Commit Graph

1104 Commits (2478812b3fa8fab9651fbcae64ec1b18e40d32de)

Author SHA1 Message Date
Noam Rathaus a806149864 Spelling 2021-08-09 16:31:00 +03:00
Noam Rathaus 864b209cc1 Add reference 2021-08-09 16:10:10 +03:00
Noam Rathaus 3651410d37 Provide description 2021-08-09 16:08:19 +03:00
Sandeep Singh 210c57768d
Merge pull request #2193 from gy741/rule-add-v42
Create kevinlab-hems-backdoor.yaml
2021-08-08 13:56:56 +05:30
Sandeep Singh 3918071875
Merge pull request #2348 from Akokonunes/patch-25
Create grimag-open-redirect.yaml
2021-08-08 12:38:24 +05:30
sandeep d7b8760231 minor update 2021-08-08 12:29:11 +05:30
sandeep 4c057dcb1e minor update 2021-08-08 12:26:34 +05:30
sandeep a7dcd3f317 added more tags 2021-08-08 00:27:18 +05:30
sandeep 3b6d6322ea Additional matcher 2021-08-08 00:22:55 +05:30
sandeep e690901c86 minor update 2021-08-08 00:20:56 +05:30
Sandeep Singh 0ee60c4a3e
Merge pull request #2197 from mesaglio/master
Detect azure directory traversal hosts file
2021-08-07 23:15:29 +05:30
sandeep 318aa4736e misc update 2021-08-07 23:04:27 +05:30
sandeep 2233ebf3f1 moving files around 2021-08-07 23:02:17 +05:30
sandeep ca9efec5c0 tag update 2021-08-07 15:00:29 +05:30
Dhiyaneshwaran afcbd374a9
Create sap-redirect.yaml 2021-08-07 11:31:58 +05:30
sandeep 5cddd4312b Adding additional steps to make it work 2021-08-06 23:30:34 +05:30
PikPikcU 57624f3d25
Create ruijie-eg-rce.yaml 2021-08-06 17:04:32 +07:00
Prince Chaddha 3395eff8a0
Merge pull request #2316 from gy741/rule-add-v49
Create CVE-2020-7796.yaml
2021-08-03 19:57:45 +05:30
Prince Chaddha c581a94bf4
Merge pull request #2318 from gy741/rule-add-v50
Create longjing-technology-bems-api-lfi.yaml
2021-08-03 19:56:57 +05:30
Prince Chaddha 28d568b88c
Update and rename longjing-technology-bems-api-lfi.yaml to bems-api-lfi.yaml 2021-08-03 19:55:25 +05:30
Prince Chaddha 23bc448b1b
Merge pull request #2199 from pikpikcu/patch-208
Add OpenSIS POC
2021-08-03 19:53:32 +05:30
GwanYeong Kim 5fb6332bd9 Create longjing-technology-bems-api-lfi.yaml
The application suffers from an unauthenticated arbitrary file download vulnerability. Input passed through the fileName parameter through downloads endpoint is not properly verified before being used to download files. This can be exploited to disclose the contents of arbitrary and sensitive files through directory traversal attacks.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-08-03 21:52:14 +09:00
Prince Chaddha ea1ae20a82
Create zimbra-preauth-ssrf.yaml 2021-08-03 12:52:56 +05:30
Prince Chaddha 2491a6a4b7
Merge pull request #2227 from Udyz/patch-5
Create hasura-graphql-sql-exec.yaml
2021-08-02 22:25:31 +05:30
Prince Chaddha 4e976706b8
Update hasura-graphql-psql-exec.yaml 2021-08-02 22:18:41 +05:30
Prince Chaddha 204cf337c8
Update hasura-graphql-psql-exec.yaml 2021-08-02 22:15:52 +05:30
Prince Chaddha 6102421e22
Update hasura-graphql-ssrf.yaml 2021-08-02 22:03:12 +05:30
Prince Chaddha 03077a9ca2
Update tikiwiki-reflected-xss.yaml 2021-08-02 21:44:48 +05:30
Prince Chaddha 9f8d31200f
Merge pull request #2263 from pdelteil/patch-35
Create jenkins-script.yaml
2021-08-02 20:59:12 +05:30
Prince Chaddha 451aca42f9
Update jenkins-script.yaml 2021-08-02 20:57:19 +05:30
Noam Rathaus 493acb8afe Description 2021-08-02 14:30:22 +03:00
sandeep e896a8982d misc updates 2021-08-02 12:53:35 +05:30
GwanYeong Kim 27eef8c1a9 Create zhiyuan-file-upload.yaml
Zhiyuan OA is a set of office coordinating management software. Recently, Qianxin CERT monitors the relevant vulnerability information of the long OA. Since there is an unauthorized access in some interfaces, and some functions are insufficient, the attacker can upload malicious script files without logging in, so that there is no need to log in. Zhiyuan OA official has provided patches for this vulnerability. In view of the large vulnerability harm, it is recommended that users apply patch updates as soon as possible.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-08-02 11:07:14 +09:00
