7963a563af
Updated mikrotik-graph.yaml
...
Added how many interface graph exposure extractors
2022-04-03 13:57:40 +07:00
96d162ada8
Updated routeros-login.yaml
...
Add RouterOS version extractors.
2022-04-03 13:56:20 +07:00
7b4f780ac6
Updated blue-iris-login.yaml
...
Add blue iris version extractors
2022-04-03 10:33:21 +07:00
66df3b68cc
Merge branch 'projectdiscovery:master' into master
2022-04-03 10:32:47 +07:00
1e374c7482
Create CVE-2021-26598.yaml
...
ImpressCMS before 1.4.3 has Incorrect Access Control because include/findusers.php allows access by unauthenticated attackers (who are, by design, able to have a security token).
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-04-03 11:23:45 +09:00
21a3ce4f12
Create CVE-2018-10562.yaml
...
An issue was discovered on Dasan GPON home routers. Command Injection can occur via the dest_host parameter in a diag_action=ping request to a GponForm/diag_Form URI. Because the router saves ping results in /tmp and transmits them to the user when the user revisits /diag.html, it's quite simple to execute commands and retrieve their output.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-04-02 23:56:35 +09:00
cbb575dddb
Create 3cx-management-console.yaml
2022-04-02 16:24:05 +05:30
c371a40272
Auto Generated New Template Addition List [Sat Apr 2 10:52:27 UTC 2022] 🤖
2022-04-02 10:52:27 +00:00
c4ca72e66c
Merge pull request #4034 from projectdiscovery/fp-fix
...
Delete kube-api-roles.yaml
2022-04-02 16:22:12 +05:30
68ba9ea284
Delete kube-api-roles.yaml
2022-04-02 16:19:59 +05:30
c1a7f2398c
Create CVE-2021-24746.yaml
2022-04-02 16:15:26 +05:30
a8fee068ac
Auto Generated New Template Addition List [Sat Apr 2 10:42:03 UTC 2022] 🤖
2022-04-02 10:42:03 +00:00
ef807cd420
Merge pull request #4005 from daffainfo/patch-7
...
Create admin-word-count-column-lfi.yaml
2022-04-02 16:11:47 +05:30
56240603fe
Auto Generated New Template Addition List [Sat Apr 2 10:41:14 UTC 2022] 🤖
2022-04-02 10:41:14 +00:00
a0b190434f
Merge pull request #4021 from rschio/CVE-2021-44103
...
Create CVE-2021-44103
2022-04-02 16:11:00 +05:30
92d6618cca
Auto Generated New Template Addition List [Sat Apr 2 10:40:53 UTC 2022] 🤖
2022-04-02 10:40:53 +00:00
e1a37cec4a
Merge pull request #4032 from projectdiscovery/konga-panel
...
Create konga-panel.yaml
2022-04-02 16:10:37 +05:30
786636813e
Update admin-word-count-column-lfi.yaml
2022-04-02 16:09:39 +05:30
9a769040d7
Auto Generated CVE annotations [Sat Apr 2 10:37:27 UTC 2022] 🤖
2022-04-02 10:37:27 +00:00
06c3b8ba80
Auto Generated New Template Addition List [Sat Apr 2 10:37:21 UTC 2022] 🤖
2022-04-02 10:37:21 +00:00
58d84ce38a
Merge pull request #4004 from daffainfo/patch-6
...
Create amministrazione-aperta-lfi.yaml
2022-04-02 16:07:07 +05:30
56b6ef7205
Update amministrazione-aperta-lfi.yaml
2022-04-02 16:04:50 +05:30
29b094eb69
Auto Generated New Template Addition List [Sat Apr 2 10:28:24 UTC 2022] 🤖
2022-04-02 10:28:24 +00:00
ef88c6b170
Merge pull request #4007 from pikpikcu/patch-328
...
