daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
7,775 Commits
12 Branches
0 Tags
148 MiB
Commit Graph

7775 Commits (28d568b88c89698dda6e440292f67007192d294c)

Author SHA1 Message Date
Prince Chaddha 28d568b88c
Update and rename longjing-technology-bems-api-lfi.yaml to bems-api-lfi.yaml 2021-08-03 19:55:25 +05:30
GwanYeong Kim 5fb6332bd9 Create longjing-technology-bems-api-lfi.yaml 
The application suffers from an unauthenticated arbitrary file download vulnerability. Input passed through the fileName parameter through downloads endpoint is not properly verified before being used to download files. This can be exploited to disclose the contents of arbitrary and sensitive files through directory traversal attacks.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2021-08-03 21:52:14 +09:00
Prince Chaddha 41b06a2ed7
Merge pull request #2216 from pikpikcu/patch-223 
Add Zimbra XSS
 2021-08-03 13:22:42 +05:30
Prince Chaddha c4acd62307
Update CVE-2018-14013.yaml 2021-08-03 13:13:57 +05:30
Prince Chaddha 1c83792023
Merge pull request #2314 from daffainfo/patch-126 
Create CVE-2018-20470.yaml
 2021-08-03 13:08:36 +05:30
Prince Chaddha 4076f1c08c
Merge pull request #2315 from daffainfo/patch-127 
Create CVE-2018-19458.yaml
 2021-08-03 12:39:22 +05:30
Sandeep Singh 9293c68189
Merge pull request #2317 from pikpikcu/patch-244 
Update jellyfin-detect
 2021-08-03 12:36:45 +05:30
PikPikcU e2a95c2a78
Update jellyfin-detect.yaml 2021-08-03 11:28:37 +07:00
Muhammad Daffa 6e13d833ef
Create CVE-2018-19458.yaml 2021-08-03 06:20:58 +07:00
Muhammad Daffa 02d3258f2a
Create CVE-2018-20470.yaml 2021-08-03 06:19:42 +07:00
GitHub Action 4e026979a9 Auto Update README [Mon Aug 2 18:54:22 UTC 2021] 🤖 2021-08-02 18:54:22 +00:00
GitHub Action 4f123f0109 Auto Generated Templates Stats [Mon Aug 2 18:53:33 UTC 2021] 🤖 2021-08-02 18:53:33 +00:00
Sandeep Singh 27d7c7f41c
Merge pull request #2313 from toufik-airane/patch-3 
Update CONTRIBUTING.md
 2021-08-03 00:15:19 +05:30
sandeep ad7756317d Added missing condition 2021-08-03 00:14:33 +05:30
Toufik Airane b64e0323bf
Update CONTRIBUTING.md 2021-08-02 20:44:27 +02:00
sandeep e2b20b8f01 Adding metadata 2021-08-02 23:16:05 +05:30
Sandeep Singh 249c39af51
Merge pull request #2299 from httpvoid/master 
Add CVE-2021-29484 - Ghost CMS DOM XSS
 2021-08-02 23:13:22 +05:30
Sandeep Singh a8d92c4d5e
Merge pull request #2218 from pikpikcu/patch-224 
Create dolibarr-detect
 2021-08-02 23:12:21 +05:30
Sandeep Singh d5c79d6ee6
Merge pull request #2312 from geeknik/patch-2 
Update general-tokens.yaml
 2021-08-02 23:07:45 +05:30
Harsh Jaiswal 3f8e3ce2d0
Update cves/2021/CVE-2021-29484.yaml 
Co-authored-by: Toufik Airane <toufik.airane@appsectribe.com>
 2021-08-02 23:05:35 +05:30
Geeknik Labs a02ae7bef7
Update general-tokens.yaml 2021-08-02 12:27:07 -05:00
Geeknik Labs 61bb675add
Update general-tokens.yaml 
squashing false positives
 2021-08-02 12:25:54 -05:00
Prince Chaddha 1939842ab6
Merge pull request #2219 from pikpikcu/patch-225 
Add Dolibarr xss
