04ec5b6b6d
Create netgear-wac124-router-auth-bypass.yaml ( #3986 )
...
* Create netgear-wac124-router-auth-bypass.yaml
This vulnerability allows network-adjacent attackers to bypass authentication on affected of WAC124, AC2000 routers. Authentication is not required to exploit this vulnerability.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
* misc update
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-03-27 20:40:41 +05:30
948ceb8b11
Create oracle-fatwire-lfi.yaml ( #3975 )
...
* Create oracle-fatwire-lfi.yaml
* Update oracle-fatwire-lfi.yaml
* Update oracle-fatwire-lfi.yaml
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
2022-03-26 14:56:13 +05:30
eb23e6e44e
Dashboard Content Enhancements ( #3980 )
...
Dashboard Content Enhancements
2022-03-25 10:16:18 -04:00
814d07fb7d
Dashboard Content Enhancements ( #3961 )
...
* Enhancement: default-logins/viewpoint/trilithic-viewpoint-login.yaml by mp
* Enhancement: default-logins/visionhub/visionhub-default-login.yaml by mp
* Enhancement: default-logins/weblogic/weblogic-weak-login.yaml by mp
* Enhancement: default-logins/wifisky/wifisky-default-login.yaml by mp
* Enhancement: default-logins/wso2/wso2-default-login.yaml by mp
* Enhancement: default-logins/xerox/xerox7-default-login.yaml by mp
* Enhancement: default-logins/xxljob/xxljob-default-login.yaml by mp
* Enhancement: default-logins/zabbix/zabbix-default-login.yaml by mp
* Enhancement: default-logins/zmanda/zmanda-default-login.yaml by mp
* Enhancement: dns/azure-takeover-detection.yaml by mp
* Enhancement: dns/cname-fingerprint.yaml by mp
* Enhancement: dns/cname-service-detection.yaml by mp
* Enhancement: dns/detect-dangling-cname.yaml by mp
* Enhancement: dns/dns-waf-detect.yaml by mp
* Enhancement: default-logins/weblogic/weblogic-weak-login.yaml by mp
* Enhancement: default-logins/xxljob/xxljob-default-login.yaml by mp
* Enhancement: dns/dnssec-detection.yaml by mp
* Enhancement: dns/ec2-detection.yaml by mp
* Add CVSS/CWE
* Trailing space
* Linting error on comment indentation
* Typo
* Enhancement: dns/elasticbeantalk-takeover.yaml by mp
* Enhancement: cves/2020/CVE-2020-23517.yaml by mp
* Enhancement: dns/elasticbeantalk-takeover.yaml by mp
* Enhancement: dns/mx-fingerprint.yaml by mp
* Enhancement: dns/mx-service-detector.yaml by mp
* Enhancement: dns/nameserver-fingerprint.yaml by mp
* Enhancement: dns/ptr-fingerprint.yaml by mp
* Enhancement: dns/servfail-refused-hosts.yaml by mp
* Enhancement: dns/spoofable-spf-records-ptr.yaml by mp
* Enhancement: dns/txt-fingerprint.yaml by mp
* Enhancement: dns/worksites-detection.yaml by mp
* Enhancement: exposed-panels/3g-wireless-gateway.yaml by mp
* Enhancement: exposed-panels/acemanager-login.yaml by mp
* Enhancement: exposed-panels/acrolinx-dashboard.yaml by mp
* Enhancement: dns/mx-fingerprint.yaml by mp
* Enhancement: dns/mx-service-detector.yaml by mp
* Enhancement: dns/ptr-fingerprint.yaml by mp
* Enhancement: dns/servfail-refused-hosts.yaml by mp
* Enhancement: dns/spoofable-spf-records-ptr.yaml by mp
* Enhancement: cves/2021/CVE-2021-39501.yaml by mp
* Enhancement: cves/2021/CVE-2021-40323.yaml by mp
* Enhancement: cves/2021/CVE-2021-40539.yaml by mp
* Enhancement: cves/2021/CVE-2021-40542.yaml by mp
* Enhancement: cves/2021/CVE-2021-40856.yaml by mp
* Enhancement: cves/2021/CVE-2021-40859.yaml by mp
