pussycat0x
b3ceaffb9f
Add files via upload
2021-11-23 19:46:33 +05:30
Noam Rathaus
725782050a
Add description
2021-11-23 12:09:00 +02:00
Prince Chaddha
42a9f46f94
Merge pull request #3176 from pussycat0x/master
...
Wordpress Revslider - Unauthenticated Arbitrary File Download
2021-11-23 09:40:48 +05:30
Prince Chaddha
2407b57779
Update wp-revslider-file-download.yaml
2021-11-23 08:09:29 +04:00
sandeep
fdb0cc0277
lint fix + moving template to wp folder
2021-11-22 22:55:00 +05:30
pussycat0x
ee2a766a35
Update wp-revslider-file-download.yaml
2021-11-22 20:40:38 +05:30
pussycat0x
680fffc187
Update wp-revslider-file-download.yaml
2021-11-22 20:33:29 +05:30
pussycat0x
a8ee7e2ddf
Update wp-revslider-file-download.yaml
2021-11-22 20:29:59 +05:30
pussycat0x
ba3d453744
Add files via upload
2021-11-21 17:00:25 +05:30
Sandeep Singh
6eea2f5ec3
Merge pull request #3170 from pussycat0x/master
...
new templates
2021-11-21 14:44:52 +05:30
sandeep
bb5dcd79ac
moved templates to correct directory/location
2021-11-21 14:40:48 +05:30
pussycat0x
41669cb8f6
Add files via upload
2021-11-21 06:45:24 +05:30
Prince Chaddha
1e31e0f76d
Update and rename eibiz-server-3-8-0-lfi.yaml to vulnerabilities/other/eibiz-lfi.yaml
2021-11-18 21:52:30 +05:30
Prince Chaddha
cacf934f38
Merge pull request #3144 from DhiyaneshGeek/master
...
Axigen Mail Server & Squirrel Server
2021-11-16 16:09:21 +05:30
Prince Chaddha
dfea5262ab
Update squirrelmail-add-xss.yaml
2021-11-16 15:30:41 +05:30
Prince Chaddha
77e5352a78
Update squirrelmail-vkeyboard-xss.yaml
2021-11-16 15:13:47 +05:30
Dhiyaneshwaran
32715528d8
Update squirrelmail-lfi.yaml
2021-11-16 00:10:15 +05:30
Dhiyaneshwaran
1905c9321a
Create squirrelmail-vkeyboard-xss.yaml
2021-11-15 23:58:18 +05:30
Dhiyaneshwaran
36c96f5dd8
Rename squirrelmail-vkeyboard-xss.yaml to squirrelmail-add-xss.yaml
2021-11-15 23:57:48 +05:30
Dhiyaneshwaran
c003036a7e
Create squirrelmail-vkeyboard-xss.yaml
2021-11-15 23:44:51 +05:30
Dhiyaneshwaran
fcbbb3475c
Create squirrelmail-lfi.yaml
2021-11-15 23:40:09 +05:30
sandeep
fbf50f1109
format fixing
2021-11-15 21:00:17 +05:30
Prince Chaddha
4eb84d7802
Merge pull request #3131 from Akokonunes/patch-70
...
Create hrsale-unauthenticated-lfi.yaml
2021-11-13 23:46:11 +05:30
Prince Chaddha
9a227941a1
Rename hrsale-unauthenticated-lfi.yaml to vulnerabilities/other/hrsale-unauthenticated-lfi.yaml
2021-11-13 23:37:32 +05:30
sandeep
b2aa8f9f5b
misc updates
2021-11-13 23:01:53 +05:30
sandeep
35bfff6f61
Added skip-variables-check for SSTI template
2021-11-09 22:16:37 +05:30
sandeep
cb74944f43
misc updates
2021-11-08 15:45:54 +05:30
Prince Chaddha
c51bbf8715
Merge pull request #3099 from ImNightmaree/master
...
Create ecshop-sql.yaml
2021-11-08 13:44:54 +05:30
Prince Chaddha
5a6c30c7cf
Update ecshop-sqli.yaml
2021-11-08 13:42:44 +05:30
Prince Chaddha
85741bbcf9
Update and rename ecshop-sql.yaml to ecshop-sqli.yaml
2021-11-08 13:42:13 +05:30
Prince Chaddha
06bb1f444c
Update seowon-router-rce.yaml
2021-11-08 12:49:37 +05:30
Prince Chaddha
7973948360
Update seowon-router-rce.yaml
2021-11-08 12:43:14 +05:30
GwanYeong Kim
6183e248d8
Create seowon-router-rce.yaml
...
