4f92a44481
Update CVE-2012-0901.yaml
2021-07-14 18:48:09 +05:30
79881e5a53
Update CVE-2011-5265.yaml
2021-07-14 18:47:04 +05:30
81186887f0
Merge pull request #1980 from daffainfo/patch-39
...
Create CVE-2011-5181.yaml
2021-07-14 18:45:58 +05:30
7f210b692a
Update CVE-2011-5265.yaml
2021-07-14 18:45:47 +05:30
aedb24576f
Merge pull request #1979 from daffainfo/patch-38
...
Create CVE-2011-5179.yaml
2021-07-14 18:40:12 +05:30
42395f3cf0
Update CVE-2011-5181.yaml
2021-07-14 18:40:07 +05:30
0dc763a5e2
Merge pull request #1978 from daffainfo/patch-37
...
Create CVE-2011-5107.yaml
2021-07-14 18:39:18 +05:30
31c69d6a53
Update CVE-2011-5179.yaml
2021-07-14 18:39:10 +05:30
b24958c966
Update CVE-2011-5107.yaml
2021-07-14 18:38:27 +05:30
49b8f5dced
Merge pull request #1976 from daffainfo/patch-35
...
Create CVE-2011-4926.yaml
2021-07-14 18:37:31 +05:30
4530f816e7
Update CVE-2011-4618.yaml
2021-07-14 18:37:19 +05:30
aa49f5249c
Merge pull request #1975 from daffainfo/patch-34
...
Create CVE-2011-4624.yaml
2021-07-14 18:36:28 +05:30
2f3470ca1f
Update CVE-2011-4926.yaml
2021-07-14 18:36:19 +05:30
f63f825283
Create CVE-2015-1000012.yaml
2021-07-14 18:10:41 +07:00
08e3f1af84
Create CVE-2016-10956.yaml
2021-07-14 18:03:54 +07:00
74c4f507b5
Update CVE-2011-4624.yaml
2021-07-14 16:20:22 +05:30
f7259df034
typo update
2021-07-14 15:38:56 +05:30
fc35b4c56d
Update CVE-2017-5487.yaml
...
Fixes #1985
2021-07-13 18:58:52 +00:00
e2221a68f6
Create CVE-2012-5913.yaml
2021-07-14 00:15:23 +07:00
660d2341fb
Create CVE-2012-2371.yaml
2021-07-14 00:14:36 +07:00
a64856f005
Create CVE-2012-0901.yaml
2021-07-14 00:13:20 +07:00
52712e1738
Create CVE-2011-5265.yaml
2021-07-14 00:12:07 +07:00
2171814982
Update CVE-2011-5181.yaml
2021-07-14 00:10:26 +07:00
cdc64106ad
Create CVE-2011-5181.yaml
2021-07-14 00:08:59 +07:00
a6ec5edc8d
Create CVE-2011-5179.yaml
2021-07-14 00:07:06 +07:00
206ed76058
Create CVE-2011-5107.yaml
2021-07-14 00:05:34 +07:00
7b1fb46547
Create CVE-2011-4618.yaml
2021-07-14 00:03:30 +07:00
a165adadae
Create CVE-2011-4926.yaml
2021-07-13 23:44:37 +07:00
4946a5d8a7
Create CVE-2011-4624.yaml
2021-07-13 23:42:57 +07:00
b6ec1c2abb
Added reference
2021-07-13 19:22:59 +05:30
b4e21feadd
Rename cve-2021-24472.yaml to CVE-2021-24472.yaml
2021-07-13 19:21:21 +05:30
6d6b30e9cf
matcher update
2021-07-13 19:20:10 +05:30
0871ccb042
Create CVE-2013-4625.yaml
2021-07-13 20:48:19 +07:00
f29b55b6cc
Create CVE-2013-4117.yaml
2021-07-13 20:45:32 +07:00
9aeac41fbc
Onair2 < 3.9.9.2 & KenthaRadio < 2.0.2 - Unauthenticated RFI and SSRF
2021-07-13 18:42:05 +05:30
51834499f8
Merge pull request #1944 from daffainfo/patch-23
...
Create CVE-2012-4242.yaml
2021-07-13 16:45:39 +05:30
858a6b48de
Merge pull request #1946 from daffainfo/patch-25
...
Create CVE-2013-2287.yaml
2021-07-13 16:43:05 +05:30
9a09d52520
Merge pull request #1951 from gy741/rule-add-v22
...
Create CVE-2021-33544.yaml
2021-07-13 16:30:44 +05:30
43d4644164
Update CVE-2021-33544.yaml
2021-07-13 16:29:55 +05:30
bb53177a74
Update CVE-2021-33544.yaml
2021-07-13 16:26:33 +05:30
8c4f1dfe43
Merge pull request #1954 from Akokonunes/patch-18
...