* Enhancement: cves/2021/CVE-2021-40323.yaml by mp
* Enhancement: cves/2021/CVE-2021-40539.yaml by mp
* Enhancement: cves/2010/CVE-2010-1875.yaml by mp
* Enhancement: exposed-panels/aims-password-portal.yaml by mp
* Enhancement: exposed-panels/airflow-panel.yaml by mp
* Enhancement: exposed-panels/akamai-cloudtest.yaml by mp
* Enhancement: exposed-panels/alfresco-detect.yaml by mp
* Enhancement: exposed-panels/alienvault-usm.yaml by mp
* Enhancement: exposed-panels/ambari-exposure.yaml by mp
* Enhancement: exposed-panels/amcrest-login.yaml by mp
* Enhancement: exposed-panels/ametys-admin-login.yaml by mp
* Enhancement: exposed-panels/ametys-admin-login.yaml by mp
* Enhancement: exposed-panels/alienvault-usm.yaml by mp
* Enhancement: exposed-panels/airflow-panel.yaml by mp
* Enhancement: exposed-panels/aims-password-portal.yaml by mp
* Enhancement: exposed-panels/ambari-exposure.yaml by mp
* Enhancement: cnvd/2021/CNVD-2021-17369.yaml by mp
* Enhancement: exposed-panels/apache/public-tomcat-manager.yaml by mp
* Enhancement: exposed-panels/apache/apache-apisix-panel.yaml by mp
* Enhancement: exposed-panels/ansible-tower-exposure.yaml by mp
* Enhancement: exposed-panels/ampps-panel.yaml by mp
* Enhancement: exposed-panels/ampps-admin-panel.yaml by mp
* Enhancement: exposed-panels/ametys-admin-login.yaml by mp
* Enhancement: cves/2010/CVE-2010-1878.yaml by mp
* Fix encoded chars
* trailing space
* Enhancement: cnvd/2021/CNVD-2021-15822.yaml by mp
* Enhancement: cnvd/2021/CNVD-2021-15822.yaml by mp
* Enhancement: cnvd/2021/CNVD-2021-15822.yaml by mp
* Enhancement: exposed-panels/apache/tomcat-pathnormalization.yaml by mp
* Enhancement: cves/2021/CVE-2021-40542.yaml by mp
* Enhancement: misconfiguration/horde-unauthenticated.yaml by mp
* Enhancement: misconfiguration/horde-unauthenticated.yaml by mp
* Enhancement: misconfiguration/horde-unauthenticated.yaml by mp
* Enhancement: cves/2021/CVE-2021-40542.yaml by mp
* Enhancement: exposed-panels/apiman-panel.yaml by mp
* Enhancement: cves/2010/CVE-2010-1873.yaml by mp
* Enhancement: exposed-panels/arcgis/arcgis-panel.yaml by mp
* Enhancement: exposed-panels/arcgis/arcgis-rest-api.yaml by mp
* Enhancement: exposed-panels/argocd-login.yaml by mp
* Enhancement: exposed-panels/atlassian-crowd-panel.yaml by mp
* Enhancement: exposed-panels/atvise-login.yaml by mp
* Enhancement: exposed-panels/avantfax-panel.yaml by mp
* Enhancement: exposed-panels/avatier-password-management.yaml by mp
* Enhancement: exposed-panels/axigen-webadmin.yaml by mp
* Enhancement: exposed-panels/axigen-webmail.yaml by mp
* Enhancement: exposed-panels/azkaban-web-client.yaml by mp
* Enhancement: exposed-panels/acunetix-panel.yaml by mp
* Enhancement: exposed-panels/adiscon-loganalyzer.yaml by mp
* Enhancement: exposed-panels/adminer-panel.yaml by mp
* Enhancement: cves/2010/CVE-2010-1870.yaml by mp
* Enhancement: exposed-panels/adminset-panel.yaml by mp
* Enhancement: exposed-panels/adobe/adobe-component-login.yaml by mp
* Enhancement: exposed-panels/adobe/adobe-connect-central-login.yaml by mp
* Enhancement: exposed-panels/adobe/adobe-experience-manager-login.yaml by mp
* Enhancement: exposed-panels/adobe/adobe-media-server.yaml by mp
* Enhancement: exposed-panels/advance-setup.yaml by mp
* Enhancement: exposed-panels/aerohive-netconfig-ui.yaml by mp
