Skip to content

Commit

Permalink
20240910
Browse files Browse the repository at this point in the history
  • Loading branch information
@actions-user
actions-user committed Sep 10, 2024
1 parent a3568a4 commit 1be20b9
Show file tree
Hide file tree
Showing 46 changed files with 1,900 additions and 255 deletions.
2 changes: 1 addition & 1 deletion date.txt
View file
Original file line number Diff line number Diff line change
@@ -1 +1 @@
20240909
20240910
28 changes: 28 additions & 0 deletions poc.txt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6006,6 +6006,7 @@
./poc/aws/amazonify.yaml
./poc/aws/amazonjs-c241b0ba6a777f828cfa26db407af41e.yaml
./poc/aws/amazonjs.yaml
./poc/aws/amazonsimpleadmin-6edf77024f4d8b245b28ab2d095dfd39.yaml
./poc/aws/amazonsimpleadmin-d2d940074fe5416377c3e4ffb35b3f1c.yaml
./poc/aws/amazonsimpleadmin.yaml
./poc/aws/ameliabooking-b8eb9b9fe9a052fc9eec2c7665eb339b.yaml
Expand Down Expand Up @@ -26378,6 +26379,7 @@
./poc/cve/CVE-2023-29173.yaml
./poc/cve/CVE-2023-29174-61b19180a709a75a8f2f6bd443cf11c8.yaml
./poc/cve/CVE-2023-29174.yaml
./poc/cve/CVE-2023-2919-66712a820c7b5deedf6bafaea3bd5105.yaml
./poc/cve/CVE-2023-29197-7dc7820b451dace4c37e93f29ab994ee.yaml
./poc/cve/CVE-2023-29197-a89dc10c82ed3d904f8fccc2ff4db320.yaml
./poc/cve/CVE-2023-29197.yaml
Expand Down Expand Up @@ -37558,6 +37560,7 @@
./poc/cve/CVE-2024-33652.yaml
./poc/cve/CVE-2024-33677-71525e5cb85c8646c9830951ba75e550.yaml
./poc/cve/CVE-2024-33677.yaml
./poc/cve/CVE-2024-33678-36a986088fbfded3f902f0126e5df7b5.yaml
./poc/cve/CVE-2024-33678-eaa7987a0e4044fbd5c104ca79591002.yaml
./poc/cve/CVE-2024-33678.yaml
./poc/cve/CVE-2024-33679-c2d079d10a67dd551de05116c6aaebcc.yaml
Expand Down Expand Up @@ -37957,6 +37960,7 @@
./poc/cve/CVE-2024-34769.yaml
./poc/cve/CVE-2024-3477-8c47af07f2484600ac78a772de46f68b.yaml
./poc/cve/CVE-2024-3477.yaml
./poc/cve/CVE-2024-34770-24ff7976a24ecae8467028a04882e6a8.yaml
./poc/cve/CVE-2024-34770-ad98ab01447e870f30191b4a919aae5b.yaml
./poc/cve/CVE-2024-34770.yaml
./poc/cve/CVE-2024-3478-f1b1672a851a069e48120221fa992476.yaml
Expand Down Expand Up @@ -38466,6 +38470,7 @@
./poc/cve/CVE-2024-3593-300e668244981d2f75260f71f7454d0f.yaml
./poc/cve/CVE-2024-3593.yaml
./poc/cve/CVE-2024-3594-36d7fb83c790460bdb8c61a1e30649d8.yaml
./poc/cve/CVE-2024-3594-c595d74d6be314ede9d7c2ad86657f6d.yaml
./poc/cve/CVE-2024-3594.yaml
./poc/cve/CVE-2024-3595-ae707ffdb0b84fee78545094f31fab5f.yaml
./poc/cve/CVE-2024-3595-af3cf7279598a37cf244aabc61c9a195.yaml
Expand Down Expand Up @@ -39255,6 +39260,7 @@
./poc/cve/CVE-2024-37961-c0a5626619ae68f7938a6724943ffe58.yaml
./poc/cve/CVE-2024-37961.yaml
./poc/cve/CVE-2024-37962-5340ecfad7167231bd651c5b5b0499b1.yaml
./poc/cve/CVE-2024-37962-d175fbe85434a0614bc0ae08147f4de6.yaml
./poc/cve/CVE-2024-37962.yaml
./poc/cve/CVE-2024-3806-2a7b3e2b9fc8d52b51ef6216a756d24e.yaml
./poc/cve/CVE-2024-3806.yaml
Expand Down Expand Up @@ -40415,6 +40421,7 @@
./poc/cve/CVE-2024-43335-d46b713e90a8332ac8b26c7a7126c9a0.yaml
./poc/cve/CVE-2024-43335.yaml
./poc/cve/CVE-2024-43336-28f522c815326c862a095ad99702db7f.yaml