Create CVE-2015-7823
2021-07-13 15:06:48 +05:30
dfd9a2592b
moving files around
2021-07-13 15:04:42 +05:30
89e1a8da93
Merge pull request #1962 from dwisiswant0/hotfix/CVE-2020-24148
2021-07-13 05:01:01 +05:30
a91516cbb5
Misplaced of CVE-2020-24148
2021-07-13 05:24:03 +07:00
e23f378fe8
Merge pull request #1943 from gy741/rule-add-v21
...
Create CVE-2021-30497.yaml
2021-07-13 01:00:59 +05:30
dec41b5631
Merge pull request #1950 from dwisiswant0/add/CVE-2020-24148
...
Add CVE-2020-24148
2021-07-13 00:52:08 +05:30
0e1e727bb1
Create CVE-2021-33544.yaml
...
Multiple vulnerabilities in the web-based management interface of Geutebruck could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device.
CVE-2021-33543 : Authentication Bypass
CVE-2021-33544 : Command injection multiple parameters
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-12 13:10:31 +09:00
4ea2c71a3d
Add CVE-2020-24148
2021-07-12 09:24:50 +07:00
9788955ebd
Create CVE-2013-2287.yaml
2021-07-11 17:18:20 +07:00
21195f9f0e
Create CVE-2012-4242.yaml
2021-07-11 17:06:48 +07:00
c0f5105dcf
Create CVE-2021-30497.yaml
...
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-11 18:31:18 +09:00
25dcb930ad
Added CVE-2021-29156
2021-07-11 14:39:41 +05:30
3bbcb23cd0
Severity update as this directly doesn't pose any risk.
2021-07-11 13:39:21 +05:30
f1690ec51b
Create CVE-2012-4768.yaml
2021-07-11 13:33:29 +07:00
aa63d1afb7
Merge pull request #1925 from daffainfo/patch-10
...
Create CVE-2020-29395.yaml
2021-07-11 10:25:06 +05:30
bca05d61d6
Merge pull request #1926 from daffainfo/patch-11
...
Create CVE-2019-14470.yaml
2021-07-11 10:15:11 +05:30
7f0f8beff2
Update CVE-2020-29395.yaml
2021-07-11 10:14:56 +05:30
7c19ca873d
Update CVE-2019-14470.yaml
2021-07-11 10:12:41 +05:30
7c0c5033e9
Update CVE-2019-14470.yaml
2021-07-11 10:11:11 +05:30
a3c2fdee36
Merge pull request #1928 from daffainfo/patch-13
...
Create CVE-2019-15889.yaml
2021-07-11 10:09:58 +05:30
0bae5e975e
Update CVE-2019-15889.yaml
2021-07-11 10:09:51 +05:30
70930af523
Merge pull request #1929 from daffainfo/patch-14
...
Create CVE-2014-9094.yaml
2021-07-11 10:09:00 +05:30
a04341ae20
Update CVE-2014-9094.yaml
2021-07-11 10:08:53 +05:30
92e1a5feeb
Update CVE-2013-3526.yaml
2021-07-11 10:05:10 +05:30
53c2c47099
Create CVE-2013-3526.yaml
2021-07-11 09:00:15 +07:00
4773149878
Create CVE-2014-9094.yaml
2021-07-11 08:43:01 +07:00
009e68c627
Create CVE-2019-15889.yaml
2021-07-11 08:20:03 +07:00
4889efb117
Create CVE-2019-14470.yaml
2021-07-11 08:06:14 +07:00
da45bdf0ef
Create CVE-2020-29395.yaml
2021-07-11 07:58:31 +07:00
01ae482fe8
Added CVE-2021-34621
2021-07-10 22:31:08 +05:30
97023903a0
Merge pull request #1918 from gy741/rule-add-v19
...
Create Hongdian Vulnerability
2021-07-10 21:24:56 +05:30
5ca472b43e
Merge pull request #1880 from gy741/rule-add-v13
...
Create CVE-2021-1497.yaml
2021-07-10 20:55:14 +05:30
1cd29628aa
more reference
2021-07-10 20:54:04 +05:30
7f37050361
Added HTTP check
2021-07-10 20:53:23 +05:30
dd9e85a29c
Added missing condition
2021-07-10 20:47:20 +05:30
1e8aa5288f
Update CVE-2021-1497.yaml
2021-07-10 20:45:00 +05:30
767f173f88
minor updates
2021-07-10 18:45:09 +05:30
3bf1c929ed
Create Hongdian Vulnerability
...
CVE-2021-28149 : Hongdian H8922 3.0.5 devices allow Directory Traversal. The /log_download.cgi log export handler does not validate user input and allows a remote attacker with minimal privileges to download any file from the device by substituting ../ (e.g., ../../etc/passwd) This can be carried out with a web browser by changing the file name accordingly. Upon visiting log_download.cgi?type=../../etc/passwd and logging in, the web server will allow a download of the contents of the /etc/passwd file.