* Enhancement: exposed-panels/aims-password-mgmt-client.yaml by mp
* Enhancement: exposed-panels/aims-password-mgmt-client.yaml by mp
* Enhancement: exposed-panels/aims-password-portal.yaml by mp
* Enhancement: exposed-panels/airflow-panel.yaml by mp
* Enhancement: exposed-panels/airflow-panel.yaml by mp
* spacing issues
* Spacing
* HTML codes improperly interpreted
Relocate horde-unauthenticated.yaml to CVE-2005-3344.yaml
* Relocate horde-unauthenticated.yaml to CVE-2005-3344.yaml
* Enhancement: technologies/waf-detect.yaml by mp
* Enhancement: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml by mp
* Enhancement: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml by mp
* Enhancement: network/sap-router-info-leak.yaml by mp
* Enhancement: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml by mp
* Enhancement: network/sap-router-info-leak.yaml by mp
* Enhancement: network/exposed-adb.yaml by mp
* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp
* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp
* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp
* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp
* Enhancement: vulnerabilities/wordpress/wordpress-woocommerce-sqli.yaml by mp
* Enhancement: exposures/tokens/digitalocean/tugboat-config-exposure.yaml by mp
* Enhancement: exposed-panels/concrete5/concrete5-install.yaml by mp
* Enhancement: vulnerabilities/wordpress/wordpress-infinitewp-auth-bypass.yaml by mp
* indentation issue
* Character encoding issue fix
* Enhancement: default-logins/alibaba/canal-default-login.yaml by mp
* Enhancement: default-logins/alphaweb/alphaweb-default-login.yaml by mp
* Enhancement: default-logins/ambari/ambari-default-login.yaml by mp
* Enhancement: default-logins/apache/airflow-default-login.yaml by mp
* Enhancement: default-logins/apache/apisix-default-login.yaml by mp
* Enhancement: default-logins/apollo/apollo-default-login.yaml by mp
* Enhancement: default-logins/arl/arl-default-login.yaml by mp
* Enhancement: default-logins/digitalrebar/digitalrebar-default-login.yaml by mp
* Enhancement: default-logins/mantisbt/mantisbt-default-credential.yaml by mp
* Enhancement: default-logins/stackstorm/stackstorm-default-login.yaml by mp
* Enhancement: dns/caa-fingerprint.yaml by mp
* Enhancement: exposed-panels/active-admin-exposure.yaml by mp
* Enhancement: exposed-panels/activemq-panel.yaml by mp
* Enhancement: default-logins/ambari/ambari-default-login.yaml by mp
* Restore & stomped by dashboard
* Enhancement: cves/2010/CVE-2010-1653.yaml by mp
* Enhancement: cves/2021/CVE-2021-38751.yaml by mp
* Enhancement: cves/2021/CVE-2021-39320.yaml by mp
* Enhancement: cves/2021/CVE-2021-39322.yaml by mp
* Enhancement: cves/2021/CVE-2021-39327.yaml by mp
* Enhancement: cves/2021/CVE-2021-39350.yaml by mp
* Enhancement: cves/2021/CVE-2021-39433.yaml by mp
* Enhancement: cves/2021/CVE-2021-41192.yaml by mp
* Enhancement: cnvd/2021/CNVD-2021-15824.yaml by mp
* Enhancement: exposed-panels/ansible-semaphore-panel.yaml by mp
* Enhancement: exposed-panels/aviatrix-panel.yaml by mp
* Enhancement: cves/2022/CVE-2022-24288.yaml by mp
* Enhancement: cves/2022/CVE-2022-24990.yaml by mp
* Enhancement: cves/2022/CVE-2022-26159.yaml by mp
* Enhancement: default-logins/aem/aem-default-login.yaml by mp
* Enhancement: exposed-panels/blue-iris-login.yaml by mp
