Commit Graph

260 Commits (1212034229b838e528740999577b12350f13e005)

Author SHA1 Message Date
Dhiyaneshwaran 525ffdefcc
Update unauthenticated-popup-upload.yaml 2021-07-15 13:52:06 +05:30
sandeep 6dd92167eb minor updates 2021-07-13 19:35:58 +05:30
Dhiyaneshwaran 4822208487
Merge pull request #71 from projectdiscovery/master
Updation
2021-07-13 14:54:00 +05:30
Dhiyaneshwaran 51d6477505
Create unauthenticated-alert-manager.yaml 2021-07-13 14:10:37 +05:30
Sandeep Singh 920255635b
Merge pull request #1876 from pussycat0x/master
web-ftp
2021-07-13 01:53:15 +05:30
Sandeep Singh 8ec1767561
Rename hp-printer-unanuthorized-access.yaml to unauthorized-hp-printer.yaml 2021-07-13 01:45:40 +05:30
sandeep 567096e97f matcher update 2021-07-13 01:42:15 +05:30
sandeep 3b13abc7f2 matcher update 2021-07-13 01:30:58 +05:30
pussycat0x 647677f0ab
Update hp-printer-unanuthorized-access.yaml 2021-07-11 23:49:17 +05:30
pussycat0x 09b002134d
Add files via upload 2021-07-11 23:44:34 +05:30
Sandeep Singh 22421fd38e
Merge pull request #1843 from DhiyaneshGeek/master
Update AEM CRX bypass , AEM Debug XSS and Java sean debug page, Jetty showcontexts enable , jfrog-unauth-build-exposed Templates Added
2021-07-04 01:23:20 +05:30
sandeep afcbe4cfe4 minor updates 2021-07-04 01:22:08 +05:30
sandeep a5f8175017 Update unauthorized-plastic-scm.yaml 2021-07-03 16:39:59 +05:30
sandeep 5d7388f0ae Added Unauthorized Access to Plastic Admin Console 2021-07-03 16:37:11 +05:30
Dhiyaneshwaran 31a10ebfb7
Update jetty-showcontexts-enable.yaml 2021-07-02 20:50:15 +05:30
sandeep 5b91ef07a6 Update unauthenticated-glances.yaml 2021-07-02 17:15:32 +05:30
sandeep db61d85e75 minor updates 2021-07-02 17:14:03 +05:30
Dhiyaneshwaran 5f779266bc
Create jetty-showcontexts-enable.yaml 2021-07-02 08:16:57 +05:30
Dhiyaneshwaran 39eb91a582
Update aem-crx-bypass.yaml 2021-07-01 22:23:08 +05:30
Petko D. Petkov 7c39ab8c79 Check if json. 2021-06-30 12:03:47 +00:00
sandeep e8ffd4ea06 Update aem-crx-bypass.yaml 2021-06-28 20:45:41 +05:30
sandeep eaa5d7600f Added more strict matchers 2021-06-28 20:44:24 +05:30
Dhiyaneshwaran e53b262283
Update aem-crx-bypass.yaml 2021-06-28 20:23:11 +05:30
Dhiyaneshwaran 91b673ad17
Create aem-crx-bypass.yaml 2021-06-28 20:20:58 +05:30
sandeep 2a7d45fa1f more strict matcher 2021-06-26 19:42:11 +05:30
Prince Chaddha 89b4fdf8ed
Merge pull request #1757 from pussycat0x/master
New template added
2021-06-24 02:02:42 +05:30
Prince Chaddha 5fa51dd043
Update phpmyadmin-sql.php-server.yaml 2021-06-24 01:26:51 +05:30
sandeep 134a23aeab Some fixes (WIP)
- Added missing matcher condition
- Updated severity to lowercase, as it's case sensitive
2021-06-24 01:03:41 +05:30
pussycat0x 2dd0ce2664
Update phpmyadmin-sql.php-server.yaml 2021-06-23 21:37:14 +05:30
pussycat0x 5ae899a66f
Update phpmyadmin-sql.php-server.yaml 2021-06-23 21:34:13 +05:30
pussycat0x bb251938c8
Add files via upload 2021-06-22 20:40:53 +05:30
sandeep 49f9b67827 Added reference 2021-06-20 16:39:47 +05:30
Prince Chaddha bd4b43bbce
Merge pull request #995 from pikpikcu/patch-101
Create zhiyuan-oa-unauthorized
2021-06-19 12:53:24 +05:30
Prince Chaddha 5463655627
Update zhiyuan-oa-unauthorized.yaml 2021-06-19 12:52:35 +05:30
sandeep f0b67ef56b Few template updates 2021-06-18 15:53:49 +05:30
sandeep 6081edd83f Added reference 2021-06-18 12:16:27 +05:30
sandeep f9d068a105 Added ssrf-via-oauth-misconfig 2021-06-18 12:15:13 +05:30
sandeep b1e401ff9c Delete adobe-connect-xss.yaml 2021-06-15 15:54:19 +05:30
sandeep 891e8374b1 misc changes 2021-06-14 20:32:21 +05:30
Dhiyaneshwaran 629b655ef1
Create adobe-connect-xss.yaml 2021-06-13 23:54:48 +05:30
Dhiyaneshwaran afec528d82
Create adobe-connect-version.yaml 2021-06-13 23:40:58 +05:30
Dhiyaneshwaran 6e727805c1
Create adobe-connect-username-exposure.yaml 2021-06-13 23:25:39 +05:30
sandeep 8d35960831 Strict matchers 2021-06-10 21:18:38 +05:30
Sandeep Singh 13090ace75
Merge pull request #1659 from WillD96/IIS-Internal-IP-Disclosure
Created IIS Internal IP Disclosure Template
2021-06-10 00:02:02 +05:30
r3naissance aa9e899dd2
Added conditional word in body
I found this be a valid finding /actuator/env on a production host but was missing additional words to check which was causing a false negative. 'activeProfiles' allows this test to pass on the instance that I came across.
2021-06-09 11:36:54 -06:00
sandeep 3c6aa9da0c misc updates 2021-06-09 22:15:55 +05:30
Will Davison cd06c6137f Fixed trailing spaces 2021-06-09 16:04:53 +01:00
Will Davison ad8d064bf9 Fixed linting error. 2021-06-09 15:40:06 +01:00
Will Davison 6279e1fb70 Added template for IIS Internal IP Disclosure
By sending a HTTP 1.0 request to the root of the webserver, sometimes an internal IP address is disclosed in the Location header of the 302 response.
2021-06-09 15:30:59 +01:00
Prince Chaddha 83ce809e8d Updated author names 2021-06-09 17:50:56 +05:30