Prince Chaddha
9e3473d55f
Update and rename laravel-ignition-xss.yaml to vulnerabilities/laravel/laravel-ignition-xss.yaml
2022-01-27 14:45:41 +05:30
Sullo
9a8482172d
Remove:
...
- various nonstandard ascii chars in favor of the standard ones (mostly quotes)
- spaces after : in some files
2022-01-25 14:38:53 -05:00
Prince Chaddha
e5b30f69d1
Update and rename vulnerabilities/JavaMelody/java-melody-xss.yaml to vulnerabilities/other/java-melody-xss.yaml
2022-01-24 13:15:23 +05:30
corrupted-brain
de36b9a5c6
Added JavaMelody-xss Template
2022-01-21 23:04:43 +05:45
Prince Chaddha
5357d884b4
Update and rename rusty_joomla.yaml to rusty-joomla.yaml
2022-01-21 12:39:28 +05:30
Sandeep Singh
1b0c7f1b7f
CVE-2021-22205 update ( #3568 )
...
*moved cves/2021/CVE-2021-22205.yaml to vulnerabilities/gitlab/gitlab-rce.yaml
*template extension update + added missing severity + misc updates
2022-01-20 14:25:57 +05:30
Valerio Preti
be75b507ab
Create check for Rusty Joomla RCE
2022-01-20 09:39:19 +01:00
sandeep
7c30910d69
Added missing request
2022-01-18 10:46:50 +05:30
Evan Rubinstein
ae3e6c0c21
Merge branch 'projectdiscovery:master' into master
2022-01-16 23:24:58 -05:00
Sandeep Singh
02c01d30da
Added MeterSphere Plugin Pre-auth RCE ( #3543 )
2022-01-16 03:06:09 +05:30
gy741
e5958c1364
Update tags ( #3538 )
2022-01-16 02:08:21 +05:30
Muhammad Daffa
0a651c182f
Update tags ( #3530 )
2022-01-13 10:49:53 +05:30
Muhammad Daffa
5ea92bcb0f
Update tags woocommerce ( #3531 )
2022-01-13 10:49:26 +05:30
Muhammad Daffa
64cf0fa4ba
Rename maian cart rce ( #3532 )
...
* Update and rename vulnerabilities/other/maian-cart-preauth-rce.yaml to cves/2021/CVE-2021-32172.yaml
* Update CVE-2021-32172.yaml
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
2022-01-13 10:48:51 +05:30
Prince Chaddha
33d009da24
Update xerox-efi-lfi.yaml
2022-01-10 12:07:06 +05:30
GwanYeong Kim
9befbf0654
Create xerox-efi-lfi.yaml
...
Input passed thru the 'file' GET parameter in 'forceSave.php' script is not properly sanitized before being used to read files. This can be exploited by an unauthenticated attacker to read arbitrary files on the affected system.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-01-09 15:39:39 +09:00
Sandeep Singh
844c3b4a02
Network template updates & fixes ( #3497 )
...
* Fixed template syntax
* network template update and fixes
2022-01-07 12:58:37 +05:30
Sandeep Singh
365e9003b1
Template ID's update ( #3490 )
2022-01-06 17:21:21 +05:30
ImNightmaree
c5723bdf55
Renames vulnerabilities/other/WooYun2015-148227 ( #3488 )
...
Swaps capitalization to all lowercase, as Linux filesystems don't handle capitalization well which may result in this file being skipped.
2022-01-06 12:00:31 +05:30
Pathtaga
e281e5bf88
Updated all templates tags with technologies ( #3478 )
...
* Updated tags for template sonicwall-email-security-detect.yaml
* Updated tags for template detect-sentry.yaml
* Updated tags for template kong-detect.yaml
* Updated tags for template openam-detect.yaml
* Updated tags for template shiro-detect.yaml
* Updated tags for template iplanet-web-server.yaml
* Updated tags for template graylog-api-browser.yaml
* Updated tags for template prtg-detect.yaml
* Updated tags for template node-red-detect.yaml
* Updated tags for template abyss-web-server.yaml
* Updated tags for template geo-webserver.yaml
* Updated tags for template autobahn-python-detect.yaml
* Updated tags for template default-lighttpd-page.yaml
* Updated tags for template microsoft-iis-8.yaml
* Updated tags for template lucee-detect.yaml
* Updated tags for template php-proxy-detect.yaml
* Updated tags for template jenkins-detect.yaml
* Updated tags for template cockpit-detect.yaml
* Updated tags for template csrfguard-detect.yaml
* Updated tags for template dwr-index-detect.yaml
* Updated tags for template netsweeper-webadmin-detect.yaml
* Updated tags for template weblogic-detect.yaml
* Updated tags for template s3-detect.yaml
* Updated tags for template tileserver-gl.yaml
* Updated tags for template springboot-actuator.yaml
* Updated tags for template terraform-detect.yaml
* Updated tags for template redmine-cli-detect.yaml
* Updated tags for template mrtg-detect.yaml
* Updated tags for template tableau-server-detect.yaml
* Updated tags for template magmi-detect.yaml
* Updated tags for template oidc-detect.yaml
* Updated tags for template tor-socks-proxy.yaml
* Updated tags for template synology-web-station.yaml
* Updated tags for template herokuapp-detect.yaml
* Updated tags for template gunicorn-detect.yaml
* Updated tags for template sql-server-reporting.yaml
* Updated tags for template google-bucket-service.yaml
* Updated tags for template kubernetes-mirantis.yaml
* Updated tags for template kubernetes-enterprise-manager.yaml
* Updated tags for template oracle-iplanet-web-server.yaml
* Updated tags for template dell-idrac7-detect.yaml
* Updated tags for template dell-idrac6-detect.yaml
* Updated tags for template dell-idrac9-detect.yaml
* Updated tags for template dell-idrac8-detect.yaml
* Updated tags for template apache-guacamole.yaml