sandeep aa336ed979 matcher update 2021-07-31 23:08:46 +05:30
Sandeep Singh 918a6deead
Merge pull request #2265 from pussycat0x/master
zabbix-dashboards-access
2021-07-30 02:37:02 +05:30
sandeep 0d7dfa1713 Update wp-upload-data.yaml 2021-07-30 02:36:18 +05:30
Philippe Delteil 147ac0143a
Create jenkins-script.yaml 2021-07-29 12:29:05 -04:00
Philippe Delteil 1f6a6a8764
Update jenkins-stack-trace.yaml
file name  =  template id.
2021-07-29 02:50:35 -04:00
Prince Chaddha 6d205308ea
Merge pull request #2239 from pikpikcu/patch-236
Add Bitrix Open redirect
2021-07-29 00:16:19 +05:30
Prince Chaddha 49efd9fa07
Update bitrix-open-redirect.yaml 2021-07-29 00:13:15 +05:30
Prince Chaddha 576b42b412
Update wp-upload-data.yaml 2021-07-29 00:09:11 +05:30
pussycat0x 7038617c86
Add files via upload 2021-07-28 23:56:51 +05:30
Philippe Delteil 4b7080333a
Rename unauthenticated-jenkin-dashboard.yaml to unaunthenticated-jenkin.yaml
id - name file consistency
2021-07-28 01:17:18 -04:00
PikPikcU 783550d003
Update bitrix-open-redirect.yaml 2021-07-28 08:38:48 +07:00
PikPikcU 72fcdc20bf
Create bitrix-open-redirect.yaml 2021-07-28 08:37:25 +07:00
lulz 0c68ef5f66
Rename raw-psql-warp.yaml to hasura-graphql-psql-exec.yaml 2021-07-27 23:25:36 +07:00
lulz 0706823399
Update raw-psql-warp.yaml 2021-07-27 23:23:55 +07:00
lulz 5c931f8d00
Update raw-psql-warp.yaml 2021-07-27 22:12:41 +07:00
lulz 2219ab607e
Create raw-psql-warp.yaml 2021-07-27 21:57:59 +07:00
Prince Chaddha 9f28ff8f9b
Update qcubed-xss.yaml 2021-07-27 11:57:30 +05:30
PikPikcU a2fc63b7ac
Create qcubed-xss.yaml 2021-07-27 13:06:30 +07:00
PikPikcU 72c038bbf1
Update opensis-lfi.yaml 2021-07-27 08:07:21 +07:00
PikPikcU 29e399df87
Create opensis-lfi.yaml 2021-07-27 07:43:02 +07:00
juan mesaglio 5d5dafc6e7
Detect azure directory traversal hosts file 2021-07-26 20:12:26 -03:00
GwanYeong Kim eadc9b4dac Create kevinlab-hems-backdoor.yaml
The HEMS solution has an undocumented backdoor account and these sets of credentials are never exposed to the end-user and cannot be changed through any normal operation of the solution thru the RMI. Attacker could exploit this vulnerability by logging in using the backdoor account with highest privileges for administration and gain full system control. The backdoor user cannot be seen in the users settings in the admin panel and it also uses an undocumented privilege level (admin_pk=1) which allows full availability of the features that the HEMS is offering remotely.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-27 02:48:31 +09:00
Prince Chaddha 833ae4ae48
Merge pull request #1083 from pikpikcu/patch-123
Create dedecms-membergroup-sqli
2021-07-26 18:02:27 +05:30
Prince Chaddha 86989129d1
Update netgear-wnap320-rce.yaml 2021-07-26 13:38:38 +05:30
GwanYeong Kim c72190c4bf Create netgear-wnap320-rce.yaml
vulnerabilities in the web-based management interface of Netgear WNAP320 Access Point could allow an authenticated, remote attacker to perform command injection attacks against an affected device.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-26 08:35:22 +09:00
sandeep 6ccc5f8792 matcher update to handle edge cases 2021-07-25 03:05:55 +05:30
Prince Chaddha 2c0aa783c4
Merge pull request #2148 from gy741/rule-add-v34
Add KevinLAB BEMS 1.0 Multiple Vulnerabilities
2021-07-24 15:37:48 +05:30
Prince Chaddha bf7c0d3a63
Merge pull request #2122 from gy741/rule-add-v33
Create magicflow-lfi.yaml
2021-07-24 12:13:59 +05:30
Prince Chaddha ac45802ef5
