Commit Graph

30 Commits (0fc95d2e7a38f1ce659e6ebf4f220e43225a5cf0)

Author SHA1 Message Date
Prince Chaddha 51b9c42995
Merge pull request #5168 from true13/fix_cve-2018-10271
Fix false postive CVE-2017-10271
2022-09-22 16:16:55 +05:30
Prince Chaddha f7a0aba7fc
Update CVE-2017-10271.yaml 2022-09-22 16:14:21 +05:30
GitHub Action bc21497f99 Auto Generated CVE annotations [Sat Aug 27 04:41:18 UTC 2022] 🤖 2022-08-27 04:41:18 +00:00
true13 77ada532a7 Fix false postive CVE-2017-10271
This commit is to increase accuracy by changing the CVE-2017-10271 scan string from "<faultstring>.*" to "<faultstring>java.lang.ProcessBuilder || <faultstring>0".
2022-08-20 15:21:15 +09:00
Sandeep Singh 92c2c47450
Updated "cisa" tags to "kev" + added tags to new applicable templates (#4871) 2022-07-21 22:48:22 +05:30
MostInterestingBotInTheWorld b883737198
Dashboard Content Enhancements (#4567)
Dashboard Content Enhancements
2022-06-09 16:35:21 -04:00
Prince Chaddha 7ada510859
Fixed possible FPs in open redirect templates (#4544)
* Fixed possible FPs in open redirect templates

We have replaced example.com with interact.sh since few domains redirect to example.com, which results in FP results.

* updated example domain

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-06-06 16:10:15 +05:30
sandeep c0e3b8681f Strict matchers for CVE-2017-10271 2022-06-02 03:58:36 +05:30
Yuzhe-Zhang-0 9d8806582d
added cisa tags to appropriate templates (#4523) 2022-06-02 03:01:44 +05:30
GitHub Action e12748a856 Auto Generated CVE annotations [Thu May 26 15:27:05 UTC 2022] 🤖 2022-05-26 15:27:05 +00:00
ImNightmaree 2ffbddeb6d
Update CVE-2017-10271.yaml (#3468)
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
2022-05-26 20:45:35 +05:30
forgedhallpass 209538baa6 refactor: Description field uniformization
* info field reorder
* reference values refactored to list
* added new lines after the id and before the protocols
* removed extra new lines
* split really long descriptions to multiple lines (part 1)
* other minor fixes
2022-04-22 13:38:41 +03:00
MostInterestingBotInTheWorld 31312b1c19
Dashboard Content Enhancements (#4191)
Dashboard Content Enhancements
2022-04-21 17:16:41 -04:00
MostInterestingBotInTheWorld a24ef794b7
Dashboard Content Enhancements (#4031)
Dashboard Content Enhancements
2022-04-07 09:53:15 -04:00
MostInterestingBotInTheWorld 9b82c296e1
Dashboard Enhancements (#3722)
* Enhancement: cves/2021/CVE-2021-1497.yaml by cs

