Commit Graph

120 Commits (09df55940cc468491d0abcf77026d858f15b77e4)

Author SHA1 Message Date
dw1 56e21957a3 🔨 Update payload & matchers - CVE-2020-7961 2020-07-04 22:55:40 +07:00
dw1 fc3bc06f65 🔥 Add SEOmatic SSTI (CVE-2020-9757) 2020-07-04 00:56:51 +07:00
dw1 53a9952dc7 🔥 Add Citrix ShareFile StorageZones Unauthenticated Arbitrary File Read (CVE-2020-8982) 2020-07-04 00:56:16 +07:00
dw1 b427cfc641 🔥 TYPO3 XSS (CVE-2020-8091) 2020-07-04 00:55:17 +07:00
dw1 919d657c41 🔥 Add Liferay Portal Unauthenticated RCE (CVE-2020-8982) 2020-07-04 00:54:34 +07:00
dw1 5756349c14 Add Apache Tomcat RCE by deserialization - CVE-2020-9484 2020-07-03 12:39:02 +07:00
dw1 caf833c28e 🔧 Fix for false-positive CVE-2018-16341 results 2020-07-02 17:45:29 +07:00
bauthard 14494ba4d3
Update CVE-2019-8449.yaml 2020-07-02 15:36:11 +05:30
bauthard 906e6e918d
Update CVE-2017-7529.yaml 2020-06-30 16:54:48 +05:30
Harsh Bothra dbaa71a763
Create CVE-2017-7529.yaml
Remote Integer Overflow in Nginx allows an attacker to extract sensitive information from memory buffer by triggering specially crafted requests.
2020-06-30 16:44:33 +05:30
bauthard 2f59c74b28
Update CVE-2019-8449.yaml 2020-06-30 16:31:20 +05:30
bauthard fc95489690
Update CVE-2019-8449.yaml 2020-06-30 16:13:35 +05:30
Harsh Bothra d6027b67d2
Create CVE-2019-8449.yaml
CVE-2019-8449 which allows an Unauthenticated Attacker to enumerate all the users and their information such as Username, Avatars, Emails, Keys, etc.
Reference - https://www.doyler.net/security-not-included/more-jira-enumeration
2020-06-30 16:06:15 +05:30
bauthard ba30333045
updating trailing space 2020-06-30 15:55:45 +05:30
Harsh Bothra 53a47cc1bc
Create CVE-2018-11409.yaml
CVE-2018-11409  allows an unauthenticated user to get sensitive information such as license key from a Splunk instance by appending /__raw/services/server/info/server-info?output_mode=json to a query.
2020-06-30 15:49:43 +05:30
bauthard b9ea4ecaf3
Update CVE-2020-12720.yaml 2020-06-30 02:04:13 +05:30
bauthard c718848a88
Update CVE-2020-8512.yaml 2020-06-30 01:59:13 +05:30
bauthard 01378933c6
Update CVE-2020-12720.yaml 2020-06-29 19:25:45 +05:30
bauthard 75e2166cc5
updating CVE-2020-12720 2020-06-29 19:24:56 +05:30
bauthard 084a745600 added CVE-2020-8512 2020-06-26 09:14:54 +05:30
bauthard 2d56871bd0
Update CVE-2019-3799.yaml 2020-06-23 03:22:51 +05:30
bauthard 2d8efb04ba
Update CVE-2018-20824.yaml 2020-06-23 03:21:54 +05:30
bauthard d8a79274ae
Update CVE-2018-19439.yaml 2020-06-23 03:17:00 +05:30
bauthard b7103a2197 Pushing newly added cves 2020-06-22 19:05:37 +05:30
bauthard 32d9373273
adding more path with recent PR 2020-06-22 03:50:29 +05:30
bauthard 3b3ab42984
Merge pull request #144 from maverickNerd/master
Add directory traversal CVE-2020-5410 affecting Spring Cloud Config
2020-06-18 16:48:30 +05:30
Sachin Grover 68450463c2 Add directory traversal CVE-2020-5410 affecting Spring Cloud Config Server 2020-06-18 10:16:29 +00:00
bauthard 48e9534630
Removing CVE-2020-7473
I will try to find a more stable syntax and will add it again.
2020-06-18 00:00:00 +05:30
Sachin Grover fea47dd3f5 Add CVE-2018-1000129 and version detection is enabled for port 8080 also 2020-06-17 09:18:49 +00:00
Aditya Soni d72794b4d8
Create CVE-2018-1271.yaml 2020-06-03 06:23:25 +05:30
Fabian Affolter d3b7f6b54c
Update syntax 2020-05-25 09:49:06 +02:00
bauthard 5d5647b05e updated CVE-2019-5418 2020-05-24 03:55:32 +00:00
bauthard 999fbd9daf
updating severity 2020-05-24 09:20:13 +05:30
Andrea c0bf01de1a improve wp cve admin 2020-05-23 10:09:09 +02:00
Andrea 4132f3d7af Merge remote-tracking branch 'upstream/master' 2020-05-23 10:08:02 +02:00
bauthard 7a6e1d181b
added CVE-2020-12720 vBulletin SQLI 2020-05-22 03:24:16 +05:30
bauthard 4a33940a37
Added CVE-2020-12720 vBulletin SQLI 2020-05-22 03:17:20 +05:30
Regala 03e957b0df
Update CVE-2020-7473.yaml 2020-05-19 13:55:49 +01:00
Regala a2433d86a4
Update CVE-2020-7473.yaml
Updated to support 2xx and 3xx status code, as well as accepting redirects just in case.
2020-05-19 11:45:31 +01:00
Regala 5316f5dbcc
Update CVE-2020-7473.yaml
This is to avoid false positives. I think it would be better to only match 2xx and 3xx status code (don't know if nuclei supports this terminology)
2020-05-18 11:14:04 +01:00
bauthard 601b3c086d
Merge pull request #87 from 73735/front-page-misconfig.yaml
Add front-page-misconfig.yaml
2020-05-16 15:38:39 +05:30
João Teles 7a37488076
Update CVE-2020-7473.yaml
Ready guys. Now the template will check for size. I didn't implement the "HEAD" method because the nuclei is not supported.
2020-05-15 20:59:23 -03:00
Nadino92 7b88d4258e adding 2 cves and crxde 2020-05-14 19:54:02 +02:00
bauthard 0d5b682e94 updating cve names 2020-05-08 18:40:02 +00:00
Andrea fc797a94e1 fix crash for {{ 2020-05-08 18:31:59 +02:00
Michael Blake 339ac74114 Prevent false-positives for CVE-2019-19368 2020-05-07 21:47:47 -07:00
Michael Blake fe2efe6124 CVE-2019-14974 check and severity update 2020-05-07 21:45:25 -07:00
Joao Teles d22d0745d2 Add CVE-2020-7473.yaml 2020-05-07 10:15:25 -03:00
organiccrap 413c126c29 pending pull 2020-04-22 14:42:01 +08:00
Prince Chaddha dc58dc9f0d
Update CVE-2018-1247.yaml 2020-04-20 17:49:55 +05:30