* Updated tags for template aws-cloudfront-service.yaml
* Updated tags for template aws-bucket-service.yaml
* Updated tags for template nginx-linux-page.yaml
* Updated tags for template telerik-fileupload-detect.yaml
* Updated tags for template telerik-dialoghandler-detect.yaml
* Updated tags for template htaccess-config.yaml
* Updated tags for template microsoft-azure-error.yaml
* Updated tags for template detect-options-method.yaml
* Updated tags for template unpatched-coldfusion.yaml
* Updated tags for template moodle-changelog.yaml
* Updated tags for template detect-dns-over-https.yaml
* Updated tags for template CVE-2019-19134.yaml
* Updated tags for template CVE-2019-3929.yaml
* Updated tags for template CVE-2019-19908.yaml
* Updated tags for template CVE-2019-10475.yaml
* Updated tags for template CVE-2019-17382.yaml
* Updated tags for template CVE-2019-16332.yaml
* Updated tags for template CVE-2019-14974.yaml
* Updated tags for template CVE-2019-19368.yaml
* Updated tags for template CVE-2019-12725.yaml
* Updated tags for template CVE-2019-15501.yaml
* Updated tags for template CVE-2019-9733.yaml
* Updated tags for template CVE-2019-14322.yaml
* Updated tags for template CVE-2019-9955.yaml
* Updated tags for template CVE-2019-0230.yaml
* Updated tags for template CVE-2019-10232.yaml
* Updated tags for template CVE-2019-17506.yaml
* Updated tags for template CVE-2019-8449.yaml
* Updated tags for template CVE-2019-12593.yaml
* Updated tags for template CVE-2019-10092.yaml
* Updated tags for template CVE-2019-1821.yaml
* Updated tags for template CVE-2019-3401.yaml
* Updated tags for template CVE-2019-16662.yaml
* Updated tags for template CVE-2019-5418.yaml
* Updated tags for template CVE-2016-4975.yaml
* Updated tags for template CVE-2016-1000137.yaml
* Updated tags for template CVE-2016-7552.yaml
* Updated tags for template CVE-2016-10956.yaml
* Updated tags for template CVE-2016-1000146.yaml
* Updated tags for template CVE-2013-2251.yaml
* Updated tags for template CVE-2013-1965.yaml
* Updated tags for template CVE-2014-2323.yaml
* Updated tags for template CVE-2014-5111.yaml
* Updated tags for template CVE-2014-2962.yaml
* Updated tags for template CVE-2014-4561.yaml
* Updated tags for template CVE-2014-4558.yaml
* Updated tags for template CVE-2014-3120.yaml
* Updated tags for template CVE-2007-5728.yaml
* Updated tags for template CVE-2009-4679.yaml
* Updated tags for template CVE-2009-1558.yaml
* Updated tags for template CVE-2009-4202.yaml
* Updated tags for template CVE-2009-0932.yaml
* Updated tags for template CVE-2015-2068.yaml
* Updated tags for template CVE-2015-8813.yaml
* Updated tags for template CVE-2015-7450.yaml
* Updated tags for template CVE-2015-2067.yaml
* Updated tags for template CVE-2015-3306.yaml
* Updated tags for template CVE-2015-3337.yaml
* Updated tags for template CVE-2015-1427.yaml
* Updated tags for template CVE-2015-1503.yaml
* Updated tags for template CVE-2015-1880.yaml
* Updated tags for template CVE-2018-3810.yaml
* Updated tags for template CVE-2018-18069.yaml
* Updated tags for template CVE-2018-17246.yaml
* Updated tags for template CVE-2018-10141.yaml
* Updated tags for template CVE-2018-16341.yaml
* Updated tags for template CVE-2018-18777.yaml
* Updated tags for template CVE-2018-15138.yaml
* Updated tags for template CVE-2018-11784.yaml
* Updated tags for template CVE-2018-16299.yaml
* Updated tags for template CVE-2018-7251.yaml
* Updated tags for template CVE-2018-1273.yaml
* Updated tags for template CVE-2018-1271.yaml
* Updated tags for template CVE-2018-11759.yaml
* Updated tags for template CVE-2018-3167.yaml
* Updated tags for template CVE-2018-7490.yaml
* Updated tags for template CVE-2018-2628.yaml
* Updated tags for template CVE-2018-13380.yaml
* Updated tags for template CVE-2018-2893.yaml
* Updated tags for template CVE-2018-5316.yaml
* Updated tags for template CVE-2018-20985.yaml
* Updated tags for template CVE-2018-10818.yaml
* Updated tags for template CVE-2018-1000861.yaml
* Updated tags for template CVE-2018-0296.yaml
* Updated tags for template CVE-2018-19458.yaml
* Updated tags for template CVE-2018-3760.yaml
* Updated tags for template CVE-2018-12998.yaml
* Updated tags for template CVE-2018-9118.yaml
* Updated tags for template CVE-2018-1000130.yaml
* Updated tags for template CVE-2008-6668.yaml
* Updated tags for template CVE-2017-7269.yaml
* Updated tags for template CVE-2017-1000170.yaml
* Updated tags for template CVE-2017-16877.yaml
* Updated tags for template CVE-2017-1000486.yaml
* Updated tags for template CVE-2017-9822.yaml
* Updated tags for template CVE-2017-0929.yaml
* Updated tags for template CVE-2017-7921.yaml
* Updated tags for template CVE-2017-14535.yaml
* Updated tags for template CVE-2017-5521.yaml
* Updated tags for template CVE-2017-12637.yaml
* Updated tags for template CVE-2017-12635.yaml
* Updated tags for template CVE-2017-11610.yaml
* Updated tags for template CVE-2021-20114.yaml
* Updated tags for template CVE-2021-40856.yaml
* Updated tags for template CVE-2021-21972.yaml
* Updated tags for template CVE-2021-31602.yaml
