daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
7,676 Commits
17 Branches
0 Tags
160 MiB
Commit Graph

909 Commits (27f96f96c4d8a87ccc4212d269bfbe13648b99f7)

Author SHA1 Message Date
GwanYeong Kim 27eef8c1a9 Create zhiyuan-file-upload.yaml 
Zhiyuan OA is a set of office coordinating management software. Recently, Qianxin CERT monitors the relevant vulnerability information of the long OA. Since there is an unauthorized access in some interfaces, and some functions are insufficient, the attacker can upload malicious script files without logging in, so that there is no need to log in. Zhiyuan OA official has provided patches for this vulnerability. In view of the large vulnerability harm, it is recommended that users apply patch updates as soon as possible.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2021-08-02 11:07:14 +09:00
Sandeep Singh 918a6deead
Merge pull request #2265 from pussycat0x/master 
zabbix-dashboards-access
 2021-07-30 02:37:02 +05:30
sandeep 0d7dfa1713 Update wp-upload-data.yaml 2021-07-30 02:36:18 +05:30
Philippe Delteil 1f6a6a8764
Update jenkins-stack-trace.yaml 
file name  =  template id.
 2021-07-29 02:50:35 -04:00
Prince Chaddha 6d205308ea
Merge pull request #2239 from pikpikcu/patch-236 
Add Bitrix Open redirect
 2021-07-29 00:16:19 +05:30
Prince Chaddha 49efd9fa07
Update bitrix-open-redirect.yaml 2021-07-29 00:13:15 +05:30
Prince Chaddha 576b42b412
Update wp-upload-data.yaml 2021-07-29 00:09:11 +05:30
pussycat0x 7038617c86
Add files via upload 2021-07-28 23:56:51 +05:30
Philippe Delteil 4b7080333a
Rename unauthenticated-jenkin-dashboard.yaml to unaunthenticated-jenkin.yaml 
id - name file consistency
 2021-07-28 01:17:18 -04:00
PikPikcU 783550d003
Update bitrix-open-redirect.yaml 2021-07-28 08:38:48 +07:00
PikPikcU 72fcdc20bf
Create bitrix-open-redirect.yaml 2021-07-28 08:37:25 +07:00
Prince Chaddha 9f28ff8f9b
Update qcubed-xss.yaml 2021-07-27 11:57:30 +05:30
PikPikcU a2fc63b7ac
Create qcubed-xss.yaml 2021-07-27 13:06:30 +07:00
Prince Chaddha 833ae4ae48
Merge pull request #1083 from pikpikcu/patch-123 
Create dedecms-membergroup-sqli
 2021-07-26 18:02:27 +05:30
Prince Chaddha 86989129d1
Update netgear-wnap320-rce.yaml 2021-07-26 13:38:38 +05:30
GwanYeong Kim c72190c4bf Create netgear-wnap320-rce.yaml 
vulnerabilities in the web-based management interface of Netgear WNAP320 Access Point could allow an authenticated, remote attacker to perform command injection attacks against an affected device.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2021-07-26 08:35:22 +09:00
sandeep 6ccc5f8792 matcher update to handle edge cases 2021-07-25 03:05:55 +05:30
Prince Chaddha 2c0aa783c4
Merge pull request #2148 from gy741/rule-add-v34 
Add KevinLAB BEMS 1.0 Multiple Vulnerabilities
 2021-07-24 15:37:48 +05:30
Prince Chaddha bf7c0d3a63
Merge pull request #2122 from gy741/rule-add-v33 
Create magicflow-lfi.yaml
 2021-07-24 12:13:59 +05:30
Prince Chaddha ac45802ef5
Update kevinlab-bems-sqli.yaml 2021-07-24 12:10:46 +05:30
Prince Chaddha 2631f55550
Update kevinlab-bems-backdoor.yaml 2021-07-24 12:07:27 +05:30
Prince Chaddha 9a46592f71
Update kevinlab-bems-sqli.yaml 2021-07-24 11:59:35 +05:30
Prince Chaddha 87b4c2e98b
Update kevinlab-bems-sqli.yaml 2021-07-24 11:47:05 +05:30
Sandeep Singh 4b444af3c4
Merge pull request #2125 from DhiyaneshGeek/master 
17 New Templates Added
 2021-07-24 03:26:09 +05:30
sandeep 9617bc5815 matcher update 2021-07-24 03:25:22 +05:30
sandeep 47ea40bc55 Update kevinlab-bems-backdoor.yaml 2021-07-24 03:17:53 +05:30
Sandeep Singh b346584002
