update nuclei-templates 2022-07-10 02:54:1657392847

Author: x51pwn

config/nuclei-templates/cnvd/2018/CNVD-2018-13393.yaml

@@ -10,7 +10,6 @@ info:
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
     cvss-score: 8.6
-    cve-id:
     cwe-id: CWE-22
   tags: metinfo,cnvd,cvnd2018,lfi
 

config/nuclei-templates/cnvd/2020/CNVD-2020-67113.yaml

@@ -4,13 +4,12 @@ info:
   name: H5S CONSOLE - Unauthorized Access
   author: ritikchaddha
   severity: medium
-  description: Zero Vision Technology (Shanghai) Co., Ltd. H5S CONSOLE is susceptible to an unauthorized access vulnerability.
+  description: H5S CONSOLE is susceptible to an unauthorized access vulnerability.
   reference:
     - https://vul.wangan.com/a/CNVD-2020-67113
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
-    cve-id:
     cwe-id: CWE-425
   metadata:
     verified: true
@@ -49,4 +48,4 @@ requests:
         status:
           - 200
 
-# Enhanced by mp on 2022/07/05
+# Enhanced by mp on 2022/07/06

config/nuclei-templates/cnvd/2021/CNVD-2021-10543.yaml

@@ -10,7 +10,6 @@ info:
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
     cvss-score: 5.3
-    cve-id:
     cwe-id: CWE-200
   tags: config,exposure,cnvd,cnvd2021
 

config/nuclei-templates/cnvd/2021/CNVD-2021-28277.yaml

@@ -1,7 +1,7 @@
 id: CNVD-2021-28277
 
 info:
-  name: Landray-OA  - Local File Inclusion
+  name: Landray-OA - Local File Inclusion
   author: pikpikcu,daffainfo
   severity: high
   description: Landray-OA is susceptible to local file inclusion.
@@ -13,7 +13,6 @@ info:
   classification:
     cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
     cvss-score: 8.6
-    cve-id:
     cwe-id: CWE-22
   tags: landray,lfi,cnvd,cnvd2021
 
@@ -49,4 +48,4 @@ requests:
         status:
           - 200
 
-# Enhanced by mp on 2022/07/05
+# Enhanced by mp on 2022/07/06

config/nuclei-templates/cves/2006/CVE-2006-2842.yaml

@@ -4,15 +4,18 @@ info:
   name: Squirrelmail <=1.4.6 - Local File Inclusion
   author: dhiyaneshDk
   severity: high
-  description: SquirrelMail 1.4.6 and earlier versions are susceptible to a PHP local file inclusion vulnerability in functions/plugin.php  if register_globals is enabled and magic_quotes_gpc is disabled. This allows remote attackers to execute arbitrary PHP code via a URL in the plugins array parameter.
+  description: SquirrelMail 1.4.6 and earlier versions are susceptible to a PHP local file inclusion vulnerability in functions/plugin.php if register_globals is enabled and magic_quotes_gpc is disabled. This allows remote attackers to execute arbitrary PHP code via a URL in the plugins array parameter.
   reference:
     - https://www.exploit-db.com/exploits/27948
     - http://squirrelmail.cvs.sourceforge.net/squirrelmail/squirrelmail/functions/global.php?r1=1.27.2.16&r2=1.27.2.17&view=patch&pathrev=SM-1_4-STABLE
     - http://www.squirrelmail.org/security/issue/2006-06-01
     - http://web.archive.org/web/20160915101900/http://secunia.com/advisories/20406/
     - https://nvd.nist.gov/vuln/detail/CVE-2006-2842
   classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
+    cvss-score: 8.6
     cve-id: CVE-2006-2842
+    cwe-id: CWE-22
   tags: cve,cve2006,lfi,squirrelmail
 
 requests:
@@ -31,4 +34,4 @@ requests:
         status:
           - 200
 
-# Enhanced by mp on 2022/07/05
+# Enhanced by mp on 2022/07/06

config/nuclei-templates/cves/2007/CVE-2007-4504.yaml

@@ -1,16 +1,20 @@
 id: CVE-2007-4504
 
 info:
-  name: Joomla! Component RSfiles <=1.0.2 - Arbitrary File Retrieval
+  name: Joomla! RSfiles <=1.0.2 - Local File Inclusion
   author: daffainfo
   severity: high
-  description: An arbitrary file retrieval vulnerability in index.php in the RSfiles component (com_rsfiles) <=1.0.2 for Joomla! allows remote attackers to arbitrarily read files via a .. (dot dot) in the path parameter in a files.display action.
+  description: Joomla! RSfiles 1.0.2 and earlier is susceptible to local file inclusion in index.php in the RSfiles component (com_rsfiles). This could allow remote attackers to arbitrarily read files via a .. (dot dot) in the path parameter in a files.display action.
   reference:
     - https://www.exploit-db.com/exploits/4307
     - https://www.cvedetails.com/cve/CVE-2007-4504
     - https://exchange.xforce.ibmcloud.com/vulnerabilities/36222
+    - https://nvd.nist.gov/vuln/detail/CVE-2007-4504
   classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
+    cvss-score: 8.6
     cve-id: CVE-2007-4504
+    cwe-id: CWE-22
   tags: cve,cve2007,joomla,lfi
 