* Updated tags for template CVE-2021-41773.yaml
* Updated tags for template CVE-2021-37704.yaml
* Updated tags for template CVE-2021-45046.yaml
* Updated tags for template CVE-2021-26084.yaml
* Updated tags for template CVE-2021-27931.yaml
* Updated tags for template CVE-2021-24291.yaml
* Updated tags for template CVE-2021-41648.yaml
* Updated tags for template CVE-2021-37216.yaml
* Updated tags for template CVE-2021-22005.yaml
* Updated tags for template CVE-2021-37573.yaml
* Updated tags for template CVE-2021-31755.yaml
* Updated tags for template CVE-2021-43287.yaml
* Updated tags for template CVE-2021-24274.yaml
* Updated tags for template CVE-2021-33564.yaml
* Updated tags for template CVE-2021-22145.yaml
* Updated tags for template CVE-2021-24237.yaml
* Updated tags for template CVE-2021-44848.yaml
* Updated tags for template CVE-2021-25646.yaml
* Updated tags for template CVE-2021-21816.yaml
* Updated tags for template CVE-2021-41649.yaml
* Updated tags for template CVE-2021-41291.yaml
* Updated tags for template CVE-2021-41293.yaml
* Updated tags for template CVE-2021-21801.yaml
* Updated tags for template CVE-2021-29156.yaml
* Updated tags for template CVE-2021-34370.yaml
* Updated tags for template CVE-2021-27132.yaml
* Updated tags for template CVE-2021-28151.yaml
* Updated tags for template CVE-2021-26812.yaml
* Updated tags for template CVE-2021-21985.yaml
* Updated tags for template CVE-2021-43778.yaml
* Updated tags for template CVE-2021-25281.yaml
* Updated tags for template CVE-2021-40539.yaml
* Updated tags for template CVE-2021-36749.yaml
* Updated tags for template CVE-2021-21234.yaml
* Updated tags for template CVE-2021-33221.yaml
* Updated tags for template CVE-2021-42013.yaml
* Updated tags for template CVE-2021-33807.yaml
* Updated tags for template CVE-2021-44228.yaml
* Updated tags for template CVE-2012-0896.yaml
* Updated tags for template CVE-2012-0991.yaml
* Updated tags for template CVE-2012-0392.yaml
* Updated tags for template CVE-2012-4940.yaml
* Updated tags for template CVE-2012-1226.yaml
* Updated tags for template CVE-2012-4878.yaml
* Updated tags for template CVE-2010-1304.yaml
* Updated tags for template CVE-2010-1217.yaml
* Updated tags for template CVE-2010-0759.yaml
* Updated tags for template CVE-2010-2307.yaml
* Updated tags for template CVE-2010-4231.yaml
* Updated tags for template CVE-2010-2861.yaml
* Updated tags for template CVE-2010-4282.yaml
* Updated tags for template CVE-2010-1302.yaml
* Updated tags for template CVE-2010-1461.yaml
* Updated tags for template CVE-2020-4463.yaml
* Updated tags for template CVE-2020-1943.yaml
* Updated tags for template CVE-2020-36289.yaml
* Updated tags for template CVE-2020-17518.yaml
* Updated tags for template CVE-2020-12800.yaml
* Updated tags for template CVE-2020-10770.yaml
* Updated tags for template CVE-2020-17506.yaml
* Updated tags for template CVE-2020-11547.yaml
* Updated tags for template CVE-2020-11034.yaml
* Updated tags for template CVE-2020-24589.yaml
* Updated tags for template CVE-2020-9054.yaml
* Updated tags for template CVE-2020-28976.yaml
* Updated tags for template CVE-2020-16952.yaml
* Updated tags for template CVE-2020-24312.yaml
* Updated tags for template CVE-2020-8512.yaml
* Updated tags for template CVE-2020-14179.yaml
* Updated tags for template CVE-2020-6308.yaml
* Updated tags for template CVE-2020-35846.yaml
* Updated tags for template CVE-2020-7318.yaml
* Updated tags for template CVE-2020-2140.yaml
* Updated tags for template CVE-2020-5410.yaml
* Updated tags for template CVE-2020-5777.yaml
* Updated tags for template CVE-2020-13700.yaml
* Updated tags for template CVE-2020-5775.yaml
* Updated tags for template CVE-2020-13167.yaml
* Updated tags for template CVE-2020-35848.yaml
* Updated tags for template CVE-2020-9484.yaml
* Updated tags for template CVE-2020-15505.yaml
* Updated tags for template CVE-2020-9047.yaml
* Updated tags for template CVE-2020-17519.yaml
* Updated tags for template CVE-2020-17505.yaml
* Updated tags for template CVE-2020-9376.yaml
* Updated tags for template CVE-2020-8497.yaml
* Updated tags for template CVE-2020-14092.yaml
* Updated tags for template CVE-2020-10148.yaml
* Updated tags for template CVE-2020-35847.yaml
* Updated tags for template CVE-2020-12116.yaml
* Updated tags for template CVE-2020-11930.yaml
* Updated tags for template CVE-2020-24186.yaml
* Updated tags for template CVE-2020-9496.yaml
* Updated tags for template CVE-2020-35489.yaml
* Updated tags for template CVE-2020-26413.yaml
* Updated tags for template CVE-2020-2096.yaml
* misc updates
* misc update
* more updates
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-05 01:04:16 +05:30
Prince Chaddha
3357141838
Merge pull request #3425 from Akokonunes/patch-96
...
Create accent-microcomputers-lfi.yaml
2022-01-03 10:29:56 +05:30
Prince Chaddha
7ab7eca6ef
Merge pull request #3426 from Akokonunes/patch-97
...
Create sofneta-mecdream-pacs-server-lfi.yaml
2022-01-03 10:29:46 +05:30
Prince Chaddha
2ed4e8a966
Merge pull request #3421 from pikpikcu/patch-311
...