./poc/cve/CVE-2024-43336-9ded2f75d9ce3d5a447116c77b245d3a.yaml
./poc/cve/CVE-2024-43336.yaml
./poc/cve/CVE-2024-43337-d59a162bda0a92fcb5cbdc9c17791b8c.yaml
./poc/cve/CVE-2024-43337.yaml
Expand Down Expand Up @@ -41950,6 +41957,7 @@
./poc/cve/CVE-2024-6271.yaml
./poc/cve/CVE-2024-6272-603d5732dac8de6d8f0b5ed827bd29fe.yaml
./poc/cve/CVE-2024-6272.yaml
./poc/cve/CVE-2024-6282-9839fb12a0e52741eda32351ffbc9c9f.yaml
./poc/cve/CVE-2024-6283-b109f55830b5166e15fc8153b2a56ea0.yaml
./poc/cve/CVE-2024-6283.yaml
./poc/cve/CVE-2024-6288-3b7a2d7a942fc59043d359b6700da5b3.yaml
Expand Down Expand Up @@ -42489,6 +42497,7 @@
./poc/cve/CVE-2024-7486.yaml
./poc/cve/CVE-2024-7492-2a27ab15f61a26513636485e06679756.yaml
./poc/cve/CVE-2024-7492.yaml
./poc/cve/CVE-2024-7493-827cf828502e280939934bc36fcd15c8.yaml
./poc/cve/CVE-2024-7493-bb0a14087d0fade0f7feffc68abdc7a6.yaml
./poc/cve/CVE-2024-7493.yaml
./poc/cve/CVE-2024-7501-247bb3617bfa1396392f3b42a0d66a58.yaml
Expand Down Expand Up @@ -42525,6 +42534,7 @@
./poc/cve/CVE-2024-7607.yaml
./poc/cve/CVE-2024-7611-fa595bf0bd7d1cd7d067d139d8655508.yaml
./poc/cve/CVE-2024-7611.yaml
./poc/cve/CVE-2024-7618-520e6bf48c0bcb2d0d283fdbdb93284a.yaml
./poc/cve/CVE-2024-7620-bcec0146e1a4df3dcb256abef7433801.yaml
./poc/cve/CVE-2024-7620.yaml
./poc/cve/CVE-2024-7621-410ca600b3388f15ef833a17e3d39b81.yaml
Expand All @@ -42550,6 +42560,7 @@
./poc/cve/CVE-2024-7651-54b05056620424ffb4dfd689f232601b.yaml
./poc/cve/CVE-2024-7651-7d4af77ba7202b412fee68fa25bbbec8.yaml
./poc/cve/CVE-2024-7651.yaml
./poc/cve/CVE-2024-7655-cb8797e18cf270e181c88790358f477b.yaml
./poc/cve/CVE-2024-7656-cc628b96623048172302ddea18aada71.yaml
./poc/cve/CVE-2024-7656.yaml
./poc/cve/CVE-2024-7687-ec8f591b67a17cc36542cbb68d2a1c0e.yaml
Expand All @@ -42570,6 +42581,7 @@
./poc/cve/CVE-2024-7703.yaml
./poc/cve/CVE-2024-7717-8b2d72f894c49fa210faf06966bb467e.yaml
./poc/cve/CVE-2024-7717.yaml
./poc/cve/CVE-2024-7770-0dc95a63b6c1c6ccfca48ccb324269b5.yaml
./poc/cve/CVE-2024-7775-cb89a9bf3c0d813debb09dc21c3f085f.yaml
./poc/cve/CVE-2024-7775.yaml
./poc/cve/CVE-2024-7777-e2bdcc8b58b83d53647a50d88143707d.yaml
Expand Down Expand Up @@ -42673,10 +42685,12 @@
./poc/cve/CVE-2024-8199.yaml
./poc/cve/CVE-2024-8200-212df01da660270f0a3ccabafd9f05f2.yaml
./poc/cve/CVE-2024-8200.yaml
./poc/cve/CVE-2024-8241-14534f7d6cad6e621d3cc87a4cd42487.yaml
./poc/cve/CVE-2024-8247-7ddc0c06e971c1cf25a0f3f37508e6b0.yaml
./poc/cve/CVE-2024-8247.yaml
./poc/cve/CVE-2024-8252-2918e2ad48b79ca4c8bb4e4cd2023c96.yaml
./poc/cve/CVE-2024-8252.yaml
./poc/cve/CVE-2024-8268-75f27436435201ac5094d8b23bf9fb95.yaml
./poc/cve/CVE-2024-8274-bda8d98f83bd3baa9ee6eb35650a9ef1.yaml
./poc/cve/CVE-2024-8274.yaml
./poc/cve/CVE-2024-8276-abcb50055a0fdc77a95290d651b9dbcc.yaml
Expand All @@ -42696,14 +42710,17 @@
./poc/cve/CVE-2024-8325.yaml
./poc/cve/CVE-2024-8363-7b614cefc269f651d0fa9d8a81fb52fb.yaml
./poc/cve/CVE-2024-8363.yaml
./poc/cve/CVE-2024-8369-371892027f1c271d3247dba36b384fb8.yaml
./poc/cve/CVE-2024-8427-fbcab5496b8138780394aea71f3f3840.yaml
./poc/cve/CVE-2024-8427.yaml
./poc/cve/CVE-2024-8428-3b140a48fddab0e2501d7d69c672d7cf.yaml
