Commit Graph

3179 Commits (23c93d628a5482972f4a9b278360a0cfef1a47f9)

Author SHA1 Message Date
Ritik Chaddha de3182946f
Update CVE-2020-6950.yaml 2023-10-16 14:15:07 +05:30
pussycat0x 8c3a583ba3
Atlassian Connect Descriptor - Detect 2023-10-16 13:39:12 +05:30
Dhiyaneshwaran 74cc3ae522
Create servicenow-widget-misconfig.yaml 2023-10-16 11:53:09 +05:30
Dhiyaneshwaran 7fb0982106
Merge branch 'main' into main 2023-10-16 10:46:37 +05:30
Dhiyaneshwaran c1ed5b216b
minor matcher update 2023-10-16 10:46:15 +05:30
Dhiyaneshwaran 0b2573f839
minor update 2023-10-16 10:40:56 +05:30
GitHub Action 6612b249f8 Auto WordPress Plugins Update [Mon Oct 16 04:02:00 UTC 2023] 🤖 2023-10-16 04:02:00 +00:00
Naveen J ee2ce41922
Create springboot-prometheus.yaml
Bypass 403 restriction to Springboot prometheus endpoint.

### Reference

https://infosecwriteups.com/hunting-for-hidden-treasures-unveiling-the-403-bypass-bug-bounty-adventure-️-️-c6d17a0282ac
2023-10-16 07:39:05 +05:30
Bipin Jitiya 3781881f10
Create CVE-2023-3710.yaml
Added CVE-2023-3710 Template
2023-10-15 19:27:25 +05:30
GitHub Action 267796f8d6 TemplateMan Update [Sun Oct 15 09:28:03 UTC 2023] 🤖 2023-10-15 09:28:04 +00:00
Pugalarasan 00e090e431
Merge branch 'main' into main 2023-10-15 14:57:45 +05:30
Ritik Chaddha 254490443d
Merge pull request #8385 from Fisjkars/update-wordpress-accessible-wpconfig
Add some upper case extensions for wordpress-accessible-wpconfig
2023-10-15 14:53:44 +05:30
GitHub Action 047c5436b4 Auto WordPress Plugins Update [Sun Oct 15 04:02:11 UTC 2023] 🤖 2023-10-15 04:02:11 +00:00
Pugalarasan d64994047f
Merge branch 'projectdiscovery:main' into main 2023-10-15 06:55:11 +05:30
Luis Felipe 468bb365f2
Merge branch 'main' into main 2023-10-14 17:45:08 -03:00
GitHub Action 076aa6cafd TemplateMan Update [Sat Oct 14 19:50:16 UTC 2023] 🤖 2023-10-14 19:50:16 +00:00
Luis Felipe 1ff0d90499
Merge branch 'projectdiscovery:main' into main 2023-10-14 14:07:13 -03:00
Luis Felipe 6067fa8d03
Delete http/cves/2021/CVE-2021-25016.yaml 2023-10-14 14:06:29 -03:00
Luis Felipe 5210becb8d
Create CVE-2021-25016.yaml 2023-10-14 13:57:47 -03:00
Pugalarasan 4f95c39e48
Update wordpress-accessible-wpconfig.yaml 2023-10-14 17:52:39 +05:30
Pugalarasan f6b11d66a1
Update wordpress-accessible-wpconfig.yaml 2023-10-14 17:26:44 +05:30
sandeep 161b90353a templateman update 2023-10-14 16:57:55 +05:30
Dhiyaneshwaran 44d59fe270
trail lint fix 2023-10-13 21:36:34 +05:30
Rahul Maini a4de430746 Added CVE-2020-6950.yaml 2023-10-13 20:00:06 +04:00
Fisjkars 061558cc68 Add some upper case extensions for wordpress-accessible-wpconfig 2023-10-13 15:59:03 +02:00
Dhiyaneshwaran 315217298e
Merge pull request #8377 from righettod/add_checkpointmobile_tpl
Add template to detect instance of Check Point Mobile SSL VPN  product.
2023-10-13 15:45:29 +05:30
Ritik Chaddha c136047b5c
Update checkpoint-mobile-detect.yaml 2023-10-13 15:40:25 +05:30
Dhiyaneshwaran 67edfa63c5
Merge pull request #8383 from 0xPugazh/main
Update phpmyadmin-setup.yaml and CVE-2022-21500.yaml
2023-10-13 15:12:24 +05:30
Ritik Chaddha 6b4d582433
Update CVE-2022-21500.yaml 2023-10-13 15:08:25 +05:30
Dhiyaneshwaran c09b7753ea
Merge pull request #8381 from iamnoooob/main
Added CVE-2021-41749 CraftCMS SEOMatic Plugin SSTI
2023-10-13 14:18:50 +05:30
Ritik Chaddha 5dcf8c0e1a
update matcher 2023-10-13 13:58:39 +05:30
Pugalarasan eb887e21cb
Merge branch 'main' into main 2023-10-13 13:01:02 +05:30
sandeep facfb30b86 misc update 2023-10-13 12:39:36 +05:30
Pugalarasan fff98181f3
Update CVE-2022-21500.yaml 2023-10-12 18:41:52 +05:30
Pugalarasan 011ed43474
Update phpmyadmin-setup.yaml 2023-10-12 18:40:46 +05:30
Pugalarasan 46e7580827