Execute commands without authentication as admin user, To use it in all versions, we only enter the router ip & Port(if available) in the request The result of the request is visible on the browser page
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-11-07 14:50:39 +09:00
ImNightmaree
797d9066a1
More linting
2021-11-07 02:49:07 +00:00
ImNightmaree
b77df460dd
Linting
2021-11-07 02:39:21 +00:00
ImNightmaree
bbecf3965a
Update ecshop-sql.yaml
2021-11-07 02:36:28 +00:00
ImNightmaree
38135df2a6
Update ecshop-sql.yaml
2021-11-07 02:30:38 +00:00
ImNightmaree
f37527101c
Create ecshop-sql.yaml
2021-11-07 02:03:09 +00:00
sandeep
5fa10c4b64
cves update
2021-11-06 12:34:04 +05:30
Prince Chaddha
86f00468e1
Merge pull request #3070 from ImNightmaree/patch-2
...
Vanguard CMS Post-XSS
2021-11-06 00:13:58 +05:30
Prince Chaddha
b66427b7c1
Update and rename wp-plugin-ad-widget-lfi.yaml to vulnerabilities/wordpress/ad-widget-lfi.yaml
2021-11-06 00:06:13 +05:30
Prince Chaddha
a57cb5081a
Update vanguard-post-xss.yaml
2021-11-05 21:36:53 +05:30
sandeep
eef5252cc5
file name update
2021-11-05 06:01:59 +05:30
ImNightmaree
e98a1b4085
Update vanguard-post-xss
2021-11-04 16:56:40 +00:00
ImNightmaree
5a94091468
Create vanguard-post-xss
2021-11-04 15:12:47 +00:00
sandeep
915bb09a82
updating file name
2021-11-04 15:43:49 +05:30
sandeep
67f3530dbf
Added meta info
2021-11-03 17:27:53 +05:30
sandeep
be65921cc3
Added remediation information
2021-11-03 17:11:48 +05:30
sandeep
c06cc9f690
Added Sitecore Experience Platform Pre-Auth RCE
2021-11-03 16:52:25 +05:30
sandeep
e2b4d2b29c
misc update
2021-11-03 02:54:23 +05:30
sandeep
b83e79a8fe
moving files around
2021-11-01 19:36:21 +05:30
sandeep
f650961021
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into gitlab-updates
2021-11-01 19:21:55 +05:30
Prince Chaddha
c4b7bb3bd2
Merge pull request #3032 from r3dg33k/wordpress-rdf-user-enum
...
wordpress-rdf-user-enum
2021-11-01 15:43:00 +05:30
Prince Chaddha
7b20a25fc6
Update and rename wordpress-rdf-user-enum.yaml to rdf-user-enumeration.yaml
2021-11-01 15:37:58 +05:30
Prince Chaddha
a862dc3a6f
Update wordpress-rdf-user-enum.yaml
2021-11-01 15:33:06 +05:30
Prince Chaddha
ff5b68a343
Update wordpress-rdf-user-enum.yaml
2021-11-01 15:30:54 +05:30
Prince Chaddha
3decaed012
Merge pull request #3036 from Akokonunes/patch-64
...
Create wp-theme-diarise-lfi.yaml
2021-11-01 14:54:58 +05:30
Prince Chaddha
756ed2c443
Update and rename wp-theme-diarise-lfi.yaml to vulnerabilities/wordpress/diarise-theme-lfi.yaml
2021-11-01 14:37:16 +05:30
Noam Rathaus
4381a462e2
Add description
2021-10-31 16:00:56 +02:00
Noam Rathaus
d277d83c8e
Add description
2021-10-31 15:58:17 +02:00
sandeep
8e27d69da4
misc update
2021-10-31 16:24:36 +05:30
Geeknik Labs
26c298ed03
Update top-xss-params.yaml
...