CVE-2021-28150 : Hongdian H8922 3.0.5 devices allow the unprivileged guest user to read cli.conf (with the administrator password and other sensitive data) via /backup2.cgi.
CVE-2021-28151 : Hongdian H8922 3.0.5 devices allow OS command injection via shell metacharacters into the ip-address (aka Destination) field to the tools.cgi ping command, which is accessible with the username guest and password guest.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-10 21:16:35 +09:00
c2f87a94c6
Added complete RCE chain
2021-07-10 13:42:09 +05:30
bff63b673d
Merge pull request #1896 from geeknik/patch-109
...
Create CVE-2017-16806.yaml
2021-07-07 18:40:15 +05:30
5d034716ac
Merge pull request #1895 from geeknik/patch-108
...
Create CVE-2015-6477.yaml
2021-07-07 18:37:48 +05:30
6963c0d669
Update CVE-2015-6477.yaml
2021-07-07 18:37:21 +05:30
36a13094ef
Merge pull request #1894 from geeknik/patch-105
...
Create CVE-2009-4223.yaml
2021-07-07 18:35:27 +05:30
d5cbcec079
Update CVE-2021-22214.yaml
...
dns interaction doesn't prove exploitability
2021-07-07 03:50:13 +00:00
c8ba8e13ce
Create CVE-2017-16806.yaml
2021-07-06 19:50:32 +00:00
6874823632
Create CVE-2015-6477.yaml
2021-07-06 19:47:44 +00:00
1fba6ae882
Create CVE-2009-4223.yaml
2021-07-06 19:44:02 +00:00
deab6ba62c
Merge pull request #1887 from skar4444/nrouter
...
CVE-2016-5649 - Netgear Router - Admin Password Disclosure
2021-07-06 21:36:01 +05:30
5a818f62b8
name and template update
2021-07-06 21:34:28 +05:30
2aa91bbf24
Rename cve-2021-24387.yaml to CVE-2021-24387.yaml
2021-07-06 20:29:47 +05:30
78617f6012
Real Estate 7 WordPress Theme < 3.1.1 - Unauthenticated Reflected XSS
2021-07-06 19:51:53 +05:30
6dd96ede94
Added additional reference
2021-07-06 12:12:09 +05:30
fc68a95803
Template Name/ID update as per assigned CVE
2021-07-06 12:07:53 +05:30
71dd0de29d
Create CVE-2021-1497.yaml
...
Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow an unauthenticated, remote attacker to perform command injection attacks against an affected device.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-06 09:30:13 +09:00
36a0918092
fixes
2021-07-04 16:02:51 +05:30
13a5215bda
Update CVE-2017-9841.yaml
2021-07-04 15:50:15 +05:30
35a8d999cb
strict matchers
2021-07-04 01:05:05 +05:30
b137eb57d3
More edge cases
...
Only looking for DNS interaction is not reliable as few servers make DNS requests for host included in path or query parameter.
2021-07-04 00:41:57 +05:30
acebe227a1
Update CVE-2019-13101.yaml
2021-07-04 00:12:01 +05:30
9e9954cbab
strict matchers
2021-07-04 00:07:30 +05:30
f249af535a
Update CVE-2019-13101.yaml
...
iot tag added
2021-07-03 17:55:11 +05:30
e20298b4d3
D-Link DIR-600M Router - Authentication Bypass
2021-07-03 05:50:40 +05:30
52e0c861a1
Merge pull request #1733 from milo2012/master
...
Added CVE-2018-1000130/ CVE-2018-2628/ CVE-2018-2628/ CVE-2019-3401/ CVE-2020-1938/ oracle-bi-default-login/ jolokia-heap-disclosure
2021-07-02 18:27:45 +05:30
e2a0f93f79
misc updates
2021-07-02 18:24:31 +05:30
16da6c9980
strict matchers
2021-07-02 18:20:58 +05:30
56ccb9f3a4
Merge pull request #1822 from Akokonunes/patch-13
...
Create CVE-2021-24210.yaml
2021-07-01 00:00:03 +05:30
f44c3e597f
Update and rename CVE-2021-24210.yaml to cves/2021/CVE-2021-24210.yaml
2021-06-30 23:45:27 +05:30
87a1d1acce
Merge pull request #1823 from Akokonunes/patch-14
...
Create CVE-2021-24406.yaml
2021-06-30 23:44:03 +05:30
6a6607c282
Update and rename CVE-2021-24406.yaml to cves/2021/CVE-2021-24406.yaml
2021-06-30 23:43:06 +05:30
3802723219
Update CVE-2013-3827.yaml
2021-06-30 23:39:47 +05:30
dbcdbe907e
Merge pull request #1797 from Mad-robot/patch-2
...
