a10ff8f997
Create shortcode-lfi.yaml
2022-02-12 22:30:51 +05:30
96c42781c3
Create noptin-open-redirect.yaml
2022-02-12 22:23:11 +05:30
c1cf1971bd
Create webp-coverter-open-redirect.yaml
2022-02-12 22:19:24 +05:30
1e3fb587d6
Create eventticket-open-redirect.yaml
2022-02-12 22:17:01 +05:30
e815bdc1b6
Create elementorpage-open-redirect.yaml
2022-02-12 22:11:04 +05:30
19ef16c195
Update ninjaform-open-redirect.yaml
2022-02-12 22:05:49 +05:30
527641f834
Create ninjaform-open-redirect.yaml
2022-02-12 22:03:19 +05:30
a0cb16fbc3
Create newsletter-open-redirect.yaml
2022-02-12 21:56:13 +05:30
63c450cba2
Create music-store-open-redirect.yaml
2022-02-12 21:50:32 +05:30
780ec34a40
Delete music-store-open-redirect.yaml
2022-02-12 21:49:53 +05:30
d1c6580287
Create music-store-open-redirect.yaml
2022-02-12 21:39:27 +05:30
56160908f0
Merge pull request #3676 from DhiyaneshGeek/master
...
NetSUS Server Login Panel , Javo Spot Premium Theme - Unauthenticated Directory Traversal
2022-02-08 02:08:30 +05:30
a2e236867c
Update and rename wp-java-spot-premium-lfi.yaml to wp-spot-premium-lfi.yaml
2022-02-08 01:56:11 +05:30
74790976c2
Create wp-java-spot-premium-lfi.yaml
2022-02-06 21:26:28 +05:30
111f7d9a88
Cleanup some dashboard artifacts
2022-02-04 14:02:53 -05:00
439b0ebffc
Enhancement: vulnerabilities/other/zhiyuan-file-upload.yaml by mp
2022-02-04 10:55:39 -05:00
26137cf96f
Enhancement: vulnerabilities/other/zhiyuan-file-upload.yaml by mp
2022-02-04 10:54:04 -05:00
4b52787228
Merge pull request #3567 from Leovalcante/rusty-joomla-rce
...
Create check for Rusty Joomla RCE
2022-02-02 02:01:37 +05:30
ec94360afd
Update rusty-joomla.yaml
2022-02-02 02:00:09 +05:30
b1fe83b35b
Merge pull request #3644 from projectdiscovery/antsword-backdoor
...
Create antsword-backdoor.yaml
2022-02-02 00:14:26 +05:30
839fc813f3
Merge pull request #3627 from projectdiscovery/deadbolt-ransomware
...
Added Deadbolt Ransomware Detection
2022-02-01 16:44:54 +05:30
c68f4762b3
Added JAMF Blind XXE
2022-02-01 16:10:51 +05:30
ab1291ec13
Added JAMF Log4j JNDI RCE Template
2022-02-01 15:25:52 +05:30
e1b8bf3da2
Update antsword-backdoor.yaml
2022-02-01 01:52:39 +05:30
e5a77aa803
Create antsword-backdoor.yaml
2022-02-01 01:39:46 +05:30
e0988ed383
Update and rename xss-code-snippet-wp.yaml to wp-code-snippets-xss.yaml
2022-01-31 01:56:39 +05:30
b41db4f4f1
Create xss-code-snippet-wp.yaml
2022-01-29 21:25:16 +05:30
d59a6c6017
Added Deadbolt Ransomware Detection
2022-01-28 16:04:06 +05:30
9e3473d55f
Update and rename laravel-ignition-xss.yaml to vulnerabilities/laravel/laravel-ignition-xss.yaml
2022-01-27 14:45:41 +05:30
9a8482172d
Remove:
...
- various nonstandard ascii chars in favor of the standard ones (mostly quotes)
- spaces after : in some files
2022-01-25 14:38:53 -05:00
e5b30f69d1
Update and rename vulnerabilities/JavaMelody/java-melody-xss.yaml to vulnerabilities/other/java-melody-xss.yaml
2022-01-24 13:15:23 +05:30
de36b9a5c6
Added JavaMelody-xss Template
2022-01-21 23:04:43 +05:45
5357d884b4
Update and rename rusty_joomla.yaml to rusty-joomla.yaml
2022-01-21 12:39:28 +05:30
1b0c7f1b7f
CVE-2021-22205 update ( #3568 )
...
*moved cves/2021/CVE-2021-22205.yaml to vulnerabilities/gitlab/gitlab-rce.yaml
*template extension update + added missing severity + misc updates
2022-01-20 14:25:57 +05:30
be75b507ab
Create check for Rusty Joomla RCE
2022-01-20 09:39:19 +01:00
7c30910d69
Added missing request
2022-01-18 10:46:50 +05:30
ae3e6c0c21
Merge branch 'projectdiscovery:master' into master
2022-01-16 23:24:58 -05:00
02c01d30da
Added MeterSphere Plugin Pre-auth RCE ( #3543 )
2022-01-16 03:06:09 +05:30
e5958c1364
Update tags ( #3538 )
2022-01-16 02:08:21 +05:30
0a651c182f
Update tags ( #3530 )
2022-01-13 10:49:53 +05:30
5ea92bcb0f
Update tags woocommerce ( #3531 )
2022-01-13 10:49:26 +05:30
64cf0fa4ba
Rename maian cart rce ( #3532 )
...
* Update and rename vulnerabilities/other/maian-cart-preauth-rce.yaml to cves/2021/CVE-2021-32172.yaml
* Update CVE-2021-32172.yaml
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
2022-01-13 10:48:51 +05:30
33d009da24
Update xerox-efi-lfi.yaml
2022-01-10 12:07:06 +05:30
9befbf0654
Create xerox-efi-lfi.yaml
...
Input passed thru the 'file' GET parameter in 'forceSave.php' script is not properly sanitized before being used to read files. This can be exploited by an unauthenticated attacker to read arbitrary files on the affected system.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-01-09 15:39:39 +09:00
844c3b4a02
Network template updates & fixes ( #3497 )
...
* Fixed template syntax
* network template update and fixes
2022-01-07 12:58:37 +05:30
365e9003b1
Template ID's update ( #3490 )
2022-01-06 17:21:21 +05:30
c5723bdf55
Renames vulnerabilities/other/WooYun2015-148227 ( #3488 )
...
Swaps capitalization to all lowercase, as Linux filesystems don't handle capitalization well which may result in this file being skipped.
2022-01-06 12:00:31 +05:30
e281e5bf88
Updated all templates tags with technologies ( #3478 )
...