 requests:
@@ -28,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/06

config/nuclei-templates/cves/2008/CVE-2008-2650.yaml

@@ -5,14 +5,17 @@ info:
   author: pussycat0x
   severity: high
   description: |
-    CMSimple 3.1 is susceptible to local file inclusion via cmsimple/cms.php when register_globals is enabled, which allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the sl parameter to index.php. NOTE: this can be leveraged for remote file execution by including adm.php and then invoking the upload action. NOTE: on 20080601, the vendor patched 3.1 without changing the version number.
+    CMSimple 3.1 is susceptible to local file inclusion via cmsimple/cms.php when register_globals is enabled which allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the sl parameter to index.php. NOTE: this can be leveraged for remote file execution by including adm.php and then invoking the upload action. NOTE: on 20080601, the vendor patched 3.1 without changing the version number.
   reference:
     - http://www.cmsimple.com/forum/viewtopic.php?f=2&t=17
     - http://web.archive.org/web/20210121182016/https://www.securityfocus.com/bid/29450/
     - http://web.archive.org/web/20140729144732/http://secunia.com:80/advisories/30463
     - https://nvd.nist.gov/vuln/detail/CVE-2008-2650
   classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
+    cvss-score: 8.6
     cve-id: CVE-2008-2650
+    cwe-id: CWE-22
   tags: cve,cve2008,lfi,cmsimple
 
 requests:
@@ -34,4 +37,4 @@ requests:
         status:
           - 200
 
-# Enhanced by mp on 2022/07/05
+# Enhanced by mp on 2022/07/06

config/nuclei-templates/cves/2008/CVE-2008-4668.yaml

@@ -31,4 +31,4 @@ requests:
         status:
           - 200
 
-# Enhanced by mp on 2022/07/05
+# Enhanced by mp on 2022/07/06

config/nuclei-templates/cves/2008/CVE-2008-4764.yaml

@@ -1,17 +1,21 @@
 id: CVE-2008-4764
 
 info:
-  name: Joomla! Component com_extplorer 2.0.0 RC2 - Directory Traversal
+  name: Joomla! <=2.0.0 RC2 - Local File Inclusion
   author: daffainfo
   severity: high
-  description: Directory traversal vulnerability in the eXtplorer module (com_extplorer) 2.0.0 RC2 and earlier in Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the dir parameter in a show_error action.
+  description: Joomla! 2.0.0 RC2 and earlier are susceptible to local file inclusion in the eXtplorer module (com_extplorer) that allows remote attackers to read arbitrary files via a .. (dot dot) in the dir parameter in a show_error action.
   reference:
     - https://www.exploit-db.com/exploits/5435
     - https://www.cvedetails.com/cve/CVE-2008-4764
     - http://web.archive.org/web/20210121181347/https://www.securityfocus.com/bid/28764/
     - https://exchange.xforce.ibmcloud.com/vulnerabilities/41873
+    - https://nvd.nist.gov/vuln/detail/CVE-2008-4764
   classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
+    cvss-score: 8.6
     cve-id: CVE-2008-4764
+    cwe-id: CWE-22
   tags: cve,cve2008,joomla,lfi
 
 requests:
@@ -29,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/06

config/nuclei-templates/cves/2008/CVE-2008-6080.yaml

@@ -1,17 +1,21 @@
 id: CVE-2008-6080
 
 info:
-  name: Joomla! Component ionFiles 4.4.2 - File Disclosure
+  name: Joomla! ionFiles 4.4.2 - Local File Inclusion
   author: daffainfo
   severity: high
-  description: Directory traversal vulnerability in download.php in the ionFiles (com_ionfiles) 4.4.2 component for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
+  description: Joomla! ionFiles 4.4.2 is susceptible to local file inclusion in download.php in the ionFiles (com_ionfiles) that allows remote attackers to read arbitrary files via a .. (dot dot) in the file parameter.
   reference:
     - https://www.exploit-db.com/exploits/6809
     - https://www.cvedetails.com/cve/CVE-2008-6080
     - http://web.archive.org/web/20140804231654/http://secunia.com/advisories/32377/
     - http://web.archive.org/web/20210121184101/https://www.securityfocus.com/bid/31877/
+    - https://nvd.nist.gov/vuln/detail/CVE-2008-6080
   classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
+    cvss-score: 8.6
     cve-id: CVE-2008-6080
+    cwe-id: CWE-22
   tags: cve,cve2008,joomla,lfi
 