Create CVE-2021-29203.yaml
2021-06-30 21:27:35 +05:30
2d63ddfa20
minor update
2021-06-30 21:27:06 +05:30
3602eebf6c
Merge pull request #1780 from wwilson83H3/master
...
The default request never flagged druid in my env. Replaced with MSF …
2021-06-30 20:32:14 +05:30
d1f47657a9
Update CVE-2021-25646.yaml
2021-06-30 20:31:15 +05:30
cfcb739fbc
more changes
2021-06-30 20:28:41 +05:30
cc56986b92
Merge pull request #1820 from pikpikcu/patch-190
...
Update CVE-2018-13380.yaml
2021-06-30 19:52:53 +05:30
8490fe60ca
Add CVE-2017-9822.yaml - DotNetNuke Cookie Deserialization Remote Code Execution (RCE)
2021-06-30 19:35:01 +08:00
b7d1d4771b
Merge branch 'master' of https://github.com/milo2012/nuclei-templates into master
2021-06-30 19:33:31 +08:00
f78452e808
Add CVE-2017-9822.yaml - DotNetNuke Cookie Deserialization Remote Code Execution (RCE)
2021-06-30 19:32:59 +08:00
9d8f8f8589
Create CVE-2013-3827.yaml
2021-06-30 11:50:41 +01:00
b3c580d290
Update CVE-2018-8715.yaml
2021-06-30 15:34:58 +05:30
1afa102620
Add CVE-2018-8715.yaml - AppWeb authentication bypass
2021-06-30 16:30:56 +08:00
96fc7bb341
more strict matchers
2021-06-30 03:26:01 +05:30
498586e854
Added additional matcher and full exploit chain details
2021-06-30 03:01:13 +05:30
8b0b2a169d
Update CVE-2021-35464.yaml
2021-06-29 18:02:33 +05:30
2d4c8cb434
Create CVE-2021-35464.yaml
2021-06-29 17:26:37 +05:30
2d826f3391
More edge cases
2021-06-29 12:41:19 +05:30
8ae56492d8
Update CVE-2021-29203.yaml
2021-06-29 10:13:41 +05:30
dcbaaf31ac
Merge pull request #1775 from pikpikcu/patch-186
...
Create CVE-2017-12794.yaml
2021-06-29 10:08:13 +05:30
b46dc119e7
Update CVE-2017-12794.yaml
2021-06-29 10:07:07 +05:30
54f40d8f2c
Update CVE-2018-13380.yaml
2021-06-29 02:17:42 +00:00
40bb93faff
Merge pull request #1773 from pikpikcu/patch-184
...
Create CVE-2020-3580.yaml
2021-06-28 21:44:36 +05:30
40782db039
Merge pull request #1771 from gy741/rule-add-v7
...
Create CVE-2021-3223.yaml
2021-06-28 21:43:59 +05:30
b97811a143
Update CVE-2021-3223.yaml
2021-06-28 21:43:04 +05:30
bce647b441
Added CVE-2015-8813
2021-06-28 17:14:03 +05:30
cb5c53aef3
Create CVE-2021-29203.yaml
2021-06-26 13:40:30 +05:30
bae4998f81
Merge pull request #1766 from gy741/rule-add-v6
...
Create CVE-2021-21234.yaml
2021-06-25 16:50:36 +05:30
2d40d90715
Update CVE-2021-21234.yaml
2021-06-25 12:53:22 +05:30
dd98451110
Update CVE-2018-16299.yaml
2021-06-25 12:45:04 +05:30
fca70dd2c7
Update and rename CVE-2018-16299.yaml to cves/2018/CVE-2018-16299.yaml
2021-06-25 12:43:55 +05:30
d1e4b5c510
minor updates
2021-06-25 10:51:00 +05:30
95b34330ed
Add CVE-2018-2893.yaml - Oracle WebLogic Server Deserialization RCE
2021-06-25 03:41:02 +08:00
4e888bf3e2
Add CVE-2018-2893.yaml - Oracle WebLogic Server Deserialization RCE
2021-06-25 03:38:53 +08:00
7db13c6bce
Duplicate template
2021-06-25 00:08:05 +05:30
426abedcfa
severity updates as per CVE database
2021-06-25 00:05:59 +05:30
e4e8e6e148
Merge pull request #1776 from pikpikcu/patch-187
...
Create CVE-2021-28169.yaml
2021-06-25 00:02:51 +05:30
a736120dc0
minor updates
2021-06-25 00:02:05 +05:30
e84c784fa2
Merge pull request #1689 from nrathaus/master
...