Create sponip-network-system-ping-rce
2022-01-03 10:28:00 +05:30
Prince Chaddha
ba686ad67f
Update and rename accent-microcomputers-lfi.yaml to vulnerabilities/other/accent-microcomputers-lfi.yaml
2022-01-03 10:24:12 +05:30
Prince Chaddha
b70b9bcbf1
Update and rename sofneta-mecdream-pacs-server-lfi.yaml to sofneta-mecdream-pacs-lfi.yaml
2022-01-03 10:21:00 +05:30
Prince Chaddha
139b04c9b6
Update and rename jinfornet-jreport-lfi.yaml to vulnerabilities/other/jinfornet-jreport-lfi.yaml
2022-01-03 10:01:12 +05:30
Muhammad Daffa
c83d035fff
Seperate technology template ( #3430 )
...
* Edit magmi workflow
* Add some workflow template + edit some template
* Changing some templates
* minor update
* workflow matcher fixes
* tech update
* Seperate technology template
* Update metabase-panel.yaml
* Update lucee-detect.yaml
* Update oneblog-detect.yaml
* Update dolibarr-panel.yaml
* Update dolibarr-panel.yaml
* Update dolibarr-panel.yaml
* Update gespage-panel.yaml
* Update gespage-panel.yaml
* Update mautic-crm-panel.yaml
* Update kibana-panel.yaml
* Update metabase-panel.yaml
* Update home-assistant-detect.yaml
* Update jitsi-meet-detect.yaml
* Update lucee-detect.yaml
* Update gotmls-plugin-lfi.yaml
* Update and rename technologies/opencast-detect.yaml to exposed-panels/opencast-detect.yaml
* duplicate template - cves/2020/CVE-2020-11738.yaml
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
2021-12-31 17:57:46 +05:30
Exid
80489bce76
Added wordpress-xmlrpc-brute-force.yaml ( #3445 )
...
* wp-xmlrpc-brute-force.yaml file was added
A Nuclei template for bruteforcing username and password through XMLRPC.
* wp-xmlrpc-brute-force.yaml file added
A Nuclei template for wordpress username and password Bruteforcing throught xmlrpc.php
* wp-xmlrpc-brute-force.yaml file added
A Nuclei template for wordpress username and password Bruteforcing throught xmlrpc.php
* Revert "wp-xmlrpc-brute-force.yaml file was added"
This reverts commit c0e4ca75a6ddbcf65e9443849a05c7b8f2625af9.
* few fixes
* Added wordpress user and pass list
* improved matcher
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2021-12-29 22:04:23 +05:30
Sandeep Singh
d6da741663
IBM WebSphere Portal SSRF ( #3442 )
...
* Added IBM WebSphere Portal SSRF Detection
* Added IBM WebSphere Panel detection
* moving templates around
2021-12-29 17:32:10 +05:30
Prince Chaddha
cb9fdbd7cc
Update and rename sofneta-mecdream-pacs-server-lfi.yaml to vulnerabilities/other/sofneta-mecdream-pacs-server-lfi.yaml
2021-12-29 11:28:09 +05:30
Prince Chaddha
4ba5e931cc
Update sl-studio-lfi.yaml
2021-12-29 09:20:13 +05:30
Prince Chaddha
b7974b288e
Update and rename sl-studio-lfi.yaml to vulnerabilities/other/sl-studio-lfi.yaml
2021-12-29 09:16:32 +05:30
Emad Youssef
ce7b60d79c
Update open-redirect.yaml ( #3404 )
...
* Update open-redirect.yaml
add new payloads
* minor update
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2021-12-26 20:53:11 +05:30
Prince Chaddha
955c71fa50
Update sponip-network-system-ping-rce.yaml
2021-12-24 20:24:40 +05:30
PikPikcU
51843e1e62
Create sponip-network-system-ping-rce.yaml
2021-12-24 09:30:31 -05:00
Prince Chaddha
0ddd4c7911
Update and rename dicoogle-pacs-lfi.yaml to vulnerabilities/other/dicoogle-pacs-lfi.yaml
2021-12-24 19:23:04 +05:30
johnk3r
fa99cba4b3
Create vmware-horizon-log4j-jndi-rce.yaml ( #3403 )
...
* Create vmware-horizon-log4j-jndi-rce.yaml
* Update vmware-horizon-log4j-jndi-rce.yaml
* Update vmware-horizon-log4j-jndi-rce.yaml
* minor update
* minor update
* Added VMware Horizon detection
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2021-12-23 22:30:08 +05:30
niudaii
8289e92291
Fixed h3c-imc-rce.yaml ( #3401 )
...
* Fixed h3c-imc-rce.yaml
* Update h3c-imc-rce.yaml
* Additional payload for windows
Co-authored-by: niudai <niudai@zp857s-mbp.local>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2021-12-23 20:23:42 +05:30
Sandeep Singh
c57984b8f8
Added UniFi Network Log4j JNDI RCE ( #3402 )
...
Co-Authored-By: KrE80r <13027962+KrE80r@users.noreply.github.com>
Co-authored-by: KrE80r <13027962+KrE80r@users.noreply.github.com>
2021-12-23 08:57:03 +05:30
Melvin
7933cfc470
Removing extra space from raw HTTP request
...
Should prevent issues with parsing this request
2021-12-22 13:33:51 +01:00
Prince Chaddha
a511dac237
Merge pull request #3354 from DhiyaneshGeek/master
...
Create wordpress-ssrf-oembed.yaml
2021-12-21 18:48:42 +05:30
Prince Chaddha
6e6349205d
Update and rename pacsone-server-6-6-2-lfi.yaml to vulnerabilities/other/pacsone-server-lfi.yaml
2021-12-21 17:32:19 +05:30
Sandeep Singh
7a5cdc2bc3
Added ServiceNow Helpdesk Credential Exposure ( #3371 )
...
* Added ServiceNow Helpdesk Credential Exposure
Co-Authored-By: JP <19959240+jordanpotti@users.noreply.github.com>
* matcher update
Co-authored-by: JP <19959240+jordanpotti@users.noreply.github.com>
2021-12-19 23:42:01 +05:30
Sandeep Singh
4af3a04b3c
Apache OFBiz Log4j JNDI RCE ( #3374 )
...