Update CVE-2022-21500.yaml 2023-10-12 18:40:11 +05:30
Pugalarasan a2d5b1a43b
Update phpmyadmin-setup.yaml 2023-10-12 18:23:21 +05:30
Ritik Chaddha fe6f534b69
Update CVE-2021-41749.yaml 2023-10-12 16:34:02 +05:30
Rahul Maini 438ecc5186 Added CraftCMS SEOMatic Plugin SSTI 2023-10-12 14:53:59 +04:00
Ritik Chaddha 22bc306d5a
Merge pull request #8378 from projectdiscovery/CVE-2023-4451
Create CVE-2023-4451.yaml
2023-10-12 14:07:30 +05:30
Ritik Chaddha 310ae76f45
word matcher update 2023-10-12 02:01:05 +05:30
Ritik Chaddha 564be0d662
Merge pull request #8312 from righettod/add_sphinxonline_tpl
Add template to detect instance of SphinxOnline product
2023-10-12 01:53:15 +05:30
Dhiyaneshwaran 4d60c41b3e
Create CVE-2023-4451.yaml 2023-10-11 20:41:07 +05:30
Dominique RIGHETTO 3ee3e0c75d
Fix linter error 2023-10-11 16:29:18 +02:00
Dominique RIGHETTO 2e441cd3e6
Add files via upload 2023-10-11 16:22:02 +02:00
zy9ard3 ce8397db3b
Heroku turns out No More Vulnerable after recent update 2023-10-11 19:35:03 +05:30
Ritik Chaddha 59dcf258e0
Update sphinxonline-panel.yaml 2023-10-11 16:41:10 +05:30
Ritik Chaddha 6ca7771782
Merge pull request #8360 from zy9ard3/patch-1
Update AWS Bucket Takeover
2023-10-11 16:33:19 +05:30
Ritik Chaddha 91b4e71635
Merge pull request #8366 from fapami/main
exposed-gitignore - Exclude text/xml Content-Type
2023-10-11 16:32:25 +05:30
Ritik Chaddha 5103905a38
Merge pull request #8370 from projectdiscovery/princechaddha-patch-2
Updated regex
2023-10-11 14:52:46 +05:30
Prince Chaddha aba18b8858
Update jotform-api-key.yaml 2023-10-11 14:47:50 +05:30
Prince Chaddha f1e70da56c
Update jotform-api-key.yaml 2023-10-11 14:46:26 +05:30
Dhiyaneshwaran 1e4940db54
Merge pull request #8368 from theamanrawat/patch-2
Create copyparty-xss.yaml
2023-10-11 14:43:52 +05:30
Dhiyaneshwaran 097847ee21
Merge pull request #8367 from theamanrawat/patch-1
Create CVE-2023-37474.yaml
2023-10-11 14:43:22 +05:30
Ritik Chaddha d53d0677b0
Merge pull request #8354 from projectdiscovery/protractor-config
Create protractor-config.yaml
2023-10-11 14:30:04 +05:30
Ritik Chaddha d52b09f3bb
Update protractor-config.yaml 2023-10-11 14:27:06 +05:30
Prince Chaddha 94bf36f471
Updated regex 2023-10-11 14:26:14 +05:30
Ritik Chaddha ce83ab0a08
Merge pull request #8357 from projectdiscovery/mercurial-hgignore
Create mercurial-hgignore.yaml
2023-10-11 14:19:04 +05:30
Ritik Chaddha a610c3d05a
Update copyparty-xss.yaml 2023-10-11 14:15:08 +05:30
Aman Rawat 0e832cf68e
Create copyparty-xss.yaml 2023-10-11 14:07:29 +05:30
Ritik Chaddha 17d3db3a62
Update CVE-2023-37474.yaml 2023-10-11 14:07:22 +05:30
Aman Rawat 57d5228626
Update CVE-2023-37474.yaml 2023-10-11 13:56:49 +05:30
Aman Rawat fa141157db
Create CVE-2023-37474.yaml 2023-10-11 13:52:27 +05:30
Ritik Chaddha dc3ea52a88
Merge pull request #8336 from projectdiscovery/updated-oast
updated oast matchers
2023-10-11 13:12:50 +05:30
Patrik Fabian 500ae64807
Merge branch 'projectdiscovery:main' into main 2023-10-11 07:33:44 +02:00
pussycat0x 17cbbe173b
Merge pull request #8365 from projectdiscovery/CVE-2022-25568
Create CVE-2022-25568.yaml
2023-10-11 11:03:44 +05:30
Fábián Patrik 9ce1c40048 Exclude text/xml
The text/xml Content-Type generates a false positive at some SOAP Environments.
2023-10-11 07:33:11 +02:00
Dhiyaneshwaran d7716c9bc6
Update and rename amazon-cognito-developer.yaml to default-amazon-cognito.yaml 2023-10-11 09:40:53 +05:30
Dhiyaneshwaran c97b868a5d
Create CVE-2022-25568.yaml 2023-10-11 02:31:40 +05:30
pussycat0x f0c3c37b0c
ognito Developer Authentication Sample - Detect 2023-10-11 01:50:58 +05:30
Dhiyaneshwaran 96885dc6e8
Create CVE-2023-35813.yaml (Sitecore - Remote Code Execution 🔥 ) (#8363)
* Create CVE-2023-35813.yaml