Create CVE-2022-23881
2022-04-02 15:58:08 +05:30
58cb6dfdcf
Update CVE-2022-23881.yaml
2022-04-02 15:55:31 +05:30
0ad4fb1f22
Auto Generated New Template Addition List [Sat Apr 2 10:02:45 UTC 2022] 🤖
2022-04-02 10:02:45 +00:00
b09ac6b3bc
Merge pull request #4009 from Splint3r7/master
...
Add video-synchro-pdf & cab-fare-calculator - WordPress Plugin LFI
2022-04-02 15:32:30 +05:30
0468dc5782
Update video-synchro-pdf-lfi.yaml
2022-04-02 15:30:18 +05:30
a13f72f634
Update cab-fare-calculator-lfi.yaml
2022-04-02 15:28:48 +05:30
4a1d72d2a7
Update video-synchro-pdf-lfi.yaml
2022-04-02 15:25:19 +05:30
87e5919079
Update cab-fare-calculator-lfi.yaml
2022-04-02 15:24:02 +05:30
14d40fdb50
Update CVE-2021-44103.yaml
2022-04-02 14:47:22 +05:30
d3c4313f64
Update CVE-2021-44103.yaml
2022-04-02 14:39:25 +05:30
da8af6d47e
Create konga-panel.yaml
2022-04-02 14:02:12 +05:30
5e128f2c52
Auto Generated CVE annotations [Sat Apr 2 07:59:47 UTC 2022] 🤖
2022-04-02 07:59:47 +00:00
16b4b6880d
Auto Generated New Template Addition List [Sat Apr 2 07:59:43 UTC 2022] 🤖
2022-04-02 07:59:43 +00:00
1e011d6442
Merge pull request #4023 from Akokonunes/patch-133
...
Create CVE-2021-28377.yaml
2022-04-02 13:29:30 +05:30
930ed5e321
Update and rename CVE-2021-28377.yaml to cves/2017/CVE-2021-28377.yaml
2022-04-02 13:23:16 +05:30
da4c4dde5d
remove trailing spaces
2022-04-01 12:53:54 -04:00
e4bbda6f80
Auto README Update [Fri Apr 1 12:14:58 UTC 2022] 🤖
2022-04-01 12:14:58 +00:00
80f5a6e8ef
Auto Generated Templates Stats [Fri Apr 1 12:14:30 UTC 2022] 🤖
2022-04-01 12:14:30 +00:00
c5df3aadf3
Auto Generated New Template Addition List [Fri Apr 1 11:44:05 UTC 2022] 🤖
2022-04-01 11:44:05 +00:00
dd0cdb1385
Added CVE-2022-22965 - Spring Framework RCE via Data Binding on JDK 9+ (Spring4Shell) ( #4024 )
2022-04-01 17:13:45 +05:30
b3476d689d
Create CVE-2021-28377.yaml
2022-04-01 19:02:22 +09:00
3a7ff21e40
Auto Generated New Template Addition List [Fri Apr 1 09:44:33 UTC 2022] 🤖
2022-04-01 09:44:33 +00:00
a6a4d78065
Added CVE-2021-46387 ( #4022 )
2022-04-01 15:13:57 +05:30
5d281f17a8
Auto Generated New Template Addition List [Fri Apr 1 08:52:03 UTC 2022] 🤖
2022-04-01 08:52:03 +00:00
6ddfbac2b4
Dashboard Content Enhancement ( #4020 )
...
