sullo
ee235ad8e6
Extraneous comment
2022-02-07 09:01:46 -05:00
sullo
9a48be8608
Merge branch 'dashboard' of https://github.com/MostInterestingBotInTheWorld/nuclei-templates into dashboard
2022-02-07 09:00:59 -05:00
sullo
929f8e0f64
Merge pull request #3665 from MostInterestingBotInTheWorld/dashboard
...
Enhancements: Various text cleanups
2022-02-07 09:00:27 -05:00
GitHub Action
94ac089ed7
Auto Generated CVE annotations [Sun Feb 6 18:32:16 UTC 2022] 🤖
2022-02-06 18:32:16 +00:00
sandeep
574acfaddc
minor template update
2022-02-06 23:59:47 +05:30
PikPikcU
0d5e0e891d
Update CVE-2022-0378.yaml
2022-02-06 05:18:24 -05:00
PikPikcU
0d311a72c3
Update CVE-2022-0281.yaml
2022-02-06 05:17:40 -05:00
cckuailong
4ab6524b2b
Merge branch 'projectdiscovery:master' into master
2022-02-06 17:28:15 +08:00
PikPikcU
9e641734a3
Create CVE-2022-0432.yaml
2022-02-06 01:04:17 -05:00
PikPikcU
4f8a0ac62c
Create CVE-2022-0378.yaml
2022-02-06 00:41:20 -05:00
PikPikcU
a12753c7fe
Create CVE-2022-0281.yaml
2022-02-06 00:28:32 -05:00
sullo
45cd5fe80d
Merge branch 'dashboard' of https://github.com/MostInterestingBotInTheWorld/nuclei-templates into dashboard
2022-02-04 16:02:58 -05:00
MostInterestingBotInTheWorld
4f497cbd17
Enhancement: cves/2020/CVE-2020-9402.yaml by mp
2022-02-04 16:02:22 -05:00
MostInterestingBotInTheWorld
e124b4333b
Enhancement: cves/2020/CVE-2020-9402.yaml by mp
2022-02-04 16:01:13 -05:00
MostInterestingBotInTheWorld
d7ac754156
Enhancement: cves/2020/CVE-2020-14882.yaml by mp
2022-02-04 15:55:59 -05:00
sullo
ef4f6db363
Fix regular expression after bot change
2022-02-04 15:22:52 -05:00
Prince Chaddha
fa45badbeb
Update CVE-2016-10940.yaml
2022-02-05 01:24:10 +05:30
Prince Chaddha
bbd80d10d4
Update CVE-2016-10940.yaml
2022-02-05 01:20:21 +05:30
MostInterestingBotInTheWorld
50d9f0b4f1
Enhancement: cves/2019/CVE-2019-13462.yaml by mp
2022-02-04 14:39:08 -05:00
Prince Chaddha
71abfd0939
Update CVE-2021-24510.yaml
2022-02-05 01:05:57 +05:30
MostInterestingBotInTheWorld
a3d83420ac
Enhancement: cves/2020/CVE-2020-14882.yaml by mp
2022-02-04 14:29:39 -05:00
Prince Chaddha
1be67200cb
Create CVE-2021-39322.yaml
2022-02-05 00:51:50 +05:30
Prince Chaddha
96b7380c80
Create CVE-2021-34643.yaml
2022-02-05 00:50:43 +05:30
Prince Chaddha
9a702c2c16
Create CVE-2021-34640.yaml
2022-02-05 00:49:25 +05:30
Prince Chaddha
d4b4e69752
Create CVE-2021-24510.yaml
2022-02-05 00:48:10 +05:30
Prince Chaddha
dbfa7efae0
Create CVE-2021-20792.yaml
2022-02-05 00:46:00 +05:30
Prince Chaddha
0832f09ea7
Create CVE-2018-7602.yaml
2022-02-05 00:39:58 +05:30
sullo
8461d21658
Remove trailing spaces
2022-02-04 14:09:21 -05:00
sullo
111f7d9a88
Cleanup some dashboard artifacts
2022-02-04 14:02:53 -05:00
sullo
e7bd6a2129
Remove space before EOL in CVE-2019-12725.yaml
2022-02-04 13:59:21 -05:00
Prince Chaddha
685495df91
Update CVE-2021-20158.yaml
2022-02-04 23:31:10 +05:30
GwanYeong Kim
fcc39f52ee
Create CVE-2021-20158.yaml
...