added an additional 23 parameters and matchers
2021-10-30 16:26:28 -05:00
sandeep
8c3f98c767
fixed invalid template syntax
2021-10-30 16:47:35 +05:30
r3dg33k
2925226122
Update wordpress-rdf-user-enum.yaml
2021-10-30 13:58:24 +03:00
r3dg33k
f3a44a7f50
Update wordpress-rdf-user-enum.yaml
2021-10-30 13:57:53 +03:00
r3dg33k
f75fcde7a9
Update wordpress-rdf-user-enum.yaml
2021-10-30 13:56:04 +03:00
r3dg33k
2d50cb52c6
Add files via upload
2021-10-30 13:46:56 +03:00
Noam Rathaus
9848f92894
Add description
2021-10-27 14:06:15 +03:00
Noam Rathaus
14ae8e3f59
Add description
2021-10-27 14:05:11 +03:00
Noam Rathaus
3a02b7c325
Add description
2021-10-27 14:04:00 +03:00
Noam Rathaus
f1cf6fd9a7
Add description
2021-10-27 14:03:22 +03:00
Noam Rathaus
d5d2ed0a0e
Add description
2021-10-27 13:52:34 +03:00
Prince Chaddha
659f61ca53
Create thinkphp-501-rce.yaml
2021-10-27 00:17:42 +05:30
Prince Chaddha
ac70e14788
Merge pull request #2995 from Akokonunes/patch-63
...
Create wp-tinymce-thumbnail-plugin-lfi.yaml
2021-10-27 00:13:01 +05:30
Prince Chaddha
b928d9a269
Update and rename wp-tinymce-thumbnail-plugin-lfi.yaml to wp-tinymce-lfi.yaml
2021-10-27 00:11:48 +05:30
Prince Chaddha
7abaf59c18
Merge pull request #2993 from Akokonunes/patch-61
...
Create wp-javospot-premium-theme-lfi.yaml
2021-10-27 00:02:00 +05:30
Prince Chaddha
ab633f8675
Update and rename wp-javospot-premium-theme-lfi.yaml to vulnerabilities/wordpress/wp-javospot-lfi.yaml
2021-10-26 23:55:34 +05:30
Noam Rathaus
c9efc02223
Add description
2021-10-26 15:29:20 +03:00
Noam Rathaus
093a495b5f
Add description
2021-10-26 15:28:43 +03:00
Noam Rathaus
25f7c812c2
Add description
2021-10-26 15:27:57 +03:00
Noam Rathaus
5d98d22416
Add description
2021-10-26 15:27:16 +03:00
Noam Rathaus
8adbf37ab4
Add description
2021-10-26 15:26:10 +03:00
Noam Rathaus
57bae34cb9
Add description
2021-10-26 15:25:34 +03:00
Noam Rathaus
4c0e8bae7e
Add description
2021-10-26 15:24:26 +03:00
Noam Rathaus
dcf402cfa4
Add description
2021-10-26 15:23:43 +03:00
Noam Rathaus
7d0c8669a3
Add description
2021-10-26 15:22:21 +03:00
sandeep
0de8bc19f8
misc template updates
2021-10-26 17:39:26 +05:30
Noam Rathaus
058d859cd8
Add description
2021-10-26 12:45:23 +03:00
Noam Rathaus
9c96179595
Fix description
2021-10-26 12:45:16 +03:00
sandeep
423584f1b7
moving files around
2021-10-26 15:08:26 +05:30
Noam Rathaus
fb81f4ca36
Better description
2021-10-26 12:35:56 +03:00
Noam Rathaus
081a2546fe
Add description
2021-10-25 12:59:08 +03:00
Noam Rathaus
e4018d4a0c
Add description
2021-10-25 12:58:22 +03:00
Noam Rathaus
f9fb282770
Add description
2021-10-25 12:57:40 +03:00
Noam Rathaus
319c8a830e
Add description
2021-10-25 12:56:03 +03:00
Noam Rathaus
3029da4ceb
Add description
2021-10-25 12:55:23 +03:00
Noam Rathaus
9f8270bb7a
Add description
2021-10-25 12:54:49 +03:00
Noam Rathaus
c9e9c04f37
Add description
2021-10-25 12:54:00 +03:00
Noam Rathaus
6a6ba60aad
Description
2021-10-25 12:53:22 +03:00
Noam Rathaus
a96bfc3992
Add description
2021-10-25 12:52:58 +03:00
Noam Rathaus
2bffa26635
Advisory description
2021-10-25 10:09:13 +03:00
Noam Rathaus
e9bd13da3e
Product name is 'OA'
2021-10-25 10:07:28 +03:00
Noam Rathaus
66a811c3c2
Better description
2021-10-25 10:06:50 +03:00
Noam Rathaus
a3d1ca6b81
Description
2021-10-25 10:06:44 +03:00
Noam Rathaus
130e5b1ff5
add description
2021-10-25 10:01:03 +03:00
Noam Rathaus
d03fce098e
Add description
2021-10-25 09:58:59 +03:00
Noam Rathaus
5636579be1
Non-broken link
2021-10-25 09:57:47 +03:00
Noam Rathaus
ee82e5c591
Add description
2021-10-25 09:56:44 +03:00
Noam Rathaus
8ad49535b0
Add description
2021-10-24 12:38:06 +03:00
sandeep
c66ad46464
more metadata update
2021-10-22 23:24:21 +05:30
sandeep
2d5beca867
metadata update
2021-10-22 23:23:25 +05:30
Prince Chaddha
9ab9cd2a25
Merge pull request #2953 from Akokonunes/patch-59
...