* Enhancement: exposed-panels/bigbluebutton-login.yaml by mp
* Enhancement: cves/2022/CVE-2022-24288.yaml by mp
* Enhancement: cves/2022/CVE-2022-24990.yaml by mp
* Enhancement: cves/2022/CVE-2022-26159.yaml by mp
* Enhancement: default-logins/aem/aem-default-login.yaml by mp
* Spacing issues
Add cve-id field
* fix & stomping
* Enhancement: cves/2016/CVE-2016-1000141.yaml by mp
* Enhancement: cves/2020/CVE-2020-24912.yaml by mp
* Enhancement: cves/2021/CVE-2021-35265.yaml by mp
* Enhancement: cves/2022/CVE-2022-0437.yaml by mp
* Enhancement: cves/2010/CVE-2010-1601.yaml by mp
* Enhancement: technologies/teradici-pcoip.yaml by mp
* Enhancement: vulnerabilities/other/unauth-hoteldruid-panel.yaml by mp
* Enhancement: cves/2010/CVE-2010-1475.yaml by mp
* Enhancement: cves/2010/CVE-2010-1535.yaml by mp
* Enhancement: exposed-panels/epson-web-control-detect.yaml by mp
* Enhancement: exposed-panels/epson-access-detect.yaml by mp
* Enhancement: cves/2020/CVE-2020-29453.yaml by mp
* Fix spacing
Co-authored-by: sullo <sullo@cirt.net>
2022-03-25 17:15:10 +05:30
95d9b7f30c
Merge pull request #3953 from projectdiscovery/regex-update
...
Updated "/etc/passwd" regex to avoid possible false positive results.
2022-03-23 00:23:06 +05:30
ec99241f0e
Updated "/etc/passwd" regex to avoid possible false positive results.
2022-03-22 13:31:31 +05:30
c513d88d0d
Merge branch 'master' into rule-add-v102
2022-03-22 13:23:38 +05:30
66927bff20
Update tekon-info-leak.yaml
2022-03-21 16:36:39 +05:30
218b87a384
removing duplicate template
2022-03-18 21:09:34 +05:30
b17a49d4e4
Create CNVD-2021-28277.yaml ( #3892 )
...
* Create CNVD-2021-28277.yaml
* misc update
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-03-18 20:35:35 +05:30
bb7dbc4f0c
Create tekon-info-leak.yaml
...
A vulnerability in Tekon allows remote unauthenticated users to disclose the Log of the remote device.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-03-18 19:38:44 +09:00
795dbfdecc
Added Kiwi TCMS JSON-RPC misconfig
2022-03-13 17:50:38 +05:30
713c8d87cf
Merge pull request #3877 from projectdiscovery/dixell-xweb500-file-write
...
Create dixell-xweb500-file-write.yaml
2022-03-11 16:34:36 +05:30
5bd8cb0f89
Update and rename dixell-xweb500-file-write.yaml to dixell-xweb500-filewrite.yaml
2022-03-11 16:30:02 +05:30
030c9484b9
Update and rename unisharp-laravel-file-manager.yaml to laravel-filemanager-lfi.yaml
2022-03-11 15:57:07 +05:30
b7cc60c53d
Update dixell-xweb500-file-write.yaml
2022-03-11 02:00:55 +05:30
d7b8f35d9f
Create unisharp-laravel-file-manager.yaml
2022-03-11 02:00:23 +05:30
a5713235f2
Create dixell-xweb500-file-write.yaml
2022-03-11 01:57:31 +05:30
d5556d3a75
Enhancement: default-logins/cobbler/cobbler-default-login.yaml by mp
2022-03-03 08:27:48 -05:00
83d58c326f
Enhancement: vulnerabilities/other/accent-microcomputers-lfi.yaml by mp
2022-03-02 10:11:09 -05:00
3f18fe8d0b
Enhancement: vulnerabilities/other/accent-microcomputers-lfi.yaml by mp
2022-03-02 09:52:59 -05:00
3b031c3693
Enhancement: vulnerabilities/other/74cms-sqli.yaml by mp
2022-03-02 09:43:09 -05:00
a330bb78bb
Merge branch 'master' into dashboard
2022-02-28 17:21:32 -05:00
44a9163e54
Update microweber-xss.yaml
2022-03-01 02:47:11 +05:30
420a995b14
Enhancement: vulnerabilities/other/unauth-spark-api.yaml by cs
2022-02-28 14:17:05 -05:00
1368ea9fe7
Create microweber-xss.yaml
...