CVE-2021-28164 and some fixes
2021-06-24 23:58:29 +05:30
a9a161f8c6
Update CVE-2021-28164.yaml
2021-06-24 23:56:33 +05:30
809668943f
minor changes
2021-06-24 23:54:29 +05:30
16e5ad7fad
The default request never flagged druid in my env. Replaced with MSF request and it flags everytime now
2021-06-24 13:37:45 -04:00
b97d012636
Create CVE-2021-28169.yaml
2021-06-24 16:00:02 +00:00
9cc9a52db2
Create CVE-2017-12794.yaml
2021-06-24 15:49:12 +00:00
19d80d9d0a
Create CVE-2020-3580.yaml
2021-06-24 15:34:19 +00:00
e7bb4bff23
Create CVE-2021-3223.yaml
...
Node-RED-Dashboard before 2.26.2 allows ui_base/js/..%2f directory traversal to read files.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-06-24 21:07:17 +09:00
37261f7a2f
Update and rename vulnerabilities/jira/jira-unauthenticated-popular-filters.yaml to cves/2019/CVE-2019-3401.yaml
2021-06-24 16:52:04 +05:30
f7563d9718
Update CVE-2019-3401.yaml
2021-06-24 16:45:07 +05:30
cc0dd04ac2
Create CVE-2021-21234.yaml
...
spring-boot-actuator-logview in a library that adds a simple logfile viewer as spring boot actuator endpoint. It is maven package "eu.hinsch:spring-boot-actuator-logview". In spring-boot-actuator-logview before version 0.2.13 there is a directory traversal vulnerability. The nature of this library is to expose a log file directory via admin (spring boot actuator) HTTP endpoints. Both the filename to view and a base folder (relative to the logging folder root) can be specified via request parameters. While the filename parameter was checked to prevent directory traversal exploits (so that `filename=../somefile` would not work), the base folder parameter was not sufficiently checked, so that `filename=somefile&base=../` could access a file outside the logging base directory). The vulnerability has been patched in release 0.2.13. Any users of 0.2.12 should be able to update without any issues as there are no other changes in that release. There is no workaround to fix the vulnerability other than updating or removing the dependency. However, removing read access of the user the application is run with to any directory not required for running the application can limit the impact. Additionally, access to the logview endpoint can be limited by deploying the application behind a reverse proxy.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-06-24 14:36:45 +09:00
35cf8d1378
Merge pull request #1221 from projectdiscovery/princechaddha-patch-6
...
Create CVE-2018-9995.yaml
2021-06-24 02:33:20 +05:30
0fbbfdd364
Update CVE-2018-9995.yaml
2021-06-24 02:32:23 +05:30
9479826132
Merge pull request #1747 from Udyz/patch-3
...
Create CVE-2021-21389
2021-06-24 02:26:23 +05:30
416bafe2fa
misc changes
2021-06-24 02:24:58 +05:30
9386111906
making status check generic both case
2021-06-24 00:13:58 +05:30
459dd6b84b
misc changes
2021-06-23 23:48:34 +05:30
67c4713f13
Added status to CVE-2012-3153
2021-06-23 08:26:37 -05:00
916ea5ff72
Add CVE-2019-3401 - Atlassian JIRA Information Exposure (CVE-2019-3401)
2021-06-23 01:29:08 +08:00
6e139881ee
fix or operator
2021-06-23 00:33:06 +08:00
6b358f38a9
Merge pull request #1751 from realistic-security/master
...
Create two "Oracle Forms & Reports" Vulnerabilities
2021-06-22 19:43:04 +05:30
672acb880e
Updated Oracle Forms & Reports CVE-2012-3153
2021-06-22 14:53:26 +01:00
139aaf2ecf
Add CVE-2018-1000130.yaml - fix spaces
2021-06-22 20:35:17 +08:00
e84dc0e94c
Add CVE-2018-1000130.yaml - Jolokia Agent Proxy JNDI Code Injection
2021-06-22 20:32:30 +08:00
04a7fda94a
Update CVE-2021-21389.yaml
2021-06-22 19:12:35 +07:00
014ca91e15
hmm just simple check...
...
sorry i just know little bit english...
2021-06-22 19:07:00 +07:00
1c4a2a56a7
Merge pull request #1734 from darrenmartyn/patch-1
...