* Added Apache OFBiz Log4j JNDI RCE
* fixed matcher to match hostname in both cases
2021-12-18 15:46:49 +05:30
Prince Chaddha
dcf3f57bdf
Merge pull request #3373 from projectdiscovery/princechaddha-patch-2
...
Create global-domains-xss.yaml
2021-12-18 15:02:06 +05:30
Prince Chaddha
71027cbc79
Merge pull request #3357 from Akokonunes/patch-90
...
Create global-domains-lfi.yaml
2021-12-18 14:52:35 +05:30
Prince Chaddha
3b067a1aca
Create global-domains-xss.yaml
2021-12-18 14:51:08 +05:30
Prince Chaddha
0f40857119
Update and rename global-domains-lfi.yaml to vulnerabilities/other/global-domains-lfi.yaml
2021-12-18 14:43:28 +05:30
Prince Chaddha
9a4941d995
Merge pull request #3356 from Akokonunes/patch-89
...
Create groupoffice-lfi.yaml
2021-12-18 14:33:42 +05:30
Prince Chaddha
7b39972bfd
Merge pull request #3367 from gy741/rule-add-v80
...
Create oliver-library-server-lfi.yaml
2021-12-18 14:33:23 +05:30
Prince Chaddha
d911551318
Merge pull request #3358 from Akokonunes/patch-91
...
Create asanhamayesh-cms-lfi.yaml
2021-12-18 14:32:12 +05:30
Prince Chaddha
c6521085b7
Update groupoffice-lfi.yaml
2021-12-18 14:32:09 +05:30
Prince Chaddha
4747277a4e
Update and rename asanhamayesh-cms-lfi.yaml to vulnerabilities/other/asanhamayesh-lfi.yaml
2021-12-18 14:28:39 +05:30
Prince Chaddha
35faabd29f
Update and rename groupoffice-lfi.yaml to vulnerabilities/other/groupoffice-lfi.yaml
2021-12-18 14:26:46 +05:30
Prince Chaddha
8afbfdc8dc
Update and rename oliver-library-server-lfi.yaml to oliver-library-lfi.yaml
2021-12-18 14:23:57 +05:30
GwanYeong Kim
4fdb934da0
Create oliver-library-server-lfi.yaml
...
An arbitrary file download vulnerability in Oliver v5 Library Server Versions < 8.00.008.053 via the FileServlet function allows for arbitrary file download by an attacker using unsanitized user supplied input.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-12-18 10:55:28 +09:00
meme-lord
09324d1be7
Added MobileIron log4j template ( #3355 )
...
* Added MobileIron log4j
* misc updates
Co-authored-by: meme-lord <17912559+meme-lord@users.noreply.github.com>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2021-12-16 22:37:32 +05:30
sandeep
fdeb2b8500
Merge branch 'master' of https://github.com/DhiyaneshGeek/nuclei-templates into pr/3354
2021-12-16 14:32:14 +05:30
Dhiyaneshwaran
7670d1d6b8
Update wordpress-ssrf-oembed.yaml
2021-12-16 14:28:12 +05:30
sandeep
1cfc899a27
update: lint fix
2021-12-16 14:25:00 +05:30
Dhiyaneshwaran
77441c0d81
Update wordpress-ssrf-oembed.yaml
2021-12-16 14:24:56 +05:30
Dhiyaneshwaran
0047b611cf
Update wordpress-ssrf-oembed.yaml
2021-12-16 14:21:53 +05:30
Dhiyaneshwaran
499fe055bf
Create wordpress-ssrf-oembed.yaml
2021-12-16 13:48:34 +05:30
sandeep
39a71c641a
update: added more reference
2021-12-15 21:20:18 +05:30
Evan Rubinstein
11fe2fdfee
Added apache-solr-log4j RCE ( #3336 )
...
* update: added apache-solr-log4j-rce
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
Co-authored-by: GitHub Action <action@github.com>
2021-12-15 21:15:43 +05:30
Sandeep Singh
d9ed21458f
Added VMware VCenter Log4j JNDI RCE ( #3340 )
...
* Added VMware VCenter Log4j JNDI RCE
Co-Authored-By: FQ Hsu <fanqxu@gmail.com>
* update: removed static UA
Co-Authored-By: FQ Hsu <fanqxu@gmail.com>
Co-authored-by: FQ Hsu <fanqxu@gmail.com>
2021-12-14 21:27:30 +05:30
sandeep
c9ddd7a0ae
update: id + reference update
2021-12-14 21:07:46 +05:30
Evan Rubinstein
dddb0bbb82
Added CVE-2021-24997 ( #3298 )
...
* Added CVE-39226
* Added CVE-39226
* Delete CVE-39226.yaml
* Renamed CVE-39226 to CVE-2021-39226
Fixed naming error
* Added Wp-Guppy-Information-Disclosure template
* Removed File
Found better descriptor
* Added CVE-2021-24997
Added WordPress Guppy Information Disclosure CVE
* Fixed CVE-2021-24997
Fixed YAML formatting
* Fixed Typo
URL Path had an extra double quote
* Auto Generated Templates Stats [Wed Dec 8 23:07:24 UTC 2021] 🤖
* Deleted Blank Space
* Update CVE-2021-24997.yaml
* Update CVE-2021-24997.yaml
* Update CVE-2021-24997.yaml
* Update CVE-2021-24997.yaml
* Added CVE-2021-43496
* Update CVE-2021-43496.yaml
* fix: syntax update
* Added New Vuln
* Update CVE-2021-24997.yaml
* Update CVE-2021-43496.yaml
* Update and rename hd-netowrk-realtime-monitor-system-LFI.yaml to hdnetwork-realtime-lfi.yaml
* fix: lints update
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
Co-authored-by: GitHub Action <action@github.com>
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
2021-12-14 02:22:26 +05:30
sandeep
51944ab6a2
fix: lints update
2021-12-14 02:14:35 +05:30
sandeep
5bdd98f32d
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into pr/3298
2021-12-14 02:05:35 +05:30
Prince Chaddha
6b007f48e7
Update and rename hd-netowrk-realtime-monitor-system-LFI.yaml to hdnetwork-realtime-lfi.yaml
2021-12-14 00:47:37 +05:30
pudsec
8cac8b5a36
Update open-redirect.yaml ( #3333 )
2021-12-13 20:42:06 +05:30
S Bani
b76dbf91c6
Add Another Redirect Payload and Extend the Regex to Recognize it ( #3299 )
...