Trendnet AC2600 TEW-827DRU version 2.08B01 contains an authentication bypass vulnerability. It is possible for an unauthenticated, malicous actor to force the change of the admin password due to a hidden administrative command.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-02-05 01:29:16 +09:00
MostInterestingBotInTheWorld
d13fbad151
Enhancement: cves/2019/CVE-2019-12725.yaml by mp
2022-02-04 11:27:18 -05:00
MostInterestingBotInTheWorld
421460c87e
Enhancement: cves/2019/CVE-2019-12725.yaml by mp
2022-02-04 11:25:37 -05:00
MostInterestingBotInTheWorld
811dc2d70e
Enhancement: cves/2021/CVE-2021-26855.yaml by mp
2022-02-04 11:13:25 -05:00
sullo
b25b0448a5
Remove blank lines
2022-02-04 10:27:24 -05:00
MostInterestingBotInTheWorld
ac6002f149
Enhancement: cves/2014/CVE-2014-8682.yaml by mp
2022-02-04 10:18:35 -05:00
MostInterestingBotInTheWorld
bea2ce4d24
Enhancement: cves/2017/CVE-2017-9805.yaml by mp
2022-02-04 10:15:15 -05:00
MostInterestingBotInTheWorld
163ae2f24e
Merge branch 'projectdiscovery:master' into dashboard
2022-02-04 09:19:12 -05:00
cckuailong
3bc20d0d12
Merge branch 'projectdiscovery:master' into master
2022-02-04 10:50:34 +08:00
Prince Chaddha
480dea094b
Update CVE-2021-20150.yaml
2022-02-04 01:20:39 +05:30
Prince Chaddha
f846faa127
Update CVE-2021-20150.yaml
2022-02-04 01:13:30 +05:30
Prince Chaddha
d2e4be88e6
Update CVE-2021-20150.yaml
2022-02-04 01:13:00 +05:30
GwanYeong Kim
bc87c82d9b
Create CVE-2021-20150.yaml
...
Trendnet AC2600 TEW-827DRU version 2.08B01 improperly discloses information via redirection from the setup wizard. Authentication can be bypassed and a user may view information as Admin by manually browsing to the setup wizard and forcing it to redirect to the desired page.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-02-03 18:06:04 +09:00
Prince Chaddha
ac371405bd
Merge pull request #3650 from Akokonunes/patch-112
...
Create CVE-2020-36365.yaml
2022-02-03 02:45:07 +05:30
Prince Chaddha
42bc941827
Update and rename CVE-2020-36365.yaml to cves/2020/CVE-2020-36365.yaml
2022-02-03 02:39:33 +05:30
Prince Chaddha
99931f2e0b
Merge pull request #3651 from dwisiswant0/add/CVE-2021-32853
...
Add CVE-2021-32853
2022-02-03 02:16:08 +05:30
Prince Chaddha
b023c8206e
Update CVE-2021-32853.yaml
2022-02-03 02:14:21 +05:30
Prince Chaddha
9f63a2f4fb
Update CVE-2021-32853.yaml
2022-02-03 02:06:26 +05:30
Prince Chaddha
110704dd3e
Update CVE-2021-32853.yaml
2022-02-03 02:01:24 +05:30
Prince Chaddha
61ba3a55e4
Update CVE-2016-10940.yaml
2022-02-03 01:24:10 +05:30
Prince Chaddha
9d1782ab06
Merge pull request #3645 from DhiyaneshGeek/master
...
