More filtered placeholder contents and Nuclei translations

CERT-Polska · Jan 20, 2025 · ab3d0a0 · ab3d0a0
1 parent 4ea2ae7
commit ab3d0a0
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 0 deletions.
diff --git a/artemis/modules/data/placeholder_page_content.txt b/artemis/modules/data/placeholder_page_content.txt
@@ -1,3 +1,4 @@
+<head><title>404 eHost.pl</title>
 <meta name="description" content="Strona pozostała na serwerze home.pl" />
 pozostaje na serwerze nazwa.pl</title>
 <title>Tanie domeny, Tani hosting, Helpdesk, Pomoc zdalna - NetStrefa.pl</title>

diff --git a/artemis/reporting/modules/nuclei/translations/nuclei_messages/pl_PL.py b/artemis/reporting/modules/nuclei/translations/nuclei_messages/pl_PL.py
@@ -998,6 +998,9 @@
     "Redwood Report2Web 4.3.4.5 and 4.5.3 contains a cross-site scripting vulnerability in the login panel which allows remote attackers to inject JavaScript via the signIn.do urll parameter.": "Redwood Report2Web 4.3.4.5 i 4.5.3 zawiera podatność "
     + REFLECTED_XSS_DESCRIPTION
     + UPDATE_HINT,
+    'Confluence Server and Data Center is susceptible to an unauthenticated remote code execution vulnerability.': "Wykryto system Confluence Server and Data Center w wersji, która umożliwia atakującemu zdalne wykonanie kodu." + RCE_EFFECT_DESCRIPTION + UPDATE_HINT,
+    "Atlassian Confluence Server allows remote attackers to view restricted resources via local file inclusion in the /s/ endpoint.": "Wykryto system Atlassian Confluence Server w wersji umożliwiającej atakującym nieuprawniony dostęp do zasobów."
+    + UPDATE_HINT,
     "Attempts to show all variables on a MySQL server.": "Wykryto, że serwer MySQL umożliwia logowanie prostym hasłem.",
     "Enrollment System Project V1.0, developed by Sourcecodester, has been found to be vulnerable to SQL Injection (SQLI) attacks. This vulnerability allows an attacker to manipulate the SQL queries executed by the application. The system fails to properly validate user-supplied input in the username and password fields during the login process, enabling an attacker to inject malicious SQL code. By exploiting this vulnerability, an attacker can bypass authentication and gain unauthorized access to the system.": "Enrollment System Project V1.0 zawiera podatność SQL Injection umożliwiającą atakującemu nieuprawniony dostęp do systemu.",
     "Checks for MySQL servers with an empty password for root or anonymous.": "Wykryto serwer MySQL do którego można zalogować się pustym hasłem.",