Skip to content

Commit

Permalink
More Nuclei translations (#1377)
Browse files Browse the repository at this point in the history
  • Loading branch information
@kazet
kazet authored Nov 6, 2024
1 parent 0e3ed0e commit 98d0f2e
Show file tree
Hide file tree
Showing 2 changed files with 24 additions and 0 deletions.
9 changes: 9 additions & 0 deletions artemis/config.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -534,6 +534,8 @@ class Nuclei:
"network/default-login/ftp-anonymous-login.yaml",
# Will be enabled back after fixing a bug: https://github.com/projectdiscovery/nuclei-templates/pull/10998
"http/fuzzing/xff-403-bypass.yaml",
# Not that severe to spam people
"javascript/cves/2023/CVE-2023-48795.yaml",
]
),
cast=decouple.Csv(str),
Expand Down Expand Up @@ -642,6 +644,7 @@ class Nuclei:
"http/cves/2017/CVE-2017-12794.yaml",
"http/cves/2018/CVE-2018-8006.yaml",
"http/cves/2018/CVE-2018-11709.yaml",
"http/cves/2018/CVE-2018-12095.yaml",
"http/cves/2018/CVE-2018-12998.yaml",
"http/cves/2018/CVE-2018-13380.yaml",
"http/cves/2018/CVE-2018-14013.yaml",
Expand Down Expand Up @@ -671,23 +674,29 @@ class Nuclei:
"http/cves/2021/CVE-2021-29625.yaml",
"http/cves/2021/CVE-2021-30049.yaml",
"http/cves/2021/CVE-2021-30213.yaml",
"http/cves/2021/CVE-2021-38702.yaml",
"http/cves/2021/CVE-2021-40868.yaml",
"http/cves/2021/CVE-2021-41467.yaml",
"http/cves/2021/CVE-2021-42565.yaml",
"http/cves/2021/CVE-2021-42566.yaml",
"http/cves/2021/CVE-2021-45380.yaml",
"http/cves/2023/CVE-2023-35161.yaml",
"http/cves/2023/CVE-2023-47684.yaml",
"http/vulnerabilities/ibm/eclipse-help-system-xss.yaml",
"http/vulnerabilities/ibm/ibm-infoprint-lfi.yaml",
"http/vulnerabilities/other/bullwark-momentum-lfi.yaml",
"http/vulnerabilities/other/discourse-xss.yaml",
"http/vulnerabilities/ibm/eclipse-help-system-xss.yaml",
"http/vulnerabilities/other/global-domains-xss.yaml",
"http/vulnerabilities/other/homeautomation-v3-openredirect.yaml",
"http/vulnerabilities/other/java-melody-xss.yaml",
"http/vulnerabilities/moodle/moodle-filter-jmol-xss.yaml",
"http/vulnerabilities/other/nginx-merge-slashes-path-traversal.yaml",
"http/vulnerabilities/other/parentlink-xss.yaml",
"http/vulnerabilities/other/processmaker-lfi.yaml",
"http/vulnerabilities/other/sick-beard-xss.yaml",
"http/vulnerabilities/squirrelmail/squirrelmail-add-xss.yaml",
"http/vulnerabilities/other/turbocrm-xss.yaml",
"http/vulnerabilities/other/wems-manager-xss.yaml",
"http/vulnerabilities/wordpress/wp-touch-redirect.yaml",
]
Expand Down
15 changes: 15 additions & 0 deletions artemis/reporting/modules/nuclei/translations/nuclei_messages/pl_PL.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -998,6 +998,16 @@
"Redwood Report2Web 4.3.4.5 and 4.5.3 contains a cross-site scripting vulnerability in the login panel which allows remote attackers to inject JavaScript via the signIn.do urll parameter.": "Redwood Report2Web 4.3.4.5 i 4.5.3 zawiera podatność "
+ REFLECTED_XSS_DESCRIPTION
+ UPDATE_HINT,
"The Redis server running on the remote host is not protected by password authentication. A remote attacker can exploit this to gain unauthorized access to the server.": "Wykryto serwer Redis dostępny bez uwierzytelniania. Rekomendujemy, aby nie był dostępny publicznie.",
"http/misconfiguration/springboot/springboot-httptrace.yaml": "Wykryto informację na temat żądań i odpowiedzi HTTP przetwarzanych przez system Spring Boot.",
"Multiple fuzzes for /etc/passwd on passed URLs were conducted, leading to multiple instances of local file inclusion vulnerability.": "Wykryto podatność Local File Inclusion, umożliwiającą atakującemu odczyt dowolnego pliku z dysku.",
"WordPress LearnPress plugin before 4.1.6 contains a cross-site scripting vulnerability. It does not sanitize and escape the lp-dismiss-notice before outputting it back via the lp_background_single_email AJAX action.": "Wtyczka WordPress o nazwie LearnPress w wersji poniżej 4.1.6 zawiera podatność "
+ REFLECTED_XSS_DESCRIPTION
+ UPDATE_HINT,
"An Open Redirect vulnerability in Odoo versions <= 8.0-20160726 and 9.0. This issue allows an attacker to redirect users to untrusted sites via a crafted URL.": "System Odoo w wersji do 8.0-20160726 włącznie i w wersji 9.0 zawiera podatność Open Redirect, umożliwiającą atakującemu spreparowanie linku w Państwa domenie który przekierowuje do dowolnej innej strony, w tym np. zawierającej szkodliwe oprogramowanie."
+ UPDATE_HINT,
"phpPgAdmin 4.2.1 is vulnerable to local file inclusion in libraries/lib.inc.php when register globals is enabled. Remote attackers can read arbitrary files via a .. (dot dot) in the _language parameter to index.php.": "phpPgAdmin w wersji 4.2.1 zawiera podatność umożliwiającą atakującemu odczyt dowolnych plików z dysku."
+ UPDATE_HINT,
"Keycloak 8.0 and prior contains a cross-site scripting vulnerability. An attacker can execute arbitrary script and thus steal cookie-based authentication credentials and launch other attacks.": "Keycloak w wersji 8.0 i wcześniejszych zawiera podatność "
+ REFLECTED_XSS_DESCRIPTION
+ UPDATE_HINT,
Expand Down Expand Up @@ -1523,4 +1533,9 @@
"http/exposed-panels/gitlab-explore.yaml": "Wykryto system GitLab.",
"Micro Focus Enterprise Server Admin panel was detected.": "Wykryto panel Micro Focus Enterprise Server.",
"The presence of SAML-based authentication on GitLab instances. SAML is commonly used for Single Sign-On (SSO) integrations, which allows users to authenticate with GitLab using an external Identity Provider (IdP).": "Wykryto panel GitLab SAML.",
"Micro Focus Filr login panel was detected.": "Wykryto panel logowania Micro Focus Filr.",
"Camunda login panel was detected.": "Wykryto panel logowania systemu Camunda.",
"An Authentik search engine was detected.": "Wykryto panel wyszukiwarki Authentik.",
'Identifies "Logon Error Message" in the SAP Internet Communication Framework which returns a 404 status code.': "Wykryto stronę systemu SAP.",
"RStudio Sign In panel was detected.": "Wykryto panel logowania RStudio.",
}

0 comments on commit 98d0f2e

Please sign in to comment.