CVE-2021-32818 , CVE-2021-26247
2022-02-03 01:16:38 +05:30
Prince Chaddha
6c39177ddc
Delete CVE-2021-32818.yaml
2022-02-03 01:11:45 +05:30
MostInterestingBotInTheWorld
fb84327f3c
Enhancement: cves/2005/CVE-2005-2428.yaml by mp
2022-02-02 13:15:44 -05:00
MostInterestingBotInTheWorld
8c22a7f11a
Enhancement: cves/2005/CVE-2005-2428.yaml by cs
2022-02-02 13:08:10 -05:00
6d616461
0c1fb1e697
Updated CVE-2016-10956 Template
2022-02-02 18:36:24 +01:00
MostInterestingBotInTheWorld
0d1f876866
Enhancement: cves/2021/CVE-2021-37538.yaml by mp
2022-02-02 12:15:24 -05:00
6d616461
83bb5912fe
Updated CVE-2019-9618 Template
2022-02-02 17:47:13 +01:00
cckuailong
7c9b7017d2
Merge branch 'master' of github.com:cckuailong/nuclei-templates
2022-02-02 23:28:26 +08:00
cckuailong
58282f56f1
add CVE-2016-10940
2022-02-02 23:27:47 +08:00
Sandeep Singh
633205a001
Update CVE-2021-32853.yaml
2022-02-02 13:56:12 +05:30
Dwi Siswanto
940db2f928
Add CVE-2021-32853
2022-02-02 13:27:36 +07:00
sullo
09558de213
Adding classification
2022-02-01 16:52:18 -05:00
MostInterestingBotInTheWorld
141392e683
Enhancement: cves/2018/CVE-2018-17254.yaml by cs
2022-02-01 16:47:16 -05:00
Prince Chaddha
cf9821e3b1
Update CVE-2021-26247.yaml
2022-02-02 00:48:29 +05:30
MostInterestingBotInTheWorld
c052b84ffc
Enhancement: cves/2014/CVE-2014-8682.yaml by mp
2022-02-01 13:09:32 -05:00
GitHub Action
8868b0f56b
Auto Generated CVE annotations [Tue Feb 1 06:10:46 UTC 2022] 🤖
2022-02-01 06:10:46 +00:00
Dhiyaneshwaran
a5bd8630c8
Create CVE-2021-32818.yaml
2022-02-01 11:39:12 +05:30
GitHub Action
a18a19ff3c
Auto Generated CVE annotations [Tue Feb 1 06:06:15 UTC 2022] 🤖
2022-02-01 06:06:15 +00:00
Dhiyaneshwaran
bcc7113677
Create CVE-2021-26247.yaml
2022-02-01 11:34:51 +05:30
Prince Chaddha
dca4cdc12f
Update CVE-2020-35489.yaml
2022-02-01 01:28:32 +05:30
Prince Chaddha
ee95110be4
Merge pull request #3614 from Akokonunes/patch-109
...
Create CVE-2020-18268.yaml
2022-02-01 00:45:53 +05:30
Prince Chaddha
fdddc48c2f
Update CVE-2020-18268.yaml
2022-02-01 00:42:58 +05:30
Prince Chaddha
992687329c
Update CVE-2020-18268.yaml
2022-02-01 00:41:58 +05:30
GitHub Action
606e9b09e5
Auto Generated CVE annotations [Mon Jan 31 18:38:32 UTC 2022] 🤖
2022-01-31 18:38:32 +00:00
Prince Chaddha
961873521f
Merge pull request #3630 from Akokonunes/patch-110
...
Added CVE-2016-3978
2022-02-01 00:07:07 +05:30
Prince Chaddha
812d76a1b8
Merge pull request #3514 from Akokonunes/patch-103
...
Create CVE-2019-13396.yaml
2022-02-01 00:06:48 +05:30
Prince Chaddha
a9734d712b
Update CVE-2019-13396.yaml
2022-02-01 00:05:35 +05:30
Prince Chaddha
cc40d47cf7
Update CVE-2016-3978.yaml
2022-01-31 23:41:51 +05:30
Prince Chaddha
8efaa0754e
Merge pull request #3633 from cckuailong/master
...
add CVE-2021-46005 (Sourcecodester Car Rental Management System 1.0 - Stored XSS)
2022-01-31 23:38:53 +05:30
Prince Chaddha
cd221355ee
Update CVE-2021-46005.yaml
2022-01-31 23:34:34 +05:30
Prince Chaddha
fb48b67f39
Update CVE-2021-46005.yaml
2022-01-31 23:29:36 +05:30
Roberto Nunes
9c4df9e91a
Create CVE-2021-25864.yaml ( #3631 )
...
* Create CVE-2021-25864.yaml
* moving template to cves folder
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-31 14:36:37 +05:30
Sandeep Singh
cfb6fff36d
removing trailing spaces
2022-01-29 19:24:58 +05:30
cckuailong
80b60ef829
add CVE-2021-46005
2022-01-29 21:22:44 +08:00
sandeep
39e41ce464
template name and ID update
2022-01-29 17:15:08 +05:30
sandeep
d34ca992d3
Added CVE-2022-21371
2022-01-28 16:59:22 +05:30
sandeep
57d742bfb4
Removing temporarily due to limited information
2022-01-28 16:58:30 +05:30
sandeep
9fa97d4221
path update
2022-01-28 16:55:45 +05:30
Aaron Chen
cb2f2a8721
Update CVE-2018-13380.yaml ( #3623 )
...