./poc/cve/CVE-2024-8428.yaml
./poc/cve/CVE-2024-8478-2c5877806cf2b984d8159c04c86877bf.yaml
./poc/cve/CVE-2024-8480-f1d8d42bfc1633b849f4ef6346a133c9.yaml
./poc/cve/CVE-2024-8480.yaml
./poc/cve/CVE-2024-8538-001bcf7ee52037e79f6a696add474366.yaml
./poc/cve/CVE-2024-8538.yaml
./poc/cve/CVE-2024-8543-0a87e99d4b00c51f4b0142f0f5daaa10.yaml
./poc/cve/CVE_2023_49442.yaml
./poc/cve/CVE_2023_51467.yaml
./poc/cve/CVE_2024_0195.yaml
Expand Down Expand Up @@ -72715,6 +72732,7 @@
./poc/other/eventprime-event-calendar-management-09b45fe19dc9ef9fdacc3f3c93fdeb43.yaml
./poc/other/eventprime-event-calendar-management-337fb39e946da153801a049df0010f31.yaml
./poc/other/eventprime-event-calendar-management-53b5da835a02c27f602111203957ec44.yaml
./poc/other/eventprime-event-calendar-management-601952a417648d8bd01a7751add339d9.yaml
./poc/other/eventprime-event-calendar-management-6d9f0383e02ac4e75e81aa915059c89c.yaml
./poc/other/eventprime-event-calendar-management-70abe0d924c478ac3475ca57424b78cc.yaml
./poc/other/eventprime-event-calendar-management-98dee7484a8ec61da325326fb7f20f00.yaml
Expand Down Expand Up @@ -74408,6 +74426,7 @@
./poc/other/frontend-checklist-8caa47b5e9e485adece08d242ad04ac8.yaml
./poc/other/frontend-checklist-f057cd0fecbe00e411754884f6dfe796.yaml
./poc/other/frontend-checklist.yaml
./poc/other/frontend-dashboard-2071daaa8fb94694af774d99340ea9d4.yaml
./poc/other/frontend-dashboard-b8834e5a3e036dd5e61d34a3b1068be9.yaml
./poc/other/frontend-dashboard.yaml
./poc/other/frontend-group-restriction-for-learndash-ff9293ba28748efa2ab9a2fe77385468.yaml
Expand Down Expand Up @@ -79637,6 +79656,7 @@
./poc/other/master-addons-49d43f190785c213b594369e56643fab.yaml
./poc/other/master-addons-4c613eb3f9ae83b4f2727f836be94578.yaml
./poc/other/master-addons-500ddd1cca6c96c69b650e8e1ea970a5.yaml
./poc/other/master-addons-66e3d4c0031beabde0083df515780997.yaml
./poc/other/master-addons-6dcdd4533f288f97c824b10ce7bbf082.yaml
./poc/other/master-addons-768e76e5751dd7dcd77cdc7476921144.yaml
./poc/other/master-addons-80da3f3078021e19df6d4a183eff6fe9.yaml
Expand Down Expand Up @@ -81707,6 +81727,7 @@
./poc/other/notifyvisitors-lead-form-3d4e190fa6ca2f85ee1692fd779d0a41.yaml
./poc/other/notifyvisitors-lead-form.yaml
./poc/other/notion-phish.yaml
./poc/other/nova-blocks-0e7c62abb845144ff6b6f8011c23237b.yaml
./poc/other/nova-lite-edebb837b13ffab3391e4efe2a95bf38.yaml
./poc/other/nova-lite.yaml
./poc/other/novelist-2fcbba4f8d24450ee551bf33de17fc72.yaml
Expand Down Expand Up @@ -82797,11 +82818,13 @@
./poc/other/pear.yaml
./poc/other/peepso-core-338fc97c24276ab87a510e79a909afca.yaml
./poc/other/peepso-core-3b2ef2d73cbfd65b1121e5f18e3b865d.yaml
./poc/other/peepso-core-4cd19fbbacd82d8d91e116054bffc182.yaml
./poc/other/peepso-core-64a4f42c48ab8916a593b8cc4bce89ff.yaml
./poc/other/peepso-core-8d22cf43a481ff4afe0b785ad4d465cd.yaml
./poc/other/peepso-core-967f9c4943c798ef55841614fa0c0a60.yaml
./poc/other/peepso-core-a40b1529b71b3a56ebe346e649ca082d.yaml
./poc/other/peepso-core-a6c5d9f5ae6235e3cb6733928ebe1440.yaml
./poc/other/peepso-core-b2ac18e0119b47893588ba1a22162586.yaml