Update kevinlab-bems-sqli.yaml 2021-07-24 12:10:46 +05:30
Prince Chaddha 2631f55550
Update kevinlab-bems-backdoor.yaml 2021-07-24 12:07:27 +05:30
Prince Chaddha 9a46592f71
Update kevinlab-bems-sqli.yaml 2021-07-24 11:59:35 +05:30
Prince Chaddha 87b4c2e98b
Update kevinlab-bems-sqli.yaml 2021-07-24 11:47:05 +05:30
Sandeep Singh 4b444af3c4
Merge pull request #2125 from DhiyaneshGeek/master
17 New Templates Added
2021-07-24 03:26:09 +05:30
sandeep 9617bc5815 matcher update 2021-07-24 03:25:22 +05:30
sandeep 47ea40bc55 Update kevinlab-bems-backdoor.yaml 2021-07-24 03:17:53 +05:30
Sandeep Singh b346584002
Update vulnerabilities/other/nginx-merge-slashes-path-traversal.yaml
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-24 00:25:13 +05:30
Sandeep Singh 1909e3f628
Update vulnerabilities/other/nginx-merge-slashes-path-traversal.yaml
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-24 00:24:37 +05:30
Sandeep Singh 59f90ffffa
Merge pull request #2150 from pussycat0x/master
New templates added
2021-07-24 00:09:43 +05:30
sandeep 79e15e7123 Update wordpress-wpcourses-info-disclosure.yaml 2021-07-24 00:07:50 +05:30
sandeep 43dccef185 generic improvements 2021-07-24 00:06:13 +05:30
sandeep 97aa239d52 Merge branch 'master' of https://github.com/pussycat0x/nuclei-templates into pr/2037 2021-07-24 00:00:55 +05:30
sandeep 3960d1f295 strict matchers 2021-07-23 23:59:54 +05:30
Sandeep Singh 38c2b6d4a9
Update vulnerabilities/wordpress/wp-idx-broker-platinum-listing.yaml
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-23 23:49:58 +05:30
Sandeep Singh bdfee95603
Update vulnerabilities/wordpress/wp-idx-broker-platinum-listing.yaml
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-23 23:49:33 +05:30
Sandeep Singh 6ebd1a36e0
Update vulnerabilities/wordpress/wp-email-subscribers-listing.yaml
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-23 23:49:28 +05:30
Sandeep Singh edc62d15a4
Update vulnerabilities/wordpress/wp-email-subscribers-listing.yaml
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-23 23:49:20 +05:30
Sandeep Singh 5170f4962b
Update vulnerabilities/wordpress/wp-arforms-listing.yaml
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-23 23:49:14 +05:30
Sandeep Singh 1feaaded28
Update vulnerabilities/wordpress/wp-idx-broker-platinum-listing.yaml
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-23 23:41:26 +05:30
Sandeep Singh 750a86c500
Update vulnerabilities/wordpress/wp-iwp-client-listing.yaml
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-23 23:41:14 +05:30
Sandeep Singh 04b71d9335
Update vulnerabilities/wordpress/wp-iwp-client-listing.yaml
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-23 23:41:06 +05:30
Sandeep Singh b82ac4b3fc
Update vulnerabilities/wordpress/wp-iwp-client-listing.yaml
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-23 23:40:56 +05:30
sandeep 28d7d26953 Update wp-sfwd-lms-listing.yaml 2021-07-23 23:39:46 +05:30
Prince Chaddha ca49fb21c7
Merge pull request #2154 from pdelteil/patch-25
Update coldfusion-debug-xss.yaml
2021-07-23 20:54:31 +05:30
Prince Chaddha 2dfa3d2e82
Update visual-tools-dvr-rce.yaml 2021-07-23 20:46:49 +05:30
Prince Chaddha 1dd4e3c846
Update visual-tools-dvr-rce.yaml 2021-07-23 15:15:23 +05:30
GwanYeong Kim 2c77510faa Create visual-tools-dvr-rce.yaml
vulnerabilities in the web-based management interface of Visual Tools DVR VX16 4.2.28.0 could allow an authenticated, remote attacker to perform command injection attacks against an affected device.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-23 08:47:29 +09:00
Philippe Delteil abacdafb4f
Update coldfusion-debug-xss.yaml
The term adobe is more general than coldfusion. Since Coldfusion is a product of Adobe.
