cve/CVE-2024-1108-239fb729146748a4485864c46459cff9.yaml
Expand Down Expand Up @@ -45391,6 +45423,7 @@
./poc/cve/CVE-2024-8747-f757d510ac120bf89329e22a6153766c.yaml
./poc/cve/CVE-2024-8747.yaml
./poc/cve/CVE-2024-8756-f2406b5c7e5f8908e7e690d2f1e0011e.yaml
./poc/cve/CVE-2024-8756.yaml
./poc/cve/CVE-2024-8757-234bd8d60a5f32f1b24409ba56f236a6.yaml
./poc/cve/CVE-2024-8757.yaml
./poc/cve/CVE-2024-8758-b4b201de72ae2112a1088c6a9330f891.yaml
Expand Down Expand Up @@ -45482,6 +45515,7 @@
./poc/cve/CVE-2024-8959-7dd748dcf54b4c29b81631c1b2cc1200.yaml
./poc/cve/CVE-2024-8959.yaml
./poc/cve/CVE-2024-8960-734cb66dba22664f40fa24345fa631a6.yaml
./poc/cve/CVE-2024-8960.yaml
./poc/cve/CVE-2024-8964-c867d6af282cfd42151c0dd0c624594f.yaml
./poc/cve/CVE-2024-8964.yaml
./poc/cve/CVE-2024-8965-591377ac4a4cf47c615cc83488de4f93.yaml
Expand Down Expand Up @@ -45647,6 +45681,7 @@
./poc/cve/CVE-2024-9225-8aa496476e08c8c664db47cbf34e8cf4.yaml
./poc/cve/CVE-2024-9225.yaml
./poc/cve/CVE-2024-9226-4d5029363cf976302766592400801706.yaml
./poc/cve/CVE-2024-9226.yaml
./poc/cve/CVE-2024-9228-5d6c269fdf1aad171438d76ce7eba27a.yaml
./poc/cve/CVE-2024-9228-b8423e6fcac2024db44fa444099a9f5b.yaml
./poc/cve/CVE-2024-9228.yaml
Expand All @@ -45669,6 +45704,7 @@
./poc/cve/CVE-2024-9242-ce100a23dcb6a754af3f48866fed1686.yaml
./poc/cve/CVE-2024-9242.yaml
./poc/cve/CVE-2024-9262-81a0b30d86d57ac3cdc3c554e59f17d7.yaml
./poc/cve/CVE-2024-9262.yaml
./poc/cve/CVE-2024-9263-9f819c527e666a0f4e5ffb74898c3f93.yaml
./poc/cve/CVE-2024-9263.yaml
./poc/cve/CVE-2024-9264.yaml
Expand All @@ -45679,6 +45715,7 @@
./poc/cve/CVE-2024-9269-628eabdc4f57974ee22cd154a1c57075.yaml
./poc/cve/CVE-2024-9269.yaml
./poc/cve/CVE-2024-9270-fc244377618ef643eb9c5fce0c45beaf.yaml
./poc/cve/CVE-2024-9270.yaml
./poc/cve/CVE-2024-9271-68f72266b66d02364a04b2066207b25f.yaml
./poc/cve/CVE-2024-9271.yaml
./poc/cve/CVE-2024-9272-02891c9c7d450ee4471c678940d46823.yaml
Expand Down Expand Up @@ -45947,6 +45984,7 @@
./poc/cve/CVE-2024-9772-5094698925e989ea36420156bd740e26.yaml
./poc/cve/CVE-2024-9772.yaml
./poc/cve/CVE-2024-9775-2f63da9b167b3f63935be0843938ce73.yaml
./poc/cve/CVE-2024-9775.yaml
./poc/cve/CVE-2024-9776-b87b3db31f1eda93892f1d85c0aa0846.yaml
./poc/cve/CVE-2024-9776.yaml
./poc/cve/CVE-2024-9778-f12d8ad8d5a8b1346844c8509cb8d77c.yaml
Expand Down Expand Up @@ -45990,6 +46028,7 @@
./poc/cve/CVE-2024-9873-c5ed80b51344fca9873ea5af2135924b.yaml
./poc/cve/CVE-2024-9873.yaml
./poc/cve/CVE-2024-9874-bea265a3487d73370d286ee12cf991bf.yaml
./poc/cve/CVE-2024-9874.yaml
./poc/cve/CVE-2024-9878-24180a128592e4c279c5c3ae1fe81645.yaml
./poc/cve/CVE-2024-9878.yaml
./poc/cve/CVE-2024-9883-166b9f0445f79f603899de7cc70df9ab.yaml
Expand Down Expand Up @@ -53810,6 +53849,7 @@
./poc/debug/debug-pprof.yaml
./poc/debug/debug-tool-5bf8062026b82f7f1484318312d972bb.yaml
./poc/debug/debug-tool-f64e9782ad4ab5a9fed6371dfd2973ff.yaml
./poc/debug/debug-tool.yaml
./poc/debug/debug-vars.yaml
./poc/debug/debug.yaml
./poc/debug/debug_enabled.yaml
Expand Down Expand Up @@ -79420,6 +79460,7 @@
./poc/other/alfred-click-collect.yaml
