GwanYeong Kim
f750bf5ba5
Create qihang-media-web-credentials-disclosure.yaml
...
The application suffers from clear-text credentials disclosure vulnerability that allows an unauthenticated attacker to issue a request to an unprotected directory that hosts an XML file /xml/User/User.xml and obtain administrative login information that allows for a successful authentication bypass attack.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-10-01 15:42:48 +09:00
GwanYeong Kim
90138f44d1
Create qihang-media-web-lfi.yaml
...
The application suffers from an unauthenticated file disclosure vulnerability when input passed thru the filename parameter when using the download action or thru path parameter when using the getAll action is not properly verified before being used. This can be exploited to disclose contents of files and directories from local resources.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-10-01 15:35:12 +09:00
Philippe Delteil
145f1a643d
Update and rename wordpress-emails-verification-for-woocommerce.yaml to wp-woocommerce-email-verification.yaml
...
- name changed to match template id.
- added stop-at-first-match condition.
2021-09-30 22:49:21 -03:00
Sullo
7adfd01163
Moving listserv_maestro_rce.yaml to cves folder
2021-09-30 15:39:45 -04:00
Sullo
d34e6c1145
Add information for CVE-2010-1870
2021-09-30 15:38:59 -04:00
Sullo
3c012b137d
Break CVE-2016-4975 into its own template
2021-09-30 15:35:17 -04:00
Rizwan Syed
4065f6a493
Update wordpress-accessible-wpconfig.yaml
2021-09-30 23:15:18 +05:30
Sullo
c9a374bed5
renamed: simple-employee-rce.yaml -> ../../cves/2019/CVE-2019-20183.yaml
2021-09-30 13:06:46 -04:00
Sullo
28def083f6
Merge branch 'master' of https://github.com/sullo/nuclei-templates
...
Fix typo for cvss
2021-09-30 13:03:09 -04:00
Sullo
3878138bfe
* Added Host headers where needed (validated via disclosures/posts)
...
* Added CVE simple-employee-rce.yaml
2021-09-30 12:52:05 -04:00
sullo
66cad3ff35
Revert "* Added CVE info & moved simple-employee-rce.yaml to cves/2019/CVE-2019-20183.yaml"
...
incorrect push to master repo
This reverts commit 7191aee570
.
2021-09-30 12:25:22 -04:00
Sullo
7191aee570
* Added CVE info & moved simple-employee-rce.yaml to cves/2019/CVE-2019-20183.yaml
...
* Added missing {{Hostname}} to some raw requests (confirmed that hostname is allowed in exploits)
* Minor cleanup in the modified plugins
2021-09-30 12:20:54 -04:00
sandeep
e90e3b49bc
Added more unique matchers
2021-09-30 20:22:53 +05:30
sandeep
88f6bba576
Added thinkphp keyword from response to avoid false positive
2021-09-30 18:35:14 +05:30
Prince Chaddha
f839f628b6
Update and rename fatpipe-networks-warp-backdoor.yaml to fatpipe-backdoor.yaml
2021-09-30 17:18:45 +05:30
Prince Chaddha
b65719103f
Update and rename fatpipe-networks-warp-auth-bypass.yaml to fatpipe-auth-bypass.yaml
2021-09-30 17:18:21 +05:30
Prince Chaddha
9e25b4871e
Update fatpipe-networks-warp-backdoor.yaml
2021-09-30 16:13:19 +05:30
GwanYeong Kim
606d2b5ea4
Create fatpipe-networks-warp-backdoor.yaml
...
The application has a hidden administrative account cmuser that has no password and has write access permissions to the device. The user cmuser is not visible in Users menu list of the application.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-09-30 13:38:01 +09:00
GwanYeong Kim
263cadaacf
Create fatpipe-networks-warp-auth-bypass.yaml
...