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-02-28 16:17:51 +09:00
c07bd54967
payload fix
2022-02-25 17:28:47 +05:30
402cda8a0a
Merge pull request #3747 from Akokonunes/patch-120
...
Create otobo-open-redirect.yaml
2022-02-23 17:35:55 +05:30
b86641d6df
Update and rename otobo-open-redirect.yaml to vulnerabilities/other/otobo-open-redirect.yaml
2022-02-23 17:07:41 +05:30
d5b600a2a1
Merge pull request #3727 from evanRubinsteinIT/pollbot-redirect
...
Added pollbot-redirect
2022-02-22 13:56:25 +05:30
4731194ac2
Update pollbot-redirect.yaml
2022-02-22 12:01:20 +05:30
2fb5401ddb
Update pollbot-redirect.yaml
2022-02-22 11:48:32 +05:30
0672c4dc7d
Update goip-1-lfi.yaml
2022-02-22 11:38:07 +05:30
21a267d106
Updated Template
2022-02-18 10:48:34 -05:00
a536bb5087
Added pollbot-redirect
2022-02-18 10:39:04 -05:00
a2cec40a5d
Create goip-1-lfi.yaml
...
Input passed thru the 'content' or 'sidebar' GET parameter in 'frame.html' or 'frame.A100.html' not properly sanitized before being used to read files. This can be exploited by an unauthenticated attacker to read arbitrary files on the affected system.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-02-18 21:33:17 +09:00
f705c2debd
removing duplicate template
2022-02-15 23:43:06 +05:30
be309f08e0
Update and rename yshaadmin-traversal.yaml to yishaadmin-lfi.yaml
2022-02-15 18:33:24 +05:30
22d14023a7
Update yshaadmin-traversal.yaml
2022-02-14 23:53:28 -05:00
5fcaefe315
Added yshaadmin path traversal vulnerability
2022-02-14 23:48:57 -05:00
b9efa77da3
Merge branch 'projectdiscovery:master' into master
2022-02-14 23:47:10 -05:00
6c6b4e7270
Merge pull request #3700 from Akokonunes/patch-116
...
Create kyocera-rx-ecosys-m2035dn-lfi.yaml
2022-02-15 02:16:54 +05:30
1f1b03ba67
Update and rename kyocera-rx-ecosys-m2035dn-lfi.yaml to vulnerabilities/other/kyocera-m2035dn-lfi.yaml
2022-02-15 02:10:30 +05:30
f8a52f9be2
Update nuuno-network-login.yaml ( #3701 )
...
* Update nuuno-network-login.yaml
* Update panasonic-network-management.yaml
* Update cisco-network-config.yaml
* Update emerson-power-panel.yaml
* Update unifi-network-log4j-rce.yaml
2022-02-14 19:53:51 +05:30
111f7d9a88
Cleanup some dashboard artifacts
2022-02-04 14:02:53 -05:00
439b0ebffc
Enhancement: vulnerabilities/other/zhiyuan-file-upload.yaml by mp
2022-02-04 10:55:39 -05:00
26137cf96f
Enhancement: vulnerabilities/other/zhiyuan-file-upload.yaml by mp
2022-02-04 10:54:04 -05:00
e1b8bf3da2
Update antsword-backdoor.yaml
2022-02-01 01:52:39 +05:30
e5a77aa803
Create antsword-backdoor.yaml
2022-02-01 01:39:46 +05:30
9a8482172d
Remove:
...
- various nonstandard ascii chars in favor of the standard ones (mostly quotes)
- spaces after : in some files
2022-01-25 14:38:53 -05:00
gy741
Prince Chaddha
MostInterestingBotInTheWorld
sandeep
Muhammad Daffa
Evan Rubinstein
sullo