./poc/other/algonomia-panel.yaml
./poc/other/algori-pdf-viewer-52a3d3d2121f03614a438a1b071203cd.yaml
./poc/other/algori-pdf-viewer.yaml
./poc/other/ali-monitoring-system.yaml
./poc/other/ali2woo-lite-47e90721247b719ad5a8d35bd1d47326.yaml
./poc/other/ali2woo-lite-6df0b41689b5c51f8c74ae09f5310bad.yaml
Expand Down Expand Up @@ -79800,6 +79841,7 @@
./poc/other/anfaust.yaml
./poc/other/anfrageformular-ff9293ba28748efa2ab9a2fe77385468.yaml
./poc/other/anfrageformular.yaml
./poc/other/anih.yaml
./poc/other/anima-113786480a85d9d1480d27e2d392f3b0.yaml
./poc/other/anima.yaml
./poc/other/animal-captcha-d41d8cd98f00b204e9800998ecf8427e.yaml
Expand Down Expand Up @@ -83181,6 +83223,7 @@
./poc/other/categorify-d5ae79135ee2cddd44b95770336ca55e.yaml
./poc/other/categorify-ffcf384e0e7313af2f09a4286cd8264b.yaml
./poc/other/categorify.yaml
./poc/other/category-ajax-filter.yaml
./poc/other/category-grid-view-gallery-ec1de78c58c23ac8308ebf650b24c84a.yaml
./poc/other/category-grid-view-gallery.yaml
./poc/other/category-icon-1ba7a71509a41771343e0fdcceeb4a9f.yaml
Expand Down Expand Up @@ -83258,6 +83301,7 @@
./poc/other/ce21-suite-851004a32d219a9e643821c03d9bafb2.yaml
./poc/other/ce21-suite-b543698e0b8bd6f436cc3b0803545234.yaml
./poc/other/ce21-suite-c0b58ac2169b725c77b062ac80466cda.yaml
./poc/other/ce21-suite.yaml
./poc/other/ceceppa-multilingua-4838a2de83e4a285c05df97297bf337e.yaml
./poc/other/ceceppa-multilingua-d0ed5faf925cf501eca57a7894449fa6.yaml
./poc/other/ceceppa-multilingua-d41d8cd98f00b204e9800998ecf8427e.yaml
Expand Down Expand Up @@ -84837,6 +84881,7 @@
./poc/other/content-slide-plugin.yaml
./poc/other/content-slide.yaml
./poc/other/content-slider-block-6b3b255fc273658c591e080566f555c8.yaml
./poc/other/content-slider-block.yaml
./poc/other/content-spoofing.yaml
./poc/other/content-staging-a7399d525a12e9df1eb9c2f300a3605f.yaml
./poc/other/content-staging.yaml
Expand Down Expand Up @@ -85229,6 +85274,7 @@
./poc/other/countdown-for-the-events-calendar-d41d8cd98f00b204e9800998ecf8427e.yaml
./poc/other/countdown-for-the-events-calendar-ed564cf6d52fca31d8e377a3e7178e36.yaml
./poc/other/countdown-for-the-events-calendar.yaml
./poc/other/countdown-time.yaml
./poc/other/countdown-timer-ultimate-7851c267c5129958224bd7b0d064e1e0.yaml
./poc/other/countdown-timer-ultimate.yaml
./poc/other/counter-box-0767f499fd2ba642a4eef62a2e76c851.yaml
Expand Down Expand Up @@ -90199,6 +90245,7 @@
./poc/other/form-maker-50328ffa85674ccc981a3bd47fda67a5.yaml
./poc/other/form-maker-57912054e881d5f72f7051544042ba81.yaml
./poc/other/form-maker-5bbd377f8fd32e0b787c6ef6e2cb0b65.yaml
./poc/other/form-maker-680f3c9e376cbae80ebd7bd6f7284f93.yaml
./poc/other/form-maker-6d011b025d230cc806f7ab27b57886ea.yaml
./poc/other/form-maker-835695a05d220a7c852e34c282857d4a.yaml
./poc/other/form-maker-95eeadd01ebcc324e32381ae0c7ab974.yaml
Expand Down Expand Up @@ -94899,6 +94946,7 @@
./poc/other/lenovo-thinkserver-panel.yaml
./poc/other/lenovo-thinkserver.yaml
./poc/other/lenovo-防火墙.yaml
./poc/other/lenxel-core.yaml
./poc/other/leostream-panel-8609.yaml
./poc/other/leostream-panel-8610.yaml