Improper access control occurs when the application provides direct access to objects based on user-supplied input. As a result of this vulnerability attackers can bypass authorization and access resources behind protected pages.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-09-30 11:07:24 +09:00
Sandeep Singh
e9f81943b6
Merge pull request #2759 from projectdiscovery/generic-ssrf
...
generic-ssrf
2021-09-30 03:31:52 +05:30
sandeep
553a7a2480
Update request-based-interaction.yaml
2021-09-30 03:31:03 +05:30
sandeep
be297d732b
misc update
2021-09-30 03:26:16 +05:30
Prince Chaddha
5c80f9dc4c
Update and rename wp-church-admin-lfi.yaml to vulnerabilities/wordpress/church-admin-lfi.yaml
2021-09-28 15:38:03 +05:30
Prince Chaddha
cee46ca968
Update and rename request-interaction-oob.yaml to request-based-interaction.yaml
2021-09-28 15:22:30 +05:30
Prince Chaddha
97ef8f00e2
Update and rename generic-oob-param-based-interaction.yaml to oob-param-based-interaction.yaml
2021-09-28 15:21:41 +05:30
Prince Chaddha
25a971efd4
Update and rename generic-oob-header-based-interaction.yaml to oob-header-based-interaction.yaml
2021-09-28 15:21:27 +05:30
Prince Chaddha
8042d1233e
Create request-interaction-oob.yaml
2021-09-28 15:18:26 +05:30
Prince Chaddha
52a5e33556
Create generic-oob-param-based-interaction.yaml
2021-09-28 15:17:21 +05:30
Prince Chaddha
1a4f6754b4
Create generic-oob-header-based-interaction.yaml
2021-09-28 15:15:57 +05:30
Prince Chaddha
8d7e5b2d24
Merge pull request #2748 from gy741/rule-add-v60
...
Create commax-cctv-rtsp-credentials-disclosure.yaml
2021-09-25 11:49:18 +05:30
Prince Chaddha
2808f46429
Update and rename commax-cctv-rtsp-credentials-disclosure.yaml to commax-credentials-disclosure.yaml
2021-09-25 11:32:31 +05:30
Prince Chaddha
2e7e35eb70
Update and rename ecoa-building-directory-traversal.yaml to ecoa-building-lfi.yaml
2021-09-25 11:22:48 +05:30
GwanYeong Kim
fac7f96b34
Create ecoa-building-directory-traversal.yaml
...
The BAS controller suffers from a directory traversal content disclosure vulnerability. Using the GET parameter cpath in File Manager (fmangersub), attackers can disclose directory content on the affected device
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-09-25 08:58:58 +09:00
GwanYeong Kim
59e0eb7ad3
Create commax-cctv-rtsp-credentials-disclosure.yaml
...
The COMMAX CCTV Bridge for the DVR service allows an unauthenticated attacker
to disclose RTSP credentials in plain-text.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-09-25 08:43:18 +09:00
Prince Chaddha
93b6f3a799
Merge pull request #2743 from Akokonunes/patch-43
...
Create wp-brandfolder-plugin-open-redirect.yaml
2021-09-25 00:55:20 +05:30
Prince Chaddha
d0ee5cbe02
Merge pull request #2744 from Akokonunes/patch-44
...
Create wp-brandfolder-plugin-lfi.yaml
2021-09-25 00:54:30 +05:30
Prince Chaddha
f70cc70c26
Update and rename wp-brandfolder-plugin-open-redirect.yaml to vulnerabilities/wordpress/brandfolder-open-redirect.yaml
2021-09-25 00:54:03 +05:30
Prince Chaddha
624c722c5a
Update and rename wp-brandfolder-plugin-lfi.yaml to vulnerabilities/wordpress/brandfolder-lfi.yaml
2021-09-25 00:51:56 +05:30
Prince Chaddha
e832a50401
Update issuu-panel-lfi.yaml
2021-09-25 00:49:53 +05:30
Prince Chaddha
f35db18633
Update and rename wp-plugin-issuu-panel-lfi.yaml to vulnerabilities/wordpress/issuu-panel-lfi.yaml
2021-09-25 00:47:37 +05:30
Sandeep Singh
d75bad52c7
Merge pull request #2732 from Akokonunes/patch-38
...
Create product-input-fields-for-woocommerce-file-download.yaml
2021-09-22 18:19:59 +05:30
sandeep
a898a6c3a6
Update wp-woocommerce-file-download.yaml
2021-09-22 18:19:25 +05:30
sandeep
dfa85833e2
misc update
2021-09-22 18:18:21 +05:30
Sandeep Singh
551c9127a2
Merge pull request #2733 from Akokonunes/patch-42
...
Create cs-cart-unauthenticated-lfi.yaml
2021-09-22 18:10:38 +05:30
sandeep
18142906f0
moving files around
2021-09-22 18:09:43 +05:30
sandeep
a60e8a9d5e
misc update
2021-09-22 18:08:32 +05:30
Prince Chaddha
807920c0ac
clean-up
2021-09-21 17:16:53 +05:30
Sandeep Singh
a5982b8f32
Merge pull request #2721 from nerrorsec/patch-1
...