* Update CVE-2018-13380.yaml
* Fix payload and matcher
* Add reference
* misc updates
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-28 15:46:21 +05:30
GitHub Action
7ce2191287
Auto Generated CVE annotations [Fri Jan 28 09:01:49 UTC 2022] 🤖
2022-01-28 09:01:49 +00:00
Sandeep Singh
d4136282cc
Merge pull request #3621 from MostInterestingBotInTheWorld/dashboard
...
Enhancement: Template Enhancements from Dashboard
2022-01-28 11:20:43 +05:30
Prince Chaddha
dfdfc369d1
Merge pull request #3597 from paradessia/master
...
CVE-2022-21371
2022-01-28 11:14:44 +05:30
sandeep
6ee7b7c83b
syntax update
2022-01-28 11:12:09 +05:30
sandeep
72f14d4d2e
fix spaces
2022-01-28 11:08:17 +05:30
Prince Chaddha
850ae90f55
Update CVE-2021-45380.yaml
2022-01-28 10:59:21 +05:30
Sullo
f3f320dc29
Spacing matters
2022-01-27 14:31:57 -05:00
Sullo
81bf8288b5
Syntax fixes
2022-01-27 14:23:33 -05:00
MostInterestingBotInTheWorld
4ed9d6221b
Merge branch 'projectdiscovery:master' into dashboard
2022-01-27 13:55:22 -05:00
MostInterestingBotInTheWorld
318c7a46c2
Enhancement: cves/2008/CVE-2008-6172.yaml by mp
2022-01-27 13:55:00 -05:00
MostInterestingBotInTheWorld
57d4afde0a
Enhancement: cves/2004/CVE-2004-0519.yaml by mp
2022-01-27 13:48:06 -05:00
MostInterestingBotInTheWorld
6a6d272fdf
Enhancement: cves/2004/CVE-2004-0519.yaml by mp
2022-01-27 13:45:09 -05:00
PikPikcU
4beabd88f9
Create CVE-2021-45380.yaml
2022-01-27 13:40:43 -05:00
MostInterestingBotInTheWorld
794febebef
Enhancement: cves/2000/CVE-2000-0114.yaml by mp
2022-01-27 13:36:56 -05:00
MostInterestingBotInTheWorld
1d12645904
Enhancement: cves/2000/CVE-2000-0114.yaml by mp
2022-01-27 13:30:23 -05:00
cckuailong
5b424fafe1
add CVE-2022-23944 ( #3605 )
...
* add CVE-2022-23944
* fix CVE-2021-23944 matcher type
* Update CVE-2022-23944.yaml
* minor updates
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-27 15:59:26 +05:30
GitHub Action
4bd8b86a3e
Auto Generated CVE annotations [Thu Jan 27 10:22:20 UTC 2022] 🤖
2022-01-27 10:22:20 +00:00
Sandeep Singh
53da8a8206
Added CVE-2021-21973 ( #3615 )
...
* Added CVE-2021-21973
* minor update
2022-01-27 15:50:44 +05:30
Prince Chaddha
fd777fd0b6
Update and rename CVE-2020-18268.yaml to cves/2020/CVE-2020-18268.yaml
2022-01-27 14:18:01 +05:30
GitHub Action
3a1d847b57
Auto Generated CVE annotations [Wed Jan 26 17:59:10 UTC 2022] 🤖
2022-01-26 17:59:10 +00:00
Smaran Chand
0babc27b75
Added elFinder filemanger exposed ( #3602 )
...
* Added elFinder filemanger exposed
* Template name / id update + more reference
* template name update
* matcher update
* Modified the matcher.
* minor updates
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-26 23:27:45 +05:30
Sandeep Singh
21b7bd1547
Update CVE-2017-7391.yaml
2022-01-26 17:37:19 +05:30
Sullo
9a8482172d
Remove:
...
- various nonstandard ascii chars in favor of the standard ones (mostly quotes)
- spaces after : in some files
2022-01-25 14:38:53 -05:00
GitHub Action
173f0ef2d3
Auto Generated CVE annotations [Tue Jan 25 16:51:00 UTC 2022] 🤖
2022-01-25 16:51:00 +00:00
Sandeep Singh
4401b9ebe9
Merge pull request #3599 from projectdiscovery/CVE-2021-24838
...