Create CVE-2019-4781.yaml
2021-06-22 13:21:04 +05:30
2539c830ac
Update CVE-2019-7481.yaml
2021-06-22 13:20:06 +05:30
c87238c37a
Update CVE-2019-7481.yaml
2021-06-22 13:18:51 +05:30
dcaef6a836
Rename CVE-2021-21389 to CVE-2021-21389.yaml
2021-06-22 04:05:42 +05:30
3844df9fc8
misc changes
2021-06-21 18:09:16 +05:30
592b2e7222
Update CVE-2020-1938.yaml
2021-06-21 14:28:51 +05:30
be89aed331
Update CVE-2018-2628.yaml
2021-06-21 14:26:53 +05:30
cb4d12cc8c
Moved to cves/2018
2021-06-21 14:20:20 +05:30
ec835a0bc5
Create CVE-2012-3152, CVE-2012-3153
2021-06-21 09:48:42 +01:00
8b43919211
Update CVE-2020-11930.yaml
2021-06-21 14:15:45 +05:30
216b484aec
Update CVE-2020-11930.yaml
2021-06-21 14:15:09 +05:30
ebc202adcb
Create CVE-2020-11930.yaml
2021-06-21 14:11:20 +05:30
0d5a57bc23
Create CVE-2021-21389
2021-06-21 12:33:14 +07:00
55b89115aa
add CVE-2018-2628 - Oracle WebLogic Server Deserialization RCE
2021-06-21 06:24:33 +08:00
c7a11cd1b1
Added CVE-2020-11110
2021-06-20 20:00:19 +05:30
1465ad8c76
Merge pull request #1740 from Akokonunes/patch-9
...
Create CVE-2018-18775.yaml
2021-06-20 16:51:09 +05:30
a2623f5e9d
Update CVE-2018-18775.yaml
2021-06-20 16:49:24 +05:30
b874963894
moved to cves
2021-06-20 16:47:21 +05:30
00ad7ee3db
Moved to cves
2021-06-20 16:43:44 +05:30
bb6fa66dd9
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-06-20 13:56:54 +03:00
80d159c277
Update CVE-2019-7481.yaml
2021-06-19 22:44:05 +01:00
7c65c33396
Update CVE-2019-7481.yaml
...
maybe yaml lint thing doesn't hate me now
2021-06-19 22:42:10 +01:00
722a2bd60c
Update and rename CVE-2019-4781.yaml to CVE-2019-7481.yaml
2021-06-19 21:39:08 +01:00
a26c0d9c3a
Create CVE-2019-4781.yaml
...
Need some feedback on this, tested it out and it works just fine.
2021-06-19 21:17:40 +01:00
e8e5dd5c83
add CVE-2020-1938.yaml - Ghostcat - Apache Tomcat AJP File Read/Inclusion Vulnerability
2021-06-19 21:59:42 +08:00
988726f5c8
Create CVE-2017-15944.yaml
...
This fixes #1091 . I changed line 20 from `part: body` to `part: header`.
2021-06-18 20:45:44 +00:00
55c1984a52
Template Moved to cves
2021-06-19 01:58:02 +05:30
112113437c
Moved template to cves folder
2021-06-18 16:58:27 +05:30
9200ac068a
Merge pull request #1714 from skar4444/unauthenticated-CI-lint-API
...
CVE 2021-22214 - Unauthenticated Gitlab SSRF - CI Lint API
2021-06-18 15:08:33 +05:30
b301c830a3
final improvements
2021-06-18 15:02:17 +05:30
27d67855e8
misc changes
2021-06-18 14:42:13 +05:30
4f0bfc9362
Merge pull request #1705 from projectdiscovery/CVE-2021-28854
...
Added CVE-2021-28854
2021-06-18 12:52:42 +05:30
44a53f7090
Merge pull request #1636 from pdelteil/patch-6
...
Update CVE-2018-18069.yaml
2021-06-18 10:01:04 +05:30
bfa70bacf5
Update CVE-2021-21975.yaml
2021-06-17 22:55:10 +05:30
0f590a867b
Update CVE-2018-18069.yaml
2021-06-17 22:20:02 +05:30
eeb88e4bd1
Update CVE-2018-18069.yaml
2021-06-17 22:13:32 +05:30
36bb1fff95
Update CVE-2018-18069.yaml
2021-06-17 22:11:00 +05:30
01b77a7ed2
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-06-17 16:54:18 +03:00
8a1d7bd7d2
Hotfix FP of CVE-2021-24146
2021-06-17 08:16:54 +07:00
5c2a07d65e
Merge pull request #1684 from geeknik/patch-107
...
Create CVE-2018-16670.yaml
2021-06-16 02:01:36 +05:30
dbee289627
Merge pull request #1683 from geeknik/patch-106
...
Create CVE-2018-16668.yaml
2021-06-16 01:59:47 +05:30
6c48452767
Merge pull request #1682 from geeknik/patch-105
...
Create CVE-2018-16671.yaml
2021-06-16 01:58:32 +05:30
bfbd3ccdac
Merge pull request #1656 from Akokonunes/patch-4
...
Create CVE-2021-24237.yaml
2021-06-16 01:56:39 +05:30
074b15b081
Merge pull request #1655 from Akokonunes/patch-3
...
Create CVE-2013-2248.yaml
2021-06-16 01:46:45 +05:30
92d35b4710
minor update
2021-06-16 01:45:31 +05:30
5cff973564
Added tags
2021-06-16 01:02:21 +05:30
c36419c94c
Added CVE-2021-28854
2021-06-16 01:01:01 +05:30
8cf0d5e8ac
Merge pull request #1680 from Alex-null/master
...
