Commit Graph

287 Commits (0e9455701775cc8767b630399c484cdb232d5f4b)

Author SHA1 Message Date
Prince Chaddha f420bb6052
Update and rename CVE-2019-18922.yaml to cves/2019/CVE-2019-18922.yaml 2021-11-16 15:11:16 +05:30
sandeep 4f88a66890 misc update 2021-11-15 23:05:21 +05:30
Prince Chaddha 7566a563cd
Update CVE-2019-19824.yaml 2021-11-15 17:11:47 +05:30
GwanYeong Kim 451366d33e Create CVE-2019-19824.yaml
On certain TOTOLINK Realtek SDK based routers, an authenticated attacker may execute arbitrary OS commands via the sysCmd parameter to the boafrm/formSysCmd URI, even if the GUI (syscmd.htm) is not available. This allows for full control over the device's internals. This affects A3002RU through 2.0.0, A702R through 2.1.3, N301RT through 2.1.6, N302R through 3.4.0, N300RT through 3.4.0, N200RE through 4.0.0, N150RT through 3.4.0, and N100RE through 3.4.0.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-11-14 13:17:27 +09:00
sandeep b2aa8f9f5b misc updates 2021-11-13 23:01:53 +05:30
GitHub Action 19f522f9e5 Auto Generated CVE annotations [Sat Nov 13 14:29:44 UTC 2021] 🤖 2021-11-13 14:29:44 +00:00
sandeep 2809a60004 Added Pre-authenticated SQL injection in GLPI <= 9.3.3 (CVE-2019-10232) 2021-11-13 19:56:16 +05:30
GitHub Action 33fccd20b3 Auto Generated CVE annotations [Tue Nov 9 16:55:13 UTC 2021] 🤖 2021-11-09 16:55:13 +00:00
Prince Chaddha 23b9517674
Update CVE-2019-1821.yaml 2021-11-08 12:54:34 +05:30
Prince Chaddha bde7d5243b
Update CVE-2019-1821.yaml 2021-11-08 12:45:04 +05:30
Prince Chaddha 57b4425e52
Create CVE-2019-1821.yaml 2021-11-06 20:34:10 +05:30
GitHub Action 21cf51bea9 Auto Generated CVE annotations [Sat Nov 6 10:59:41 UTC 2021] 🤖 2021-11-06 10:59:41 +00:00
sandeep ce2212b6d4 Added CVE-2019-2579 2021-11-06 16:10:58 +05:30
GitHub Action 6f0c6a043b Auto Generated CVE annotations [Sat Nov 6 08:18:29 UTC 2021] 🤖 2021-11-06 08:18:29 +00:00
Sandeep Singh 4b3172c754
Merge pull request #3091 from Leovalcante/cve-2019-2578
create check for cve-2019-2578
2021-11-06 13:46:53 +05:30
sandeep e4cda81745 misc updates 2021-11-06 13:41:08 +05:30
Valerio Preti 41464ac737 create check for cve-2019-2578 2021-11-06 01:24:41 +01:00
GitHub Action c7baa07310 Auto Generated CVE annotations [Fri Nov 5 15:44:13 UTC 2021] 🤖 2021-11-05 15:44:13 +00:00
Prince Chaddha eef71d5cb8
Update CVE-2019-3929.yaml 2021-11-05 21:07:40 +05:30
Prince Chaddha 3c7d239415
Update CVE-2019-3929.yaml 2021-11-05 20:59:47 +05:30
Prince Chaddha 626b97e368
Create CVE-2019-3929.yaml 2021-11-05 20:58:18 +05:30
Prince Chaddha 95b6237e37
Update and rename CVE-2019-16123.yaml to cves/2019/CVE-2019-16123.yaml 2021-11-01 14:28:28 +05:30
sandeep 41be58c633 misc update 2021-10-22 15:09:15 +05:30
Sandeep Singh a21cec6362
Merge pull request #2844 from projectdiscovery/more-fixes
Changes to adopt v2.5.3 engine
2021-10-21 07:21:20 +05:30
Sandeep Singh df54ed28f7
Merge pull request #2942 from projectdiscovery/CVE-2019-2729
Added CVE-2019-2729 (Oracle WebLogic  RCE)
2021-10-21 05:42:29 +05:30
sandeep 323da341b2 Added CVE-2019-2729 (Oracle WebLogic RCE) 2021-10-21 05:37:30 +05:30
sandeep 33badb66d1 oob tags update 2021-10-19 02:10:26 +05:30
sandeep a614391d3f Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into more-fixes 2021-10-18 03:14:44 +05:30
Philippe Delteil 794dfb0bbe
Update CVE-2019-6340.yaml
Solves cases when the source code contains only uid= and gid=  (e.g. https://account.mail.ru)