* Enhancement: cnvd/2021/CNVD-2021-15822.yaml by mp
* Enhancement: exposed-panels/apache/tomcat-pathnormalization.yaml by mp
* Enhancement: cves/2021/CVE-2021-40542.yaml by mp
* Enhancement: misconfiguration/horde-unauthenticated.yaml by mp
* Enhancement: misconfiguration/horde-unauthenticated.yaml by mp
* Enhancement: misconfiguration/horde-unauthenticated.yaml by mp
* Enhancement: cves/2021/CVE-2021-40542.yaml by mp
* Enhancement: exposed-panels/apiman-panel.yaml by mp
* Enhancement: cves/2010/CVE-2010-1873.yaml by mp
* Enhancement: exposed-panels/arcgis/arcgis-panel.yaml by mp
* Enhancement: exposed-panels/arcgis/arcgis-rest-api.yaml by mp
* Enhancement: exposed-panels/argocd-login.yaml by mp
* Enhancement: exposed-panels/atlassian-crowd-panel.yaml by mp
* Enhancement: exposed-panels/atvise-login.yaml by mp
* Enhancement: exposed-panels/avantfax-panel.yaml by mp
* Enhancement: exposed-panels/avatier-password-management.yaml by mp
* Enhancement: exposed-panels/axigen-webadmin.yaml by mp
* Enhancement: exposed-panels/axigen-webmail.yaml by mp
* Enhancement: exposed-panels/azkaban-web-client.yaml by mp
* Enhancement: exposed-panels/acunetix-panel.yaml by mp
* Enhancement: exposed-panels/adiscon-loganalyzer.yaml by mp
* Enhancement: exposed-panels/adminer-panel.yaml by mp
* Enhancement: cves/2010/CVE-2010-1870.yaml by mp
* Enhancement: exposed-panels/adminset-panel.yaml by mp
* Enhancement: exposed-panels/adobe/adobe-component-login.yaml by mp
* Enhancement: exposed-panels/adobe/adobe-connect-central-login.yaml by mp
* Enhancement: exposed-panels/adobe/adobe-experience-manager-login.yaml by mp
* Enhancement: exposed-panels/adobe/adobe-media-server.yaml by mp
* Enhancement: exposed-panels/advance-setup.yaml by mp
* Enhancement: exposed-panels/aerohive-netconfig-ui.yaml by mp
* Enhancement: exposed-panels/aims-password-mgmt-client.yaml by mp
* Enhancement: exposed-panels/aims-password-mgmt-client.yaml by mp
* Enhancement: exposed-panels/aims-password-portal.yaml by mp
* Enhancement: exposed-panels/airflow-panel.yaml by mp
* Enhancement: exposed-panels/airflow-panel.yaml by mp
* spacing issues
* Spacing
* HTML codes improperly interpreted
Relocate horde-unauthenticated.yaml to CVE-2005-3344.yaml
* Relocate horde-unauthenticated.yaml to CVE-2005-3344.yaml
* Enhancement: technologies/waf-detect.yaml by mp
* Enhancement: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml by mp
* Enhancement: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml by mp
* Enhancement: network/sap-router-info-leak.yaml by mp
* Enhancement: vulnerabilities/wordpress/wordpress-wpcourses-info-disclosure.yaml by mp
* Enhancement: network/sap-router-info-leak.yaml by mp
* Enhancement: network/exposed-adb.yaml by mp
* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp
* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp
* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp
* Enhancement: vulnerabilities/vmware/vrealize-operations-log4j-rce.yaml by mp
* Enhancement: vulnerabilities/wordpress/wordpress-woocommerce-sqli.yaml by mp
* Enhancement: exposures/tokens/digitalocean/tugboat-config-exposure.yaml by mp
* Enhancement: exposed-panels/concrete5/concrete5-install.yaml by mp