 2021-08-02 22:32:24 +05:30
Prince Chaddha f924e58b8e
Update CVE-2018-10095.yaml 2021-08-02 22:31:01 +05:30
Prince Chaddha dca1dd56b1
Merge pull request #2220 from pikpikcu/patch-226 
Add Grav CMS XSS
 2021-08-02 22:26:37 +05:30
Prince Chaddha 2491a6a4b7
Merge pull request #2227 from Udyz/patch-5 
Create hasura-graphql-sql-exec.yaml
 2021-08-02 22:25:31 +05:30
Prince Chaddha e359b030f2
Update CVE-2018-5233.yaml 2021-08-02 22:25:21 +05:30
Prince Chaddha 4e976706b8
Update hasura-graphql-psql-exec.yaml 2021-08-02 22:18:41 +05:30
Prince Chaddha 204cf337c8
Update hasura-graphql-psql-exec.yaml 2021-08-02 22:15:52 +05:30
Prince Chaddha 6102421e22
Update hasura-graphql-ssrf.yaml 2021-08-02 22:03:12 +05:30
Prince Chaddha df1348ee5c
Merge pull request #2232 from daffainfo/patch-112 
Create CVE-2014-8799.yaml
 2021-08-02 22:00:52 +05:30
Prince Chaddha f93858622d
Update CVE-2014-8799.yaml 2021-08-02 21:59:27 +05:30
Sandeep Singh 18722cd4f4
Merge pull request #2311 from gy741/rule-add-v48 
Create CVE-2020-27361.yaml
 2021-08-02 21:56:57 +05:30
Prince Chaddha 347a850911
Merge pull request #2233 from pikpikcu/patch-232 
Add Tiki Wiki CMS Groupware XSS
 2021-08-02 21:48:20 +05:30
GwanYeong Kim 8627aadce0 Create CVE-2020-27361.yaml 
An issue exists within Akkadian Provisioning Manager 4.50.02 which allows attackers to view sensitive information within the /pme subdirectories.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2021-08-03 01:17:48 +09:00
Prince Chaddha 7d0e2be80a
Update CVE-2011-4336.yaml 2021-08-02 21:47:19 +05:30
Prince Chaddha 03077a9ca2
Update tikiwiki-reflected-xss.yaml 2021-08-02 21:44:48 +05:30
Prince Chaddha 1a84f0ed26
Update tikiwiki-cms.yaml 2021-08-02 21:44:34 +05:30
Prince Chaddha a7f26379b0
Update dom-xss.yaml 2021-08-02 21:20:22 +05:30
Prince Chaddha b3ef00c9cc
Merge pull request #2251 from geeknik/patch-2 
Create dom-xss.yaml
 2021-08-02 21:19:15 +05:30
Prince Chaddha 7aa7401f3a
Merge pull request #2278 from gy741/rule-add-v44 
Create CVE-2021-21816.yaml
 2021-08-02 21:17:00 +05:30
Prince Chaddha 992d94527e
Merge pull request #2307 from daffainfo/master 
Fix regex slack webhook
 2021-08-02 21:15:46 +05:30
Sandeep Singh 0b50b32b51
Merge pull request #2310 from geeknik/patch-6 
Update general-tokens.yaml
 2021-08-02 21:02:50 +05:30
Prince Chaddha 9f8d31200f
Merge pull request #2263 from pdelteil/patch-35 
Create jenkins-script.yaml
 2021-08-02 20:59:12 +05:30
Prince Chaddha 451aca42f9
Update jenkins-script.yaml 2021-08-02 20:57:19 +05:30
Geeknik Labs 3c713144d4
Update general-tokens.yaml 
fix more fp
 2021-08-02 10:17:06 -05:00
Sandeep Singh 72afa96bf3
Merge pull request #2309 from projectdiscovery/wordpress-gotmls-detect 
Added wordpress-gotmls-detect
 2021-08-02 20:08:02 +05:30
sandeep 6b0f2fb9b7 Update wordpress-gotmls-detect.yaml 2021-08-02 20:06:23 +05:30
sandeep b4eb7e05dc Added wordpress-gotmls-detect 2021-08-02 20:04:36 +05:30
Sandeep Singh 01feb09b37
Merge pull request #2308 from projectdiscovery/CVE-2021-27561 
Added CVE-2021-27561
 2021-08-02 18:28:36 +05:30