Added CVE-2021-24838
2022-01-25 22:19:30 +05:30
Sandeep Singh
494a80799c
Merge pull request #3600 from MostInterestingBotInTheWorld/dashboard
...
Enhancement: cves/2021/CVE-2021-29156.yaml by cs
2022-01-25 22:09:27 +05:30
sandeep
8c7ec49185
lint fix
2022-01-25 22:08:01 +05:30
Prince Chaddha
97b38b98b4
Update CVE-2022-21371.yaml
2022-01-25 21:06:14 +05:30
Prince Chaddha
91d9b71864
Merge pull request #3596 from gy741/rule-add-v93
...
Create CVE-2021-39350.yaml
2022-01-25 17:16:12 +05:30
sandeep
47e34dba46
Added CVE-2021-24838
2022-01-25 17:14:00 +05:30
Prince Chaddha
6a2ff6f09e
Update CVE-2021-39350.yaml
2022-01-25 17:08:01 +05:30
GitHub Action
48add9c36b
Auto Generated CVE annotations [Tue Jan 25 11:06:39 UTC 2022] 🤖
2022-01-25 11:06:39 +00:00
Prince Chaddha
2460dceff3
Update CVE-2022-21371.yaml
2022-01-25 16:36:10 +05:30
GitHub Action
5f2efaf5df
Auto Generated CVE annotations [Tue Jan 25 09:56:37 UTC 2022] 🤖
2022-01-25 09:56:37 +00:00
on
abfbfe29ae
CVE-2022-21371.yaml
2022-01-25 12:48:56 +03:00
GitHub Action
e035a797c6
Auto Generated CVE annotations [Tue Jan 25 09:41:31 UTC 2022] 🤖
2022-01-25 09:41:31 +00:00
GwanYeong Kim
67b2955d98
Create CVE-2021-39350.yaml
...
The FV Flowplayer Video Player WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the player_id parameter found in the ~/view/stats.php file which allows attackers to inject arbitrary web scripts, in versions 7.5.0.727 - 7.5.2.727.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-01-25 17:31:13 +09:00
Prince Chaddha
25e3537212
Update CVE-2021-43810.yaml
2022-01-25 12:34:20 +05:30
GwanYeong Kim
c368e33117
Create CVE-2021-43810.yaml
...
Admidio is a free open source user management system for websites of organizations and groups. A cross-site scripting vulnerability is present in Admidio prior to version 4.0.12. The Reflected XSS vulnerability occurs because redirect.php does not properly validate the value of the url parameter. Through this vulnerability, an attacker is capable to execute malicious scripts. This issue is patched in version 4.0.12.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-01-25 13:55:34 +09:00
MostInterestingBotInTheWorld
44d23ef3eb
Enhancement: cves/2021/CVE-2021-29156.yaml by cs
2022-01-24 13:45:03 -05:00
Prince Chaddha
5511ff1efd
Merge pull request #3578 from hexcat/add-wp-html-mail-xss
...
Added wp-html-mail-xss template
2022-01-24 14:21:06 +05:30
Prince Chaddha
6dd35d6491
Update and rename vulnerabilities/wordpress/wp-html-mail-xss.yaml to cves/2022/CVE-2022-0218.yaml
2022-01-24 14:17:01 +05:30
GitHub Action
f882764c9b
Auto Generated CVE annotations [Mon Jan 24 07:12:56 UTC 2022] 🤖
2022-01-24 07:12:56 +00:00
Prince Chaddha
fa30e05f61
Merge pull request #3586 from V35HR4J/master
...
Create CVE-2021-39433.yaml
2022-01-24 12:40:15 +05:30
Prince Chaddha
018ae134c0
Merge pull request #3585 from gy741/rule-add-v90
...
Create CVE-2022-23178.yaml
2022-01-24 12:39:17 +05:30
Prince Chaddha
e9897bddaa
Update CVE-2022-23178.yaml
2022-01-24 12:37:55 +05:30
Prince Chaddha
03697ed21a
Update CVE-2021-39433.yaml
2022-01-24 12:28:03 +05:30
Veshraj Ghimire
df907cc2e3
Create CVE-2021-39433.yaml
2022-01-23 21:00:30 +05:45
GwanYeong Kim
2d53221aea
Create CVE-2022-23178.yaml
...