Update vulnerabilities/other/nginx-merge-slashes-path-traversal.yaml 
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
 2021-07-24 00:25:13 +05:30
Sandeep Singh 1909e3f628
Update vulnerabilities/other/nginx-merge-slashes-path-traversal.yaml 
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
 2021-07-24 00:24:37 +05:30
Sandeep Singh 59f90ffffa
Merge pull request #2150 from pussycat0x/master 
New templates added
 2021-07-24 00:09:43 +05:30
sandeep 79e15e7123 Update wordpress-wpcourses-info-disclosure.yaml 2021-07-24 00:07:50 +05:30
sandeep 43dccef185 generic improvements 2021-07-24 00:06:13 +05:30
sandeep 97aa239d52 Merge branch 'master' of https://github.com/pussycat0x/nuclei-templates into pr/2037 2021-07-24 00:00:55 +05:30
sandeep 3960d1f295 strict matchers 2021-07-23 23:59:54 +05:30
Sandeep Singh 38c2b6d4a9
Update vulnerabilities/wordpress/wp-idx-broker-platinum-listing.yaml 
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
 2021-07-23 23:49:58 +05:30
Sandeep Singh bdfee95603
Update vulnerabilities/wordpress/wp-idx-broker-platinum-listing.yaml 
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
 2021-07-23 23:49:33 +05:30
Sandeep Singh 6ebd1a36e0
Update vulnerabilities/wordpress/wp-email-subscribers-listing.yaml 
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
 2021-07-23 23:49:28 +05:30
Sandeep Singh edc62d15a4
Update vulnerabilities/wordpress/wp-email-subscribers-listing.yaml 
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
 2021-07-23 23:49:20 +05:30
Sandeep Singh 5170f4962b
Update vulnerabilities/wordpress/wp-arforms-listing.yaml 
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
 2021-07-23 23:49:14 +05:30
Sandeep Singh 1feaaded28
Update vulnerabilities/wordpress/wp-idx-broker-platinum-listing.yaml 
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
 2021-07-23 23:41:26 +05:30
Sandeep Singh 750a86c500
Update vulnerabilities/wordpress/wp-iwp-client-listing.yaml 
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
 2021-07-23 23:41:14 +05:30
Sandeep Singh 04b71d9335
Update vulnerabilities/wordpress/wp-iwp-client-listing.yaml 
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
 2021-07-23 23:41:06 +05:30
Sandeep Singh b82ac4b3fc
Update vulnerabilities/wordpress/wp-iwp-client-listing.yaml 
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
 2021-07-23 23:40:56 +05:30
sandeep 28d7d26953 Update wp-sfwd-lms-listing.yaml 2021-07-23 23:39:46 +05:30
Prince Chaddha ca49fb21c7
Merge pull request #2154 from pdelteil/patch-25 
Update coldfusion-debug-xss.yaml
 2021-07-23 20:54:31 +05:30
Prince Chaddha 2dfa3d2e82
Update visual-tools-dvr-rce.yaml 2021-07-23 20:46:49 +05:30
Prince Chaddha 1dd4e3c846
Update visual-tools-dvr-rce.yaml 2021-07-23 15:15:23 +05:30
GwanYeong Kim 2c77510faa Create visual-tools-dvr-rce.yaml 
vulnerabilities in the web-based management interface of Visual Tools DVR VX16 4.2.28.0 could allow an authenticated, remote attacker to perform command injection attacks against an affected device.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2021-07-23 08:47:29 +09:00
Philippe Delteil abacdafb4f
Update coldfusion-debug-xss.yaml 
The term adobe is more general than coldfusion. Since Coldfusion is a product of Adobe.
 2021-07-22 19:44:57 -04:00
pussycat0x d3ff29daaa
Update vulnerabilities/wordpress/wp-arforms-listing.yaml 
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
 2021-07-23 00:32:13 +05:30
pussycat0x 6987e1ffee
Update vulnerabilities/wordpress/wp-arforms-listing.yaml 
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
 2021-07-23 00:32:05 +05:30