* Fix Open Redirect Header Regex
The regex was missing the correct escaping for special char `/`
* Add New General Open Redirect
There's another option for open redirects. I tested it in FF and Chrome.
* Update Location Redirect Regex
* update: mix changes
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2021-12-13 20:38:21 +05:30
Evan Rubinstein
030cfe89b9
Merge branch 'master' into master
2021-12-13 05:07:57 -05:00
Evan Rubinstein
f52b1f0d55
Added New Vuln
2021-12-13 05:01:48 -05:00
Prince Chaddha
79a95a56d7
Update and rename pieregister-plugin-open-redirect.yaml to vulnerabilities/wordpress/pieregister-open-redirect.yaml
2021-12-12 16:59:16 +05:30
Dwi Siswanto
6a4bbdf93a
Update Grafana Arbitrary File Read ( #3321 )
...
* Add Grafana plugins wordlist
* Using payloads instead
* fix: updated variable name
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2021-12-11 11:07:55 +05:30
Prince Chaddha
0e94557017
Merge pull request #3248 from pikpikcu/patch-307
...
added thruk-xss
2021-12-09 22:01:56 +05:30
Prince Chaddha
f476c5ff5b
Update thruk-xss.yaml
2021-12-09 21:58:15 +05:30
Prince Chaddha
d35a55f7b4
Update and rename watchguard-fireware-ad-helper-component-credentials-disclosure.yaml to watchguard-credentials-disclosure.yaml
2021-12-09 21:05:13 +05:30
GwanYeong Kim
bde4e1815a
Create watchguard-fireware-ad-helper-component-credentials-disclosure.yaml
...
a credential-disclosure vulnerability in the AD Helper component of the WatchGuard Fireware Threat Detection and Response (TDR) service, which allows unauthenticated attackers to gain Active Directory credentials for a Windows domain in plaintext.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-12-09 16:02:48 +09:00
Sandeep Singh
2521cb62bf
Added CVE-2021-43798 ( #3296 )
...
* Added CVE-2021-43798
* updated with default plugin list
* Update grafana-file-read.yaml
2021-12-08 16:46:47 +05:30
z0ne
d79b085051
add grafana file read ( #3286 )
...
* add grafana file read
* update: more reference
Co-authored-by: dev <z0ne>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2021-12-07 15:42:59 +05:30
Prince Chaddha
fdcccb5938
Update and rename netsweeper-reflected-xss.yaml to netsweeper-rxss.yaml
2021-12-07 13:56:30 +05:30
Prince Chaddha
ba8bad94c4
Update netsweeper-open-redirect.yaml
2021-12-07 13:43:29 +05:30
daffainfo
b90d0b7e3e
Add 10 templates and edit 1 workflows
2021-12-06 23:38:54 +07:00
sandeep
9da0d768a1
fix: syntax + lint
2021-12-03 10:37:42 +05:30
PikPikcU
83f6b2a153
Update thruk-xss.yaml
2021-12-02 19:07:50 +07:00
PikPikcU
435eeca764
Create thruk-xss.yaml
2021-12-02 19:02:40 +07:00
sandeep
1dabef2e6f
Revert "CVE update - CVE-2021-22049"
...
This reverts commit 70128c2587
.
2021-12-02 01:34:29 +05:30
sandeep
70128c2587
CVE update - CVE-2021-22049
2021-12-02 01:31:41 +05:30
Sandeep Singh
7ea7da8d4b
Added VMware vCenter SSRF/LFI/XSS ( #3240 )
2021-12-02 00:53:47 +05:30
sandeep
71143da193
Added missing tags
2021-11-28 04:13:45 +05:30
sandeep
e7e8c33d64
fixed matcher + added additional matcher
2021-11-27 10:20:04 +05:30
alph4byt3
5080276f31
Update flow-flow-social-stream-xss.yaml
2021-11-26 09:48:04 +02:00
alph4byt3
f82f4d1a0b
Create flow-flow-social-stream-xss.yaml
2021-11-26 06:55:21 +02:00
Prince Chaddha
0d2a2f4e15
Merge pull request #3188 from pussycat0x/master
...
WordPress Themes Haberadam IDOR and Full Path Disclosure via JSON API
2021-11-24 12:14:54 +04:00
Prince Chaddha
85d79fd597
Update and rename wp-haberadam-theme-idor.yaml to wp-haberadam-idor.yaml
2021-11-24 12:09:22 +04:00
pussycat0x
b7701dc7b3
Update wp-haberadam-theme-idor.yaml
2021-11-23 19:53:36 +05:30
pussycat0x
e7bc254415
Update wp-haberadam-theme-idor.yaml
2021-11-23 19:50:27 +05:30
pussycat0x
b3ceaffb9f
Add files via upload
2021-11-23 19:46:33 +05:30
Noam Rathaus
725782050a
Add description
2021-11-23 12:09:00 +02:00
Prince Chaddha
42a9f46f94
Merge pull request #3176 from pussycat0x/master
...