* Enhancement: cves/2010/CVE-2010-1957.yaml by mp

* Enhancement: cves/2010/CVE-2010-1977.yaml by mp

* Enhancement: cves/2010/CVE-2010-1979.yaml by mp

* Enhancement: cves/2010/CVE-2010-1980.yaml by mp

* Enhancement: cves/2010/CVE-2010-1981.yaml by mp

* Enhancement: cves/2010/CVE-2010-1982.yaml by mp

* Enhancement: cves/2010/CVE-2010-1983.yaml by mp

* Enhancement: cves/2010/CVE-2010-2033.yaml by mp

* Enhancement: cves/2010/CVE-2010-2034.yaml by mp

* Enhancement: cves/2010/CVE-2010-2035.yaml by mp

* Enhancement: cves/2010/CVE-2010-2036.yaml by mp

* Enhancement: cves/2010/CVE-2010-2037.yaml by mp

* Enhancement: cves/2010/CVE-2010-2045.yaml by mp

* Enhancement: cves/2010/CVE-2010-2050.yaml by mp

* Enhancement: cves/2010/CVE-2010-2122.yaml by mp

* Enhancement: cves/2010/CVE-2010-1980.yaml by mp

* Enhancement: cves/2010/CVE-2010-1981.yaml by mp

* Enhancement: cves/2010/CVE-2010-1982.yaml by mp

* Enhancement: cves/2010/CVE-2010-2035.yaml by mp

* Enhancement: cves/2010/CVE-2010-2128.yaml by mp

* Enhancement: cves/2010/CVE-2010-2259.yaml by mp

* Enhancement: cves/2010/CVE-2010-2307.yaml by mp

* Enhancement: cves/2010/CVE-2010-2507.yaml by mp

* Enhancement: cves/2010/CVE-2010-2680.yaml by mp

* Enhancement: cves/2010/CVE-2010-2682.yaml by mp

* Enhancement: cves/2010/CVE-2010-2857.yaml by mp

* Enhancement: cves/2010/CVE-2010-2861.yaml by mp

* Enhancement: cves/2010/CVE-2010-2918.yaml by mp

* Enhancement: cves/2010/CVE-2010-2920.yaml by mp

* Enhancement: cves/2010/CVE-2010-3203.yaml by mp

* Enhancement: cves/2010/CVE-2010-3426.yaml by mp

* Enhancement: cves/2010/CVE-2010-4617.yaml by mp

* Enhancement: cves/2010/CVE-2010-4231.yaml by mp

* Enhancement: cves/2010/CVE-2010-4282.yaml by mp

* Enhancement: cves/2010/CVE-2010-4282.yaml by mp

* Enhancement: cves/2010/CVE-2010-4617.yaml by mp

* Enhancement: cves/2010/CVE-2010-4719.yaml by mp

* Enhancement: cves/2010/CVE-2010-4769.yaml by mp

* Enhancement: cves/2010/CVE-2010-4977.yaml by mp

* Enhancement: cves/2010/CVE-2010-5028.yaml by mp

* Enhancement: cves/2010/CVE-2010-5278.yaml by mp

* Enhancement: cves/2010/CVE-2010-5286.yaml by mp

* Enhancement: cves/2011/CVE-2011-0049.yaml by mp

* Enhancement: cves/2011/CVE-2011-1669.yaml by mp

* Enhancement: cves/2011/CVE-2011-2744.yaml by mp

* Enhancement: cves/2000/CVE-2000-0114.yaml by mp

* Enhancement: cves/2011/CVE-2011-3315.yaml by mp

* Enhancement: cves/2011/CVE-2011-4336.yaml by mp

* Enhancement: cves/2011/CVE-2011-4618.yaml by mp

* Enhancement: cves/2011/CVE-2011-4624.yaml by mp

* Enhancement: cves/2011/CVE-2011-4804.yaml by mp

* Enhancement: cves/2011/CVE-2011-0049.yaml by mp

* Enhancement: cves/2011/CVE-2011-2780.yaml by mp

* Enhancement: cves/2011/CVE-2011-2780.yaml by mp

* Enhancement: cves/2012/CVE-2012-1823.yaml by mp

* Enhancement: cves/2012/CVE-2012-0392.yaml by mp

* Enhancement: cves/2012/CVE-2012-1226.yaml by mp

* Enhancement: cves/2012/CVE-2012-0996.yaml by mp

* Enhancement: cves/2021/CVE-2021-39226.yaml by cs

* Enhancement: cves/2021/CVE-2021-27358.yaml by cs

* Enhancement: cves/2021/CVE-2021-43798.yaml by cs

* Enhancement: cves/2021/CVE-2021-43798.yaml by cs

* Enhancement: cves/2021/CVE-2021-43798.yaml by cs

* Enhancement: cves/2012/CVE-2012-1835.yaml by mp

* Enhancement: cves/2012/CVE-2012-0901.yaml by mp

* Enhancement: cves/2011/CVE-2011-5265.yaml by mp

* Enhancement: cves/2011/CVE-2011-5181.yaml by mp

* Enhancement: cves/2011/CVE-2011-5179.yaml by mp

* Enhancement: cves/2011/CVE-2011-5107.yaml by mp

* Enhancement: cves/2011/CVE-2011-5106.yaml by mp

* Enhancement: cves/2011/CVE-2011-4926.yaml by mp

* Enhancement: cves/2012/CVE-2012-0991.yaml by mp

* Enhancement: cves/2012/CVE-2012-0981.yaml by mp

* Enhancement: cves/2012/CVE-2012-0896.yaml by mp

* Enhancement: cves/2012/CVE-2012-0392.yaml by mp

* Enhancement: cves/2012/CVE-2012-0392.yaml by mp
Fix "too few spaces before comment" lint errors
Co-authored-by: sullo <sullo@cirt.net>
2022-02-21 13:33:16 -05:00
sandeep 8eb67ca3f7 additional matcher 2021-11-05 04:48:10 +05:30
ImNightmaree 2fc9a1f850
Updates CVE-2017-10271
Partially resolves #609 - not all machines have HTTP connectivity, nslookup is native to Windows and Linux, and a good alternative.
2021-11-04 13:44:56 +00:00
sandeep 33badb66d1 oob tags update 2021-10-19 02:10:26 +05:30
sandeep 0436e97c0e payload update to work on both platform 2021-09-12 18:32:24 +05:30
Ice3man543 e9f728c321 Added cve annotations + severity adjustments 2021-09-10 16:56:40 +05:30
sandeep 609705f676 removed extra headers not required for template 2021-09-08 17:47:19 +05:30
forgedhallpass 77103bc629 Satisfying the linter (all errors and warnings)
* whitespace modifications only
2021-08-19 17:44:46 +03:00
forgedhallpass 0b432b341b Added comments with URLs under the "references" field
Related nuclei tickets:
* #259 - dynamic key-value field support for template information
* #940 - new infos in template
* #834
* RES-84
2021-08-19 16:15:35 +03:00
sandeep 6ccc5f8792 matcher update to handle edge cases 2021-07-25 03:05:55 +05:30
PD-Team 00d26c0608
Added tags to cves 😎 (#813)
* Added tags to cves 😎
2021-02-06 01:14:41 +05:30
PD-Team 048160aaec Update CVE-2017-10271.yaml 2021-02-05 01:18:05 +05:30
PD-Team 32506f90e8 Update CVE-2017-10271.yaml 2021-02-05 01:14:43 +05:30
PD-Team a8a5a8c4c0 updated poc 2021-02-05 01:13:23 +05:30
PD-Team dd76ae4c97 Update CVE-2017-10271.yaml 2021-02-04 14:33:17 +05:30
drset 7a21babcd4 Added template CVE-2017-10271 for Weblogic. Added Weblogic workflow. 2021-02-02 21:48:46 -03:00