Create aspose-importer-exporter-file-download.yaml
2021-10-22 22:03:37 +05:30
Prince Chaddha
82ca4a8c43
Update and rename aspose-file-download.yaml to aspose-ie-file-download.yaml
2021-10-22 15:59:44 +05:30
Prince Chaddha
5118c00e24
Update aspose-pdf-file-download.yaml
2021-10-22 15:58:02 +05:30
Prince Chaddha
aa77769481
Rename aspose-pdf-file-download.yaml to vulnerabilities/wordpress/aspose-pdf-file-download.yaml
2021-10-22 15:49:18 +05:30
Noam Rathaus
0cb293abca
Add description
2021-10-21 14:25:28 +03:00
Noam Rathaus
07472bb021
Add description
2021-10-21 14:21:38 +03:00
Noam Rathaus
ae55315ec6
Improve description
2021-10-21 14:15:52 +03:00
Noam Rathaus
7e4cd54f9e
Add description
2021-10-21 14:13:53 +03:00
Noam Rathaus
379513c015
Make description more clear
2021-10-21 08:55:02 +03:00
Noam Rathaus
f1d4569a8c
Add description
2021-10-21 08:52:48 +03:00
Noam Rathaus
691dab8a52
Add description
2021-10-21 08:51:56 +03:00
Noam Rathaus
fde188d253
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-10-21 08:32:04 +03:00
Sandeep Singh
a21cec6362
Merge pull request #2844 from projectdiscovery/more-fixes
...
Changes to adopt v2.5.3 engine
2021-10-21 07:21:20 +05:30
Noam Rathaus
cfa3a798f3
Add description
2021-10-19 13:17:58 +03:00
Noam Rathaus
e45550f4ed
Add description
2021-10-19 13:10:34 +03:00
Noam Rathaus
d1684e7d67
Add description
2021-10-19 13:10:29 +03:00
Noam Rathaus
5c910ab3b4
Add description
2021-10-19 13:03:41 +03:00
Noam Rathaus
6d5e933128
Add description
2021-10-19 12:56:40 +03:00
sandeep
33badb66d1
oob tags update
2021-10-19 02:10:26 +05:30
sandeep
a614391d3f
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into more-fixes
2021-10-18 03:14:44 +05:30
Noam Rathaus
1688b8073a
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-10-17 15:54:29 +03:00
Noam Rathaus
087bbd2263
Add description
2021-10-17 15:54:19 +03:00
Noam Rathaus
0fd1574fe2
Add description
2021-10-17 15:52:26 +03:00
Noam Rathaus
c1b42bcc55
Add description
2021-10-17 15:50:52 +03:00
Prince Chaddha
48588a6b81
Merge pull request #2887 from Akokonunes/patch-56
...
Create aspose-words-exporter-file-download.yaml
2021-10-17 17:04:08 +05:30
Prince Chaddha
1022a0a556
Merge pull request #2898 from asurti6783/patch-2
...
Create jira-unauthenticated-screens.yaml
2021-10-17 08:40:26 +05:30
Prince Chaddha
ba3c7afed0
Update jira-unauthenticated-screens.yaml
2021-10-17 08:36:48 +05:30
Prince Chaddha
7d41f63091
Merge pull request #2903 from Akokonunes/patch-58
...
Create wp-aspose-cloud-ebook-plugin-file-download.yaml
2021-10-17 08:00:55 +05:30
Prince Chaddha
ef16ad713b
Update and rename wp-aspose-cloud-ebook-plugin-file-download.yaml to vulnerabilities/wordpress/aspose-file-download.yaml
2021-10-17 07:49:46 +05:30
Prince Chaddha
5385191a9d
Update microstrategy-ssrf.yaml
2021-10-17 07:46:32 +05:30
Philippe Delteil
274f3f941a
Update microstrategy-ssrf.yaml
2021-10-16 17:19:30 -03:00
Arman Sameer
0d98ff0dd4
Create jira-unauthenticated-screens.yaml
2021-10-15 12:05:51 -04:00
Sandeep Singh
968cfe7d03
Merge pull request #2870 from projectdiscovery/fastjson-rces
...
Fastjson Deserialization RCEs
2021-10-15 03:28:35 +05:30
sandeep
42cc6d9507
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates into more-fixes
2021-10-14 23:51:16 +05:30
sandeep
aad97c084c
misc update
2021-10-14 20:08:44 +05:30
sandeep
f9f4e3327e
moving files around
2021-10-14 20:05:25 +05:30
sandeep
adfbed9d51
lint fix
2021-10-14 19:50:43 +05:30
sandeep
558272470e
Merge branch 'master' of https://github.com/nrathaus/nuclei-templates into pr/2893
2021-10-14 19:32:03 +05:30
sandeep
a313e27f6e
misc update
2021-10-14 19:31:57 +05:30
Noam Rathaus
4532646b44
Description
2021-10-14 16:35:40 +03:00
Noam Rathaus
d803f91971
Add description
2021-10-14 16:34:15 +03:00
Noam Rathaus
dbb28d586a
Add description
2021-10-14 16:32:34 +03:00
Noam Rathaus
5a00c6841d
Working link
2021-10-14 16:32:15 +03:00
Noam Rathaus
75f96128d5
Better description
2021-10-14 16:31:27 +03:00
Noam Rathaus
16dd5c6e8e
More reference
2021-10-14 16:30:44 +03:00
Noam Rathaus
09de143099
Add CVE
2021-10-14 16:30:14 +03:00
Noam Rathaus
6eaff09b16
Add description
2021-10-14 16:29:51 +03:00
Noam Rathaus
a6800e0e1a
Add description
2021-10-14 16:28:41 +03:00
Noam Rathaus
5618e8eaa9
Better description
2021-10-14 16:27:26 +03:00
Noam Rathaus
e3071a4f26
Added description
2021-10-14 16:10:54 +03:00
Noam Rathaus
eef7ba6cd4
Spelling
2021-10-14 16:07:39 +03:00
Noam Rathaus
083ca2805a
Add description
2021-10-14 16:07:18 +03:00
Noam Rathaus
2946782493
Fix name
2021-10-14 16:06:20 +03:00
Noam Rathaus
3322a4becc
Previous reference is no longer available
2021-10-14 16:05:47 +03:00
Noam Rathaus
67a6e574a0
Add description
2021-10-14 16:04:37 +03:00
Noam Rathaus
4b603769c5
Add vendor CERT advisory/cve
2021-10-14 15:59:38 +03:00
Noam Rathaus
39ebcc13a3
Add description
2021-10-14 15:55:59 +03:00
Noam Rathaus
18e6257e33
description
2021-10-14 15:54:28 +03:00
Noam Rathaus
d1105f1d79
Add description
2021-10-14 15:35:52 +03:00
Noam Rathaus
e599ba1261
Add description
2021-10-14 15:35:47 +03:00
Noam Rathaus
4275cce69a
Add description
2021-10-14 15:35:42 +03:00
Noam Rathaus
5453f2ccdb
Add description
2021-10-14 15:35:37 +03:00
Prince Chaddha
02d0071660
Update and rename aspose-words-exporter-file-download.yaml to vulnerabilities/wordpress/aspose-words-file-download.yaml
2021-10-14 16:33:38 +05:30
Prince Chaddha
4ce3559d58
Update and rename wp-cherry-plugin-file-download.yaml to vulnerabilities/wordpress/cherry-file-download.yaml
2021-10-14 16:29:47 +05:30
Noam Rathaus
2e9613d75b
Improve description
2021-10-13 12:01:33 +03:00
Noam Rathaus
d5038b7520
Add description
2021-10-13 12:00:55 +03:00
Noam Rathaus
ab008edc5b
Add description
2021-10-13 12:00:39 +03:00
Noam Rathaus
b86a987030
Dead link
2021-10-13 12:00:36 +03:00
Noam Rathaus
a3608c32f4
Add description
2021-10-13 11:56:10 +03:00
Sandeep Singh
9273a765c0
Merge branch 'master' into more-fixes
2021-10-13 13:48:52 +05:30
sandeep
dc2d9485a9
additional matcher
2021-10-12 12:07:05 +05:30
sandeep
9d1f7fb627
more tags
2021-10-12 11:28:49 +05:30
sandeep
6e6601a462
more templates
2021-10-12 11:27:50 +05:30
Prince Chaddha
843c688505
Merge pull request #2867 from Akokonunes/patch-54
...