* Update CVE-2023-35813.yaml

* improved matcher

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
2023-10-10 23:26:29 +05:30
Ritik Chaddha d91ab2cfcd
Merge pull request #8361 from projectdiscovery/add-CVE-2023-22515
Added CVE-2023-22515
2023-10-10 22:50:48 +05:30
Dhiyaneshwaran 3bb0ea0c81
Merge pull request #8356 from projectdiscovery/rakefile-disclosure
Create rakefile-disclosure.yaml
2023-10-10 21:11:09 +05:30
sandeep 3bf6fce75a meta update 2023-10-10 20:28:10 +05:30
sandeep b09a224654 improved matcher + variables 2023-10-10 20:22:53 +05:30
Ritik Chaddha b54038c0bf
Update rakefile-disclosure.yaml 2023-10-10 19:37:58 +05:30
Ritik Chaddha 44bf53d4e6
Merge pull request #8353 from projectdiscovery/phpcs-config
Create phpcs-config.yaml
2023-10-10 19:34:28 +05:30
Ritik Chaddha 413dae585a
Merge pull request #8352 from projectdiscovery/psalm-config
Create psalm-config.yaml
2023-10-10 19:28:28 +05:30
Ritik Chaddha 4b0edb6990
Update phpcs-config.yaml 2023-10-10 19:28:16 +05:30
Ritik Chaddha f278343448
Update psalm-config.yaml 2023-10-10 19:20:09 +05:30
sandeep 0471ab31c7 Added CVE-2023-22515 2023-10-10 18:50:42 +05:30
Ritik Chaddha 4e840a32b6
FP update 2023-10-10 17:38:13 +05:30
zy9ard3 5ef07a8627
BucketName is the main part of S3 Takeovers and as well as to avoid false positives with other similar services ( eg: Acronis ) 2023-10-10 17:33:23 +05:30
Ritik Chaddha 2e9cd3e4cf
Update viminfo-disclosure.yaml 2023-10-10 17:11:27 +05:30
Ritik Chaddha 3d59e1bd4f
Merge pull request #8358 from projectdiscovery/viminfo-disclosure
Create viminfo-disclosure.yaml
2023-10-10 17:07:35 +05:30
Ritik Chaddha 352559fecf
Update viminfo-disclosure.yaml 2023-10-10 16:51:16 +05:30
Prince Chaddha 583beed216
updated protocol name 2023-10-10 15:13:10 +05:30
Dhiyaneshwaran ae07b1170c
Create viminfo-disclosure.yaml 2023-10-10 15:03:46 +05:30
Dhiyaneshwaran 1e7dd85465
Create mercurial-hgignore.yaml 2023-10-10 14:53:56 +05:30
Dhiyaneshwaran 9b315a98fc
Create rakefile-disclosure.yaml 2023-10-10 14:47:39 +05:30
pussycat0x 6dece01c39
Update spa-cart-installer.yaml 2023-10-10 13:58:44 +05:30
Dhiyaneshwaran 021a510a9b
Update and rename spa-cart-install.yaml to spa-cart-installer.yaml 2023-10-10 13:57:49 +05:30
pussycat0x 0c4755d2b8
Rename spa-cart.yaml to spa-cart-install.yaml 2023-10-10 13:56:53 +05:30
pussycat0x 7c88713d39
SPA Cart - Installer 2023-10-10 13:55:07 +05:30
Dhiyaneshwaran 38b0633dd2
Create protractor-config.yaml 2023-10-10 13:46:57 +05:30
Dhiyaneshwaran 64a1389aec
Create phpcs-config.yaml 2023-10-10 13:30:30 +05:30
Dhiyaneshwaran 221d36e2c3
Create psalm-config.yaml 2023-10-10 13:24:26 +05:30
Dhiyaneshwaran 9db41d5400
Merge pull request #8293 from gy741/rule-add-v145
Create CVE-2023-30013.yaml
2023-10-10 12:25:13 +05:30
pussycat0x 2a2cf9fe8d
minor - update 2023-10-10 12:14:27 +05:30
Dhiyaneshwaran 8f4762337d
author name update 2023-10-10 11:57:02 +05:30
Dhiyaneshwaran 9ccd3e8008
Update klr300n-panel.yaml 2023-10-10 11:43:27 +05:30
pussycat0x dc759b5ca0
Update klr300n-panel.yaml 2023-10-10 11:31:53 +05:30
pussycat0x dcad1fd50b
KLR 300N Router Panel - Detect 2023-10-10 11:28:16 +05:30
Dhiyaneshwaran 6e000d1c7c
Merge pull request #8342 from projectdiscovery/CVE-2023-31465
Create CVE-2023-31465.yaml
2023-10-10 10:42:41 +05:30
Dhiyaneshwaran 293264df1a
oast tag added 2023-10-10 10:39:53 +05:30
Dhiyaneshwaran 5a79d03fc6
Merge pull request #8349 from projectdiscovery/portainer-panel
Create portainer-panel.yaml
2023-10-09 15:51:33 +05:30
Dhiyaneshwaran 31682df215
Merge pull request #8348 from projectdiscovery/audiobookshelf-panel