``nuclei -debug -t ~/nuclei-templates/cves/2019/CVE-2019-6340.yaml -u https://account.mail.ru``
2021-10-15 04:01:39 -03:00
Sandeep Singh 9273a765c0
Merge branch 'master' into more-fixes 2021-10-13 13:48:52 +05:30
sandeep 5072932509 more updates 2021-10-10 06:43:30 +05:30
sandeep 1bdafa4474 Added missing condition for CVE-2019-18818 2021-10-08 19:28:24 +05:30
Sullo c9a374bed5 renamed: simple-employee-rce.yaml -> ../../cves/2019/CVE-2019-20183.yaml 2021-09-30 13:06:46 -04:00
Sullo 3878138bfe * Added Host headers where needed (validated via disclosures/posts)
* Added CVE simple-employee-rce.yaml
2021-09-30 12:52:05 -04:00
sandeep 1c613882f8 Added missing cve tags 2021-09-21 16:17:16 +05:30
sandeep ff1537d7da fixing tags typos 2021-09-21 15:43:08 +05:30
Sandeep Singh 0f03f5ff55
Merge pull request #2692 from projectdiscovery/metadata-attribute-update 2021-09-18 18:19:07 +05:30
GitHub Action 0dd6d4a6b4 Auto Generated CVE annotations [Thu Sep 16 16:58:29 UTC 2021] 🤖 2021-09-16 16:58:29 +00:00
Prince Chaddha cc9b5ea32e
Merge pull request #2678 from pikpikcu/patch-279
Create CVE-2019-13392.yaml
2021-09-16 22:27:05 +05:30
Prince Chaddha 4984b42e66
Update CVE-2019-7543.yaml 2021-09-16 21:28:19 +05:30
sandeep 676b51d20c Metadata attribute update 2021-09-16 21:24:33 +05:30
PikPikcU df64158ca6
Create CVE-2019-7543.yaml 2021-09-16 10:35:05 +07:00
Prince Chaddha 9e090c8098
Update CVE-2019-13392.yaml 2021-09-15 17:32:32 +05:30
PikPikcU bc6470a65a
Create CVE-2019-13392.yaml 2021-09-15 14:10:34 +07:00
Ice3man543 e9f728c321 Added cve annotations + severity adjustments 2021-09-10 16:56:40 +05:30
sandeep 609705f676 removed extra headers not required for template 2021-09-08 17:47:19 +05:30
Prince Chaddha ed33f5172f
Merge pull request #2581 from Akokonunes/patch-30
Create CVE-2019-11013.yaml
2021-09-06 17:29:15 +05:30
Prince Chaddha 6563f9be81
Update CVE-2019-11013.yaml 2021-09-06 16:56:14 +05:30
Prince Chaddha f6e52a6739
Merge pull request #2585 from sullo/master
Updates across many templates for clarity, spelling, and grammar.
2021-09-06 15:02:52 +05:30
Prince Chaddha 861af1bdc8
Update and rename CVE-2019-7275.yaml to cves/2019/CVE-2019-7275.yaml 2021-09-06 14:39:22 +05:30