./poc/other/peepso-core-eefb756a660cd5c8041e631a00deeb83.yaml
./poc/other/peepso-core-f7840d6d28c8b20841ce043179efa799.yaml
./poc/other/peepso-core.yaml
Expand Down Expand Up @@ -87918,6 +87941,7 @@
./poc/other/slider-by-supsystic-cda4bcfc95d6584a29dc850e5d8998c8.yaml
./poc/other/slider-by-supsystic-e595a0c3ad3e0defdd41b40b77d69b2c.yaml
./poc/other/slider-by-supsystic.yaml
./poc/other/slider-comparison-image-before-and-after-22c03d521a5066baf973401bd293601e.yaml
./poc/other/slider-factory-0712326ce3eb85c1c14309021d79da22.yaml
./poc/other/slider-factory-42e7c67c33e54fce9877ed077a2d8484.yaml
./poc/other/slider-factory-6352f4cd29f3e453ab1742964f7f7fd8.yaml
Expand Down Expand Up @@ -90728,6 +90752,7 @@
./poc/other/tutor-3057751d1052c52502e1097b3cf1325d.yaml
./poc/other/tutor-347023f6e6e65ca497fc94dddd1d0a05.yaml
./poc/other/tutor-3a0643f16f3e861f0bb145ef053d314e.yaml
./poc/other/tutor-3b06cf3f3c9659ae3abd37923d73984e.yaml
./poc/other/tutor-460504934ff174d5667f70afce2ce24e.yaml
./poc/other/tutor-46fb7d83480d94b010199c53923212f5.yaml
./poc/other/tutor-4b5310b2ba9a839700768e9d26ada001.yaml
Expand Down Expand Up @@ -103021,6 +103046,7 @@
./poc/sql/CVE-2024-7380-6a19e79de20767dbc62e297886ac1342.yaml
./poc/sql/CVE-2024-7390-c6e14cdb3bb6b824b90602f2e8d31a7e.yaml
./poc/sql/CVE-2024-7485-5e01bfd496bdbeeb312898de18c1a6e1.yaml
./poc/sql/CVE-2024-7618-520e6bf48c0bcb2d0d283fdbdb93284a.yaml
./poc/sql/CVE-2024-7702-dea8b852582db90080db47397ce3b7b1.yaml
./poc/sql/CVE-2024-7817-49083f3d0aeb0ae2badbca3840ad0f3c.yaml
./poc/sql/CVE-2024-7856-d011db87e0fcbee1bbbd734bfc806dcf.yaml
Expand All @@ -103031,6 +103057,7 @@
./poc/sql/CVE-2024-8197-c5c070dc8273cbfedbc9600c73cd97ad.yaml
./poc/sql/CVE-2024-8276-abcb50055a0fdc77a95290d651b9dbcc.yaml
./poc/sql/CVE-2024-8325-11327d2b9e1fdbe3b095a728909b8615.yaml
./poc/sql/CVE-2024-8369-371892027f1c271d3247dba36b384fb8.yaml
./poc/sql/Changdao-165-SQLi.yaml
./poc/sql/Cmseasy-Http-Head-sqli.yaml
./poc/sql/Cmseasy-celive-sqli.yaml
Expand Down Expand Up @@ -104801,6 +104828,7 @@
./poc/sql/felici-8b7315bf3bc5aee1fd2be3bdb32c5f24.yaml
./poc/sql/felici-e83986bdda01c6cbf916db6f349af367.yaml
./poc/sql/file-manager-38267cacb7d16b0f0dbad9cdccc3b164.yaml
./poc/sql/file-manager-5afc1d5d5506db51958aa1cb25998e9c.yaml
./poc/sql/fileorganizer-d129dcd91671ee29c3cf5545f48db813.yaml
./poc/sql/filmix-09180f4ff94074ad413e55c77fdb25a4.yaml
./poc/sql/filr-protection-6477bf18cad6c823db485408d49b337b.yaml
Expand Down
8 changes: 0 additions & 8 deletions poc/auth/huawei-HG532e-default-login.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,17 +1,11 @@
id: huawei-HG532e-default-login
info:
name: Huawei HG532e Default Credential
description: Huawei HG532e default admin credentials were discovered.
author: pussycat0x
severity: high
metadata:
shodan-query: http.html:"HG532e"
tags: default-login,huawei
classification:
cvss-metrics: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:L
cvss-score: 8.3
cve-id:
cwe-id: CWE-522
requests:
- raw:
- |
Expand All @@ -34,5 +28,3 @@ requests:
- type: status
status:
- 200