2021-07-22 19:44:57 -04:00
pussycat0x d3ff29daaa
Update vulnerabilities/wordpress/wp-arforms-listing.yaml
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-23 00:32:13 +05:30
pussycat0x 6987e1ffee
Update vulnerabilities/wordpress/wp-arforms-listing.yaml
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-23 00:32:05 +05:30
pussycat0x eac08288e8
Update vulnerabilities/wordpress/wp-sfwd-lms-listing.yaml
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-23 00:31:33 +05:30
pussycat0x 05846a34c7
Update vulnerabilities/wordpress/wp-sfwd-lms-listing.yaml
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
2021-07-23 00:31:13 +05:30
pussycat0x a81e3b53cb
Add files via upload 2021-07-22 19:42:25 +05:30
GwanYeong Kim 69db0862ee Create kevinlab-bems-backdoor.yaml
The BEMS solution has an undocumented backdoor account and these sets of credentials are never exposed to the end-user and cannot be changed through any normal operation of the solution thru the RMI. Attacker could exploit this vulnerability by logging in using the backdoor account with highest privileges for administration and gain full system control. The backdoor user cannot be seen in the users settings in the admin panel and it also uses an undocumented privilege level (admin_pk=1) which allows full availability of the features that the BEMS is offering remotely.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-22 22:13:00 +09:00
GwanYeong Kim a4ec6a2b11 Create kevinlab-bems-sqli.yaml
The application suffers from an unauthenticated SQL Injection vulnerability. Input passed through 'input_id' POST parameter in '/http/index.php' is not properly sanitised before being returned to the user or used in SQL queries.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-22 21:46:18 +09:00
Prince Chaddha 5455222476
Merge pull request #2140 from pussycat0x/master
New templates added
2021-07-22 17:53:25 +05:30
Prince Chaddha c17763ac20
Update and rename wp-plugineasy-media-gallery-pro-listing.yaml to easy-media-gallery-pro-listing.yaml 2021-07-22 17:45:43 +05:30
pussycat0x f00f5eeaa9
Add files via upload 2021-07-22 08:04:21 +05:30
Prince Chaddha 111da22943
Update dedecms-membergroup-sqli.yaml 2021-07-21 18:34:37 +05:30
Prince Chaddha 403a73d1c7
Merge pull request #1085 from pikpikcu/patch-125
Create dedecms-carbuyaction-fileinclude.yaml
2021-07-21 18:27:45 +05:30
Prince Chaddha f5fc07dd72
Merge pull request #1581 from pikpikcu/patch-168
Create hiboss-rce
2021-07-21 18:27:38 +05:30
Prince Chaddha 08541f08c4
Update dedecms-carbuyaction-fileinclude.yaml 2021-07-21 18:26:36 +05:30
Prince Chaddha 00ce088daf
Merge pull request #1334 from projectdiscovery/princechaddha-patch-3
Create sangfor-edr-auth-bypass.yaml
2021-07-21 18:18:08 +05:30
Prince Chaddha 8d953c45ea
Update sangfor-edr-auth-bypass.yaml 2021-07-21 18:14:42 +05:30
Prince Chaddha da1ef3b031
Merge pull request #1568 from pikpikcu/patch-166
Create h3c-imc-rce
2021-07-21 18:11:11 +05:30
Dhiyaneshwaran 08f160f0e2
Create nginx-merge-slashes-path-traversal.yaml 2021-07-21 13:46:40 +05:30