* Enhancement: vulnerabilities/wordpress/wordpress-infinitewp-auth-bypass.yaml by mp
* indentation issue
* Character encoding issue fix
* Enhancement: default-logins/alibaba/canal-default-login.yaml by mp
* Enhancement: default-logins/alphaweb/alphaweb-default-login.yaml by mp
* Enhancement: default-logins/ambari/ambari-default-login.yaml by mp
* Enhancement: default-logins/apache/airflow-default-login.yaml by mp
* Enhancement: default-logins/apache/apisix-default-login.yaml by mp
* Enhancement: default-logins/apollo/apollo-default-login.yaml by mp
* Enhancement: default-logins/arl/arl-default-login.yaml by mp
* Enhancement: default-logins/digitalrebar/digitalrebar-default-login.yaml by mp
* Enhancement: default-logins/mantisbt/mantisbt-default-credential.yaml by mp
* Enhancement: default-logins/stackstorm/stackstorm-default-login.yaml by mp
* Enhancement: dns/caa-fingerprint.yaml by mp
* Enhancement: exposed-panels/active-admin-exposure.yaml by mp
* Enhancement: exposed-panels/activemq-panel.yaml by mp
* Enhancement: default-logins/ambari/ambari-default-login.yaml by mp
* Restore & stomped by dashboard
* Enhancement: cves/2010/CVE-2010-1653.yaml by mp
* Enhancement: cves/2021/CVE-2021-38751.yaml by mp
* Enhancement: cves/2021/CVE-2021-39320.yaml by mp
* Enhancement: cves/2021/CVE-2021-39322.yaml by mp
* Enhancement: cves/2021/CVE-2021-39327.yaml by mp
* Enhancement: cves/2021/CVE-2021-39350.yaml by mp
* Enhancement: cves/2021/CVE-2021-39433.yaml by mp
* Enhancement: cves/2021/CVE-2021-41192.yaml by mp
* Enhancement: cnvd/2021/CNVD-2021-15824.yaml by mp
* Enhancement: exposed-panels/ansible-semaphore-panel.yaml by mp
* Enhancement: exposed-panels/aviatrix-panel.yaml by mp
* Enhancement: cves/2022/CVE-2022-24288.yaml by mp
* Enhancement: cves/2022/CVE-2022-24990.yaml by mp
* Enhancement: cves/2022/CVE-2022-26159.yaml by mp
* Enhancement: default-logins/aem/aem-default-login.yaml by mp
* Enhancement: exposed-panels/blue-iris-login.yaml by mp
* Enhancement: exposed-panels/bigbluebutton-login.yaml by mp
* Enhancement: cves/2022/CVE-2022-24288.yaml by mp
* Enhancement: cves/2022/CVE-2022-24990.yaml by mp
* Enhancement: cves/2022/CVE-2022-26159.yaml by mp
* Enhancement: default-logins/aem/aem-default-login.yaml by mp
* Spacing issues
Add cve-id field
* fix & stomping
* Enhancement: cves/2016/CVE-2016-1000141.yaml by mp
* Enhancement: cves/2020/CVE-2020-24912.yaml by mp
* Enhancement: cves/2021/CVE-2021-35265.yaml by mp
* Enhancement: cves/2022/CVE-2022-0437.yaml by mp
* Enhancement: cves/2010/CVE-2010-1601.yaml by mp
* Enhancement: technologies/teradici-pcoip.yaml by mp
* Enhancement: vulnerabilities/other/unauth-hoteldruid-panel.yaml by mp
* Enhancement: cves/2010/CVE-2010-1475.yaml by mp
* Enhancement: cves/2010/CVE-2010-1535.yaml by mp
* Enhancement: exposed-panels/epson-web-control-detect.yaml by mp
* Enhancement: exposed-panels/epson-access-detect.yaml by mp
* Enhancement: cves/2020/CVE-2020-29453.yaml by mp
* Fix spacing
* Remove empty cve lines and relocate tags
* Remove blank cve lines & move tags
* Fix merge errors
* Enhancement: cves/2020/CVE-2020-21224.yaml by mp
* Enhancement: cves/2020/CVE-2020-24148.yaml by mp
* Enhancement: cves/2020/CVE-2020-24391.yaml by mp