Added a path
2021-09-21 15:32:42 +05:30
Sandeep Singh
e0a8cb25bf
Merge pull request #2725 from projectdiscovery/wp-xmlrpc-pingback-detection
...
Added Wordpress XMLRPC Pingback detection
2021-09-21 15:29:25 +05:30
sandeep
d9c5095780
fixing xmlrpc-pingback-ssrf.yaml
2021-09-21 15:21:35 +05:30
Prince Chaddha
ff4811e085
Create wordpress-git-config.yaml
2021-09-21 15:21:16 +05:30
sandeep
10a6436f6f
Added Wordpress XMLRPC Pingback detection
2021-09-21 15:18:49 +05:30
Prince Chaddha
8034e43e2c
Merge pull request #2711 from 0xSmiley/generic_lfi
...
Generic lfi
2021-09-21 00:11:59 +05:30
Prince Chaddha
8a985aa5c8
Update generic-linux-lfi.yaml
2021-09-20 23:53:49 +05:30
Prince Chaddha
6564d0fca4
Merge pull request #2708 from pussycat0x/master
...
New templates
2021-09-20 14:18:41 +05:30
Sandeep Singh
e9e99de988
Merge pull request #2714 from pikpikcu/patch-288
...
Update Severity
2021-09-20 12:20:12 +05:30
PikPikcU
991963fe4a
Update Severity
2021-09-20 12:11:56 +07:00
kn1ght
ffe20a273d
fix: typo error
2021-09-19 20:23:22 -03:00
Nuno
083a72b24c
Generic Template Updated
2021-09-18 20:13:32 +01:00
Muhammad Daffa
50dfd3dc3d
Update Severity
2021-09-18 21:07:47 +07:00
Sandeep Singh
0f03f5ff55
Merge pull request #2692 from projectdiscovery/metadata-attribute-update
2021-09-18 18:19:07 +05:30
sandeep
8c28120218
Update luftguitar-arbitrary-file-upload.yaml
2021-09-18 14:32:13 +05:30
sandeep
fb1aee75ce
Update luftguitar-arbitrary-file-upload.yaml
2021-09-18 14:28:03 +05:30
Prince Chaddha
e183b518db
Update wp-altair-listing.yaml
2021-09-18 14:11:17 +05:30
Prince Chaddha
d0c5083632
Update wp-altair-listing.yaml
2021-09-18 14:09:59 +05:30
Prince Chaddha
0523d46ed2
Revert "Delete wp-altair-listing.yaml"
...
This reverts commit 05dd3affce
.
2021-09-18 13:54:03 +05:30
Prince Chaddha
05dd3affce
Delete wp-altair-listing.yaml
2021-09-18 13:51:28 +05:30
Prince Chaddha
63cc624c4a
Update luftguitar-arbitrary-file-upload.yaml
2021-09-18 12:14:32 +05:30
Prince Chaddha
893f8d3bc6
Update wp-altair-listing.yaml
2021-09-18 12:01:47 +05:30
pussycat0x
10b3bc327d
Add files via upload
2021-09-18 10:37:16 +05:30
PikPikcU
2a1341274a
Create luftguitar-arbitrary-file-upload.yaml
2021-09-17 21:04:21 +07:00
Prince Chaddha
3deb522abc
Merge pull request #2664 from Akokonunes/patch-37
...
Create ecoa-building-automation-lfd.yaml
2021-09-17 16:47:54 +05:30
Prince Chaddha
df59ad5670
Update and rename ecoa-building-automation-lfd.yaml to vulnerabilities/other/ecoa-building-automation-lfd.yaml
2021-09-17 16:39:09 +05:30
Prince Chaddha
b00b70c150
Merge pull request #2697 from Akokonunes/patch-39
...
Create attitude-wp-theme-open-redirect.yaml
2021-09-17 15:12:21 +05:30
Prince Chaddha
5cac00bada
Merge pull request #2698 from Akokonunes/patch-40
...