An issue was discovered on Crestron HD-MD4X2-4K-E 1.0.0.2159 devices. When the administrative web interface of the HDMI switcher is accessed unauthenticated, user credentials are disclosed that are valid to authenticate to the web interface. Specifically, aj.html sends a JSON document with uname and upassword fields.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-01-23 20:28:25 +09:00
Prince Chaddha
1d15a5464a
Update CVE-2021-24750.yaml
2022-01-23 14:51:25 +05:30
Prince Chaddha
3c9e02150d
Update CVE-2021-24750.yaml
2022-01-23 14:39:38 +05:30
Prince Chaddha
75184ca383
Update CVE-2021-24750.yaml
2022-01-23 14:38:12 +05:30
cckuailong
dad34d012c
add CVE-2021-24750
2022-01-23 13:17:20 +08:00
sandeep
2a8d8e1095
more updates
2022-01-22 23:27:52 +05:30
sandeep
6b14c6c6fc
CVE-2021-40438 update
2022-01-22 23:18:07 +05:30
sullo
3b7bcda337
Enhancement: cves/2001/CVE-2001-1473.yaml by Chris
2022-01-21 13:58:26 -05:00
sullo
0fcaacfb8c
Enhancement: cves/2001/CVE-2001-1473.yaml by Chris
2022-01-21 13:57:17 -05:00
Sandeep Singh
8a3e575e9f
Added CVE-2012-4547 / CVE-2009-5020 ( #3575 )
...
* Added CVE-2012-4547 / CVE-2009-5020
* Update CVE-2009-5020.yaml
2022-01-21 16:37:41 +05:30
Houziaux Mike
3564e64027
[Add] - Zimbra unauthenticated LFI ( #3571 )
...
* add zimbra lfi
* template updates
- CVE update
- Matchers update
- Additional LFI payload + matchers
* Update CVE-2013-7091.yaml
* Revert "Update CVE-2013-7091.yaml"
This reverts commit fdffa3944f29754d8971a2697754011d29677c42.
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: Prince Chaddha <cyberbossprince@gmail.com>
2022-01-21 13:02:08 +05:30
Leovalcante
bac26e1669
Create check for cve-2020-24391 mongo-express RCE ( #3566 )
...
* Create check for cve-2020-24391 mongo-express RCE
* random file to write + matcher updates + extractor
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-20 14:55:01 +05:30
Sandeep Singh
1b0c7f1b7f
CVE-2021-22205 update ( #3568 )
...
*moved cves/2021/CVE-2021-22205.yaml to vulnerabilities/gitlab/gitlab-rce.yaml
*template extension update + added missing severity + misc updates
2022-01-20 14:25:57 +05:30
Greg Johnson
e0a2d35a8d
add passive fingerprinting template for CVE-2021-22205 ( #3565 )
...
Co-authored-by: Greg Johnson (codeEmitter) <gjohnson@gitlab.com>
2022-01-20 14:12:37 +05:30
sandeep
f6e3df8b33
CVE-2020-13483 Update
2022-01-19 13:44:01 +05:30
pussycat0x
650a38ffde
Qualcomm 4G LTE WiFi VoIP-Router ( #3555 )
...
* Add files via upload
* Auto Generated CVE annotations [Mon Jan 17 16:05:35 UTC 2022] 🤖
* Update CVE-2021-44528.yaml
* Update CVE-2021-45232.yaml
* Add files via upload
* removing duplicate template
* moving template around
* template fix
Co-authored-by: GitHub Action <action@github.com>
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-19 13:33:34 +05:30
sandeep
e51d401214
template fix
2022-01-19 13:32:16 +05:30
sandeep
fd023b42a8
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into pr/3550
2022-01-19 13:25:06 +05:30
Roberto Nunes
f8013457b6
Create CVE-2020-23575.yaml ( #3547 )
...
* Create CVE-2020-23575.yaml
* Update and rename CVE-2020-23575.yaml to cves/2020/CVE-2020-23575.yaml
* minor update
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-18 13:12:16 +05:30
Roberto Nunes
2cadf76241
Create CVE-2021-32618.yaml ( #3546 )
...
* Create CVE-2021-32618.yaml
* Update and rename CVE-2021-32618.yaml to cves/2021/CVE-2021-32618.yaml
* matcher update
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-18 12:51:00 +05:30
GitHub Action
2c250d66c7
Auto Generated CVE annotations [Tue Jan 18 05:22:01 UTC 2022] 🤖
2022-01-18 05:22:01 +00:00
Dwi Siswanto
b8dabfbcbb
Add CVE-2021-20038 ( #3542 )
...