GwanYeong Kim 16750fd9a2 Create magicflow-lfi.yaml
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-21 14:18:00 +09:00
Muhammad Daffa 21809132da
Renamed to CVE-2021-24340.yaml 2021-07-20 13:36:04 +07:00
sandeep 13e5528c46 duplicate update 2021-07-20 11:40:23 +05:30
Muhammad Daffa d27fb4c3b0
Renamed CVE-2020-8771.yaml 2021-07-20 12:49:16 +07:00
sandeep 4dbf36813d removing duplicate template 2021-07-20 00:43:39 +05:30
Sandeep Singh 6eee57115c
Merge pull request #2083 from projectdiscovery/fixing-xss-matchers
fixing-xss-matchers
2021-07-20 00:28:01 +05:30
sandeep 13d26d8c6d moving files around 2021-07-20 00:10:30 +05:30
Muhammad Daffa 68efee3702
Merge branch 'projectdiscovery:master' into master 2021-07-19 19:48:57 +07:00
Muhammad Daffa 7a99c2db48
Rename to CVE-2018-16283 2021-07-19 19:47:31 +07:00
sandeep 96d7a23ccd removed duplicate 2021-07-19 18:15:42 +05:30
sandeep a88710e503 Removed duplicate template 2021-07-19 16:56:45 +05:30
Prince Chaddha 574245af0d
Update wp-socialfit-xss.yaml 2021-07-19 11:43:07 +05:30
Prince Chaddha 5fcbd0e446
Update wp-slideshow-xss.yaml 2021-07-19 11:42:34 +05:30
Prince Chaddha f77f66d1e6
Update wp-phpfreechat-xss.yaml 2021-07-19 11:41:40 +05:30
Prince Chaddha 4df08a33c4
Update wp-nextgen-xss.yaml 2021-07-19 11:41:15 +05:30
Prince Chaddha 0329b1b2fb
Update wp-knews-xss.yaml 2021-07-19 11:40:45 +05:30
Prince Chaddha e14b31489b
Update wp-flagem-xss.yaml 2021-07-19 11:40:14 +05:30
Prince Chaddha 705f431c1c
Update wp-finder-xss.yaml 2021-07-19 11:39:33 +05:30
Prince Chaddha 57c3f3ec20
Update wp-custom-tables-xss.yaml 2021-07-19 11:38:50 +05:30
Prince Chaddha ac66db36f3
Update wp-church-admin-xss.yaml 2021-07-19 11:38:22 +05:30
GwanYeong Kim 19fa522fec Create mirai-unknown-rce.yaml
The unknown exploit targets the login CGI script, where a key parameter is not properly sanitized leading to a command injection.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-18 22:44:29 +09:00
sandeep 63ae086b67 Payload + matcher update 2021-07-17 23:02:43 +05:30
sandeep fc38b27176 minor update 2021-07-17 16:32:15 +05:30
Prince Chaddha 33a0ede229
Merge pull request #2009 from gy741/rule-add-v24
Create CVE-2020-26919, CVE-2020-25506, OptiLink ONT1GEW GPON RCE, CVE-2021-31755
2021-07-16 18:04:52 +05:30
Sandeep Singh fbc281f0a1
Merge pull request #2027 from projectdiscovery/yapi-rce
Added Yapi RCE
2021-07-16 17:27:37 +05:30
sandeep 6d27a6fe8e payload update 2021-07-16 00:34:38 +05:30
SaN ThosH 07db6737e5
Update wordpress-woocommerce-sqli.yaml 2021-07-16 00:08:42 +05:30
Prince Chaddha 9b7a57bf15
Update wordpress-woocommerce-sqli.yaml 2021-07-15 23:35:02 +05:30
Sandeep Singh 9286c79bc1
Rename optiLink-ont1gew-gpon-rce.yaml to optilink-ont1gew-gpon-rce.yaml 2021-07-15 23:15:45 +05:30
sandeep 6bf13454ae Update optiLink-ont1gew-gpon-rce.yaml 2021-07-15 23:15:22 +05:30
sandeep 382534fedc Update wordpress-woocommerce-sqli.yaml 2021-07-15 22:58:43 +05:30
rootxharsh ede6df8fa4 Add WooCommerce SQLi Template 2021-07-15 17:02:19 +00:00