* Updated tags for template sonicwall-email-security-detect.yaml
* Updated tags for template detect-sentry.yaml
* Updated tags for template kong-detect.yaml
* Updated tags for template openam-detect.yaml
* Updated tags for template shiro-detect.yaml
* Updated tags for template iplanet-web-server.yaml
* Updated tags for template graylog-api-browser.yaml
* Updated tags for template prtg-detect.yaml
* Updated tags for template node-red-detect.yaml
* Updated tags for template abyss-web-server.yaml
* Updated tags for template geo-webserver.yaml
* Updated tags for template autobahn-python-detect.yaml
* Updated tags for template default-lighttpd-page.yaml
* Updated tags for template microsoft-iis-8.yaml
* Updated tags for template lucee-detect.yaml
* Updated tags for template php-proxy-detect.yaml
* Updated tags for template jenkins-detect.yaml
* Updated tags for template cockpit-detect.yaml
* Updated tags for template csrfguard-detect.yaml
* Updated tags for template dwr-index-detect.yaml
* Updated tags for template netsweeper-webadmin-detect.yaml
* Updated tags for template weblogic-detect.yaml
* Updated tags for template s3-detect.yaml
* Updated tags for template tileserver-gl.yaml
* Updated tags for template springboot-actuator.yaml
* Updated tags for template terraform-detect.yaml
* Updated tags for template redmine-cli-detect.yaml
* Updated tags for template mrtg-detect.yaml
* Updated tags for template tableau-server-detect.yaml
* Updated tags for template magmi-detect.yaml
* Updated tags for template oidc-detect.yaml
* Updated tags for template tor-socks-proxy.yaml
* Updated tags for template synology-web-station.yaml
* Updated tags for template herokuapp-detect.yaml
* Updated tags for template gunicorn-detect.yaml
* Updated tags for template sql-server-reporting.yaml
* Updated tags for template google-bucket-service.yaml
* Updated tags for template kubernetes-mirantis.yaml
* Updated tags for template kubernetes-enterprise-manager.yaml
* Updated tags for template oracle-iplanet-web-server.yaml
* Updated tags for template dell-idrac7-detect.yaml
* Updated tags for template dell-idrac6-detect.yaml
* Updated tags for template dell-idrac9-detect.yaml
* Updated tags for template dell-idrac8-detect.yaml
* Updated tags for template apache-guacamole.yaml
* Updated tags for template aws-cloudfront-service.yaml
* Updated tags for template aws-bucket-service.yaml
* Updated tags for template nginx-linux-page.yaml
* Updated tags for template telerik-fileupload-detect.yaml
* Updated tags for template telerik-dialoghandler-detect.yaml
* Updated tags for template htaccess-config.yaml
* Updated tags for template microsoft-azure-error.yaml
* Updated tags for template detect-options-method.yaml
* Updated tags for template unpatched-coldfusion.yaml
* Updated tags for template moodle-changelog.yaml
* Updated tags for template detect-dns-over-https.yaml
* Updated tags for template CVE-2019-19134.yaml
* Updated tags for template CVE-2019-3929.yaml
* Updated tags for template CVE-2019-19908.yaml
* Updated tags for template CVE-2019-10475.yaml
* Updated tags for template CVE-2019-17382.yaml
* Updated tags for template CVE-2019-16332.yaml
* Updated tags for template CVE-2019-14974.yaml
* Updated tags for template CVE-2019-19368.yaml
* Updated tags for template CVE-2019-12725.yaml
* Updated tags for template CVE-2019-15501.yaml
* Updated tags for template CVE-2019-9733.yaml
* Updated tags for template CVE-2019-14322.yaml
* Updated tags for template CVE-2019-9955.yaml
* Updated tags for template CVE-2019-0230.yaml
* Updated tags for template CVE-2019-10232.yaml
* Updated tags for template CVE-2019-17506.yaml
* Updated tags for template CVE-2019-8449.yaml
* Updated tags for template CVE-2019-12593.yaml
* Updated tags for template CVE-2019-10092.yaml
* Updated tags for template CVE-2019-1821.yaml
* Updated tags for template CVE-2019-3401.yaml
* Updated tags for template CVE-2019-16662.yaml
* Updated tags for template CVE-2019-5418.yaml
* Updated tags for template CVE-2016-4975.yaml
* Updated tags for template CVE-2016-1000137.yaml
* Updated tags for template CVE-2016-7552.yaml
* Updated tags for template CVE-2016-10956.yaml
* Updated tags for template CVE-2016-1000146.yaml
* Updated tags for template CVE-2013-2251.yaml
* Updated tags for template CVE-2013-1965.yaml
* Updated tags for template CVE-2014-2323.yaml
* Updated tags for template CVE-2014-5111.yaml
* Updated tags for template CVE-2014-2962.yaml
* Updated tags for template CVE-2014-4561.yaml
* Updated tags for template CVE-2014-4558.yaml
* Updated tags for template CVE-2014-3120.yaml
* Updated tags for template CVE-2007-5728.yaml
* Updated tags for template CVE-2009-4679.yaml
* Updated tags for template CVE-2009-1558.yaml
* Updated tags for template CVE-2009-4202.yaml
* Updated tags for template CVE-2009-0932.yaml
* Updated tags for template CVE-2015-2068.yaml
* Updated tags for template CVE-2015-8813.yaml
* Updated tags for template CVE-2015-7450.yaml
* Updated tags for template CVE-2015-2067.yaml
* Updated tags for template CVE-2015-3306.yaml
* Updated tags for template CVE-2015-3337.yaml
* Updated tags for template CVE-2015-1427.yaml
* Updated tags for template CVE-2015-1503.yaml
* Updated tags for template CVE-2015-1880.yaml
* Updated tags for template CVE-2018-3810.yaml
* Updated tags for template CVE-2018-18069.yaml
* Updated tags for template CVE-2018-17246.yaml
* Updated tags for template CVE-2018-10141.yaml
* Updated tags for template CVE-2018-16341.yaml
* Updated tags for template CVE-2018-18777.yaml
* Updated tags for template CVE-2018-15138.yaml
* Updated tags for template CVE-2018-11784.yaml
* Updated tags for template CVE-2018-16299.yaml
* Updated tags for template CVE-2018-7251.yaml
* Updated tags for template CVE-2018-1273.yaml
* Updated tags for template CVE-2018-1271.yaml
* Updated tags for template CVE-2018-11759.yaml
* Updated tags for template CVE-2018-3167.yaml
* Updated tags for template CVE-2018-7490.yaml
* Updated tags for template CVE-2018-2628.yaml
* Updated tags for template CVE-2018-13380.yaml
* Updated tags for template CVE-2018-2893.yaml
* Updated tags for template CVE-2018-5316.yaml
* Updated tags for template CVE-2018-20985.yaml
* Updated tags for template CVE-2018-10818.yaml
* Updated tags for template CVE-2018-1000861.yaml
* Updated tags for template CVE-2018-0296.yaml
* Updated tags for template CVE-2018-19458.yaml
* Updated tags for template CVE-2018-3760.yaml
* Updated tags for template CVE-2018-12998.yaml
* Updated tags for template CVE-2018-9118.yaml
* Updated tags for template CVE-2018-1000130.yaml
* Updated tags for template CVE-2008-6668.yaml
* Updated tags for template CVE-2017-7269.yaml
* Updated tags for template CVE-2017-1000170.yaml
* Updated tags for template CVE-2017-16877.yaml
* Updated tags for template CVE-2017-1000486.yaml
* Updated tags for template CVE-2017-9822.yaml
* Updated tags for template CVE-2017-0929.yaml
* Updated tags for template CVE-2017-7921.yaml
* Updated tags for template CVE-2017-14535.yaml
* Updated tags for template CVE-2017-5521.yaml
* Updated tags for template CVE-2017-12637.yaml
* Updated tags for template CVE-2017-12635.yaml
