Prince Chaddha
843c688505
Merge pull request #2867 from Akokonunes/patch-54
...
Create advanced-access-manager-plugin-lfi.yaml
2021-10-11 16:55:58 +05:30
Prince Chaddha
da08f02913
Update and rename advanced-access-manager-plugin-lfi.yaml to vulnerabilities/wordpress/advanced-access-manager-lfi.yaml
2021-10-11 16:52:28 +05:30
sandeep
9b1c57506b
Updating CVE-2021-41773 / CVE-2021-42013 to include RCE check
2021-10-10 06:00:43 +05:30
sandeep
6205415bbd
Update keycloak-xss.yaml
...
Updating severity as this XSS is not exploitable directly.
2021-10-09 08:46:17 +05:30
Sandeep Singh
0c8e813c15
Merge pull request #2854 from Akokonunes/patch-52
...
Create wp-oxygen-theme-lfi.yaml
2021-10-08 19:20:54 +05:30
sandeep
ecca8374fc
moving file around
2021-10-08 19:19:29 +05:30
Sandeep Singh
95305667c0
Merge pull request #2852 from pdelteil/patch-65
...
Update qcubed-xss.yaml
2021-10-08 19:14:41 +05:30
sandeep
6a00b9245c
Update qcubed-xss.yaml
2021-10-08 19:14:26 +05:30
sandeep
de0a0ff3c1
misc update
2021-10-08 19:10:03 +05:30
Philippe Delteil
60a3b6f4a4
Update qcubed-xss.yaml
2021-10-08 03:46:49 -03:00
Philippe Delteil
888c703a3c
Update pmb-directory-traversal.yaml
2021-10-08 03:33:40 -03:00
Sandeep Singh
634e215433
Merge pull request #2840 from projectdiscovery/apache-httpd-rce
...
Added Apache HTTPd - 2.4.49 (CGI enabled) RCE
2021-10-06 19:50:18 +05:30
sandeep
8dfa5ce9b4
Added Lucee Unauthenticated Reflected XSS
2021-10-06 16:38:23 +05:30
sandeep
856b96a084
lint update
2021-10-06 15:56:00 +05:30
sandeep
796dd93113
Added Apache HTTPd - 2.4.49 (CGI enabled) RCE
2021-10-06 15:53:31 +05:30
Prince Chaddha
3ce3718a5e
Merge pull request #2835 from Akokonunes/patch-49
...
Create ultimatemember-plugin-open-redirect.yaml
2021-10-06 11:04:54 +05:30
Prince Chaddha
183af8b95b
Update and rename ultimatemember-plugin-open-redirect.yaml to vulnerabilities/wordpress/ultimatemember-open-redirect.yaml
2021-10-06 10:59:48 +05:30
Prince Chaddha
f1130595ce
Update and rename wptouch-plugin-open-redirect.yaml to vulnerabilities/wordpress/wptouch-open-redirect.yaml
2021-10-06 10:46:16 +05:30
Prince Chaddha
5b5e764b48
Merge pull request #2787 from mr-rizwan-syed/master
...
wp-config-file and aws-s3-access-key-leak
2021-10-05 18:25:04 +05:30
Prince Chaddha
6e7b91f6dc
Update wordpress-accessible-wpconfig.yaml
2021-10-05 18:02:50 +05:30
Sandeep Singh
478a7ef833
Merge pull request #2808 from pdelteil/patch-61
...
Update wp-plugin-1-flashgallery-listing.yaml
2021-10-02 17:59:10 +05:30
Sandeep Singh
47853b869b
Update metinfo-lfi.yaml
2021-10-02 17:57:59 +05:30
Sandeep Singh
f43b256e6e
Update metinfo-lfi.yaml
2021-10-02 17:57:33 +05:30
Philippe Delteil
8fc91de606
Update metinfo-lfi.yaml
2021-10-02 03:42:22 -03:00
Philippe Delteil
e3947fbfeb
Update wp-plugin-1-flashgallery-listing.yaml
2021-10-02 03:29:17 -03:00
Prince Chaddha
4dc168520c
Merge pull request #2791 from pdelteil/patch-59
...
Update and rename wordpress-emails-verification-for-woocommerce.yaml …
2021-10-01 16:33:44 +05:30
Prince Chaddha
d7e6cb313e
Update wp-woocommerce-email-verification.yaml
2021-10-01 16:31:50 +05:30
Prince Chaddha
58fd372498
Update and rename qihang-media-web-lfi.yaml to qihang-media-lfi.yaml
2021-10-01 16:28:20 +05:30
Prince Chaddha
ea71661d79
Update and rename qihang-media-web-credentials-disclosure.yaml to qihang-media-disclosure.yaml
2021-10-01 16:26:25 +05:30
GwanYeong Kim
f750bf5ba5
Create qihang-media-web-credentials-disclosure.yaml
...