Wordpress Revslider - Unauthenticated Arbitrary File Download
2021-11-23 09:40:48 +05:30
Prince Chaddha
2407b57779
Update wp-revslider-file-download.yaml
2021-11-23 08:09:29 +04:00
sandeep
fdb0cc0277
lint fix + moving template to wp folder
2021-11-22 22:55:00 +05:30
pussycat0x
ee2a766a35
Update wp-revslider-file-download.yaml
2021-11-22 20:40:38 +05:30
pussycat0x
680fffc187
Update wp-revslider-file-download.yaml
2021-11-22 20:33:29 +05:30
pussycat0x
a8ee7e2ddf
Update wp-revslider-file-download.yaml
2021-11-22 20:29:59 +05:30
pussycat0x
ba3d453744
Add files via upload
2021-11-21 17:00:25 +05:30
Sandeep Singh
6eea2f5ec3
Merge pull request #3170 from pussycat0x/master
...
new templates
2021-11-21 14:44:52 +05:30
sandeep
bb5dcd79ac
moved templates to correct directory/location
2021-11-21 14:40:48 +05:30
pussycat0x
41669cb8f6
Add files via upload
2021-11-21 06:45:24 +05:30
Prince Chaddha
1e31e0f76d
Update and rename eibiz-server-3-8-0-lfi.yaml to vulnerabilities/other/eibiz-lfi.yaml
2021-11-18 21:52:30 +05:30
Prince Chaddha
cacf934f38
Merge pull request #3144 from DhiyaneshGeek/master
...
Axigen Mail Server & Squirrel Server
2021-11-16 16:09:21 +05:30
Prince Chaddha
dfea5262ab
Update squirrelmail-add-xss.yaml
2021-11-16 15:30:41 +05:30
Prince Chaddha
77e5352a78
Update squirrelmail-vkeyboard-xss.yaml
2021-11-16 15:13:47 +05:30
Dhiyaneshwaran
32715528d8
Update squirrelmail-lfi.yaml
2021-11-16 00:10:15 +05:30
Dhiyaneshwaran
1905c9321a
Create squirrelmail-vkeyboard-xss.yaml
2021-11-15 23:58:18 +05:30
Dhiyaneshwaran
36c96f5dd8
Rename squirrelmail-vkeyboard-xss.yaml to squirrelmail-add-xss.yaml
2021-11-15 23:57:48 +05:30
Dhiyaneshwaran
c003036a7e
Create squirrelmail-vkeyboard-xss.yaml
2021-11-15 23:44:51 +05:30
Dhiyaneshwaran
fcbbb3475c
Create squirrelmail-lfi.yaml
2021-11-15 23:40:09 +05:30
sandeep
fbf50f1109
format fixing
2021-11-15 21:00:17 +05:30
Prince Chaddha
4eb84d7802
Merge pull request #3131 from Akokonunes/patch-70
...
Create hrsale-unauthenticated-lfi.yaml
2021-11-13 23:46:11 +05:30
Prince Chaddha
9a227941a1
Rename hrsale-unauthenticated-lfi.yaml to vulnerabilities/other/hrsale-unauthenticated-lfi.yaml
2021-11-13 23:37:32 +05:30
sandeep
b2aa8f9f5b
misc updates
2021-11-13 23:01:53 +05:30
sandeep
35bfff6f61
Added skip-variables-check for SSTI template
2021-11-09 22:16:37 +05:30
sandeep
cb74944f43
misc updates
2021-11-08 15:45:54 +05:30
Prince Chaddha
c51bbf8715
Merge pull request #3099 from ImNightmaree/master
...
Create ecshop-sql.yaml
2021-11-08 13:44:54 +05:30
Prince Chaddha
5a6c30c7cf
Update ecshop-sqli.yaml
2021-11-08 13:42:44 +05:30
Prince Chaddha
85741bbcf9
Update and rename ecshop-sql.yaml to ecshop-sqli.yaml
2021-11-08 13:42:13 +05:30
Prince Chaddha
06bb1f444c
Update seowon-router-rce.yaml
2021-11-08 12:49:37 +05:30
Prince Chaddha
7973948360
Update seowon-router-rce.yaml
2021-11-08 12:43:14 +05:30
GwanYeong Kim
6183e248d8
Create seowon-router-rce.yaml
...
Execute commands without authentication as admin user, To use it in all versions, we only enter the router ip & Port(if available) in the request The result of the request is visible on the browser page
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-11-07 14:50:39 +09:00
ImNightmaree
797d9066a1
More linting
2021-11-07 02:49:07 +00:00
ImNightmaree
b77df460dd
Linting
2021-11-07 02:39:21 +00:00
ImNightmaree
bbecf3965a
Update ecshop-sql.yaml
2021-11-07 02:36:28 +00:00
ImNightmaree
38135df2a6
Update ecshop-sql.yaml
2021-11-07 02:30:38 +00:00
ImNightmaree
f37527101c
Create ecshop-sql.yaml
2021-11-07 02:03:09 +00:00
sandeep
5fa10c4b64
cves update
2021-11-06 12:34:04 +05:30
Prince Chaddha
86f00468e1
Merge pull request #3070 from ImNightmaree/patch-2
...
Vanguard CMS Post-XSS
2021-11-06 00:13:58 +05:30
Prince Chaddha
b66427b7c1
Update and rename wp-plugin-ad-widget-lfi.yaml to vulnerabilities/wordpress/ad-widget-lfi.yaml
2021-11-06 00:06:13 +05:30
Prince Chaddha
a57cb5081a
Update vanguard-post-xss.yaml
2021-11-05 21:36:53 +05:30
sandeep
eef5252cc5
file name update
2021-11-05 06:01:59 +05:30
ImNightmaree
e98a1b4085
Update vanguard-post-xss
2021-11-04 16:56:40 +00:00
ImNightmaree
5a94091468
Create vanguard-post-xss
2021-11-04 15:12:47 +00:00
sandeep
915bb09a82
updating file name
2021-11-04 15:43:49 +05:30
sandeep
67f3530dbf
Added meta info
2021-11-03 17:27:53 +05:30
sandeep
be65921cc3
Added remediation information
2021-11-03 17:11:48 +05:30
sandeep
c06cc9f690
Added Sitecore Experience Platform Pre-Auth RCE
2021-11-03 16:52:25 +05:30
sandeep
e2b4d2b29c
misc update
2021-11-03 02:54:23 +05:30
sandeep
b83e79a8fe
moving files around
2021-11-01 19:36:21 +05:30
sandeep
f650961021
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into gitlab-updates
2021-11-01 19:21:55 +05:30
Prince Chaddha
c4b7bb3bd2
Merge pull request #3032 from r3dg33k/wordpress-rdf-user-enum
...