./poc/other/leostream-panel.yaml
Expand Down Expand Up @@ -101406,6 +101454,7 @@
./poc/other/querywall.yaml
./poc/other/quest-dr.yaml
./poc/other/quform-45438983c18e9a3e91408fe92e1994d2.yaml
./poc/other/quform.yaml
./poc/other/quick-adsense-17b1f90a5f7713d44ba6f4221beb5824.yaml
./poc/other/quick-adsense-d41d8cd98f00b204e9800998ecf8427e.yaml
./poc/other/quick-adsense-e67617ba80c122b834c799e1b36400ff.yaml
Expand Down Expand Up @@ -106897,6 +106946,7 @@
./poc/other/th-product-compare-9b9752afd27257f73c14b90b62a0bd20.yaml
./poc/other/th-product-compare.yaml
./poc/other/th-shop-mania-19e44dc63271c12dcb2a002872a2104e.yaml
./poc/other/th-shop-mania.yaml
./poc/other/th-variation-swatches-fae7a22fecaffbec86b66d8363919c4c.yaml
./poc/other/th-variation-swatches.yaml
./poc/other/thank-me-later-b918f8ed347650d0bc3b2aa9b61af7bf.yaml
Expand Down Expand Up @@ -107558,6 +107608,7 @@
./poc/other/top-bar-e93323331f7e59c6f837f60b8f70abe0.yaml
./poc/other/top-bar.yaml
./poc/other/top-store-7ff98c7a28b1d5a31a55e04b4265e948.yaml
./poc/other/top-store.yaml
./poc/other/top-table-of-contents.yaml
./poc/other/topquark-60aa2580f7256ea0f4baada3ad5090ae.yaml
./poc/other/topquark-67ce96eb97290b00c5919a918b3bcd33.yaml
Expand Down Expand Up @@ -116040,6 +116091,7 @@
./poc/remote_code_execution/woocommerce-support-ticket-system-803488e3b707fc21db5295c64b05953e.yaml
./poc/remote_code_execution/woocommerce-support-ticket-system-c55b90eb13850c1f21f1569dfb76cac8.yaml
./poc/remote_code_execution/woocommerce-support-ticket-system-f22cd57903a5b9c81a6842d03c2e5a79.yaml
./poc/remote_code_execution/woocommerce-support-ticket-system.yaml
./poc/remote_code_execution/woocommerce-upcoming-product-6477bf18cad6c823db485408d49b337b.yaml
./poc/remote_code_execution/woocommerce-upcoming-product-ff9293ba28748efa2ab9a2fe77385468.yaml
./poc/remote_code_execution/woocommerce-upcoming-product.yaml
Expand Down Expand Up @@ -135348,6 +135400,7 @@
./poc/wordpress/wp-photo-album-plus-8367ae1b7064ab0099caf8e09796fd38.yaml
./poc/wordpress/wp-photo-album-plus-89ed158761e08a924a454a5d44b2af29.yaml
./poc/wordpress/wp-photo-album-plus-96d4c0c81bfeb4e150709ea4c5f78aaf.yaml
./poc/wordpress/wp-photo-album-plus-9774759645eb37b5b760aed448d8d7e5.yaml
./poc/wordpress/wp-photo-album-plus-a55fe9df94e2b3bb11e5b0aed62f1d15.yaml
./poc/wordpress/wp-photo-album-plus-aa5e2d80c37dbec28ba2b57b14b13c18.yaml
./poc/wordpress/wp-photo-album-plus-aae63b69cce61142ce562880610203da.yaml
Expand Down Expand Up @@ -136876,6 +136929,7 @@
./poc/wordpress/wp-user-enum-login.yaml
./poc/wordpress/wp-user-enum.yaml
./poc/wordpress/wp-user-extra-fields-1b7e978936ffae5eee09198ffcf1e6d4.yaml
./poc/wordpress/wp-user-extra-fields.yaml
./poc/wordpress/wp-user-frontend-04deec7e9bd452b86610f68cb156b522.yaml
./poc/wordpress/wp-user-frontend-0bb2ad4daa9e08c34de8088e4be0277d.yaml
./poc/wordpress/wp-user-frontend-175da3346a4ac42227ff041873bf2355.yaml
Expand Down
59 changes: 59 additions & 0 deletions poc/cve/CVE-2018-5158.yaml
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
id: CVE-2018-5158-67138bc530fcbd1f4c3ec3156662b94e