sandeep 642f71278d Added Yapi RCE 2021-07-15 22:11:22 +05:30
sandeep 6fcbe11064 Update oscommerce-rce.yaml 2021-07-15 18:29:24 +05:30
sandeep 9e7bf184b7 minor update 2021-07-15 18:28:08 +05:30
Suman Kar e9b5b8fceb osCommerce 2.3.4.1 - Remote Code Execution 2021-07-15 18:11:26 +05:30
Prince Chaddha ba64446d08
Update nativechurch-wp-theme-lfd.yaml 2021-07-15 17:43:45 +05:30
Prince Chaddha a95133ee3d
Update and rename nativechurch-wp-theme-lfd.yaml to vulnerabilities/wordpress/nativechurch-wp-theme-lfd.yaml 2021-07-15 15:16:37 +05:30
Prince Chaddha 615db88ce6
Merge pull request #2004 from daffainfo/patch-49
Create wp-custom-tables-xss.yaml
2021-07-15 14:53:41 +05:30
Prince Chaddha 7cecd5aa3e
Update wp-custom-tables-xss.yaml 2021-07-15 14:34:40 +05:30
Prince Chaddha 22ecd2a192
Merge pull request #2016 from DhiyaneshGeek/master
Severity Update
2021-07-15 14:14:38 +05:30
Prince Chaddha 887e7bcfab
Update wordpress-updraftplus-pem-key.yaml 2021-07-15 14:13:25 +05:30
Dhiyaneshwaran 69b04c8a98
Update wordpress-updraftplus-pem-key.yaml 2021-07-15 13:51:19 +05:30
GwanYeong Kim 1eb999ce02 Create optiLink-ont1gew-gpon-rce.yaml
vulnerabilities in the web-based management interface of OptiLink could allow an authenticated, remote attacker to perform command injection attacks against an affected device.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-15 14:57:34 +09:00
Muhammad Daffa ad3f81bc95
Create wp-custom-tables-xss.yaml 2021-07-15 06:21:50 +07:00
Sandeep Singh 11dc9db49e
Merge pull request #1997 from skar4444/sassy-update
Update-sassy-social-share-xss
2021-07-14 20:56:57 +05:30
sandeep 117b0558a9 Update sassy-social-share.yaml 2021-07-14 20:55:05 +05:30
Prince Chaddha 5182b88b54
Merge pull request #1871 from projectdiscovery/huijietong-cloud-fileread
Create huijietong-cloud-fileread.yaml
2021-07-14 19:27:43 +05:30
Prince Chaddha ecd98c6403
Merge pull request #1967 from daffainfo/patch-31
Create wp-slideshow-xss.yaml
2021-07-14 19:15:07 +05:30
Prince Chaddha 55ea2242b7
Rename vulnerabilities/wp-slideshow-xss.yaml to vulnerabilities/wordpress/wp-slideshow-xss.yaml 2021-07-14 19:14:06 +05:30
Prince Chaddha 9fb7e17c0d
Merge pull request #1966 from daffainfo/patch-30
Create wp-nextgen-xss.yaml
2021-07-14 19:10:26 +05:30
Prince Chaddha 933c1d5f05
Merge pull request #1965 from daffainfo/patch-29
Create wp-flagem-xss.yaml
2021-07-14 19:09:34 +05:30
Suman Kar 00f1e65d50 Update-sassy-social-share-xss 2021-07-14 17:01:59 +05:30
sandeep 7e258fcae2 template-fix 2021-07-14 16:07:09 +05:30
Muhammad Daffa 69dd5ae8a0
Adding some path 2021-07-13 18:24:23 +07:00
Muhammad Daffa 6b8a398a76
Create wp-slideshow-xss.yaml 2021-07-13 18:20:25 +07:00
Muhammad Daffa 62cb5ce2bc
Create wp-nextgen-xss.yaml 2021-07-13 18:17:14 +07:00
Muhammad Daffa c751aca059
Create wp-flagem-xss.yaml 2021-07-13 18:15:43 +07:00
Sandeep Singh 83ee761691
Merge pull request #1957 from projectdiscovery/hasura-graphql-ssrf
Create hasura-graphql-ssrf.yaml
2021-07-13 15:58:27 +05:30