* Add CVE-2021-20038
* misc: Update author
2022-01-18 10:50:14 +05:30
Prince Chaddha
bc5fba6fbf
Update CVE-2021-45232.yaml
2022-01-17 22:20:44 +05:30
Prince Chaddha
f988ad8ff4
Update CVE-2021-44528.yaml
2022-01-17 22:19:22 +05:30
GitHub Action
4f81203546
Auto Generated CVE annotations [Mon Jan 17 16:05:35 UTC 2022] 🤖
2022-01-17 16:05:35 +00:00
GitHub Action
8244d08f57
Auto Generated CVE annotations [Sun Jan 16 16:40:51 UTC 2022] 🤖
2022-01-16 16:40:51 +00:00
Sandeep Singh
f6377b09ec
Added Apache APISIX's Admin API Default Access Token (RCE) ( #3544 )
2022-01-16 22:08:55 +05:30
Patrick
1086ca1a30
added template for CVE-2021-42551 ( #3541 )
...
* added template for CVE-2021-42551
* Update CVE-2021-42551.yaml
* Update CVE-2021-42551.yaml
* unbricked CVE-2021-42551
* additional page specific matcher
Co-authored-by: Patrick <patrick.schmid@redguard.ch>
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-16 19:01:29 +05:30
gy741
e5958c1364
Update tags ( #3538 )
2022-01-16 02:08:21 +05:30
GitHub Action
93337032a0
Auto Generated CVE annotations [Sat Jan 15 20:36:52 UTC 2022] 🤖
2022-01-15 20:36:52 +00:00
PikPikcU
7e0a3acf44
Create dreambox-xss ( #3535 )
...
* Create dreambox-xss.yaml
* Create dreambox-detect.yaml
* misc updates
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-16 02:05:33 +05:30
GitHub Action
ca79e7a81f
Auto Generated CVE annotations [Sat Jan 15 20:28:18 UTC 2022] 🤖
2022-01-15 20:28:18 +00:00
alph4byt3
2d28cebfee
Create CVE-2017-14135 ( #3534 )
...
* Create opendreambox-plugin-webadmin-rce.yaml
* Update opendreambox-plugin-webadmin-rce.yaml
* Update opendreambox-plugin-webadmin-rce.yaml
* Update opendreambox-plugin-webadmin-rce.yaml
* misc updates
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-16 01:56:51 +05:30
GitHub Action
d5e2eb7d41
Auto Generated CVE annotations [Sat Jan 15 19:05:39 UTC 2022] 🤖
2022-01-15 19:05:39 +00:00
GitHub Action
bc3fa19859
Auto Generated CVE annotations [Thu Jan 13 05:21:21 UTC 2022] 🤖
2022-01-13 05:21:21 +00:00
Muhammad Daffa
64cf0fa4ba
Rename maian cart rce ( #3532 )
...
* Update and rename vulnerabilities/other/maian-cart-preauth-rce.yaml to cves/2021/CVE-2021-32172.yaml
* Update CVE-2021-32172.yaml
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
2022-01-13 10:48:51 +05:30
Muhammad Daffa
0e39fd0103
Add some workflow templates ( #3521 )
...
* Add 27 workflow templates
* fixed Artifactory workflow
* Fixed Jetty workflow
* Fixed Moodle workflow
* Fixed Zabbix workflow
* Fixed DedeCMS workflow
* Fixed OFBiz workflow
* Fixed rConfig workflow
* Tag update for R-SeeNet workflow
* Add 3 token-spray templates
* format fixes
* Add workflow templates
* More workflows templates
* multiple workflow fixes
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
2022-01-12 18:19:54 +05:30
sandeep
5c471a6168
removing duplicate template
2022-01-12 17:28:47 +05:30
Prince Chaddha
4af56f0b06
Merge pull request #3512 from gy741/rule-add-v84
...
Create CVE-2014-3206.yaml
2022-01-11 14:59:23 +05:30
Prince Chaddha
e089bd841a
Update CVE-2014-3206.yaml
2022-01-11 14:57:24 +05:30
Prince Chaddha
a53ae7b694
Merge pull request #3518 from gy741/rule-add-v85
...