* Updated tags for template CVE-2017-11610.yaml
* Updated tags for template CVE-2021-20114.yaml
* Updated tags for template CVE-2021-40856.yaml
* Updated tags for template CVE-2021-21972.yaml
* Updated tags for template CVE-2021-31602.yaml
* Updated tags for template CVE-2021-41773.yaml
* Updated tags for template CVE-2021-37704.yaml
* Updated tags for template CVE-2021-45046.yaml
* Updated tags for template CVE-2021-26084.yaml
* Updated tags for template CVE-2021-27931.yaml
* Updated tags for template CVE-2021-24291.yaml
* Updated tags for template CVE-2021-41648.yaml
* Updated tags for template CVE-2021-37216.yaml
* Updated tags for template CVE-2021-22005.yaml
* Updated tags for template CVE-2021-37573.yaml
* Updated tags for template CVE-2021-31755.yaml
* Updated tags for template CVE-2021-43287.yaml
* Updated tags for template CVE-2021-24274.yaml
* Updated tags for template CVE-2021-33564.yaml
* Updated tags for template CVE-2021-22145.yaml
* Updated tags for template CVE-2021-24237.yaml
* Updated tags for template CVE-2021-44848.yaml
* Updated tags for template CVE-2021-25646.yaml
* Updated tags for template CVE-2021-21816.yaml
* Updated tags for template CVE-2021-41649.yaml
* Updated tags for template CVE-2021-41291.yaml
* Updated tags for template CVE-2021-41293.yaml
* Updated tags for template CVE-2021-21801.yaml
* Updated tags for template CVE-2021-29156.yaml
* Updated tags for template CVE-2021-34370.yaml
* Updated tags for template CVE-2021-27132.yaml
* Updated tags for template CVE-2021-28151.yaml
* Updated tags for template CVE-2021-26812.yaml
* Updated tags for template CVE-2021-21985.yaml
* Updated tags for template CVE-2021-43778.yaml
* Updated tags for template CVE-2021-25281.yaml
* Updated tags for template CVE-2021-40539.yaml
* Updated tags for template CVE-2021-36749.yaml
* Updated tags for template CVE-2021-21234.yaml
* Updated tags for template CVE-2021-33221.yaml
* Updated tags for template CVE-2021-42013.yaml
* Updated tags for template CVE-2021-33807.yaml
* Updated tags for template CVE-2021-44228.yaml
* Updated tags for template CVE-2012-0896.yaml
* Updated tags for template CVE-2012-0991.yaml
* Updated tags for template CVE-2012-0392.yaml
* Updated tags for template CVE-2012-4940.yaml
* Updated tags for template CVE-2012-1226.yaml
* Updated tags for template CVE-2012-4878.yaml
* Updated tags for template CVE-2010-1304.yaml
* Updated tags for template CVE-2010-1217.yaml
* Updated tags for template CVE-2010-0759.yaml
* Updated tags for template CVE-2010-2307.yaml
* Updated tags for template CVE-2010-4231.yaml
* Updated tags for template CVE-2010-2861.yaml
* Updated tags for template CVE-2010-4282.yaml
* Updated tags for template CVE-2010-1302.yaml
* Updated tags for template CVE-2010-1461.yaml
* Updated tags for template CVE-2020-4463.yaml
* Updated tags for template CVE-2020-1943.yaml
* Updated tags for template CVE-2020-36289.yaml
* Updated tags for template CVE-2020-17518.yaml
* Updated tags for template CVE-2020-12800.yaml
* Updated tags for template CVE-2020-10770.yaml
* Updated tags for template CVE-2020-17506.yaml
* Updated tags for template CVE-2020-11547.yaml
* Updated tags for template CVE-2020-11034.yaml
* Updated tags for template CVE-2020-24589.yaml
* Updated tags for template CVE-2020-9054.yaml
* Updated tags for template CVE-2020-28976.yaml
* Updated tags for template CVE-2020-16952.yaml
* Updated tags for template CVE-2020-24312.yaml
* Updated tags for template CVE-2020-8512.yaml
* Updated tags for template CVE-2020-14179.yaml
* Updated tags for template CVE-2020-6308.yaml
* Updated tags for template CVE-2020-35846.yaml
* Updated tags for template CVE-2020-7318.yaml
* Updated tags for template CVE-2020-2140.yaml
* Updated tags for template CVE-2020-5410.yaml
* Updated tags for template CVE-2020-5777.yaml
* Updated tags for template CVE-2020-13700.yaml
* Updated tags for template CVE-2020-5775.yaml
* Updated tags for template CVE-2020-13167.yaml
* Updated tags for template CVE-2020-35848.yaml
* Updated tags for template CVE-2020-9484.yaml
* Updated tags for template CVE-2020-15505.yaml
* Updated tags for template CVE-2020-9047.yaml
* Updated tags for template CVE-2020-17519.yaml
* Updated tags for template CVE-2020-17505.yaml
* Updated tags for template CVE-2020-9376.yaml
* Updated tags for template CVE-2020-8497.yaml
* Updated tags for template CVE-2020-14092.yaml
* Updated tags for template CVE-2020-10148.yaml
* Updated tags for template CVE-2020-35847.yaml
* Updated tags for template CVE-2020-12116.yaml
* Updated tags for template CVE-2020-11930.yaml
* Updated tags for template CVE-2020-24186.yaml
* Updated tags for template CVE-2020-9496.yaml
* Updated tags for template CVE-2020-35489.yaml
* Updated tags for template CVE-2020-26413.yaml
* Updated tags for template CVE-2020-2096.yaml
* misc updates
* misc update
* more updates
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-05 01:04:16 +05:30
3357141838
Merge pull request #3425 from Akokonunes/patch-96
...
Create accent-microcomputers-lfi.yaml
2022-01-03 10:29:56 +05:30
7ab7eca6ef
Merge pull request #3426 from Akokonunes/patch-97
...
Create sofneta-mecdream-pacs-server-lfi.yaml
2022-01-03 10:29:46 +05:30
2ed4e8a966
Merge pull request #3421 from pikpikcu/patch-311
...
Create sponip-network-system-ping-rce
2022-01-03 10:28:00 +05:30
ba686ad67f
Update and rename accent-microcomputers-lfi.yaml to vulnerabilities/other/accent-microcomputers-lfi.yaml
2022-01-03 10:24:12 +05:30
b70b9bcbf1
Update and rename sofneta-mecdream-pacs-server-lfi.yaml to sofneta-mecdream-pacs-lfi.yaml
2022-01-03 10:21:00 +05:30
139b04c9b6
Update and rename jinfornet-jreport-lfi.yaml to vulnerabilities/other/jinfornet-jreport-lfi.yaml
2022-01-03 10:01:12 +05:30
c83d035fff
Seperate technology template ( #3430 )
...
* Edit magmi workflow
* Add some workflow template + edit some template
* Changing some templates
* minor update
* workflow matcher fixes
* tech update
* Seperate technology template
* Update metabase-panel.yaml
* Update lucee-detect.yaml
* Update oneblog-detect.yaml
* Update dolibarr-panel.yaml
* Update dolibarr-panel.yaml
* Update dolibarr-panel.yaml
* Update gespage-panel.yaml
* Update gespage-panel.yaml
* Update mautic-crm-panel.yaml
* Update kibana-panel.yaml
* Update metabase-panel.yaml
* Update home-assistant-detect.yaml
* Update jitsi-meet-detect.yaml
* Update lucee-detect.yaml
* Update gotmls-plugin-lfi.yaml
* Update and rename technologies/opencast-detect.yaml to exposed-panels/opencast-detect.yaml
* duplicate template - cves/2020/CVE-2020-11738.yaml
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
2021-12-31 17:57:46 +05:30
80489bce76
Added wordpress-xmlrpc-brute-force.yaml ( #3445 )
...
* wp-xmlrpc-brute-force.yaml file was added
A Nuclei template for bruteforcing username and password through XMLRPC.
* wp-xmlrpc-brute-force.yaml file added
A Nuclei template for wordpress username and password Bruteforcing throught xmlrpc.php
* wp-xmlrpc-brute-force.yaml file added
A Nuclei template for wordpress username and password Bruteforcing throught xmlrpc.php
* Revert "wp-xmlrpc-brute-force.yaml file was added"
This reverts commit c0e4ca75a6ddbcf65e9443849a05c7b8f2625af9.
* few fixes
* Added wordpress user and pass list
* improved matcher
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2021-12-29 22:04:23 +05:30
d6da741663
IBM WebSphere Portal SSRF ( #3442 )
...
* Added IBM WebSphere Portal SSRF Detection
* Added IBM WebSphere Panel detection
* moving templates around
2021-12-29 17:32:10 +05:30
cb9fdbd7cc
Update and rename sofneta-mecdream-pacs-server-lfi.yaml to vulnerabilities/other/sofneta-mecdream-pacs-server-lfi.yaml
2021-12-29 11:28:09 +05:30
4ba5e931cc
Update sl-studio-lfi.yaml
2021-12-29 09:20:13 +05:30
b7974b288e
Update and rename sl-studio-lfi.yaml to vulnerabilities/other/sl-studio-lfi.yaml
2021-12-29 09:16:32 +05:30
ce7b60d79c
Update open-redirect.yaml ( #3404 )
...
* Update open-redirect.yaml
add new payloads
* minor update
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2021-12-26 20:53:11 +05:30
955c71fa50
Update sponip-network-system-ping-rce.yaml
2021-12-24 20:24:40 +05:30
51843e1e62
Create sponip-network-system-ping-rce.yaml
2021-12-24 09:30:31 -05:00
0ddd4c7911
Update and rename dicoogle-pacs-lfi.yaml to vulnerabilities/other/dicoogle-pacs-lfi.yaml
2021-12-24 19:23:04 +05:30
fa99cba4b3
Create vmware-horizon-log4j-jndi-rce.yaml ( #3403 )
...
* Create vmware-horizon-log4j-jndi-rce.yaml
* Update vmware-horizon-log4j-jndi-rce.yaml
* Update vmware-horizon-log4j-jndi-rce.yaml
* minor update
* minor update
* Added VMware Horizon detection
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2021-12-23 22:30:08 +05:30
8289e92291
Fixed h3c-imc-rce.yaml ( #3401 )
...
* Fixed h3c-imc-rce.yaml
* Update h3c-imc-rce.yaml
* Additional payload for windows
Co-authored-by: niudai <niudai@zp857s-mbp.local>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2021-12-23 20:23:42 +05:30
c57984b8f8
Added UniFi Network Log4j JNDI RCE ( #3402 )
...
Co-Authored-By: KrE80r <13027962+KrE80r@users.noreply.github.com>
Co-authored-by: KrE80r <13027962+KrE80r@users.noreply.github.com>
2021-12-23 08:57:03 +05:30
7933cfc470
Removing extra space from raw HTTP request
...
Should prevent issues with parsing this request
2021-12-22 13:33:51 +01:00
a511dac237
Merge pull request #3354 from DhiyaneshGeek/master
...
Create wordpress-ssrf-oembed.yaml
2021-12-21 18:48:42 +05:30
6e6349205d
Update and rename pacsone-server-6-6-2-lfi.yaml to vulnerabilities/other/pacsone-server-lfi.yaml
2021-12-21 17:32:19 +05:30
7a5cdc2bc3
Added ServiceNow Helpdesk Credential Exposure ( #3371 )
...
* Added ServiceNow Helpdesk Credential Exposure
Co-Authored-By: JP <19959240+jordanpotti@users.noreply.github.com>
* matcher update
Co-authored-by: JP <19959240+jordanpotti@users.noreply.github.com>
2021-12-19 23:42:01 +05:30
4af3a04b3c
Apache OFBiz Log4j JNDI RCE ( #3374 )
...
* Added Apache OFBiz Log4j JNDI RCE
* fixed matcher to match hostname in both cases
2021-12-18 15:46:49 +05:30
dcf3f57bdf
Merge pull request #3373 from projectdiscovery/princechaddha-patch-2
...
Create global-domains-xss.yaml
2021-12-18 15:02:06 +05:30
71027cbc79
Merge pull request #3357 from Akokonunes/patch-90
...
Create global-domains-lfi.yaml
2021-12-18 14:52:35 +05:30
3b067a1aca
Create global-domains-xss.yaml
2021-12-18 14:51:08 +05:30
0f40857119
Update and rename global-domains-lfi.yaml to vulnerabilities/other/global-domains-lfi.yaml
2021-12-18 14:43:28 +05:30
9a4941d995
Merge pull request #3356 from Akokonunes/patch-89
...
Create groupoffice-lfi.yaml
2021-12-18 14:33:42 +05:30
7b39972bfd
Merge pull request #3367 from gy741/rule-add-v80
...
Create oliver-library-server-lfi.yaml
2021-12-18 14:33:23 +05:30
d911551318
Merge pull request #3358 from Akokonunes/patch-91
...
Create asanhamayesh-cms-lfi.yaml
2021-12-18 14:32:12 +05:30
c6521085b7
Update groupoffice-lfi.yaml
2021-12-18 14:32:09 +05:30
4747277a4e
Update and rename asanhamayesh-cms-lfi.yaml to vulnerabilities/other/asanhamayesh-lfi.yaml
2021-12-18 14:28:39 +05:30
35faabd29f
Update and rename groupoffice-lfi.yaml to vulnerabilities/other/groupoffice-lfi.yaml
2021-12-18 14:26:46 +05:30
8afbfdc8dc
Update and rename oliver-library-server-lfi.yaml to oliver-library-lfi.yaml
2021-12-18 14:23:57 +05:30
4fdb934da0
Create oliver-library-server-lfi.yaml
...
An arbitrary file download vulnerability in Oliver v5 Library Server Versions < 8.00.008.053 via the FileServlet function allows for arbitrary file download by an attacker using unsanitized user supplied input.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-12-18 10:55:28 +09:00
09324d1be7
Added MobileIron log4j template ( #3355 )
...
* Added MobileIron log4j
* misc updates
Co-authored-by: meme-lord <17912559+meme-lord@users.noreply.github.com>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2021-12-16 22:37:32 +05:30
fdeb2b8500
Merge branch 'master' of https://github.com/DhiyaneshGeek/nuclei-templates into pr/3354
2021-12-16 14:32:14 +05:30
7670d1d6b8
Update wordpress-ssrf-oembed.yaml
2021-12-16 14:28:12 +05:30
1cfc899a27
update: lint fix
2021-12-16 14:25:00 +05:30
77441c0d81
Update wordpress-ssrf-oembed.yaml
2021-12-16 14:24:56 +05:30
0047b611cf
Update wordpress-ssrf-oembed.yaml
2021-12-16 14:21:53 +05:30
499fe055bf
Create wordpress-ssrf-oembed.yaml
2021-12-16 13:48:34 +05:30
39a71c641a
update: added more reference
2021-12-15 21:20:18 +05:30
11fe2fdfee
Added apache-solr-log4j RCE ( #3336 )
...
* update: added apache-solr-log4j-rce
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
Co-authored-by: GitHub Action <action@github.com>
2021-12-15 21:15:43 +05:30
d9ed21458f
Added VMware VCenter Log4j JNDI RCE ( #3340 )
...
* Added VMware VCenter Log4j JNDI RCE
Co-Authored-By: FQ Hsu <fanqxu@gmail.com>
* update: removed static UA
Co-Authored-By: FQ Hsu <fanqxu@gmail.com>
Co-authored-by: FQ Hsu <fanqxu@gmail.com>
2021-12-14 21:27:30 +05:30
c9ddd7a0ae
update: id + reference update
2021-12-14 21:07:46 +05:30
dddb0bbb82
Added CVE-2021-24997 ( #3298 )
...
* Added CVE-39226
* Added CVE-39226
* Delete CVE-39226.yaml
* Renamed CVE-39226 to CVE-2021-39226
Fixed naming error
* Added Wp-Guppy-Information-Disclosure template
* Removed File
Found better descriptor
* Added CVE-2021-24997
Added WordPress Guppy Information Disclosure CVE
* Fixed CVE-2021-24997
Fixed YAML formatting
* Fixed Typo
URL Path had an extra double quote
* Auto Generated Templates Stats [Wed Dec 8 23:07:24 UTC 2021] 🤖
* Deleted Blank Space
* Update CVE-2021-24997.yaml
* Update CVE-2021-24997.yaml
* Update CVE-2021-24997.yaml
* Update CVE-2021-24997.yaml
* Added CVE-2021-43496
* Update CVE-2021-43496.yaml
* fix: syntax update
* Added New Vuln
* Update CVE-2021-24997.yaml
* Update CVE-2021-43496.yaml
* Update and rename hd-netowrk-realtime-monitor-system-LFI.yaml to hdnetwork-realtime-lfi.yaml
* fix: lints update
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
Co-authored-by: GitHub Action <action@github.com>
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
2021-12-14 02:22:26 +05:30
51944ab6a2
fix: lints update
2021-12-14 02:14:35 +05:30
5bdd98f32d
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into pr/3298
2021-12-14 02:05:35 +05:30
6b007f48e7
Update and rename hd-netowrk-realtime-monitor-system-LFI.yaml to hdnetwork-realtime-lfi.yaml
2021-12-14 00:47:37 +05:30
8cac8b5a36
Update open-redirect.yaml ( #3333 )
2021-12-13 20:42:06 +05:30
b76dbf91c6
Add Another Redirect Payload and Extend the Regex to Recognize it ( #3299 )
...
* Fix Open Redirect Header Regex
The regex was missing the correct escaping for special char `/`
* Add New General Open Redirect
There's another option for open redirects. I tested it in FF and Chrome.
* Update Location Redirect Regex
* update: mix changes
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2021-12-13 20:38:21 +05:30
030cfe89b9
Merge branch 'master' into master
2021-12-13 05:07:57 -05:00
f52b1f0d55
Added New Vuln
2021-12-13 05:01:48 -05:00
79a95a56d7
Update and rename pieregister-plugin-open-redirect.yaml to vulnerabilities/wordpress/pieregister-open-redirect.yaml
2021-12-12 16:59:16 +05:30
6a4bbdf93a
Update Grafana Arbitrary File Read ( #3321 )
...
* Add Grafana plugins wordlist
* Using payloads instead
* fix: updated variable name
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2021-12-11 11:07:55 +05:30
0e94557017
Merge pull request #3248 from pikpikcu/patch-307
...
added thruk-xss
2021-12-09 22:01:56 +05:30
f476c5ff5b
Update thruk-xss.yaml
2021-12-09 21:58:15 +05:30
d35a55f7b4
Update and rename watchguard-fireware-ad-helper-component-credentials-disclosure.yaml to watchguard-credentials-disclosure.yaml
2021-12-09 21:05:13 +05:30
bde4e1815a
Create watchguard-fireware-ad-helper-component-credentials-disclosure.yaml
...
a credential-disclosure vulnerability in the AD Helper component of the WatchGuard Fireware Threat Detection and Response (TDR) service, which allows unauthenticated attackers to gain Active Directory credentials for a Windows domain in plaintext.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-12-09 16:02:48 +09:00
2521cb62bf
Added CVE-2021-43798 ( #3296 )
...
* Added CVE-2021-43798
* updated with default plugin list
* Update grafana-file-read.yaml
2021-12-08 16:46:47 +05:30
fcfb0366ba
Update grafana-file-read.yaml
2021-12-08 12:09:12 +05:30
d79b085051
add grafana file read ( #3286 )
...
* add grafana file read
* update: more reference
Co-authored-by: dev <z0ne>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2021-12-07 15:42:59 +05:30
fdcccb5938
Update and rename netsweeper-reflected-xss.yaml to netsweeper-rxss.yaml
2021-12-07 13:56:30 +05:30
ba8bad94c4
Update netsweeper-open-redirect.yaml
2021-12-07 13:43:29 +05:30
b90d0b7e3e
Add 10 templates and edit 1 workflows
2021-12-06 23:38:54 +07:00
9da0d768a1
fix: syntax + lint
2021-12-03 10:37:42 +05:30
83f6b2a153
Update thruk-xss.yaml
2021-12-02 19:07:50 +07:00
435eeca764
Create thruk-xss.yaml
2021-12-02 19:02:40 +07:00
1dabef2e6f
Revert "CVE update - CVE-2021-22049"
...
This reverts commit 70128c2587
2021-12-02 01:34:29 +05:30
70128c2587
CVE update - CVE-2021-22049
2021-12-02 01:31:41 +05:30
7ea7da8d4b
Added VMware vCenter SSRF/LFI/XSS ( #3240 )
2021-12-02 00:53:47 +05:30
71143da193
Added missing tags
2021-11-28 04:13:45 +05:30
e7e8c33d64
fixed matcher + added additional matcher
2021-11-27 10:20:04 +05:30
5080276f31
Update flow-flow-social-stream-xss.yaml
2021-11-26 09:48:04 +02:00
f82f4d1a0b
Create flow-flow-social-stream-xss.yaml
2021-11-26 06:55:21 +02:00
0d2a2f4e15
Merge pull request #3188 from pussycat0x/master
...
WordPress Themes Haberadam IDOR and Full Path Disclosure via JSON API
2021-11-24 12:14:54 +04:00
85d79fd597
Update and rename wp-haberadam-theme-idor.yaml to wp-haberadam-idor.yaml
2021-11-24 12:09:22 +04:00
b7701dc7b3
Update wp-haberadam-theme-idor.yaml
2021-11-23 19:53:36 +05:30
e7bc254415
Update wp-haberadam-theme-idor.yaml
2021-11-23 19:50:27 +05:30
b3ceaffb9f
Add files via upload
2021-11-23 19:46:33 +05:30
725782050a
Add description
2021-11-23 12:09:00 +02:00
42a9f46f94
Merge pull request #3176 from pussycat0x/master
...
Wordpress Revslider - Unauthenticated Arbitrary File Download
2021-11-23 09:40:48 +05:30
2407b57779
Update wp-revslider-file-download.yaml
2021-11-23 08:09:29 +04:00
fdb0cc0277
lint fix + moving template to wp folder
2021-11-22 22:55:00 +05:30
ee2a766a35
Update wp-revslider-file-download.yaml
2021-11-22 20:40:38 +05:30
680fffc187
Update wp-revslider-file-download.yaml
2021-11-22 20:33:29 +05:30
a8ee7e2ddf
Update wp-revslider-file-download.yaml
2021-11-22 20:29:59 +05:30
ba3d453744
Add files via upload
2021-11-21 17:00:25 +05:30
6eea2f5ec3
Merge pull request #3170 from pussycat0x/master
...
new templates
2021-11-21 14:44:52 +05:30
bb5dcd79ac
moved templates to correct directory/location
2021-11-21 14:40:48 +05:30
41669cb8f6
Add files via upload
2021-11-21 06:45:24 +05:30
1e31e0f76d
Update and rename eibiz-server-3-8-0-lfi.yaml to vulnerabilities/other/eibiz-lfi.yaml
2021-11-18 21:52:30 +05:30
cacf934f38
Merge pull request #3144 from DhiyaneshGeek/master
...
Axigen Mail Server & Squirrel Server
2021-11-16 16:09:21 +05:30
dfea5262ab
Update squirrelmail-add-xss.yaml
2021-11-16 15:30:41 +05:30
77e5352a78
Update squirrelmail-vkeyboard-xss.yaml
2021-11-16 15:13:47 +05:30
32715528d8
Update squirrelmail-lfi.yaml
2021-11-16 00:10:15 +05:30
1905c9321a
Create squirrelmail-vkeyboard-xss.yaml
2021-11-15 23:58:18 +05:30
36c96f5dd8
Rename squirrelmail-vkeyboard-xss.yaml to squirrelmail-add-xss.yaml
2021-11-15 23:57:48 +05:30
c003036a7e
Create squirrelmail-vkeyboard-xss.yaml
2021-11-15 23:44:51 +05:30
fcbbb3475c
Create squirrelmail-lfi.yaml
2021-11-15 23:40:09 +05:30
fbf50f1109
format fixing
2021-11-15 21:00:17 +05:30
4eb84d7802
Merge pull request #3131 from Akokonunes/patch-70
...
Create hrsale-unauthenticated-lfi.yaml
2021-11-13 23:46:11 +05:30
9a227941a1
Rename hrsale-unauthenticated-lfi.yaml to vulnerabilities/other/hrsale-unauthenticated-lfi.yaml
2021-11-13 23:37:32 +05:30
b2aa8f9f5b
misc updates
2021-11-13 23:01:53 +05:30
35bfff6f61
Added skip-variables-check for SSTI template
2021-11-09 22:16:37 +05:30
cb74944f43
misc updates
2021-11-08 15:45:54 +05:30
c51bbf8715
Merge pull request #3099 from ImNightmaree/master
...
Create ecshop-sql.yaml
2021-11-08 13:44:54 +05:30
5a6c30c7cf
Update ecshop-sqli.yaml
2021-11-08 13:42:44 +05:30
85741bbcf9
Update and rename ecshop-sql.yaml to ecshop-sqli.yaml
2021-11-08 13:42:13 +05:30
06bb1f444c
Update seowon-router-rce.yaml
2021-11-08 12:49:37 +05:30
7973948360
Update seowon-router-rce.yaml
2021-11-08 12:43:14 +05:30
6183e248d8
Create seowon-router-rce.yaml
...
Execute commands without authentication as admin user, To use it in all versions, we only enter the router ip & Port(if available) in the request The result of the request is visible on the browser page
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-11-07 14:50:39 +09:00
797d9066a1
More linting
2021-11-07 02:49:07 +00:00
b77df460dd
Linting
2021-11-07 02:39:21 +00:00
bbecf3965a
Update ecshop-sql.yaml
2021-11-07 02:36:28 +00:00
38135df2a6
Update ecshop-sql.yaml
2021-11-07 02:30:38 +00:00
f37527101c
Create ecshop-sql.yaml
2021-11-07 02:03:09 +00:00
5fa10c4b64
cves update
2021-11-06 12:34:04 +05:30
86f00468e1
Merge pull request #3070 from ImNightmaree/patch-2
...
Vanguard CMS Post-XSS
2021-11-06 00:13:58 +05:30
b66427b7c1
Update and rename wp-plugin-ad-widget-lfi.yaml to vulnerabilities/wordpress/ad-widget-lfi.yaml
2021-11-06 00:06:13 +05:30
a57cb5081a
Update vanguard-post-xss.yaml
2021-11-05 21:36:53 +05:30
eef5252cc5
file name update
2021-11-05 06:01:59 +05:30
e98a1b4085
Update vanguard-post-xss
2021-11-04 16:56:40 +00:00
5a94091468
Create vanguard-post-xss
2021-11-04 15:12:47 +00:00
915bb09a82
updating file name
2021-11-04 15:43:49 +05:30
67f3530dbf
Added meta info
2021-11-03 17:27:53 +05:30
be65921cc3
Added remediation information
2021-11-03 17:11:48 +05:30
c06cc9f690
Added Sitecore Experience Platform Pre-Auth RCE
2021-11-03 16:52:25 +05:30
e2b4d2b29c
misc update
2021-11-03 02:54:23 +05:30
b83e79a8fe
moving files around
2021-11-01 19:36:21 +05:30
f650961021
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into gitlab-updates
2021-11-01 19:21:55 +05:30
c4b7bb3bd2
Merge pull request #3032 from r3dg33k/wordpress-rdf-user-enum
...
wordpress-rdf-user-enum
2021-11-01 15:43:00 +05:30
7b20a25fc6
Update and rename wordpress-rdf-user-enum.yaml to rdf-user-enumeration.yaml
2021-11-01 15:37:58 +05:30
a862dc3a6f
Update wordpress-rdf-user-enum.yaml
2021-11-01 15:33:06 +05:30
ff5b68a343
Update wordpress-rdf-user-enum.yaml
2021-11-01 15:30:54 +05:30
3decaed012
Merge pull request #3036 from Akokonunes/patch-64
...
Create wp-theme-diarise-lfi.yaml
2021-11-01 14:54:58 +05:30
756ed2c443
Update and rename wp-theme-diarise-lfi.yaml to vulnerabilities/wordpress/diarise-theme-lfi.yaml
2021-11-01 14:37:16 +05:30
4381a462e2
Add description
2021-10-31 16:00:56 +02:00
d277d83c8e
Add description
2021-10-31 15:58:17 +02:00
8e27d69da4
misc update
2021-10-31 16:24:36 +05:30
26c298ed03
Update top-xss-params.yaml
...
added an additional 23 parameters and matchers
2021-10-30 16:26:28 -05:00
8c3f98c767
fixed invalid template syntax
2021-10-30 16:47:35 +05:30
2925226122
Update wordpress-rdf-user-enum.yaml
2021-10-30 13:58:24 +03:00
f3a44a7f50
Update wordpress-rdf-user-enum.yaml
2021-10-30 13:57:53 +03:00
f75fcde7a9
Update wordpress-rdf-user-enum.yaml
2021-10-30 13:56:04 +03:00
2d50cb52c6
Add files via upload
2021-10-30 13:46:56 +03:00
9848f92894
Add description
2021-10-27 14:06:15 +03:00
14ae8e3f59
Add description
2021-10-27 14:05:11 +03:00
3a02b7c325
Add description
2021-10-27 14:04:00 +03:00
f1cf6fd9a7
Add description
2021-10-27 14:03:22 +03:00
d5d2ed0a0e
Add description
2021-10-27 13:52:34 +03:00
659f61ca53
Create thinkphp-501-rce.yaml
2021-10-27 00:17:42 +05:30
ac70e14788
Merge pull request #2995 from Akokonunes/patch-63
...
Create wp-tinymce-thumbnail-plugin-lfi.yaml
2021-10-27 00:13:01 +05:30
b928d9a269
Update and rename wp-tinymce-thumbnail-plugin-lfi.yaml to wp-tinymce-lfi.yaml
2021-10-27 00:11:48 +05:30
7abaf59c18
Merge pull request #2993 from Akokonunes/patch-61
...
Create wp-javospot-premium-theme-lfi.yaml
2021-10-27 00:02:00 +05:30
ab633f8675
Update and rename wp-javospot-premium-theme-lfi.yaml to vulnerabilities/wordpress/wp-javospot-lfi.yaml
2021-10-26 23:55:34 +05:30
c9efc02223
Add description
2021-10-26 15:29:20 +03:00
093a495b5f
Add description
2021-10-26 15:28:43 +03:00
25f7c812c2
Add description
2021-10-26 15:27:57 +03:00
5d98d22416
Add description
2021-10-26 15:27:16 +03:00
8adbf37ab4
Add description
2021-10-26 15:26:10 +03:00
57bae34cb9
Add description
2021-10-26 15:25:34 +03:00
4c0e8bae7e
Add description
2021-10-26 15:24:26 +03:00
dcf402cfa4
Add description
2021-10-26 15:23:43 +03:00
7d0c8669a3
Add description
2021-10-26 15:22:21 +03:00
0de8bc19f8
misc template updates
2021-10-26 17:39:26 +05:30
058d859cd8
Add description
2021-10-26 12:45:23 +03:00
9c96179595
Fix description
2021-10-26 12:45:16 +03:00
423584f1b7
moving files around
2021-10-26 15:08:26 +05:30
fb81f4ca36
Better description
2021-10-26 12:35:56 +03:00
081a2546fe
Add description
2021-10-25 12:59:08 +03:00
e4018d4a0c
Add description
2021-10-25 12:58:22 +03:00
f9fb282770
Add description
2021-10-25 12:57:40 +03:00
319c8a830e
Add description
2021-10-25 12:56:03 +03:00
3029da4ceb
Add description
2021-10-25 12:55:23 +03:00
9f8270bb7a
Add description
2021-10-25 12:54:49 +03:00
c9e9c04f37
Add description
2021-10-25 12:54:00 +03:00
6a6ba60aad
Description
2021-10-25 12:53:22 +03:00
a96bfc3992
Add description
2021-10-25 12:52:58 +03:00
2bffa26635
Advisory description
2021-10-25 10:09:13 +03:00
e9bd13da3e
Product name is 'OA'
2021-10-25 10:07:28 +03:00
66a811c3c2
Better description
2021-10-25 10:06:50 +03:00
a3d1ca6b81
Description
2021-10-25 10:06:44 +03:00
130e5b1ff5
add description
2021-10-25 10:01:03 +03:00
d03fce098e
Add description
2021-10-25 09:58:59 +03:00
5636579be1
Non-broken link
2021-10-25 09:57:47 +03:00
ee82e5c591
Add description
2021-10-25 09:56:44 +03:00
8ad49535b0
Add description
2021-10-24 12:38:06 +03:00
c66ad46464
more metadata update
2021-10-22 23:24:21 +05:30
2d5beca867
metadata update
2021-10-22 23:23:25 +05:30
9ab9cd2a25
Merge pull request #2953 from Akokonunes/patch-59
...
Create aspose-importer-exporter-file-download.yaml
2021-10-22 22:03:37 +05:30
82ca4a8c43
Update and rename aspose-file-download.yaml to aspose-ie-file-download.yaml
2021-10-22 15:59:44 +05:30
5118c00e24
Update aspose-pdf-file-download.yaml
2021-10-22 15:58:02 +05:30
aa77769481
Rename aspose-pdf-file-download.yaml to vulnerabilities/wordpress/aspose-pdf-file-download.yaml
2021-10-22 15:49:18 +05:30
0cb293abca
Add description
2021-10-21 14:25:28 +03:00
07472bb021
Add description
2021-10-21 14:21:38 +03:00
ae55315ec6
Improve description
2021-10-21 14:15:52 +03:00
7e4cd54f9e
Add description
2021-10-21 14:13:53 +03:00
379513c015
Make description more clear
2021-10-21 08:55:02 +03:00
f1d4569a8c
Add description
2021-10-21 08:52:48 +03:00
691dab8a52
Add description
2021-10-21 08:51:56 +03:00
fde188d253
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-10-21 08:32:04 +03:00
a21cec6362
Merge pull request #2844 from projectdiscovery/more-fixes
...
Changes to adopt v2.5.3 engine
2021-10-21 07:21:20 +05:30
cfa3a798f3
Add description
2021-10-19 13:17:58 +03:00
e45550f4ed
Add description
2021-10-19 13:10:34 +03:00
d1684e7d67
Add description
2021-10-19 13:10:29 +03:00
5c910ab3b4
Add description
2021-10-19 13:03:41 +03:00
6d5e933128
Add description
2021-10-19 12:56:40 +03:00
33badb66d1
oob tags update
2021-10-19 02:10:26 +05:30
a614391d3f
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into more-fixes
2021-10-18 03:14:44 +05:30
1688b8073a
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-10-17 15:54:29 +03:00
087bbd2263
Add description
2021-10-17 15:54:19 +03:00
0fd1574fe2
Add description
2021-10-17 15:52:26 +03:00
c1b42bcc55
Add description
2021-10-17 15:50:52 +03:00
48588a6b81
Merge pull request #2887 from Akokonunes/patch-56
...
Create aspose-words-exporter-file-download.yaml
2021-10-17 17:04:08 +05:30
1022a0a556
Merge pull request #2898 from asurti6783/patch-2
...
Create jira-unauthenticated-screens.yaml
2021-10-17 08:40:26 +05:30
ba3c7afed0
Update jira-unauthenticated-screens.yaml
2021-10-17 08:36:48 +05:30
7d41f63091
Merge pull request #2903 from Akokonunes/patch-58
...
Create wp-aspose-cloud-ebook-plugin-file-download.yaml
2021-10-17 08:00:55 +05:30
ef16ad713b
Update and rename wp-aspose-cloud-ebook-plugin-file-download.yaml to vulnerabilities/wordpress/aspose-file-download.yaml
2021-10-17 07:49:46 +05:30
5385191a9d
Update microstrategy-ssrf.yaml
2021-10-17 07:46:32 +05:30
274f3f941a
Update microstrategy-ssrf.yaml
2021-10-16 17:19:30 -03:00
0d98ff0dd4
Create jira-unauthenticated-screens.yaml
2021-10-15 12:05:51 -04:00
968cfe7d03
Merge pull request #2870 from projectdiscovery/fastjson-rces
...
Fastjson Deserialization RCEs
2021-10-15 03:28:35 +05:30
42cc6d9507
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into more-fixes
2021-10-14 23:51:16 +05:30
aad97c084c
misc update
2021-10-14 20:08:44 +05:30
f9f4e3327e
moving files around
2021-10-14 20:05:25 +05:30
adfbed9d51
lint fix
2021-10-14 19:50:43 +05:30
558272470e
Merge branch 'master' of https://github.com/nrathaus/nuclei-templates into pr/2893
2021-10-14 19:32:03 +05:30
a313e27f6e
misc update
2021-10-14 19:31:57 +05:30
4532646b44
Description
2021-10-14 16:35:40 +03:00
d803f91971
Add description
2021-10-14 16:34:15 +03:00
dbb28d586a
Add description
2021-10-14 16:32:34 +03:00
5a00c6841d
Working link
2021-10-14 16:32:15 +03:00
75f96128d5
Better description
2021-10-14 16:31:27 +03:00
16dd5c6e8e
More reference
2021-10-14 16:30:44 +03:00
09de143099
Add CVE
2021-10-14 16:30:14 +03:00
6eaff09b16
Add description
2021-10-14 16:29:51 +03:00
a6800e0e1a
Add description
2021-10-14 16:28:41 +03:00
5618e8eaa9
Better description
2021-10-14 16:27:26 +03:00
e3071a4f26
Added description
2021-10-14 16:10:54 +03:00
eef7ba6cd4
Spelling
2021-10-14 16:07:39 +03:00
083ca2805a
Add description
2021-10-14 16:07:18 +03:00
2946782493
Fix name
2021-10-14 16:06:20 +03:00
3322a4becc
Previous reference is no longer available
2021-10-14 16:05:47 +03:00
67a6e574a0
Add description
2021-10-14 16:04:37 +03:00
4b603769c5
Add vendor CERT advisory/cve
2021-10-14 15:59:38 +03:00
39ebcc13a3
Add description
2021-10-14 15:55:59 +03:00
18e6257e33
description
2021-10-14 15:54:28 +03:00
d1105f1d79
Add description
2021-10-14 15:35:52 +03:00
e599ba1261
Add description
2021-10-14 15:35:47 +03:00
4275cce69a
Add description
2021-10-14 15:35:42 +03:00
5453f2ccdb
Add description
2021-10-14 15:35:37 +03:00
02d0071660
Update and rename aspose-words-exporter-file-download.yaml to vulnerabilities/wordpress/aspose-words-file-download.yaml
2021-10-14 16:33:38 +05:30
4ce3559d58
Update and rename wp-cherry-plugin-file-download.yaml to vulnerabilities/wordpress/cherry-file-download.yaml
2021-10-14 16:29:47 +05:30
2e9613d75b
Improve description
2021-10-13 12:01:33 +03:00
d5038b7520
Add description
2021-10-13 12:00:55 +03:00
ab008edc5b
Add description
2021-10-13 12:00:39 +03:00
b86a987030
Dead link
2021-10-13 12:00:36 +03:00
a3608c32f4
Add description
2021-10-13 11:56:10 +03:00
9273a765c0
Merge branch 'master' into more-fixes
2021-10-13 13:48:52 +05:30
dc2d9485a9
additional matcher
2021-10-12 12:07:05 +05:30
9d1f7fb627
more tags
2021-10-12 11:28:49 +05:30
6e6601a462
more templates
2021-10-12 11:27:50 +05:30
843c688505
Merge pull request #2867 from Akokonunes/patch-54
...