* Enhancement: cves/2020/CVE-2020-24589.yaml by mp
* Enhancement: cves/2020/CVE-2020-25213.yaml by mp
* Enhancement: cves/2020/CVE-2020-25223.yaml by mp
* Enhancement: cves/2020/CVE-2020-25506.yaml by mp
* Enhancement: cves/2020/CVE-2020-2551.yaml by mp
* Enhancement: cves/2020/CVE-2020-28871.yaml by mp
* Enhancement: cves/2020/CVE-2020-28188.yaml by mp
* Enhancement: cves/2020/CVE-2020-26948.yaml by mp
* Enhancement: cves/2020/CVE-2020-26919.yaml by mp
* Enhancement: cves/2020/CVE-2020-26214.yaml by mp
* Enhancement: cves/2020/CVE-2020-25223.yaml by mp
* Enhancement: cves/2020/CVE-2020-21224.yaml by mp
* Enhancement: cves/2020/CVE-2020-24148.yaml by mp
* Enhancement: cves/2020/CVE-2020-24186.yaml by mp
* Enhancement: cves/2020/CVE-2020-24186.yaml by mp
* Enhancement: cves/2020/CVE-2020-24391.yaml by mp
* Enhancement: cves/2020/CVE-2020-24589.yaml by mp
* Enhancement: cves/2020/CVE-2020-25213.yaml by mp
* Enhancement: cves/2020/CVE-2020-25223.yaml by mp
* Enhancement: cves/2020/CVE-2020-25506.yaml by mp
* Enhancement: cves/2020/CVE-2020-28871.yaml by mp
* Enhancement: cves/2020/CVE-2020-28188.yaml by mp
* Enhancement: cves/2020/CVE-2020-26948.yaml by mp
* Enhancement: cves/2020/CVE-2020-26919.yaml by mp
* Enhancement: cves/2020/CVE-2020-26214.yaml by mp
* Syntax cleanup
* Enhancement: cves/2021/CVE-2021-38647.yaml by mp
* Syntax and a title change
* Enhancement: cves/2021/CVE-2021-38702.yaml by mp
* Fix references
* Enhancement: cves/2021/CVE-2021-38704.yaml by mp
* Enhancement: cves/2021/CVE-2021-41691.yaml by mp
* Enhancement: cves/2021/CVE-2021-41691.yaml by mp
* Enhancement: cves/2021/CVE-2021-41691.yaml by mp
* Enhancement: cves/2021/CVE-2021-44529.yaml by mp
* Conflicts resolved
* Fix quoting
* Enhancement: cves/2021/CVE-2021-45967.yaml by mp
* Enhancement: cves/2022/CVE-2022-0189.yaml by mp
* Enhancement: cves/2022/CVE-2022-0189.yaml by mp
* Enhancement: cves/2022/CVE-2022-23779.yaml by mp
* Enhancement: default-logins/apache/dolphinscheduler-default-login.yaml by mp
* Enhancement: default-logins/cobbler/hue-default-credential.yaml by mp
* Enhancement: default-logins/emqx/emqx-default-login.yaml by mp
* Enhancement: default-logins/geoserver/geoserver-default-login.yaml by mp
* Enhancement: cves/2021/CVE-2021-38647.yaml by mp
* Enhancement: cves/2021/CVE-2021-41691.yaml by mp
* Enhancement: cves/2021/CVE-2021-45967.yaml by mp
* Enhancement: cves/2022/CVE-2022-0189.yaml by mp
* Enhancement: cnvd/2021/CNVD-2021-14536.yaml by mp
* Enhancement: default-logins/apache/dolphinscheduler-default-login.yaml by mp
* Enhancement: default-logins/geoserver/geoserver-default-login.yaml by mp
* Update CVE-2020-25223.yaml
* Update CVE-2020-26214.yaml
* Update CVE-2020-25506.yaml
* Update CVE-2020-2551.yaml
* Update CVE-2020-26919.yaml
* Update CVE-2021-44529.yaml
* Update CVE-2020-28871.yaml
* Update CVE-2020-28188.yaml
* Update CVE-2021-45967.yaml
* Update hue-default-credential.yaml
* Update CVE-2021-44529.yaml
* misc syntax update
* Syntax restore some characters
* Spacing
* Enhancement: vulnerabilities/wordpress/hide-security-enhancer-lfi.yaml by mp
* Enhancement: vulnerabilities/wordpress/issuu-panel-lfi.yaml by mp
* Enhancement: cves/2019/CVE-2019-10068.yaml by mp