info:
name: >
pdf.js < 2.0.943 - Authenticated (Author+) Stored Cross-Site Scripting
author: topscoder
severity: low
description: >
The Algori PDF Viewer plugin for WordPress is vulnerable to Stored Cross-Site Scripting due to the use of a vulnerable version of pdf.js in all versions up to, and including, 1.0.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with author-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
reference:
- https://github.com/topscoder/nuclei-wordfence-cve
- https://www.wordfence.com/threat-intel/vulnerabilities/id/0cd66329-098e-4adf-b66f-d82a47720629?source=api-prod
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N
cvss-score: 6.4
cve-id: CVE-2018-5158
metadata:
fofa-query: "wp-content/plugins/algori-pdf-viewer/"
google-query: inurl:"/wp-content/plugins/algori-pdf-viewer/"
shodan-query: 'vuln:CVE-2018-5158'
tags: cve,wordpress,wp-plugin,algori-pdf-viewer,low

http:
- method: GET
redirects: true
max-redirects: 3
path:
- "{{BaseURL}}/wp-content/plugins/algori-pdf-viewer/readme.txt"

extractors:
- type: regex
name: version
part: body
group: 1
internal: true
regex:
- "(?mi)Stable tag: ([0-9.]+)"

- type: regex
name: version
part: body
group: 1
regex:
- "(?mi)Stable tag: ([0-9.]+)"

matchers-condition: and
matchers:
- type: status
status:
- 200

- type: word
words:
- "algori-pdf-viewer"
part: body

- type: dsl
dsl:
- compare_versions(version, '<= 1.0.7')
Loading

0 comments on commit 79ef547

Please sign in to comment.