-
Notifications
You must be signed in to change notification settings - Fork 110
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Added Multiple CVE and Misconfiguration Templates #50
Conversation
CVE_2022_0150_WordPress_Accessibility_Helper_Lt_0_6_0_7_Cross_Site.bcheck CVE-2022-2460 VoipMonitor - Pre-Auth SQL Injection.bcheck CVE-2023-36346 POS Codekop v2.0 - Cross-site Scripting.bcheck CVE_2021_20114_TCExam_Gt_14_8_1_Sensitive_Information_Exposure.bcheck CVE_2021_20158_Trendnet_AC2600_TEW_827DRU_2_08B01_Admin_Password.bcheck CVE_2021_21816_D_Link_DIR_3040_1_13B03_Information_Disclosure.bcheck
SAP Directory Listing.bcheck Xdebug_remote_code_execution_via_xdebug_remote_connect_back.bcheck Apache Tomcat Manager Path Normalization Panel.bcheck Cloudflare External Image Resizing Misconfiguration.bcheck Etcd Server - Unauthenticated Access.bcheck Kubernetes_Pods_API_Discovery_&_Remote_Code_Execution.bcheck Rails CRLF and XSS.bcheck
in |
Yes, it doesn't disclose current users password a user can change whatever they want the password to be . |
Should the check be modified in that case to not include a specific password? |
Not required , the current check cannot be changed in any other way the following checks required a password in static form or else the password will get rejected . |
Change made from static to regex for validation in if statement
All the changes have been done ,suggested by you |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
👍
Added Following Templates: