admin/nuclei-templates
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei-templates.git synced 2026-01-31 07:43:27 +08:00
Code Issues Packages Projects Releases Wiki Activity

chore: generate CVEs metadata 🤖

Browse Source
This commit is contained in:
ghost
2026-01-25 00:22:52 +00:00
parent 60d927b7db
commit 1da103ddd2
2 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
cves.json
View File

@@ -1026,6 +1026,7 @@
{"ID":"CVE-2020-15906","Info":{"Name":"Tiki Wiki CMS GroupWare - Authentication Bypass","Severity":"critical","Description":"tiki-login.php in Tiki before 21.2 sets the admin password to a blank value after 50 invalid login attempts.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2020/CVE-2020-15906.yaml"}
{"ID":"CVE-2020-15920","Info":{"Name":"Mida eFramework \u003c=2.9.0 - Remote Command Execution","Severity":"critical","Description":"Mida eFramework through 2.9.0 allows an attacker to achieve remote code execution with administrative (root) privileges. No authentication is required.","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2020/CVE-2020-15920.yaml"}
{"ID":"CVE-2020-16139","Info":{"Name":"Cisco Unified IP Conference Station 7937G - Denial-of-Service","Severity":"high","Description":"Cisco Unified IP Conference Station 7937G 1-4-4-0 through 1-4-5-7 allows attackers to restart the device remotely via specially crafted packets that can cause a denial-of-service condition. Note: We cannot prove this vulnerability exists. Out of an abundance of caution, this CVE is being assigned to better serve our customers and ensure all who are still running this product understand that the product is end of life and should be removed or upgraded.\n","Classification":{"CVSSScore":"7.5"}},"file_path":"http/cves/2020/CVE-2020-16139.yaml"}
{"ID":"CVE-2020-16248","Info":{"Name":"Prometheus Blackbox Exporter - Server-Side Request Forgery (SSRF)","Severity":"medium","Description":"Prometheus Blackbox Exporter through 0.17.0 contains a server-side request forgery caused by unsanitized target parameter in /probe, letting attackers perform SSRF attacks, exploit requires sending crafted target parameter.\n","Classification":{"CVSSScore":"5.8"}},"file_path":"http/cves/2020/CVE-2020-16248.yaml"}
{"ID":"CVE-2020-16846","Info":{"Name":"SaltStack \u003c=3002 - Shell Injection","Severity":"critical","Description":"SaltStack Salt through 3002 allows an unauthenticated user with network access to the Salt API to use shell injections to run code on the Salt-API using the SSH client.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2020/CVE-2020-16846.yaml"}
{"ID":"CVE-2020-16952","Info":{"Name":"Microsoft SharePoint - Remote Code Execution","Severity":"high","Description":"Microsoft SharePoint is vulnerable to a remote code execution when the software fails to check the source markup of an application package.","Classification":{"CVSSScore":"8.6"}},"file_path":"http/cves/2020/CVE-2020-16952.yaml"}
{"ID":"CVE-2020-17362","Info":{"Name":"Nova Lite \u003c 1.3.9 - Cross-Site Scripting","Severity":"medium","Description":"Nova Lite before 1.3.9 for WordPress is susceptible to reflected cross-site scripting via search.php.","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2020/CVE-2020-17362.yaml"}