Create eatery-restaurant-wp-theme-open-redirect.yaml
2021-09-17 15:12:09 +05:30
Prince Chaddha
a40530d9d4
Update and rename eatery-restaurant-wp-theme-open-redirect.yaml to vulnerabilities/wordpress/eatery-restaurant-open-redirect.yaml
2021-09-17 15:10:30 +05:30
Prince Chaddha
69e546ea4d
Update attitude-theme-open-redirect.yaml
2021-09-17 15:10:23 +05:30
Prince Chaddha
c5ccf9d991
Update and rename attitude-wp-theme-open-redirect.yaml to vulnerabilities/wordpress/attitude-theme-open-redirect.yaml
2021-09-17 15:08:59 +05:30
Prince Chaddha
2e8329b645
Update and rename weekender-newspaper-wp-theme-open-redirect.yaml to vulnerabilities/wordpress/weekender-newspaper-open-redirect.yaml
2021-09-17 15:06:13 +05:30
Geeknik Labs
03a79aa0c3
Update jenkins-script.yaml
2021-09-16 15:17:15 -05:00
sandeep
676b51d20c
Metadata attribute update
2021-09-16 21:24:33 +05:30
Prince Chaddha
18879698fa
Update bullwark-momentum-lfi.yaml
2021-09-13 15:55:14 +05:30
Prince Chaddha
e18cc14218
Update bullwark-momentum-lfi.yaml
2021-09-13 15:34:18 +05:30
sandeep
546bd6a038
matcher update
2021-09-13 15:28:35 +05:30
sandeep
34bba4e794
misc update
2021-09-12 17:10:52 +05:30
Noam Rathaus
46b16bcfa2
Incomplete title
2021-09-12 14:16:01 +03:00
Noam Rathaus
59525a5846
Working reference
2021-09-12 13:02:41 +03:00
Noam Rathaus
e602575ae0
Working reference
2021-09-12 12:58:48 +03:00
Noam Rathaus
fb2f89bc86
References
2021-09-12 12:58:43 +03:00
Noam Rathaus
624162cca7
Working reference
2021-09-12 12:50:53 +03:00
Noam Rathaus
896343be12
Clarify description
2021-09-12 12:41:33 +03:00
sandeep
dde7140ff9
misc update
2021-09-11 23:46:31 +05:30
sandeep
207c140c50
moving files around
2021-09-11 21:06:36 +05:30
Philippe Delteil
c41f64987b
Update wordpress-db-repair.yaml
...
Solves this false positive (different encoding)
nuclei -debug -t nuclei-templates/vulnerabilities/wordpress/wordpress-db-repair.yaml -u https://try.walmart.com
<p><code>define('WP_ALLOW_REPAIR', true);
2021-09-10 17:18:15 -03:00
Sandeep Singh
cf4ef2ac5a
Merge pull request #2622 from projectdiscovery/missing-tags
2021-09-10 12:32:47 +05:30
sandeep
bd24dc198e
Coverage for all templates using tags
2021-09-09 19:08:13 +05:30
Prince Chaddha
67766f381a
Merge pull request #2600 from Akokonunes/patch-35
...
Create phpwiki-lfi.yaml
2021-09-09 15:02:41 +05:30
Prince Chaddha
6ce33e2f47
Rename phpwiki-lfi.yaml to vulnerabilities/other/phpwiki-lfi.yaml
2021-09-09 15:01:35 +05:30
Prince Chaddha
576499034d
Update wordpress-rce-simplefilelist.yaml
2021-09-09 12:09:13 +05:30
Prince Chaddha
08dac56385
Update simple-employee-rce.yaml
2021-09-09 12:06:24 +05:30
sandeep
609705f676
removed extra headers not required for template
2021-09-08 17:47:19 +05:30
Prince Chaddha
9b75486616
Rename homeautomation-v3-openredirect.yaml to vulnerabilities/other/homeautomation-v3-openredirect.yaml
2021-09-07 18:07:48 +05:30
Sandeep Singh
e6a71e0e80
Merge pull request #2593 from projectdiscovery/openvpn-hhi
...
Added OpenVPN Host Header Injection
2021-09-06 18:56:27 +05:30
Sandeep Singh
e31a75af04
Merge pull request #2595 from projectdiscovery/host-header-injection
...
Create host-header-injection.yaml
2021-09-06 18:56:09 +05:30
Prince Chaddha
4075664390
Merge pull request #2580 from Akokonunes/patch-29
...
