admin/nuclei-templates
1
0
Fork 0
mirror of https://github.com/projectdiscovery/nuclei-templates.git synced 2026-01-31 15:53:33 +08:00
Code Issues Packages Projects Releases Wiki Activity

chore: generate CVEs metadata 🤖

Browse Source
This commit is contained in:
ghost
2026-01-21 08:55:47 +00:00
parent a10a18b092
commit a115379982
2 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
cves.json
View File

@@ -2227,6 +2227,7 @@
{"ID":"CVE-2022-41412","Info":{"Name":"perfSONAR 4.x \u003c= 4.4.4 - Server-Side Request Forgery","Severity":"high","Description":"An issue in the graphData.cgi component of perfSONAR v4.4.5 and prior allows attackers to access sensitive data and execute Server-Side Request Forgery (SSRF) attacks.\n","Classification":{"CVSSScore":"8.6"}},"file_path":"http/cves/2022/CVE-2022-41412.yaml"}
{"ID":"CVE-2022-41441","Info":{"Name":"ReQlogic v11.3 - Cross Site Scripting","Severity":"medium","Description":"ReQlogic v11.3 allow attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the POBatch and WaitDuration parameters.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2022/CVE-2022-41441.yaml"}
{"ID":"CVE-2022-41473","Info":{"Name":"RPCMS 3.0.2 - Cross-Site Scripting","Severity":"medium","Description":"RPCMS 3.0.2 contains a cross-site scripting vulnerability in the Search function. An attacker can inject arbitrary script in the browser of an unsuspecting user in the context of the affected site. This can allow the attacker to steal cookie-based authentication credentials and launch other attacks.\n","Classification":{"CVSSScore":"6.1"}},"file_path":"http/cves/2022/CVE-2022-41473.yaml"}
{"ID":"CVE-2022-41697","Info":{"Name":"Ghost CMS - User Enumeration","Severity":"medium","Description":"Ghost CMS 5.9.4 contains a user enumeration vulnerability in the login functionality. The application reveals whether a user account exists through different error messages, allowing attackers to enumerate valid user accounts via specially-crafted HTTP requests.\n","Classification":{"CVSSScore":"5.3"}},"file_path":"http/cves/2022/CVE-2022-41697.yaml"}
{"ID":"CVE-2022-41800","Info":{"Name":"F5 BIG-IP Appliance Mode - Command Injection","Severity":"high","Description":"When running in Appliance mode, an authenticated user assigned the Administrator role may bypass Appliance mode restrictions, utilizing an undisclosed iControl REST endpoint.\n","Classification":{"CVSSScore":"8.7"}},"file_path":"http/cves/2022/CVE-2022-41800.yaml"}
{"ID":"CVE-2022-41840","Info":{"Name":"Welcart eCommerce \u003c=2.7.7 - Local File Inclusion","Severity":"critical","Description":"Welcart eCommerce 2.7.7 and before are vulnerable to unauthenticated local file inclusion.\n","Classification":{"CVSSScore":"9.8"}},"file_path":"http/cves/2022/CVE-2022-41840.yaml"}
{"ID":"CVE-2022-42094","Info":{"Name":"Backdrop CMS version 1.23.0 - Stored Cross Site Scripting","Severity":"medium","Description":"Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the 'Card' content.\n","Classification":{"CVSSScore":"4.8"}},"file_path":"http/cves/2022/CVE-2022-42094.yaml"}

2
cves.json-checksum.txt
View File

@@ -1 +1 @@
efd714bb30f3edb79c8b0a68bbdd6e20
517651b6db97053f1aa7cbb34d3e45b3