 requests:
@@ -29,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/06

config/nuclei-templates/cves/2008/CVE-2008-6222.yaml

@@ -1,17 +1,21 @@
 id: CVE-2008-6222
 
 info:
-  name: Joomla! Component ProDesk 1.0/1.2 - Local File Inclusion
+  name: Joomla! ProDesk 1.0/1.2 - Local File Inclusion
   author: daffainfo
   severity: high
-  description: Directory traversal vulnerability in the Pro Desk Support Center (com_pro_desk) component 1.0 and 1.2 for Joomla! allows remote attackers to read arbitrary files via a .. (dot dot) in the include_file parameter to index.php.
+  description: Joomla! Pro Desk Support Center (com_pro_desk) component 1.0 and 1.2 allows remote attackers to read arbitrary files via a .. (dot dot) in the include_file parameter to index.php.
   reference:
     - https://www.exploit-db.com/exploits/6980
     - https://www.cvedetails.com/cve/CVE-2008-6222
     - http://web.archive.org/web/20111223225601/http://secunia.com/advisories/32523/
     - http://web.archive.org/web/20210121184244/https://www.securityfocus.com/bid/32113/
+    - https://nvd.nist.gov/vuln/detail/CVE-2008-6222
   classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
+    cvss-score: 8.6
     cve-id: CVE-2008-6222
+    cwe-id: CWE-22
   tags: cve,cve2008,joomla,lfi
 
 requests:
@@ -29,3 +33,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/06

config/nuclei-templates/cves/2008/CVE-2008-6668.yaml

@@ -1,17 +1,20 @@
 id: CVE-2008-6668
 
 info:
-  name: nweb2fax <=0.2.7- Local File Inclusion
+  name: nweb2fax <=0.2.7 - Local File Inclusion
   author: geeknik
   severity: high
-  description: nweb2fax 0.2.7 and earlier allow remote attackers to read arbitrary files via the id parameter submitted to comm.php and the var_filename parameter submitted to viewrq.php (aka  local file inclusion).
+  description: nweb2fax 0.2.7 and earlier allow remote attackers to read arbitrary files via the id parameter submitted to comm.php and the var_filename parameter submitted to viewrq.php.
   reference:
     - https://www.exploit-db.com/exploits/5856
     - http://web.archive.org/web/20210130035550/https://www.securityfocus.com/bid/29804
     - https://exchange.xforce.ibmcloud.com/vulnerabilities/43173
     - https://nvd.nist.gov/vuln/detail/CVE-2008-6668
   classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
+    cvss-score: 8.6
     cve-id: CVE-2008-6668
+    cwe-id: CWE-22
   tags: cve,cve2008,nweb2fax,lfi,traversal
 
 requests:
@@ -31,4 +34,5 @@ requests:
       - type: status
         status:
           - 200
-# Enhanced by mp on 2022/07/05
+
+# Enhanced by mp on 2022/07/06

config/nuclei-templates/cves/2009/CVE-2009-0932.yaml

@@ -1,17 +1,20 @@
 id: CVE-2009-0932
 
 info:
-  name: Horde - Horde_Image::factory driver Argument LFI
+  name: Horde/Horde Groupware - Local File Inclusion
   author: pikpikcu
   severity: high
-  description: Directory traversal vulnerability in framework/Image/Image.php in Horde before 3.2.4 and 3.3.3 and Horde Groupware before 1.1.5 allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the Horde_Image driver name.
+  description: Horde before 3.2.4 and 3.3.3 and Horde Groupware before 1.1.5 are susceptible to local file inclusion in framework/Image/Image.php because it allows remote attackers to include and execute arbitrary local files via directory traversal sequences in the Horde_Image driver name.
   reference:
     - https://www.exploit-db.com/exploits/16154
-    - https://nvd.nist.gov/vuln/detail/CVE-2009-0932?cpeVersion=2.2
     - http://cvs.horde.org/co.php/groupware/docs/groupware/CHANGES?r=1.28.2.5
     - http://web.archive.org/web/20161228102217/http://secunia.com/advisories/33695
+    - https://nvd.nist.gov/vuln/detail/CVE-2009-0932?cpeVersion=2.2
   classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
+    cvss-score: 8.6
     cve-id: CVE-2009-0932
+    cwe-id: CWE-22
   tags: cve,cve2009,horde,lfi,traversal
 