The application suffers from clear-text credentials disclosure vulnerability that allows an unauthenticated attacker to issue a request to an unprotected directory that hosts an XML file /xml/User/User.xml and obtain administrative login information that allows for a successful authentication bypass attack.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-10-01 15:42:48 +09:00
GwanYeong Kim
90138f44d1
Create qihang-media-web-lfi.yaml
...
The application suffers from an unauthenticated file disclosure vulnerability when input passed thru the filename parameter when using the download action or thru path parameter when using the getAll action is not properly verified before being used. This can be exploited to disclose contents of files and directories from local resources.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-10-01 15:35:12 +09:00
Philippe Delteil
145f1a643d
Update and rename wordpress-emails-verification-for-woocommerce.yaml to wp-woocommerce-email-verification.yaml
...
- name changed to match template id.
- added stop-at-first-match condition.
2021-09-30 22:49:21 -03:00
Sullo
7adfd01163
Moving listserv_maestro_rce.yaml to cves folder
2021-09-30 15:39:45 -04:00
Sullo
d34e6c1145
Add information for CVE-2010-1870
2021-09-30 15:38:59 -04:00
Sullo
3c012b137d
Break CVE-2016-4975 into its own template
2021-09-30 15:35:17 -04:00
Rizwan Syed
4065f6a493
Update wordpress-accessible-wpconfig.yaml
2021-09-30 23:15:18 +05:30
Sullo
c9a374bed5
renamed: simple-employee-rce.yaml -> ../../cves/2019/CVE-2019-20183.yaml
2021-09-30 13:06:46 -04:00
Sullo
28def083f6
Merge branch 'master' of https://github.com/sullo/nuclei-templates
...
Fix typo for cvss
2021-09-30 13:03:09 -04:00
Sullo
3878138bfe
* Added Host headers where needed (validated via disclosures/posts)
...
* Added CVE simple-employee-rce.yaml
2021-09-30 12:52:05 -04:00
sullo
66cad3ff35
Revert "* Added CVE info & moved simple-employee-rce.yaml to cves/2019/CVE-2019-20183.yaml"
...
incorrect push to master repo
This reverts commit 7191aee570
.
2021-09-30 12:25:22 -04:00
Sullo
7191aee570
* Added CVE info & moved simple-employee-rce.yaml to cves/2019/CVE-2019-20183.yaml
...
* Added missing {{Hostname}} to some raw requests (confirmed that hostname is allowed in exploits)
* Minor cleanup in the modified plugins
2021-09-30 12:20:54 -04:00
sandeep
e90e3b49bc
Added more unique matchers
2021-09-30 20:22:53 +05:30
sandeep
88f6bba576
Added thinkphp keyword from response to avoid false positive
2021-09-30 18:35:14 +05:30
Prince Chaddha
f839f628b6
Update and rename fatpipe-networks-warp-backdoor.yaml to fatpipe-backdoor.yaml
2021-09-30 17:18:45 +05:30
Prince Chaddha
b65719103f
Update and rename fatpipe-networks-warp-auth-bypass.yaml to fatpipe-auth-bypass.yaml
2021-09-30 17:18:21 +05:30
Prince Chaddha
9e25b4871e
Update fatpipe-networks-warp-backdoor.yaml
2021-09-30 16:13:19 +05:30
GwanYeong Kim
606d2b5ea4
Create fatpipe-networks-warp-backdoor.yaml
...
The application has a hidden administrative account cmuser that has no password and has write access permissions to the device. The user cmuser is not visible in Users menu list of the application.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-09-30 13:38:01 +09:00
GwanYeong Kim
263cadaacf
Create fatpipe-networks-warp-auth-bypass.yaml
...
Improper access control occurs when the application provides direct access to objects based on user-supplied input. As a result of this vulnerability attackers can bypass authorization and access resources behind protected pages.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-09-30 11:07:24 +09:00
Sandeep Singh
e9f81943b6
Merge pull request #2759 from projectdiscovery/generic-ssrf
...
generic-ssrf
2021-09-30 03:31:52 +05:30
sandeep
553a7a2480
Update request-based-interaction.yaml
2021-09-30 03:31:03 +05:30