Create CVE-2021-20167.yaml
2022-01-11 14:54:05 +05:30
Prince Chaddha
74e8442c74
Update and rename CVE-2019-13396.yaml to cves/2019/CVE-2019-13396.yaml
2022-01-11 14:43:58 +05:30
Prince Chaddha
aa8fd16018
Merge pull request #3515 from Akokonunes/patch-104
...
Create CVE-2020-11529.yaml
2022-01-11 14:37:32 +05:30
Prince Chaddha
7f26b9e895
Update and rename CVE-2020-11529.yaml to cves/2020/CVE-2020-11529.yaml
2022-01-11 14:35:53 +05:30
GitHub Action
c40624e7d9
Auto Generated CVE annotations [Tue Jan 11 08:57:41 UTC 2022] 🤖
2022-01-11 08:57:41 +00:00
Prince Chaddha
5657bdb557
Merge pull request #3516 from pikpikcu/patch-315
...
Create CVE-2021–20837
2022-01-11 14:24:26 +05:30
Prince Chaddha
70677b3b5a
Update CVE-2021–20837.yaml
2022-01-11 14:12:04 +05:30
Prince Chaddha
9afd4bcfd8
Update CVE-2021-20167.yaml
2022-01-11 13:57:07 +05:30
Prince Chaddha
6ea0a7f492
Update CVE-2020-7136.yaml
2022-01-11 13:43:30 +05:30
GwanYeong Kim
351dc3e460
Create CVE-2020-7136.yaml
...
A security vulnerability in HPE Smart Update Manager (SUM) prior to version 8.5.6 could allow remote unauthorized access. Hewlett Packard Enterprise has provided a software update to resolve this vulnerability in HPE Smart Update Manager (SUM) prior to 8.5.6. Please visit the HPE Support Center at https://support.hpe.com/hpesc/public/home to download the latest version of HPE Smart Update Manager (SUM). Download the latest version of HPE Smart Update Manager (SUM) or download the latest Service Pack For ProLiant (SPP).
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-01-11 15:39:41 +09:00
GwanYeong Kim
d772fd884b
Create CVE-2021-20167.yaml
...
This vulnerability uses a combination of CVE-2021-20166 and CVE-2021-20167. Netgear RAX43 version 1.0.3.96 contains a command injection and authbypass vulnerability. The readycloud cgi application is vulnerable to command injection in the name parameter. and The URL parsing functionality in the cgi-bin endpoint of the router containers a buffer overrun issue that can redirection control flow of the applicaiton.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-01-11 15:00:56 +09:00
PikPikcU
83e431802e
Create CVE-2021–20837.yaml
2022-01-10 21:44:31 -05:00
Sandeep Singh
9e4d5f0d23
lint fixes
2022-01-10 21:20:16 +05:30
GwanYeong Kim
9435362025
Create CVE-2014-3206.yaml
...
Seagate BlackArmor NAS allows remote attackers to execute arbitrary code via the session parameter to localhost/backupmgt/localJob.php or the auth_name parameter to localhost/backupmgmt/pre_connect_check.php.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-01-10 21:44:45 +09:00
Muhammad Daffa
068d576d22
Update CVE-2020-8641.yaml ( #3505 )
2022-01-08 20:23:53 +05:30
Roberto Nunes
484d77de7c
Create CVE-2021-39501.yaml ( #3501 )
...
* Create CVE-2021-39501.yaml
* moving template to cves directory
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-08 17:00:19 +05:30
Roberto Nunes
691688fb66
Create CVE-2020-23015.yaml ( #3502 )
...
* Create CVE-2020-23015.yaml
* moving template to cves directory
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-08 16:52:50 +05:30
GitHub Action
451313a0af
Auto Generated CVE annotations [Sat Jan 8 10:57:43 UTC 2022] 🤖
2022-01-08 10:57:43 +00:00
JAS-37
0c7d13d152
add CVE-2021-31862 template ( #3491 )
...
* add CVE-2021-31862 template
* updated matchers
* Added SysAid panel + workflow
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-07 13:28:38 +05:30
Sandeep Singh
844c3b4a02
Network template updates & fixes ( #3497 )
...
* Fixed template syntax
* network template update and fixes
2022-01-07 12:58:37 +05:30
sandeep
945b4b1456
name update
2022-01-06 15:36:28 +05:30
Prince Chaddha
65703f0cc6
Merge pull request #3469 from ImNightmaree/patch-1
...
Update CVE-2017-11610.yaml
2022-01-06 14:00:23 +05:30