Create gSOAP-LFl.yaml
2021-09-06 17:36:18 +05:30
Prince Chaddha
e9d5665383
Update gsoap-lfi.yaml
2021-09-06 17:34:51 +05:30
Prince Chaddha
1942d13ed6
Update openvpn-hhi.yaml
2021-09-06 17:15:30 +05:30
Prince Chaddha
acd4624200
Create host-header-injection.yaml
2021-09-06 17:14:27 +05:30
Prince Chaddha
842f66380f
Revert "Create host-header-injection.yaml"
...
This reverts commit 6abfcd80e1
.
2021-09-06 17:13:48 +05:30
Prince Chaddha
6abfcd80e1
Create host-header-injection.yaml
2021-09-06 17:13:20 +05:30
sandeep
cec54e6d51
tags update
...
Co-Authored-By: me_dheeraj <9442273+Dheerajmadhukar@users.noreply.github.com>
2021-09-06 16:15:07 +05:30
sandeep
c105e41fa4
Added OpenVPN Host Header Injection
...
Co-Authored-By: me_dheeraj <9442273+Dheerajmadhukar@users.noreply.github.com>
2021-09-06 16:13:17 +05:30
Prince Chaddha
f6e52a6739
Merge pull request #2585 from sullo/master
...
Updates across many templates for clarity, spelling, and grammar.
2021-09-06 15:02:52 +05:30
Prince Chaddha
7579fe98c2
Update and rename minimouse-lfi.yaml to vulnerabilities/other/minimouse-lfi.yaml
2021-09-06 14:44:39 +05:30
sullo
ef1f7c5e92
Updates across many templates for clarity, spelling, and grammar.
2021-09-05 17:13:45 -04:00
Prince Chaddha
bf1d6374b2
Rename gSOAP-LFl.yaml to vulnerabilities/other/gsoap-lfi.yaml
2021-09-05 19:22:07 +05:30
sandeep
90f8caf302
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into pr/2481
2021-09-03 14:55:30 +05:30
sandeep
c266084621
Added stop-at-first-match in applicable templates
2021-09-02 17:29:10 +05:30
sandeep
faf111362c
Removing extra space
2021-09-01 12:37:02 +05:30
Prince Chaddha
5c5c6c3974
Update processmaker-lfi.yaml
2021-08-31 14:08:11 +05:30
Prince Chaddha
0b69ea80b2
Create processmaker-lfi.yaml
2021-08-31 14:03:47 +05:30
Noam Rathaus
86f3c08ba6
Vendor writes it as "NETGEAR"
2021-08-29 09:39:06 +03:00
Noam Rathaus
9f9970c8e9
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-08-29 09:15:40 +03:00
forgedhallpass
419a957409
Fixing errors in templates
...
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-27 10:43:24 +03:00
forgedhallpass
a4250b8f2f
Merge remote-tracking branch 'origin' into dynamic_attributes
2021-08-26 15:04:14 +03:00
Sandeep Singh
e66463d466
Merge pull request #2355 from G4L1T0/corsmisc
...
add cors-misconfig.yaml
2021-08-26 04:26:37 +05:30
sandeep
1999a9b560
Enhanced CORS checks
2021-08-26 04:24:06 +05:30
sandeep
05305904ef
more strict matchers
2021-08-26 02:43:53 +05:30
socketz
ed76585ed6
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-08-25 14:33:32 +02:00
socketz
c766a8454d
Fixed yaml linting errors
2021-08-25 14:09:42 +02:00
sandeep
8fb3c65965
template fix
2021-08-25 01:32:14 +05:30
forgedhallpass
110f9c9ddd
Merge remote-tracking branch 'origin' into dynamic_attributes
2021-08-24 20:38:11 +03:00
Sandeep Singh
ee37e34f54
Update wp-woocommerce-pdf-invoice-listing.yaml
2021-08-24 17:48:31 +05:30
Prince Chaddha
f66f36237b
Merge pull request #2455 from gy741/rule-add-v58
...
Create commax-biometric-access-control-system-auth-bypass.yaml
2021-08-24 17:44:13 +05:30
Prince Chaddha
554c4a505f
Update and rename commax-biometric-access-control-system-auth-bypass.yaml to commax-biometric-auth-bypass.yaml
2021-08-24 17:17:43 +05:30
Prince Chaddha
0a4cd456bf
Update commax-biometric-access-control-system-auth-bypass.yaml
2021-08-24 17:13:17 +05:30
Prince Chaddha
ba03c2b377
Update unauth-hoteldruid-panel.yaml
2021-08-24 16:46:24 +05:30
Prince Chaddha
d1065cd3fc
Create unauth-hoteldruid-panel.yaml
2021-08-24 16:42:11 +05:30
PikPikcU
ecd6547d05
Update thinkific-redirect.yaml
2021-08-24 14:56:21 +07:00
forgedhallpass
a124e393b4
Merge remote-tracking branch 'origin' into dynamic_attributes
2021-08-23 19:15:14 +03:00
Prince Chaddha
647d27925a
Merge pull request #2426 from projectdiscovery/generic
...
