qwqdanchun
/
Goby
mirror of https://github.com/qwqdanchun/Goby.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
Goby/json/Adminer-SSRF-(CVE-2021-2131...

135 lines
4.3 KiB
JSON
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

{
"Name": "Adminer SSRF (CVE-2021-21311)",
"Description": "<p>Adminer is an application software of the SOURCEFORGE community in the United States. Provides database management in a single PHP file.<br></p><p>There is a code problem vulnerability in Adminer, which originates from elastic parameters, and attackers can detect intranet information.<br></p>",
"Product": "Adminer",
"Homepage": "https://github.com/vrana/adminer/",
"DisclosureDate": "2022-04-01",
"Author": "abszse",
"FofaQuery": "title=\"Login - Adminer\"",
"GobyQuery": "title=\"Login - Adminer\"",
"Level": "2",
"Impact": "<p>There is a code problem vulnerability in Adminer, which originates from elastic parameters, and attackers can detect intranet information.<br></p>",
"Recommendation": "<p>Follow the official website update in time: <a href=\"https://github.com/vrana/adminer/commit/ccd2374b0b12bd547417bf0dacdf153826c83351\">https://github.com/vrana/adminer/commit/ccd2374b0b12bd547417bf0dacdf153826c83351</a><br></p>",
"References": [
"https://fofa.so/"
],
"Is0day": false,
"HasExp": true,
"ExpParams": [
{
"name": "cmd",
"type": "input",
"value": "gobygo.net",
"show": ""
}
],
"ExpTips": {
"Type": "",
"Content": ""
},
"ScanSteps": [
"AND",
{
"Request": {
"method": "GET",
"uri": "",
"follow_redirect": false,
"header": {},
"data_type": "text",
"data": ""
},
"ResponseTest": {
"type": "group",
"operation": "AND",
"checks": [
{
"type": "item",
"variable": "$code",
"operation": "==",
"value": "200",
"bz": ""
}
]
},
"SetVariable": []
}
],
"ExploitSteps": [
"AND",
{
"Request": {
"method": "GET",
"uri": "",
"follow_redirect": false,
"header": {},
"data_type": "text",
"data": ""
},
"ResponseTest": {
"type": "group",
"operation": "AND",
"checks": [
{
"type": "item",
"variable": "$code",
"operation": "==",
"value": "200",
"bz": ""
}
]
},
"SetVariable": []
}
],
"Tags": [
"Other"
],
"VulType": [
"Other"
],
"CVEIDs": [
"CVE-2021-21311"
],
"CNNVD": [
"CNNVD-202102-1087"
],
"CNVD": [
""
],
"CVSSScore": "7.5",
"Translation": {
"CN": {
"Name": "Adminer 软件 SSRF漏洞(CVE-2021-21311)",
"Product": "Adminer",
"Description": "<p>Adminer是美国SOURCEFORGE社区的一个应用软件。提供单个PHP文件中的数据库管理。<br></p><p>Adminer 中存在代码问题漏洞该漏洞源于elastic参数攻击者可探测内网信息等。<br></p>",
"Recommendation": "<p>及时关注官网更新:<a href=\"https://github.com/vrana/adminer/commit/ccd2374b0b12bd547417bf0dacdf153826c83351\">https://github.com/vrana/adminer/commit/ccd2374b0b12bd547417bf0dacdf153826c83351</a><br></p>",
"Impact": "<p>Adminer 中存在代码问题漏洞该漏洞源于elastic参数攻击者可探测内网信息等。<br></p>",
"VulType": [
"其他"
],
"Tags": [
"其他"
]
},
"EN": {
"Name": "Adminer SSRF (CVE-2021-21311)",
"Product": "Adminer",
"Description": "<p>Adminer is an application software of the SOURCEFORGE community in the United States. Provides database management in a single PHP file.<br></p><p>There is a code problem vulnerability in Adminer, which originates from elastic parameters, and attackers can detect intranet information.<br></p>",
"Recommendation": "<p>Follow the official website update in time: <a href=\"https://github.com/vrana/adminer/commit/ccd2374b0b12bd547417bf0dacdf153826c83351\">https://github.com/vrana/adminer/commit/ccd2374b0b12bd547417bf0dacdf153826c83351</a><br></p>",
"Impact": "<p>There is a code problem vulnerability in Adminer, which originates from elastic parameters, and attackers can detect intranet information.<br></p>",
"VulType": [
"Other"
],
"Tags": [
"Other"
]
}
},
"AttackSurfaces": {
"Application": null,
"Support": null,
"Service": null,
"System": null,
"Hardware": null
}
}
Reference in New Issue View Git Blame Copy Permalink