Update version comparison in CVE-2026-25892.yaml

[DhiyaneshGeek]

PR Information

• Fixed CVE-2020-XXX / Added CVE-2020-XXX / Updated CVE-2020-XXX
• References:

Template validation

• Validated with a host running a vulnerable version and/or configuration (True Positive)
• Validated with a host running a patched version and/or configuration (avoid False Positive)

Additional Details (leave it blank if not applicable)

Additional References:

• Nuclei Template Creation Guideline
• Nuclei Template Matcher Guideline
• Nuclei Template Contribution Guideline
• PD-Community Discord server

[neo-by-projectdiscovery-dev]

Neo - Nuclei Template Review

High: 2

Highlights

• PR updates Adminer DoS detection template (CVE-2026-25892)
• Template targets versions 4.6.2 through 5.4.1 with unauthenticated persistent DoS vulnerability
• Uses passive detection via version extraction from HTML response

High (2)

• Incorrect compare_versions syntax - missing spaces around operators — http/cves/2026/CVE-2026-25892.yaml:0
  The compare_versions DSL function call is missing required spaces around the comparison operators. The current syntax uses ">=4.6.2" and "<=5.4.1" but should be ">= 4.6.2" and "<= 5.4.1" (with spaces).
• Version comparison syntax still incorrect - spaces missing around operators — http/cves/2026/CVE-2026-25892.yaml:66
  The compare_versions DSL function syntax remains incorrect. Line 66 still uses ">=4.6.2" and "<=5.4.1" without spaces around the comparison operators. The correct syntax requires spaces: ">= 4.6.2" and "<= 5.4.1".

Security Impact

Version comparison syntax still incorrect - spaces missing around operators (http/cves/2026/CVE-2026-25892.yaml:66):
This syntax error will cause the version comparison to fail, resulting in false negatives where vulnerable Adminer instances (versions 4.6.2 through 5.4.1) are not detected. The template will not function as intended, defeating the purpose of CVE detection.

Suggested Fixes

Incorrect compare_versions syntax - missing spaces around operators (http/cves/2026/CVE-2026-25892.yaml:0):

Change line 65 from:
  - 'compare_versions(version, ">=4.6.2", "<=5.4.1")'
To:
  - compare_versions(version, '>= 4.6.2', '<= 5.4.1')

This matches the standard syntax used in other templates (e.g., CVE-2016-10972.yaml line 39, CVE-2023-34048.yaml line 73, CVE-2022-31101.yaml line 71).

Version comparison syntax still incorrect - spaces missing around operators (http/cves/2026/CVE-2026-25892.yaml:66):

Change line 66 from:
  - 'compare_versions(version, ">=4.6.2", "<=5.4.1")'
To:
  - compare_versions(version, '>= 4.6.2', '<= 5.4.1')

Reference examples from the codebase:
- CVE-2016-10972.yaml line 39: compare_versions(version, '>= 6.4', '<= 6.7.1')
- CVE-2025-27915.yaml line 53: compare_versions(version, '>= 10.0.0', '< 10.0.13')
- CVE-2024-27443.yaml line 71: compare_versions(version, '>= 10.0.0', '< 10.0.7')

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@http/cves/2026/CVE-2026-25892.yaml` at line 66, the compare_versions
function call has incorrect syntax with missing spaces around the comparison
operators. Change the line from `- 'compare_versions(version, ">=4.6.2",
"<=5.4.1")'` to `- compare_versions(version, '>= 4.6.2', '<= 5.4.1')` to match
the standard syntax used throughout the nuclei-templates repository.

Hardening Notes

• Template metadata is well-structured with proper CVE classification, CVSS scoring (7.5 High), and verified flag
• Multiple path checks (/adminer.php, /editor.php, /adminer/) provide good coverage for different installation patterns
• References are accurate and point to official GitHub security advisory GHSA-q4f2-39gr-45jh and patch commit
• Template correctly uses passive detection approach appropriate for version-based CVE checks
• FOFA and Shodan queries included in metadata for threat hunting

_{Comment @neo help for available commands. · Open in Neo}

[neo-by-projectdiscovery-dev]

🟠 Incorrect compare_versions syntax - missing spaces around operators — The compare_versions DSL function call is missing required spaces around the comparison operators. The current syntax uses ">=4.6.2" and "<=5.4.1" but should be ">= 4.6.2" and "<= 5.4.1" (with spaces).

Suggested Fix

Change line 65 from:
  - 'compare_versions(version, ">=4.6.2", "<=5.4.1")'
To:
  - compare_versions(version, '>= 4.6.2', '<= 5.4.1')

This matches the standard syntax used in other templates (e.g., CVE-2016-10972.yaml line 39, CVE-2023-34048.yaml line 73, CVE-2022-31101.yaml line 71).

[neo-by-projectdiscovery-dev]

🟠 Version comparison syntax still incorrect - spaces missing around operators — The compare_versions DSL function syntax remains incorrect. Line 66 still uses ">=4.6.2" and "<=5.4.1" without spaces around the comparison operators. The correct syntax requires spaces: ">= 4.6.2" and "<= 5.4.1".

Suggested Fix

Change line 66 from:
  - 'compare_versions(version, ">=4.6.2", "<=5.4.1")'
To:
  - compare_versions(version, '>= 4.6.2', '<= 5.4.1')

Reference examples from the codebase:
- CVE-2016-10972.yaml line 39: compare_versions(version, '>= 6.4', '<= 6.7.1')
- CVE-2025-27915.yaml line 53: compare_versions(version, '>= 10.0.0', '< 10.0.13')
- CVE-2024-27443.yaml line 71: compare_versions(version, '>= 10.0.0', '< 10.0.7')

🤖 Prompt for AI Agents

Verify each finding against the current code and only fix it if needed.

In `@http/cves/2026/CVE-2026-25892.yaml` at line 66, the compare_versions
function call has incorrect syntax with missing spaces around the comparison
operators. Change the line from `- 'compare_versions(version, ">=4.6.2",
"<=5.4.1")'` to `- compare_versions(version, '>= 4.6.2', '<= 5.4.1')` to match
the standard syntax used throughout the nuclei-templates repository.