Create audiobookshelf-panel.yaml
2023-10-09 15:50:15 +05:30
Dhiyaneshwaran f4c85a0fa5
Update portainer-panel.yaml 2023-10-09 15:48:13 +05:30
Dhiyaneshwaran 08563b04c8
Merge pull request #8347 from projectdiscovery/filebrowser-unauth
Create filebrowser-unauth.yaml
2023-10-09 15:45:48 +05:30
Dhiyaneshwaran ceb23bca41
Update portainer-panel.yaml 2023-10-09 15:39:32 +05:30
Ritik Chaddha 6d10cbe64f
Create qBittorrent-panel.yaml 2023-10-09 15:31:59 +05:30
Ritik Chaddha 49e860e02e
Create portainer-panel.yaml 2023-10-09 15:31:40 +05:30
Dhiyaneshwaran fe53ea46e6
Merge pull request #8345 from projectdiscovery/bitwarden-vault-panel
Create bitwarden-vault-panel.yaml
2023-10-09 15:31:22 +05:30
Ritik Chaddha f867ba79bf
Create audiobookshelf-panel.yaml 2023-10-09 15:31:08 +05:30
Dhiyaneshwaran fd4af2f926
Update bitwarden-vault-panel.yaml 2023-10-09 15:28:34 +05:30
Dhiyaneshwaran b5093a84df
Merge pull request #8346 from projectdiscovery/filebrowser-login-panel
Create filebrowser-login-panel.yaml
2023-10-09 15:27:45 +05:30
Ritik Chaddha 59e4bd0036
Create filebrowser-unauth.yaml 2023-10-09 15:27:01 +05:30
Dhiyaneshwaran d9c1b4698d
Merge pull request #8344 from projectdiscovery/jellyseerr-login-panel
Create jellyseerr-login-panel.yaml
2023-10-09 15:25:43 +05:30
Dhiyaneshwaran ac11919322
Merge pull request #8341 from projectdiscovery/CVE-2023-41642
Create CVE-2023-41642.yaml
2023-10-09 15:22:44 +05:30
Ritik Chaddha 49b9e6cef1
Create filebrowser-login-panel.yaml 2023-10-09 15:22:05 +05:30
Ritik Chaddha f82f970113
Create bitwarden-vault-panel.yaml 2023-10-09 15:18:45 +05:30
Ritik Chaddha 9139e4a42b
Create jellyseerr-login-panel.yaml 2023-10-09 15:17:48 +05:30
Dhiyaneshwaran 0abc857dff
fix lint 2023-10-09 15:07:24 +05:30
Ritik Chaddha 1e6b6a01ab
/t character removed 2023-10-09 15:04:41 +05:30
Ritik Chaddha 4ee5288a50
lint fix 2023-10-09 14:53:16 +05:30
Ritik Chaddha 404c7ae9ae
Create dashy-panel.yaml 2023-10-09 14:50:09 +05:30
Ritik Chaddha 8898dafede
Create CVE-2023-31465.yaml 2023-10-09 14:48:51 +05:30
Ritik Chaddha 072802c4dc
Create CVE-2023-41642.yaml 2023-10-09 14:46:15 +05:30
Dhiyaneshwaran 16bde8739c
Merge pull request #8252 from thehlopster/vercel_source_exposure
Added vercel-source-exposure template
2023-10-09 14:44:57 +05:30
Dhiyaneshwaran a860255ba6
Merge pull request #8331 from j4vaovo/patch-8
fix fp  shiro-deserialization-detection.yaml
2023-10-09 14:44:18 +05:30
Dhiyaneshwaran 774f851dc8
Merge pull request #8339 from fapami/main
Create phpSysInfo Exposure Template
2023-10-09 14:43:29 +05:30
Dhiyaneshwaran 1f1cfb88c5
Merge pull request #8337 from gy741/rule-add-v149
Create CVE-2023-34259
2023-10-09 14:39:11 +05:30
Dhiyaneshwaran a07b5f8b38 Fix Matcher and Panel Move around 2023-10-09 13:48:46 +05:30
Dhiyaneshwaran c44cac42a6
Merge pull request #8323 from FLX-0x00/wordpress-yoast-seo-user-enumeration
implement wordpress-yoast-seo-user-enumeration
2023-10-09 13:40:21 +05:30
Dhiyaneshwaran a8c85fc97c
Rename wordpress-yoast-seo-user-enumeration.yaml to wp-yoast-user-enumeration.yaml 2023-10-09 13:20:57 +05:30
Dhiyaneshwaran 2192ae9fdf
Update sphinxonline-panel.yaml 2023-10-09 13:19:26 +05:30
GitHub Action 02f924e3d8 Auto WordPress Plugins Update [Mon Oct 9 04:02:06 UTC 2023] 🤖 2023-10-09 04:02:06 +00:00
Dhiyaneshwaran 79a34fe321
Update and rename phpsysinfo-exposure.yaml to phpsys-info.yaml 2023-10-08 22:12:32 +05:30
Fábián Patrik 3d671d04d7 Create phpSysInfo Exposure Template
phpSysInfo: a customizable PHP script that displays information about your system nicely