Templates by geeknik
2021-08-23 19:55:32 +05:30
forgedhallpass
296edfc37b
Merge remote-tracking branch 'origin' into dynamic_attributes
2021-08-23 14:40:33 +03:00
Sandeep Singh
04b401a8ef
Merge pull request #2456 from projectdiscovery/payloads-update
...
Payloads positional update to keep the request format uniform
2021-08-23 15:26:35 +05:30
sandeep
62530eafc2
Update wp-slideshow-xss.yaml
2021-08-23 15:15:26 +05:30
sandeep
2aa54304ee
Payloads positional update to keep the request format uniform
2021-08-22 23:39:33 +05:30
GwanYeong Kim
cad976abda
Create commax-biometric-access-control-system-auth-bypass.yaml
...
The application suffers from an authentication bypass vulnerability. An unauthenticated attacker through cookie poisoning can bypass authentication and disclose sensitive information and circumvent physical controls in smart homes and buildings.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-08-22 18:19:34 +09:00
sandeep
cbdef618f3
Update netgear-router-exposure.yaml
2021-08-21 00:38:54 +05:30
forgedhallpass
dc4cc62629
Merge remote-tracking branch 'origin/master' into dynamic_attributes
2021-08-20 15:35:17 +03:00
sandeep
e160acb481
misc updates
2021-08-20 16:37:22 +05:30
sandeep
0ef2106a6e
Improved template
2021-08-19 23:34:16 +05:30
Sandeep Singh
0bef05c541
Merge pull request #793 from pikpikcu/patch-40
...
resin information disclosure
2021-08-19 23:15:42 +05:30
Sandeep Singh
ab824564d3
minor updates
2021-08-19 23:11:29 +05:30
Sandeep Singh
1247fcd993
Update vulnerabilities/other/caucho-resin-info-disclosure.yaml
...
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-08-19 23:09:26 +05:30
forgedhallpass
77103bc629
Satisfying the linter (all errors and warnings)
...
* whitespace modifications only
2021-08-19 17:44:46 +03:00
forgedhallpass
002e8db616
Moved the "vendor" custom attribute under reference
...
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-19 17:00:46 +03:00
forgedhallpass
97d4f8705b
Fixed mistakes/typos
...
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-19 16:59:55 +03:00
forgedhallpass
f55d6b75e1
Removed pipe (|) character from references, because the structure requires it to be a string slice, not a string
...
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-19 16:59:12 +03:00
forgedhallpass
7b29be739e
Merge branch 'master' into dynamic_attributes
2021-08-19 16:23:26 +03:00
forgedhallpass
ffaff64565
Changes fixes/around dynamic attributes ("additional-fields")
...
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-19 16:17:27 +03:00
forgedhallpass
0b432b341b
Added comments with URLs under the "references" field
...
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-19 16:15:35 +03:00
forgedhallpass
e68d15ab63
Fixed mistakes/typos in the templates.
...
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-19 15:30:14 +03:00
Prince Chaddha
bc1bf5d919
Create comtrend-ct5367-disclosure.yaml
2021-08-19 14:47:44 +05:30
Prince Chaddha
f8a8968408
Revert "Create comtrend-ct5367-disclosure.yaml"
...
This reverts commit 33ea2d360c
.
2021-08-19 14:46:35 +05:30
Prince Chaddha
33ea2d360c
Create comtrend-ct5367-disclosure.yaml
2021-08-19 14:45:37 +05:30
Sandeep Singh
ab0750b570
minor update
2021-08-19 00:43:44 +05:30
forgedhallpass
cdf9451158
Removed pipe (|) character from references, because the structure requires it to be a string slice, not a string
...
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-18 14:44:27 +03:00
Prince Chaddha
dd1bbe6093
Revert "Delete netgear-router-disclosure.yaml"
...
This reverts commit 3b969e7e0d
.