wordpress-rdf-user-enum
2021-11-01 15:43:00 +05:30
Prince Chaddha
7b20a25fc6
Update and rename wordpress-rdf-user-enum.yaml to rdf-user-enumeration.yaml
2021-11-01 15:37:58 +05:30
Prince Chaddha
a862dc3a6f
Update wordpress-rdf-user-enum.yaml
2021-11-01 15:33:06 +05:30
Prince Chaddha
ff5b68a343
Update wordpress-rdf-user-enum.yaml
2021-11-01 15:30:54 +05:30
Prince Chaddha
3decaed012
Merge pull request #3036 from Akokonunes/patch-64
...
Create wp-theme-diarise-lfi.yaml
2021-11-01 14:54:58 +05:30
Prince Chaddha
756ed2c443
Update and rename wp-theme-diarise-lfi.yaml to vulnerabilities/wordpress/diarise-theme-lfi.yaml
2021-11-01 14:37:16 +05:30
Noam Rathaus
4381a462e2
Add description
2021-10-31 16:00:56 +02:00
Noam Rathaus
d277d83c8e
Add description
2021-10-31 15:58:17 +02:00
sandeep
8e27d69da4
misc update
2021-10-31 16:24:36 +05:30
Geeknik Labs
26c298ed03
Update top-xss-params.yaml
...
added an additional 23 parameters and matchers
2021-10-30 16:26:28 -05:00
sandeep
8c3f98c767
fixed invalid template syntax
2021-10-30 16:47:35 +05:30
r3dg33k
2925226122
Update wordpress-rdf-user-enum.yaml
2021-10-30 13:58:24 +03:00
r3dg33k
f3a44a7f50
Update wordpress-rdf-user-enum.yaml
2021-10-30 13:57:53 +03:00
r3dg33k
f75fcde7a9
Update wordpress-rdf-user-enum.yaml
2021-10-30 13:56:04 +03:00
r3dg33k
2d50cb52c6
Add files via upload
2021-10-30 13:46:56 +03:00
Noam Rathaus
9848f92894
Add description
2021-10-27 14:06:15 +03:00
Noam Rathaus
14ae8e3f59
Add description
2021-10-27 14:05:11 +03:00
Noam Rathaus
3a02b7c325
Add description
2021-10-27 14:04:00 +03:00
Noam Rathaus
f1cf6fd9a7
Add description
2021-10-27 14:03:22 +03:00
Noam Rathaus
d5d2ed0a0e
Add description
2021-10-27 13:52:34 +03:00
Prince Chaddha
659f61ca53
Create thinkphp-501-rce.yaml
2021-10-27 00:17:42 +05:30
Prince Chaddha
ac70e14788
Merge pull request #2995 from Akokonunes/patch-63
...
Create wp-tinymce-thumbnail-plugin-lfi.yaml
2021-10-27 00:13:01 +05:30
Prince Chaddha
b928d9a269
Update and rename wp-tinymce-thumbnail-plugin-lfi.yaml to wp-tinymce-lfi.yaml
2021-10-27 00:11:48 +05:30
Prince Chaddha
7abaf59c18
Merge pull request #2993 from Akokonunes/patch-61
...
Create wp-javospot-premium-theme-lfi.yaml
2021-10-27 00:02:00 +05:30
Prince Chaddha
ab633f8675
Update and rename wp-javospot-premium-theme-lfi.yaml to vulnerabilities/wordpress/wp-javospot-lfi.yaml
2021-10-26 23:55:34 +05:30
Noam Rathaus
c9efc02223
Add description
2021-10-26 15:29:20 +03:00
Noam Rathaus
093a495b5f
Add description
2021-10-26 15:28:43 +03:00
Noam Rathaus
25f7c812c2
Add description
2021-10-26 15:27:57 +03:00
Noam Rathaus
5d98d22416
Add description
2021-10-26 15:27:16 +03:00
Noam Rathaus
8adbf37ab4
Add description
2021-10-26 15:26:10 +03:00
Noam Rathaus
57bae34cb9
Add description
2021-10-26 15:25:34 +03:00
Noam Rathaus
4c0e8bae7e
Add description
2021-10-26 15:24:26 +03:00
Noam Rathaus
dcf402cfa4
Add description
2021-10-26 15:23:43 +03:00
Noam Rathaus
7d0c8669a3
Add description
2021-10-26 15:22:21 +03:00
sandeep
0de8bc19f8
misc template updates
2021-10-26 17:39:26 +05:30
Noam Rathaus
058d859cd8
Add description
2021-10-26 12:45:23 +03:00
Noam Rathaus
9c96179595
Fix description
2021-10-26 12:45:16 +03:00
sandeep
423584f1b7
moving files around
2021-10-26 15:08:26 +05:30
Noam Rathaus
fb81f4ca36
Better description
2021-10-26 12:35:56 +03:00
Noam Rathaus
081a2546fe
Add description
2021-10-25 12:59:08 +03:00
Noam Rathaus
e4018d4a0c
Add description
2021-10-25 12:58:22 +03:00
Noam Rathaus
f9fb282770
Add description
2021-10-25 12:57:40 +03:00
Noam Rathaus
319c8a830e
Add description
2021-10-25 12:56:03 +03:00
Noam Rathaus
3029da4ceb
Add description
2021-10-25 12:55:23 +03:00
Noam Rathaus
9f8270bb7a
Add description
2021-10-25 12:54:49 +03:00
Noam Rathaus
c9e9c04f37
Add description
2021-10-25 12:54:00 +03:00
Noam Rathaus
6a6ba60aad
Description
2021-10-25 12:53:22 +03:00
Noam Rathaus
a96bfc3992
Add description
2021-10-25 12:52:58 +03:00