Update CVE-2013-2251.yaml
2021-06-15 16:42:14 +05:30
ccac0e26e5
Update CVE-2013-2251.yaml
2021-06-15 16:41:14 +05:30
edf4a45ee4
Update CVE-2018-1000533.yaml
2021-06-15 16:38:28 +05:30
72d9357cf6
Update CVE-2018-1000533.yaml
2021-06-15 16:23:59 +05:30
3cfc921b71
Update CVE-2018-1000533.yaml
2021-06-15 15:31:36 +05:30
e970a09c53
Create CVE-2018-1000533.yaml
2021-06-15 07:28:10 +00:00
d25869d764
Update CVE-2020-36289.yaml
2021-06-14 11:50:25 -04:00
a91ee941ff
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-06-14 14:59:58 +03:00
8df5f982f3
Moved template to cves
2021-06-13 21:01:21 +05:30
b5bdac494b
Merge branch 'master' of https://github.com/nrathaus/nuclei-templates
2021-06-13 09:54:52 +03:00
eb1a3b678a
Update CVE-2014-2383.yaml
2021-06-12 16:42:57 +05:30
e83ba1b5ec
Create CVE-2018-16670.yaml
2021-06-11 12:11:36 +00:00
c451137ffc
Create CVE-2018-16668.yaml
2021-06-11 12:10:29 +00:00
210465a658
Create CVE-2018-16671.yaml
2021-06-11 12:09:29 +00:00
3779eb70e0
Moved template to cves folder
2021-06-11 16:48:05 +05:30
b17196ee18
Merge pull request #1679 from Mad-robot/master
...
Update CVE-2018-3167.yaml
2021-06-11 16:25:07 +05:30
710d2345ba
Merge pull request #1671 from Akokonunes/patch-6
...
Create CVE-2018-16836.yaml
2021-06-11 15:59:49 +05:30
bc4a0d37b1
Moving template to cves folder
2021-06-11 15:58:02 +05:30
3ef83889b4
Update CVE-2014-2383.yaml
2021-06-11 15:22:14 +05:30
161b2f5008
Update CVE-2013-2251.yaml
...
Add new payload. Test it on this environment-https://github.com/vulhub/vulhub/tree/master/struts2/s2-016
2021-06-11 17:50:50 +08:00
658cd17d4f
Merge pull request #1670 from Akokonunes/patch-5
...
Create CVE-2014-2383.yaml
2021-06-11 15:04:17 +05:30
afb2f15dbd
Added more paths
2021-06-11 14:47:02 +05:30
d4db18c218
Update CVE-2014-2383.yaml
2021-06-11 14:33:43 +05:30
583f4e6778
Template moved to CVE folder
2021-06-11 14:19:36 +05:30
a2e740148f
Update CVE-2018-3167.yaml
2021-06-11 13:21:20 +05:30
bfed8d5200
Update CVE-2018-3167.yaml
2021-06-11 13:19:46 +05:30
84341549c0
Update CVE-2018-3167.yaml
2021-06-11 13:18:36 +05:30
42ec1d5636
Update CVE-2018-3167.yaml
2021-06-11 13:14:15 +05:30
69ded42e3a
Template rename / update
2021-06-10 21:57:07 +05:30
3de46aa21b
misc changes
2021-06-10 00:01:38 +05:30
ea26842383
Added CVE-2019-2616
2021-06-09 23:56:42 +05:30
4e17331f30
Merge pull request #1657 from DhiyaneshGeek/master
...
CVE-2017-9140: Telerik ReportViewer XSS
2021-06-09 21:40:40 +05:30
8fa1dbc604
Minor updates
2021-06-09 21:37:22 +05:30
5c80980915
Added CVE-2020-36289
2021-06-09 21:13:52 +05:30
6c79bfa14d
Create CVE-2017-9140.yaml
2021-06-09 18:40:47 +05:30
83ce809e8d
Updated author names
2021-06-09 17:50:56 +05:30
769de2a231
Create CVE-2013-2248.yaml
2021-06-09 15:32:42 +05:30
ccdb667d3b
YML to YAML
2021-06-09 14:42:14 +05:30
1299ae621f
Update CVE-2021-28164.yml
2021-06-09 14:39:19 +05:30
eef5158207
Update CVE-2021-28164.yml
2021-06-09 14:38:12 +05:30
23cb4c4d9f
moving files around
2021-06-09 14:37:40 +05:30
9d7ab618b8
Merge pull request #1654 from Mad-robot/master
...
Update CVE-2017-9506.yaml
2021-06-09 14:25:30 +05:30
9045f0bb2a
misc changes
2021-06-09 14:23:32 +05:30
0013f94807
Merge pull request #1631 from projectdiscovery/sap_update
...