2021-08-18 17:02:08 +05:30
Prince Chaddha
3b969e7e0d
Delete netgear-router-disclosure.yaml
2021-08-18 16:59:49 +05:30
forgedhallpass
4c920b2552
Rename "references" to "reference" to match the expected template info structure
...
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-18 14:29:20 +03:00
Prince Chaddha
0a0b5c7f74
Update netgear-router-disclosure.yaml
2021-08-18 16:56:56 +05:30
Prince Chaddha
d07323e0be
Create netgear-router-disclosure.yaml
2021-08-18 16:44:28 +05:30
Prince Chaddha
af15e4817f
Update netgear-router-auth-bypass.yaml
2021-08-18 16:42:34 +05:30
Prince Chaddha
067c9a8755
Create xmlrpc-pingback-ssrf.yaml
2021-08-18 16:39:22 +05:30
Prince Chaddha
fe1e7d36fb
Merge pull request #2429 from Mad-robot/patch-3
...
Create geovision-geowebserver-lfi.yaml
2021-08-18 16:19:49 +05:30
Prince Chaddha
0731a772d4
Update geovision-geowebserver-lfi.yaml
2021-08-18 16:18:12 +05:30
Prince Chaddha
1db2715a06
Update geovision-geowebserver-xss.yaml
2021-08-18 14:51:23 +05:30
Prince Chaddha
eeb284a7ec
Update geovision-geowebserver-xss.yaml
2021-08-18 14:48:34 +05:30
SaN ThosH
db4073d2b5
Update geovision-geowebserver-lfi.yaml
2021-08-18 03:54:30 +05:30
SaN ThosH
d5748c95fc
Create geovision-geowebserver-lfi.yaml
2021-08-18 03:50:45 +05:30
SaN ThosH
0c24cc2f74
Create geovision-geowebserver-xss.yaml
2021-08-18 03:50:39 +05:30
Prince Chaddha
f60cef447b
Update generic-blind-xxe.yaml
2021-08-17 22:57:34 +05:30
Prince Chaddha
727e73c5c3
Create solar-log-authbypass.yaml
2021-08-17 18:02:41 +05:30
Prince Chaddha
c39f0e2077
Create generic-blind-xxe.yaml
2021-08-17 17:18:52 +05:30
Sandeep Singh
59b2aeda40
Merge pull request #2420 from geeknik/patch-18
...
Update twig-php-ssti.yaml
2021-08-17 17:12:00 +05:30
sandeep
c2f87671fb
strict matcher
2021-08-17 15:52:22 +05:30
sandeep
03cd55a33f
severity update based on poc
...
We will update this again as per assigned CVE which is not available right now?
2021-08-17 15:02:47 +05:30
sandeep
4a5137b742
more tags
2021-08-17 15:00:30 +05:30
sandeep
e8c3a1f9c7
Additional matchers update
2021-08-17 15:00:05 +05:30
Sanyam Chawla
5072dbbcbb
Create ms-exchange-server-reflected-xss.yaml
2021-08-17 13:55:38 +05:30
Geeknik Labs
3b9fb75fcb
Update twig-php-ssti.yaml
...
Another FP fix
2021-08-16 15:30:23 -05:00
Geeknik Labs
d52c97c569
Update twig-php-ssti.yaml
...
False positive fix
2021-08-16 15:28:13 -05:00
Prince Chaddha
970bdb3ac7
Update pmb-directory-traversal.yaml
2021-08-16 16:43:47 +05:30
Prince Chaddha
d45887f9f9
Delete node-nunjucks-ssti.yaml
2021-08-16 16:41:58 +05:30
Prince Chaddha
d3a379e112
Update eyelock-nano-lfd.yaml
2021-08-16 16:40:42 +05:30
Prince Chaddha
af4f29ab03
Update beward-ipcamera-disclosure.yaml
2021-08-16 16:37:34 +05:30
Prince Chaddha
4e498a6478
Create pmb-directory-traversal.yaml
2021-08-16 16:14:02 +05:30
Prince Chaddha
451823f887
Create node-nunjucks-ssti.yaml
2021-08-16 16:13:27 +05:30
Prince Chaddha
c6927262eb
Create eyelock-nano-lfd.yaml
2021-08-16 16:12:45 +05:30
Prince Chaddha
232b187a40
Create beward-ipcamera-disclosure.yaml
2021-08-16 16:11:44 +05:30
sandeep
3ac7a756fc
Added woocommerce-pdf-invoice-listing
2021-08-16 15:37:07 +05:30