sandeep c8c49c5046 Update hasura-graphql-ssrf.yaml 2021-07-13 15:58:06 +05:30
sandeep 5fe872788f minor update 2021-07-13 15:57:10 +05:30
Sandeep Singh e167cf0ab9
Merge pull request #1937 from daffainfo/patch-20
Create wp-phpfreechat-xss.yaml
2021-07-13 15:45:53 +05:30
Sandeep Singh df0e4b7117
Merge pull request #1938 from daffainfo/patch-21
Create wp-finder-xss.yaml
2021-07-13 15:42:29 +05:30
Sandeep Singh 67a679860e
Update wp-finder-xss.yaml 2021-07-13 15:41:44 +05:30
Sandeep Singh 500f0b70f8
Merge pull request #1936 from daffainfo/patch-19
Create wp-knews-xss.yaml
2021-07-13 15:36:57 +05:30
Sandeep Singh 08f2cfea0b
Merge pull request #1924 from daffainfo/master
WordPress Plugin SocialFit - 'msg' Cross-Site Scripting
2021-07-13 15:29:49 +05:30
sandeep a8be22ad0a Removed as it requires admin login 2021-07-13 15:28:48 +05:30
Sandeep Singh 5a2d81e578
Merge pull request #1935 from daffainfo/patch-18
Create wp-church-admin-xss.yaml
2021-07-13 15:22:31 +05:30
sandeep 06efff9ddd minor update 2021-07-13 15:21:26 +05:30
Sandeep Singh cb32c05cfa
Merge pull request #1953 from Akokonunes/patch-17
Create wordpress-wordfence-lfi.yaml
2021-07-13 15:00:01 +05:30
sandeep 47a07b533b moving files around 2021-07-13 14:59:11 +05:30
Sandeep Singh 920255635b
Merge pull request #1876 from pussycat0x/master
web-ftp
2021-07-13 01:53:15 +05:30
sandeep 8b8663970f minor update 2021-07-13 01:44:24 +05:30
sandeep 81f1f8badc minor update 2021-07-13 01:43:52 +05:30
pussycat0x a1d3678a70
Add files via upload 2021-07-12 23:24:24 +05:30
Prince Chaddha 4ef8ed8e97
Create hasura-graphql-ssrf.yaml 2021-07-12 20:49:09 +05:30
Muhammad Daffa 0e195c4138
Merge branch 'projectdiscovery:master' into master 2021-07-12 14:58:59 +07:00
pussycat0x 0f46d27b60
Add files via upload 2021-07-11 23:45:02 +05:30
Muhammad Daffa 64bdaee44e
Create wp-finder-xss.yaml 2021-07-11 13:23:51 +07:00
Muhammad Daffa d3f21f1793
Create wp-phpfreechat-xss.yaml 2021-07-11 13:19:01 +07:00
Muhammad Daffa e6272bf44c
Create wp-knews-xss.yaml 2021-07-11 13:11:03 +07:00
Muhammad Daffa 8a6e78934c
Create wp-church-admin-xss.yaml 2021-07-11 13:07:34 +07:00
Prince Chaddha 361a641483
Update wp-socialfit-xss.yaml 2021-07-11 10:16:24 +05:30
Prince Chaddha 5366b70077
Merge pull request #1931 from daffainfo/patch-16
Create wp-securimage-xss.yaml
2021-07-11 10:08:02 +05:30
Prince Chaddha b830f86384
Update wp-securimage-xss.yaml 2021-07-11 10:02:30 +05:30
Prince Chaddha b1f755466b
Update wp-ambience-xss.yaml 2021-07-11 09:57:44 +05:30
Muhammad Daffa cc165287fd
Create wp-ambience-xss.yaml 2021-07-11 09:16:13 +07:00
Muhammad Daffa ab85fd5eba
Create wp-securimage-xss.yaml 2021-07-11 09:10:35 +07:00
Muhammad Daffa d0ec1acc76
Create wp-socialfit-xss.yaml 2021-07-11 07:41:04 +07:00
Muhammad Daffa 05bc6366f3
Rename wp-supsystic-backup-lfi to wp-supsystic-backup-lfi.yaml 2021-07-11 07:24:41 +07:00
Muhammad Daffa 04e5e30051
Update and rename wp-upsystic-backup-lfi to wp-supsystic-backup-lfi 2021-07-11 07:24:27 +07:00
Muhammad Daffa e26b467c76
Create wp-upsystic-backup-lfi 2021-07-11 07:22:38 +07:00