# Enhanced by mp on 2022/03/10
43 changes: 23 additions & 20 deletions poc/auth/miscellaneous_unencrypted-bigip-ltm-cookie.yaml
View file
Original file line number Diff line number Diff line change
@@ -1,20 +1,23 @@
id: unencrypted-bigip-ltm-cookie
info:
name: F5 BIGIP Unencrypted Cookie
author: PR3R00T
severity: info
reference:
- https://www.intelisecure.com/how-to-decode-big-ip-f5-persistence-cookie-values
- https://support.f5.com/csp/article/K23254150
tags: misc
requests:
- method: GET
path:
- "{{BaseURL}}"
redirects: true
matchers:
- type: regex
regex:
- '(BIGipServer[a-z\_\.\-\~0-9A-Z]*)=([0-9a-zA-Z\.]*;)'
- '=[0-9]*\.[0-9]{3,5}\.[0-9]{4};'
part: header
id: unencrypted-bigip-ltm-cookie

info:
name: F5 BIGIP Unencrypted Cookie
author: PR3R00T
severity: info
reference:
- https://www.intelisecure.com/how-to-decode-big-ip-f5-persistence-cookie-values
- https://support.f5.com/csp/article/K23254150
tags: misc

requests:
- method: GET
path:
- "{{BaseURL}}"

redirects: true
matchers:
- type: regex
regex:
- '(BIGipServer[a-z\_\.\-\~0-9A-Z]*)=([0-9a-zA-Z\.]*;)'
- '=[0-9]*\.[0-9]{3,5}\.[0-9]{4};'
part: header
59 changes: 59 additions & 0 deletions poc/aws/amazonsimpleadmin-6edf77024f4d8b245b28ab2d095dfd39.yaml
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,59 @@
id: amazonsimpleadmin-6edf77024f4d8b245b28ab2d095dfd39

info:
name: >
Affiliate Super Assistent <= 1.5.3 - Unauthenticated Arbitrary Shortcode Execution
author: topscoder
severity: low
description: >
reference:
- https://github.com/topscoder/nuclei-wordfence-cve
- https://www.wordfence.com/threat-intel/vulnerabilities/id/7f50769c-77b8-42ff-b67d-b9b289fc51da?source=api-scan
classification:
cvss-metrics:
cvss-score:
cve-id:
metadata:
fofa-query: "wp-content/plugins/amazonsimpleadmin/"
google-query: inurl:"/wp-content/plugins/amazonsimpleadmin/"
shodan-query: 'vuln:'
tags: cve,wordpress,wp-plugin,amazonsimpleadmin,low

http:
- method: GET
redirects: true
max-redirects: 3
path:
- "{{BaseURL}}/wp-content/plugins/amazonsimpleadmin/readme.txt"

extractors:
- type: regex
name: version
part: body
group: 1
internal: true
regex:
- "(?mi)Stable tag: ([0-9.]+)"

- type: regex
name: version
part: body
group: 1
regex:
- "(?mi)Stable tag: ([0-9.]+)"

matchers-condition: and
matchers:
- type: status
status:
- 200

- type: word
words:
- "amazonsimpleadmin"
part: body

- type: dsl
dsl:
- compare_versions(version, '<= 1.5.3')
Loading

0 comments on commit 1be20b9

Please sign in to comment.