 requests:
@@ -29,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/06

config/nuclei-templates/cves/2009/CVE-2009-1151.yaml

@@ -1,17 +1,21 @@
 id: CVE-2009-1151
 
 info:
-  name: PhpMyAdmin Scripts/setup.php Deserialization Vulnerability
+  name: PhpMyAdmin Scripts - Remote Code Execution
   author: princechaddha
-  severity: high
-  description: Setup script used to create PhpMyAdmin configurations can be fooled by using a crafted POST request to include arbitrary PHP code in the generated configuration file. Combined with the ability to save files on server, this can allow unauthenticated users to execute arbitrary PHP code.
+  severity: critical
+  description: PhpMyAdmin Scripts 2.11.x before 2.11.9.5 and 3.x before 3.1.3.1 are susceptible to a remote code execution in setup.php that allows remote attackers to inject arbitrary PHP code into a configuration file via the save action. Combined with the ability to save files on server, this can allow unauthenticated users to execute arbitrary PHP code.
   reference:
     - https://www.phpmyadmin.net/security/PMASA-2009-3/
     - https://github.com/vulhub/vulhub/tree/master/phpmyadmin/WooYun-2016-199433
     - http://phpmyadmin.svn.sourceforge.net/viewvc/phpmyadmin/branches/MAINT_2_11_9/phpMyAdmin/scripts/setup.php?r1=11514&r2=12301&pathrev=12301
     - http://www.phpmyadmin.net/home_page/security/PMASA-2009-3.php
+    - https://nvd.nist.gov/vuln/detail/CVE-2009-1151
   classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
+    cvss-score: 10
     cve-id: CVE-2009-1151
+    cwe-id: CWE-77
   tags: cve,cve2009,phpmyadmin,rce,deserialization,cisa
 
 requests:
@@ -34,3 +38,5 @@ requests:
       - type: regex
         regex:
           - "root:.*:0:0:"
+
+# Enhanced by mp on 2022/07/06

config/nuclei-templates/cves/2009/CVE-2009-1496.yaml

@@ -1,16 +1,20 @@
 id: CVE-2009-1496
 
 info:
-  name: Joomla! Component Cmimarketplace - 'viewit' Directory Traversal
+  name: Joomla! Cmimarketplace 0.1 - Local File Inclusion
   author: daffainfo
   severity: high
-  description: Directory traversal vulnerability in the Cmi Marketplace (com_cmimarketplace) component 0.1 for Joomla! allows remote attackers to list arbitrary directories via a .. (dot dot) in the viewit parameter to index.php.
+  description: |
+    Joomla! Cmimarketplace 0.1 is susceptible to local file inclusion because com_cmimarketplace allows remote attackers to list arbitrary directories via a .. (dot dot) in the viewit parameter to index.php.
   reference:
     - https://www.exploit-db.com/exploits/8367
-    - https://www.cvedetails.com/cve/CVE-2009-1496
     - http://web.archive.org/web/20210121190149/https://www.securityfocus.com/bid/34431/
+    - https://nvd.nist.gov/vuln/detail/CVE-2009-1496
   classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
+    cvss-score: 8.6
     cve-id: CVE-2009-1496
+    cwe-id: CWE-22
   tags: cve,cve2009,joomla,lfi
 
 requests:
@@ -28,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/06

config/nuclei-templates/cves/2009/CVE-2009-1558.yaml

@@ -1,17 +1,21 @@
 id: CVE-2009-1558
 
 info:
-  name: Linksys WVC54GCA 1.00R22/1.00R24 (Wireless-G) - Directory Traversal
+  name: Cisco Linksys WVC54GCA 1.00R22/1.00R24 - Local File Inclusion
   author: daffainfo
   severity: high
-  description: Directory traversal vulnerability in adm/file.cgi on the Cisco Linksys WVC54GCA wireless video camera with firmware 1.00R22 and 1.00R24 allows remote attackers to read arbitrary files via a %2e. (encoded dot dot) or an absolute pathname in the next_file parameter.
+  description: Cisco Linksys WVC54GCA 1.00R22/1.00R24 is susceptible to local file inclusion in adm/file.cgi because it allows remote attackers to read arbitrary files via a %2e. (encoded dot dot) or an absolute pathname in the next_file parameter.
   reference:
     - https://www.exploit-db.com/exploits/32954
     - https://web.archive.org/web/20210119151410/http://www.securityfocus.com/bid/34713
     - http://www.vupen.com/english/advisories/2009/1173
     - http://www.gnucitizen.org/blog/hacking-linksys-ip-cameras-pt-3/
+    - https://nvd.nist.gov/vuln/detail/CVE-2009-1558
   classification:
+    cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
+    cvss-score: 8.6
     cve-id: CVE-2009-1558
+    cwe-id: CWE-22
   tags: cve,cve2009,iot,lfi,linksys,camera,cisco,firmware,traversal
 
 requests:
@@ -28,3 +32,5 @@ requests:
       - type: status
         status:
           - 200
+
+# Enhanced by mp on 2022/07/06