* Enhancement: cves/2019/CVE-2019-10232.yaml by mp
* Enhancement: cves/2019/CVE-2019-10758.yaml by mp
* Enhancement: cves/2019/CVE-2019-11510.yaml by mp
* Enhancement: cves/2019/CVE-2019-11580.yaml by mp
* Enhancement: cves/2019/CVE-2019-11581.yaml by mp
* Enhancement: cves/2019/CVE-2019-12314.yaml by mp
* Enhancement: cves/2019/CVE-2019-13101.yaml by mp
* Link wrapping issue
* Enhancement: cves/2019/CVE-2019-13462.yaml by mp
* Enhancement: cves/2019/CVE-2019-15107.yaml by mp
* Enhancement: cves/2019/CVE-2019-15859.yaml by mp
* Enhancement: cves/2019/CVE-2019-16759.yaml by mp
* Enhancement: cves/2019/CVE-2019-16662.yaml by mp
* Enhancement: cves/2019/CVE-2019-16278.yaml by mp
* Enhancement: cves/2019/CVE-2019-10232.yaml by mp
* Enhancement: cves/2019/CVE-2019-10758.yaml by mp
* Enhancement: cves/2019/CVE-2019-11510.yaml by mp
* Enhancement: cves/2019/CVE-2019-12725.yaml by mp
* Enhancement: cves/2019/CVE-2019-13101.yaml by mp
* Enhancement: cves/2019/CVE-2019-15107.yaml by mp
* Enhancement: cves/2019/CVE-2019-15859.yaml by mp
* Enhancement: cves/2019/CVE-2019-16662.yaml by mp
* Enhancement: cnvd/2021/CNVD-2021-10543.yaml by cs
* Enhancement: cves/2021/CVE-2021-33807.yaml by mp
* Enhancement: cves/2010/CVE-2010-0943.yaml by mp
* Enhancement: cves/2008/CVE-2008-6172.yaml by mp
* Enhancement: vulnerabilities/simplecrm/simple-crm-sql-injection.yaml by mp
* Enhancement: vulnerabilities/oracle/oracle-siebel-xss.yaml by mp
* Enhancement: cves/2010/CVE-2010-1602.yaml by mp
* Enhancement: cves/2010/CVE-2010-1474.yaml by mp
* Enhancement: network/cisco-smi-exposure.yaml by mp
* Enhancement: cves/2021/CVE-2021-37704.yaml by mp
* Enhancement: vulnerabilities/other/microweber-xss.yaml by mp
* Enhancement: cves/2019/CVE-2019-16313.yaml by mp
* Enhancement: cves/2021/CVE-2021-3017.yaml by mp
* Enhancement: cves/2010/CVE-2010-1353.yaml by mp
* Enhancement: cves/2010/CVE-2010-5278.yaml by mp
* Enhancement: cves/2021/CVE-2021-37573.yaml by mp
* Enhancement: vulnerabilities/oracle/oracle-siebel-xss.yaml by mp
* Enhancement: cves/2010/CVE-2010-1602.yaml by mp
* Enhancement: cves/2010/CVE-2010-1474.yaml by mp
* Enhancement: vulnerabilities/other/microweber-xss.yaml by mp
* Enhancement: cves/2018/CVE-2018-11709.yaml by mp
* Enhancement: cves/2014/CVE-2014-2321.yaml by mp
* Enhancement: vulnerabilities/other/visual-tools-dvr-rce.yaml by mp
* Enhancement: vulnerabilities/other/visual-tools-dvr-rce.yaml by mp
* Manual enhancement
* Manual enhancement push due to dashboard failure
* Testing of dashboard accidentally commited to dashboard branch
* Spacing
Put some CVEs in the classification
* Add missing cve-id fields to templates in cve/
Co-authored-by: sullo <sullo@cirt.net>
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-04-01 14:21:42 +05:30
32d9039f6b
add CVE-2021-44103
...
Konga versions <= 0.14.9 are vulnerable to privilege escalation. It is
possible to update a user and change the admin parameter to true.
2022-04-01 03:39:18 -04:00
10bcb838c3
Auto Generated New Template Addition List [Thu Mar 31 20:39:30 UTC 2022] 🤖
2022-03-31 20:39:30 +00:00
idealphase
GwanYeong Kim
Prince Chaddha
GitHub Action
rschio
Sandeep Singh
Roberto Nunes
MostInterestingBotInTheWorld