SAP NetWeaver update
2021-06-09 14:17:51 +05:30
c5d4e5e400
Update CVE-2017-9506.yaml
2021-06-09 13:11:39 +05:30
0cdfd0468f
Update CVE-2021-24285.yaml
2021-06-09 04:01:21 +05:30
2953942c3c
Added CVE-2021-24285
2021-06-09 03:13:23 +05:30
68642e226b
CVE-2018-1247 fix
2021-06-09 01:40:02 +05:30
799af2e5fb
minor update
2021-06-09 01:23:13 +05:30
aca824b910
Update CVE-2019-2767.yaml
2021-06-08 21:59:59 +05:30
ff9b9a871c
Update CVE-2019-2767.yaml
2021-06-08 21:53:28 +05:30
41784d5261
Update CVE-2019-2767.yaml
2021-06-08 21:52:58 +05:30
169d64a3ff
Create CVE-2019-2767.yaml
2021-06-08 21:49:35 +05:30
39555505db
Update CVE-2018-18069.yaml
...
The matching condition are not enough. The payload input is not checked for reflection. This creates false positives like this one
nuclei -debug -t nuclei-templates/cves/2018/CVE-2018-18069.yaml -u https://empleo.gbtspain.com
2021-06-05 14:12:50 -04:00
14fa085d1b
more improvements
2021-06-05 12:15:32 +05:30
55c0e1b103
Improved matchers for CVE-2020-6287
2021-06-05 10:29:59 +05:30
c0103e0b8a
Merge pull request #1608 from Mad-robot/master
...
Create CVE-2020-6308.yaml
2021-06-05 00:04:56 +05:30
83d359f6cf
updating tags
2021-06-05 00:02:33 +05:30
11cb8b3106
Update CVE-2020-6308.yaml
2021-06-05 00:00:50 +05:30
8e13733d34
moving files around
2021-06-04 16:30:31 +05:30
0e3ed049ae
misc changes
2021-06-03 23:00:47 +05:30
bdc803fd4b
Added CVE-2020-13927
2021-06-03 14:23:34 +05:30
4a0e83037d
Update CVE-2020-11978.yaml
2021-06-03 13:58:41 +05:30
6652b2ddb6
Added CVE-2020-11978
2021-06-03 13:57:09 +05:30
d92568cd03
Merge pull request #1604 from Sicks3c/sicks3c
...
Added new path for CVE-2021-22122.yaml
2021-06-02 13:18:12 +05:30
5269cc1c87
Update CVE-2021-22122.yaml
2021-06-02 13:17:00 +05:30
e3f42066bf
Spelling
2021-06-02 09:39:35 +03:00
f28fdf610b
Create CVE-2020-6308.yaml
2021-06-02 11:39:27 +05:30
2678721174
Added new path for CVE-2021-22122.yaml
2021-06-02 00:06:20 +01:00
23a59704e9
Merge pull request #1585 from pikpikcu/patch-171
...
Add CVE-2017-14535
2021-06-01 11:07:56 +05:30
b021a0cf49
Misc changes
2021-06-01 11:06:13 +05:30
fe1ab8385d
Update and rename exposures/logs/circarlife-system-log.yaml to cves/2018/CVE-2018-12634.yaml
2021-05-31 11:31:04 -05:00
19b73df6be
Update CVE-2021-21985.yaml
2021-05-31 19:44:44 +05:30
633644b159
Added CVE-2021-21985
2021-05-31 19:20:59 +05:30
2cc30c771a
misc updates
2021-05-31 16:53:36 +05:30
b0eca52c4b
Create CVE-2017-14535.yaml
2021-05-31 09:46:53 +00:00
a39f71eeff
Fixing CVE-2018-0296
2021-05-31 09:28:47 +05:30
0d8c5607cb
CVE-2021-33564.yaml
2021-05-29 02:33:38 +05:30
707d6720d1
Merge pull request #1543 from Morn98/CVE-2017-1000486
...
Add detection for JavaServer Faces and detection for vulnerable PrimeFaces 5.x EL Injection (CVE 2017 1000486)
2021-05-28 14:05:01 +05:30
b7d103a740
Update CVE-2017-1000486.yaml
2021-05-28 10:27:21 +05:30
Prince Chaddha
Prince Chaddha
Muhammad Daffa
sandeep
Geeknik Labs
Suman Kar
Dwi Siswanto
GwanYeong Kim
sandeep
Suman Kar
Keith
Robbie
SaN ThosH
PikPikcU
wyatt
Wyatt Dahlenburg
Sidahmed
lulz
Dhiyaneshwaran
Noam Rathaus
darrenmartyn
Philippe Delteil
Alex-null
root
0xsapra