From 7761154031ee1f46267a9324fafda0f513248752 Mon Sep 17 00:00:00 2001 From: GitHub Action Date: Fri, 20 Dec 2024 03:40:40 +0000 Subject: [PATCH] New Nuclei template for traveltour-d3c6d1aad62bd134450e479d5bfda97d.yaml [Fri Dec 20 03:40:40 UTC 2024] :robot: --- ...tour-d3c6d1aad62bd134450e479d5bfda97d.yaml | 59 +++++++++++++++++++ 1 file changed, 59 insertions(+) create mode 100644 nuclei-templates/cve-less/themes/traveltour-d3c6d1aad62bd134450e479d5bfda97d.yaml diff --git a/nuclei-templates/cve-less/themes/traveltour-d3c6d1aad62bd134450e479d5bfda97d.yaml b/nuclei-templates/cve-less/themes/traveltour-d3c6d1aad62bd134450e479d5bfda97d.yaml new file mode 100644 index 0000000000..eecd5d7202 --- /dev/null +++ b/nuclei-templates/cve-less/themes/traveltour-d3c6d1aad62bd134450e479d5bfda97d.yaml @@ -0,0 +1,59 @@ +id: traveltour-d3c6d1aad62bd134450e479d5bfda97d + +info: + name: > + Travel Tour < 5.2.4 - Reflected Cross-Site Scripting + author: topscoder + severity: medium + description: > + + reference: + - https://github.com/topscoder/nuclei-wordfence-cve + - https://www.wordfence.com/threat-intel/vulnerabilities/id/c2a121db-8a04-4da2-98b8-05a5eba06e45?source=api-scan + classification: + cvss-metrics: + cvss-score: + cve-id: + metadata: + fofa-query: "wp-content/themes/traveltour/" + google-query: inurl:"/wp-content/themes/traveltour/" + shodan-query: 'vuln:' + tags: cve,wordpress,wp-theme,traveltour,medium + +http: + - method: GET + redirects: true + max-redirects: 3 + path: + - "{{BaseURL}}/wp-content/themes/traveltour/style.css" + + extractors: + - type: regex + name: version + part: body + group: 1 + internal: true + regex: + - "(?mi)Version: ([0-9.]+)" + + - type: regex + name: version + part: body + group: 1 + regex: + - "(?mi)Version: ([0-9.]+)" + + matchers-condition: and + matchers: + - type: status + status: + - 200 + + - type: word + words: + - "traveltour" + part: body + + - type: dsl + dsl: + - compare_versions(version, '< 5.2.4') \ No newline at end of file