This includes hardware and software information as well as informations about running processes or mounted hard drives / shares.
2023-10-08 18:28:09 +02:00
GwanYeong Kim c8eb644cf6 Create kyocera-printer-detect.yaml
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2023-10-08 18:05:38 +09:00
GwanYeong Kim 2565ddf6be Create CVE-2023-34259.yaml
CCRX has a Path Traversal vulnerability. Path Traversal is an attack on web applications. By manipulating the value of the file path, an attacker can gain access to the file system, including source code and critical system settings.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2023-10-08 17:57:09 +09:00
Ritik Chaddha 1b9dd8c57d
Update wordpress-yoast-seo-user-enumeration.yaml 2023-10-08 13:50:56 +05:30
Prince Chaddha 213b63e42a updated oast matchers 2023-10-08 13:24:05 +05:30
Ritik Chaddha 6efc9d4b83
Merge pull request #8335 from projectdiscovery/princechaddha-patch-2
Update CVE-2020-8813.yaml
2023-10-08 12:52:54 +05:30
GitHub Action 23910e88bb TemplateMan Update [Sun Oct 8 07:20:15 UTC 2023] 🤖 2023-10-08 07:20:16 +00:00
Prince Chaddha d28c19efa6
Update CVE-2020-8813.yaml 2023-10-08 12:48:55 +05:30
Dhiyaneshwaran 831e20890f
Merge pull request #8332 from projectdiscovery/princechaddha-patch-2
Create xploitspy-default-login.yaml
2023-10-08 12:48:12 +05:30
Dhiyaneshwaran 419a1c6224
Merge pull request #8290 from 5hank4r/main
CVE-2023-33405.yaml
2023-10-08 12:45:01 +05:30
Dhiyaneshwaran aa9ed33036
Merge pull request #8322 from Osb0rn3/main
Resolve some issues to capture missed items
2023-10-08 12:43:04 +05:30
Dhiyaneshwaran cfa512cee9
Merge pull request #8333 from projectdiscovery/princechaddha-patch-3
Update symfony-fosjrouting-bundle.yaml
2023-10-08 12:38:58 +05:30
Dhiyaneshwaran fb033a936f
fix lint 2023-10-08 12:36:46 +05:30
Prince Chaddha 71a001061a
Update config-json.yaml 2023-10-08 12:32:32 +05:30
Prince Chaddha c1d49b6764
Update symfony-fosjrouting-bundle.yaml 2023-10-08 12:21:08 +05:30
Prince Chaddha b9e2549d37
Create xploitspy-default-login.yaml 2023-10-08 12:15:52 +05:30
GitHub Action 01d09e5410 TemplateMan Update [Sun Oct 8 06:29:19 UTC 2023] 🤖 2023-10-08 06:29:19 +00:00
HuTa0 aea032a150
Fix: CVE-2022-4321 (#8330)
* Fix: CVE-2022-4321

* added metadata

---------

Co-authored-by: rivers <HuTa0@HuTa0-MacBook-Pro.local>
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
2023-10-08 11:56:49 +05:30
GitHub Action 6b3707c572 Auto WordPress Plugins Update [Sun Oct 8 04:02:12 UTC 2023] 🤖 2023-10-08 04:02:12 +00:00
J4vaovo 9de5684be8
Update shiro-deserialization-detection.yaml 2023-10-08 07:46:50 +08:00
J4vaovo 425565567a
Update shiro-deserialization-detection.yaml 2023-10-08 07:31:39 +08:00
GitHub Action 9b929ca85c TemplateMan Update [Sat Oct 7 19:48:19 UTC 2023] 🤖 2023-10-07 19:48:19 +00:00
CravateRouge f4ab265878
Create devexpress-detect.yaml (#8217)
* Create devexpress-detect.yaml