Create advanced-access-manager-plugin-lfi.yaml
2021-10-11 16:55:58 +05:30
da08f02913
Update and rename advanced-access-manager-plugin-lfi.yaml to vulnerabilities/wordpress/advanced-access-manager-lfi.yaml
2021-10-11 16:52:28 +05:30
86f52501a5
Added Fastjson 1.2.47 Deserialization RCE
2021-10-11 04:23:52 +05:30
16ea26b295
Added Fastjson 1.2.24 Deserialization RCE
2021-10-11 01:16:37 +05:30
5072932509
more updates
2021-10-10 06:43:30 +05:30
9b1c57506b
Updating CVE-2021-41773 / CVE-2021-42013 to include RCE check
2021-10-10 06:00:43 +05:30
6205415bbd
Update keycloak-xss.yaml
...
Updating severity as this XSS is not exploitable directly.
2021-10-09 08:46:17 +05:30
0c8e813c15
Merge pull request #2854 from Akokonunes/patch-52
...
Create wp-oxygen-theme-lfi.yaml
2021-10-08 19:20:54 +05:30
ecca8374fc
moving file around
2021-10-08 19:19:29 +05:30
95305667c0
Merge pull request #2852 from pdelteil/patch-65
...
Update qcubed-xss.yaml
2021-10-08 19:14:41 +05:30
6a00b9245c
Update qcubed-xss.yaml
2021-10-08 19:14:26 +05:30
de0a0ff3c1
misc update
2021-10-08 19:10:03 +05:30
60a3b6f4a4
Update qcubed-xss.yaml
2021-10-08 03:46:49 -03:00
888c703a3c
Update pmb-directory-traversal.yaml
2021-10-08 03:33:40 -03:00
53fc9bcb3f
misc fixes
2021-10-07 05:23:20 +05:30
634e215433
Merge pull request #2840 from projectdiscovery/apache-httpd-rce
...
Added Apache HTTPd - 2.4.49 (CGI enabled) RCE
2021-10-06 19:50:18 +05:30
8dfa5ce9b4
Added Lucee Unauthenticated Reflected XSS
2021-10-06 16:38:23 +05:30
856b96a084
lint update
2021-10-06 15:56:00 +05:30
796dd93113
Added Apache HTTPd - 2.4.49 (CGI enabled) RCE
2021-10-06 15:53:31 +05:30
3ce3718a5e
Merge pull request #2835 from Akokonunes/patch-49
...
Create ultimatemember-plugin-open-redirect.yaml
2021-10-06 11:04:54 +05:30
183af8b95b
Update and rename ultimatemember-plugin-open-redirect.yaml to vulnerabilities/wordpress/ultimatemember-open-redirect.yaml
2021-10-06 10:59:48 +05:30
f1130595ce
Update and rename wptouch-plugin-open-redirect.yaml to vulnerabilities/wordpress/wptouch-open-redirect.yaml
2021-10-06 10:46:16 +05:30
5b5e764b48
Merge pull request #2787 from mr-rizwan-syed/master
...
wp-config-file and aws-s3-access-key-leak
2021-10-05 18:25:04 +05:30
6e7b91f6dc
Update wordpress-accessible-wpconfig.yaml
2021-10-05 18:02:50 +05:30
478a7ef833
Merge pull request #2808 from pdelteil/patch-61
...
Update wp-plugin-1-flashgallery-listing.yaml
2021-10-02 17:59:10 +05:30
47853b869b
Update metinfo-lfi.yaml
2021-10-02 17:57:59 +05:30
f43b256e6e
Update metinfo-lfi.yaml
2021-10-02 17:57:33 +05:30
8fc91de606
Update metinfo-lfi.yaml
2021-10-02 03:42:22 -03:00
e3947fbfeb
Update wp-plugin-1-flashgallery-listing.yaml
2021-10-02 03:29:17 -03:00
4dc168520c
Merge pull request #2791 from pdelteil/patch-59
...
Update and rename wordpress-emails-verification-for-woocommerce.yaml …
2021-10-01 16:33:44 +05:30
d7e6cb313e
Update wp-woocommerce-email-verification.yaml
2021-10-01 16:31:50 +05:30
58fd372498
Update and rename qihang-media-web-lfi.yaml to qihang-media-lfi.yaml
2021-10-01 16:28:20 +05:30
ea71661d79
Update and rename qihang-media-web-credentials-disclosure.yaml to qihang-media-disclosure.yaml
2021-10-01 16:26:25 +05:30
f750bf5ba5
Create qihang-media-web-credentials-disclosure.yaml
...
The application suffers from clear-text credentials disclosure vulnerability that allows an unauthenticated attacker to issue a request to an unprotected directory that hosts an XML file /xml/User/User.xml and obtain administrative login information that allows for a successful authentication bypass attack.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-10-01 15:42:48 +09:00
90138f44d1
Create qihang-media-web-lfi.yaml
...
The application suffers from an unauthenticated file disclosure vulnerability when input passed thru the filename parameter when using the download action or thru path parameter when using the getAll action is not properly verified before being used. This can be exploited to disclose contents of files and directories from local resources.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-10-01 15:35:12 +09:00
145f1a643d
Update and rename wordpress-emails-verification-for-woocommerce.yaml to wp-woocommerce-email-verification.yaml
...
- name changed to match template id.
- added stop-at-first-match condition.
2021-09-30 22:49:21 -03:00
7adfd01163
Moving listserv_maestro_rce.yaml to cves folder
2021-09-30 15:39:45 -04:00
Dhiyaneshwaran
Prince Chaddha
sullo
MostInterestingBotInTheWorld
Sandeep Singh
Prince Chaddha
corrupted-brain
Valerio Preti
Evan Rubinstein
gy741
Muhammad Daffa
ImNightmaree
Pathtaga
Exid
Emad Youssef
PikPikcU
johnk3r
niudaii
Melvin
meme-lord
pudsec
S Bani
Dwi Siswanto
jeyaseelan8
z0ne
daffainfo
alph4byt3
pussycat0x
Noam Rathaus
ImNightmaree
Geeknik Labs
r3dg33k
Philippe Delteil
Arman Sameer