* misc update

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
2023-10-08 01:16:02 +05:30
Ritik Chaddha 22be557e9c
Update sidekiq-dashboard.yaml 2023-10-08 01:11:40 +05:30
GitHub Action 154e39a54e TemplateMan Update [Sat Oct 7 18:40:37 UTC 2023] 🤖 2023-10-07 18:40:38 +00:00
GitHub Action df7331dc86 Auto WordPress Plugins Update [Fri Oct 6 04:02:10 UTC 2023] 🤖 2023-10-06 04:02:10 +00:00
Luis Felipe 9b1d7f3b71
Add files via upload 2023-10-05 15:36:49 -03:00
pussycat0x e48b398bf3
Merge pull request #8315 from ctflearner/CVE-2023-38501
Create CVE-2023-38501.YAML
2023-10-05 23:38:26 +05:30
Paul Werther 06082e2559
fix some linting stuff 2023-10-05 19:53:02 +02:00
Paul Werther ed24e0724a
optimize regex 2023-10-05 19:33:31 +02:00
AmirMohammad Safari f376850c99
Merge branch 'main' into main 2023-10-05 20:25:15 +03:00
AmirMohammad Safari abfcb267c4
Resolve some issues to capture missed items 2023-10-05 20:04:07 +03:00
Paul Werther 4ac30ead08
implement wordpress-yoast-seo-user-enumeration 2023-10-05 18:44:32 +02:00
Ritik Chaddha b479f9abb6
Update and rename CVE-2023-38501.YAML to CVE-2023-38501.yaml 2023-10-05 20:38:15 +05:30
Dhiyaneshwaran 22a07ca583
Create sangfor-ngaf-lfi.yaml 2023-10-05 17:41:00 +05:30
Dhiyaneshwaran aec030bdaa
Merge pull request #8308 from luisfelipe146/main
Create CVE-2023-2224.yaml
2023-10-05 17:29:16 +05:30
GitHub Action 00e5276685 TemplateMan Update [Thu Oct 5 11:56:54 UTC 2023] 🤖 2023-10-05 11:56:55 +00:00
Dhiyaneshwaran a84dfa160c
Merge pull request #8316 from ctflearner/CVE-2022-48197
Create CVE-2022-48197.yaml
2023-10-05 17:24:51 +05:30
Ritik Chaddha b40c62549b
matchers & info update 2023-10-05 13:15:20 +05:30
Ritik Chaddha 0f42303065
lint & format fix 2023-10-05 12:57:16 +05:30
Ritik Chaddha 7a7a867b7b
Update CVE-2023-2224.yaml 2023-10-05 11:35:30 +05:30
GitHub Action 891e5c10fe Auto WordPress Plugins Update [Wed Oct 4 04:02:00 UTC 2023] 🤖 2023-10-04 04:02:00 +00:00
ctflearner 26d3cf0a94
Create CVE-2022-48197.yaml 2023-10-04 07:19:16 +05:30
ctflearner 6f37e9b554
Create CVE-2023-38501.YAML 2023-10-04 06:56:45 +05:30
Dhiyaneshwaran 751ddc980a
Create CVE-2023-33405.yaml 2023-10-03 18:33:29 +05:30
Dhiyaneshwaran d289d08865
Update twilio-api-key.yaml 2023-10-03 18:31:07 +05:30
Dhiyaneshwaran a5f50bfcfb revert commit 2023-10-03 18:30:30 +05:30
Dhiyaneshwaran 69c3edb658 revert commit 2023-10-03 18:28:59 +05:30
GitHub Action 7075e24ddd TemplateMan Update [Tue Oct 3 12:39:53 UTC 2023] 🤖 2023-10-03 12:39:54 +00:00
Dhiyaneshwaran d5b7a53028
Merge pull request #8273 from projectdiscovery/yonyou-u8-sqli
Create yonyou-u8-sqli.yaml
2023-10-03 18:07:16 +05:30
Dhiyaneshwaran cd11f87128
fix detection 2023-10-03 18:03:45 +05:30
Dominique RIGHETTO 67f0667bbd
Add tpl 2023-10-03 14:31:51 +02:00
Dhiyaneshwaran 7b44367b02
Update yonyou-u8-sqli.yaml 2023-10-03 17:59:56 +05:30
GitHub Action da6de402a7 TemplateMan Update [Tue Oct 3 09:17:07 UTC 2023] 🤖 2023-10-03 09:17:07 +00:00
Ritik Chaddha ac6aa73935
Merge pull request #8306 from 0xPugazh/main
Update php-backup-files.yaml
2023-10-03 14:45:05 +05:30
Ritik Chaddha 6aca91bfee
Merge pull request #8171 from neriberto/feature/pihole
Update template pi-hole-detect.yaml to detect new versions
2023-10-03 14:03:30 +05:30
Ritik Chaddha 4e78a390d7
Update pi-hole-detect.yaml 2023-10-03 13:59:48 +05:30
Ritik Chaddha ac6bb1823c
Merge pull request #8272 from projectdiscovery/CVE-2023-22432
Create CVE-2023-22432.yaml
2023-10-03 13:40:06 +05:30
Ritik Chaddha 568b53ef70
Merge pull request #8295 from gy741/rule-add-v146
Create CVE-2023-30625.yaml
2023-10-03 13:33:19 +05:30
Ritik Chaddha 22c0b5891d
updated matcher & req 2023-10-03 13:32:34 +05:30
Ritik Chaddha a334550a21
Merge pull request #8286 from jainiresh/patch-1
Update CVE-2019-6802.yaml
2023-10-03 13:19:37 +05:30
Ritik Chaddha 43fc4f3795
added status matcher 2023-10-03 13:18:23 +05:30
pussycat0x 8348a7fa6e
Update yonyou-u8-sqli.yaml 2023-10-03 12:23:04 +05:30
GitHub Action 172150f538 TemplateMan Update [Tue Oct 3 06:50:17 UTC 2023] 🤖 2023-10-03 06:50:18 +00:00
pussycat0x 465f0d9224
Update yonyou-u8-sqli.yaml 2023-10-03 12:19:44 +05:30
pussycat0x e13ab6cfdd
Merge pull request #8301 from gy741/rule-add-v148
Create CVE-2023-33831.yaml
2023-10-03 12:18:01 +05:30
pussycat0x 1e956367e0
Update CVE-2023-33831.yaml 2023-10-03 12:13:22 +05:30
pussycat0x 8ef3ae589b
Merge pull request #8305 from projectdiscovery/milesight-system-log
Create milesight-system-log.yaml
2023-10-03 12:11:37 +05:30
GitHub Action a0ecc3da00 TemplateMan Update [Tue Oct 3 06:40:54 UTC 2023] 🤖 2023-10-03 06:40:55 +00:00
pussycat0x 09b71b9afe
Merge pull request #8299 from projectdiscovery/unauth-celery-flower
Create unauth-celery-flower.yaml
2023-10-03 12:09:55 +05:30
GitHub Action fd071b4900 Auto WordPress Plugins Update [Tue Oct 3 04:02:30 UTC 2023] 🤖 2023-10-03 04:02:30 +00:00
Dhiyaneshwaran 8ccee371e6
change endpoint to fix fp 2023-10-02 22:28:04 +05:30
Dhiyaneshwaran 4572b7c0a7
Update api-tatum.yaml 2023-10-02 22:04:10 +05:30
GitHub Action d9efa67522 TemplateMan Update [Mon Oct 2 16:03:47 UTC 2023] 🤖 2023-10-02 16:03:47 +00:00
Dhiyaneshwaran f37e2b3a02
Rename milesight-system-log.yaml to milesight-system-log.yaml 2023-10-02 21:33:19 +05:30
Dhiyaneshwaran 19d9af9261
Merge pull request #8261 from projectdiscovery/princechaddha-patch-2
Create shiro-deserialization-detection.yaml
2023-10-02 21:31:51 +05:30
Luis Felipe 63dcb68b75
Create CVE-2023-2224.yaml 2023-10-02 08:57:09 -03:00
Pugalarasan fa6c8f9bb6
Update php-backup-files.yaml 2023-10-02 15:37:48 +05:30
GitHub Action f8794112ab TemplateMan Update [Mon Oct 2 08:23:48 UTC 2023] 🤖 2023-10-02 08:23:49 +00:00
gy741 fef8a38e22
Create CVE-2023-43261 (#8300)
* Auto WordPress Plugins Update [Sun Oct  1 04:12:23 UTC 2023] 🤖

* Create CVE-2023-43261.yaml

A critical security vulnerability has been identified in Milesight Industrial Cellular Routers, compromising the security of sensitive credentials and permitting unauthorized access. This vulnerability stems from a misconfiguration that results in directory listing being enabled on the router systems, rendering log files publicly accessible. These log files, while containing sensitive information such as admin and other user passwords (encrypted as a security measure), can be exploited by attackers via the router's web interface. The presence of a hardcoded AES secret key and initialization vector (IV) in the JavaScript code further exacerbates the situation, facilitating the decryption of these passwords. This chain of vulnerabilities allows malicious actors to gain unauthorized access to the router.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>

* Revert "Auto WordPress Plugins Update [Sun Oct  1 04:12:23 UTC 2023] 🤖"

This reverts commit ceb38c80b0.

* added metadata

---------

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
Co-authored-by: GitHub Action <action@github.com>
Co-authored-by: Dhiyaneshwaran <leedhiyanesh@gmail.com>
2023-10-02 13:51:12 +05:30
Ritik Chaddha 0599afee2c
Create milesight-system-log.yaml 2023-10-02 12:01:44 +05:30
GitHub Action 658d741b44 Auto WordPress Plugins Update [Mon Oct 2 04:02:10 UTC 2023] 🤖 2023-10-02 04:02:10 +00:00
Dhiyaneshwaran ffa4a84ba9
added metadata and updated matcher 2023-10-02 00:47:23 +05:30
GwanYeong Kim 06674c9bca Create CVE-2023-33831.yaml
A remote command execution (RCE) vulnerability in the /api/runscript endpoint of FUXA 1.1.13 allows attackers to execute arbitrary commands via a crafted POST request.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2023-10-02 01:19:18 +09:00
Dhiyaneshwaran a151696a50
Create unauth-celery-flower.yaml 2023-10-01 18:12:23 +05:30
Ritik Chaddha 763b2e702d
Update icewarp-open-redirect.yaml 2023-10-01 17:53:02 +05:30
sandeep 6396390240 matcher update 2023-10-01 17:36:17 +05:30
GitHub Action d52def2330 TemplateMan Update [Sun Oct 1 08:42:42 UTC 2023] 🤖 2023-10-01 08:42:43 +00:00
Prince Chaddha cef5268b09
Merge pull request #8227 from sttlr/rdap-whois
Update rdap-whois.yaml
2023-10-01 14:10:19 +05:30
Prince Chaddha 48b3253a7e added additional matcher 2023-10-01 13:59:50 +05:30
Prince Chaddha 392adf2300 Revert "Auto WordPress Plugins Update [Sun Oct 1 04:12:23 UTC 2023] 🤖"
This reverts commit ceb38c80b0.
2023-10-01 13:50:49 +05:30
GitHub Action 32ee9d8ebb Auto WordPress Plugins Update [Sun Oct 1 04:01:57 UTC 2023] 🤖 2023-10-01 04:01:57 +00:00
GitHub Action ce1a84f8c4 TemplateMan Update [Sat Sep 30 08:23:25 UTC 2023] 🤖 2023-09-30 08:23:25 +00:00
johnk3r f953aca287
Create wsftp-detect.yaml (#8285)
* Create wsftp-detect.yaml

* Update and rename wsftp-detect.yaml to wsftp-ssh-detect.yaml

* Update and rename wsftp-ssh-detect.yaml to ws_ftp-ssh-detect.yaml

* Create ws_ftp-server-web-transfer.yaml

* misc update

* Update ws_ftp-server-web-transfer.yaml

* Update ws_ftp-ssh-detect.yaml

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
2023-09-30 13:51:24 +05:30
GwanYeong Kim 208ff38843 Create CVE-2023-30013.yaml
TOTOLINK X5000R V9.1.0u.6118_B20201102 and V9.1.0u.6369_B20230113 contain a command insertion vulnerability in setting/setTracerouteCfg. This vulnerability allows an attacker to execute arbitrary commands through the "command" parameter.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2023-09-30 13:15:00 +09:00
GitHub Action f10d3a0aa5 Auto WordPress Plugins Update [Sat Sep 30 04:02:07 UTC 2023] 🤖 2023-09-30 04:02:07 +00:00
sandeep ff450a65ba strict matcher 2023-09-29 19:04:39 +05:30
sandeep fd69046097 Added CVE-2023-29357 (Microsoft SharePoint - Authentication Bypass) 2023-09-29 18:51:23 +05:30
sandeep 6784a9d2c1 format fix 2023-09-29 14:24:46 +05:30
jainiresh 5574a26f60
Update CVE-2019-6802.yaml
Updated to remove false positives.
As the previous change matches the words "Set-Cookie: crlfinjection=1" even if the words are present in the Location header too.

The updated code, will match only if the "Set-Cookie: crlfinjection=1" is actually a header, by verifying that it actually starts in the beginning of a response header.
2023-09-29 13:46:22 +05:30
GitHub Action 77bfd17949 TemplateMan Update [Fri Sep 29 05:57:07 UTC 2023] 🤖 2023-09-29 05:57:07 +00:00
pussycat0x 30217297c2
Merge pull request #8271 from projectdiscovery/CVE-2014-9180
Create CVE-2014-9180.yaml
2023-09-29 11:24:52 +05:30
pussycat0x ba23b0da91
Merge pull request #8276 from projectdiscovery/shopware-installer
Create shopware-installer.yaml
2023-09-29 11:17:39 +05:30
pussycat0x d008a02bc6
reference - update 2023-09-29 11:11:33 +05:30
pussycat0x 52c948b3d6
Merge pull request #8283 from projectdiscovery/zencart-installer
Create zencart-installer.yaml
2023-09-29 11:09:50 +05:30
pussycat0x 39bde187ad
Update zencart-installer.yaml 2023-09-29 11:05:56 +05:30
GitHub Action 20b7ed5bfa TemplateMan Update [Fri Sep 29 05:32:45 UTC 2023] 🤖 2023-09-29 05:32:46 +00:00
pussycat0x aed5b2c10b
Merge pull request #8279 from sullo/main
Joomla! version matching fixes
2023-09-29 11:00:48 +05:30
GitHub Action dd0d479008 Auto WordPress Plugins Update [Fri Sep 29 04:02:18 UTC 2023] 🤖 2023-09-29 04:02:18 +00:00
Ritik Chaddha 09c7344744
Merge pull request #8277 from projectdiscovery/vironeer-installer
Create vironeer-installer.yaml
2023-09-28 22:59:46 +05:30
GitHub Action b6f2c618e8 TemplateMan Update [Thu Sep 28 17:26:49 UTC 2023] 🤖 2023-09-28 17:26:49 +00:00
Ritik Chaddha 0cef5a5fae
Merge pull request #8282 from projectdiscovery/dolphin-installer
Create dolphin-installer.yaml
2023-09-28 22:56:27 +05:30