Create advanced-access-manager-plugin-lfi.yaml
2021-10-11 16:55:58 +05:30
Prince Chaddha
da08f02913
Update and rename advanced-access-manager-plugin-lfi.yaml to vulnerabilities/wordpress/advanced-access-manager-lfi.yaml
2021-10-11 16:52:28 +05:30
sandeep
86f52501a5
Added Fastjson 1.2.47 Deserialization RCE
2021-10-11 04:23:52 +05:30
sandeep
16ea26b295
Added Fastjson 1.2.24 Deserialization RCE
2021-10-11 01:16:37 +05:30
sandeep
5072932509
more updates
2021-10-10 06:43:30 +05:30
sandeep
9b1c57506b
Updating CVE-2021-41773 / CVE-2021-42013 to include RCE check
2021-10-10 06:00:43 +05:30
sandeep
6205415bbd
Update keycloak-xss.yaml
...
Updating severity as this XSS is not exploitable directly.
2021-10-09 08:46:17 +05:30
Sandeep Singh
0c8e813c15
Merge pull request #2854 from Akokonunes/patch-52
...
Create wp-oxygen-theme-lfi.yaml
2021-10-08 19:20:54 +05:30
sandeep
ecca8374fc
moving file around
2021-10-08 19:19:29 +05:30
Sandeep Singh
95305667c0
Merge pull request #2852 from pdelteil/patch-65
...
Update qcubed-xss.yaml
2021-10-08 19:14:41 +05:30
sandeep
6a00b9245c
Update qcubed-xss.yaml
2021-10-08 19:14:26 +05:30
sandeep
de0a0ff3c1
misc update
2021-10-08 19:10:03 +05:30
Philippe Delteil
60a3b6f4a4
Update qcubed-xss.yaml
2021-10-08 03:46:49 -03:00
Philippe Delteil
888c703a3c
Update pmb-directory-traversal.yaml
2021-10-08 03:33:40 -03:00
sandeep
53fc9bcb3f
misc fixes
2021-10-07 05:23:20 +05:30
Sandeep Singh
634e215433
Merge pull request #2840 from projectdiscovery/apache-httpd-rce
...
Added Apache HTTPd - 2.4.49 (CGI enabled) RCE
2021-10-06 19:50:18 +05:30
sandeep
8dfa5ce9b4
Added Lucee Unauthenticated Reflected XSS
2021-10-06 16:38:23 +05:30
sandeep
856b96a084
lint update
2021-10-06 15:56:00 +05:30
sandeep
796dd93113
Added Apache HTTPd - 2.4.49 (CGI enabled) RCE
2021-10-06 15:53:31 +05:30
Prince Chaddha
3ce3718a5e
Merge pull request #2835 from Akokonunes/patch-49
...
Create ultimatemember-plugin-open-redirect.yaml
2021-10-06 11:04:54 +05:30
Prince Chaddha
183af8b95b
Update and rename ultimatemember-plugin-open-redirect.yaml to vulnerabilities/wordpress/ultimatemember-open-redirect.yaml
2021-10-06 10:59:48 +05:30
Prince Chaddha
f1130595ce
Update and rename wptouch-plugin-open-redirect.yaml to vulnerabilities/wordpress/wptouch-open-redirect.yaml
2021-10-06 10:46:16 +05:30
Prince Chaddha
5b5e764b48
Merge pull request #2787 from mr-rizwan-syed/master
...
wp-config-file and aws-s3-access-key-leak
2021-10-05 18:25:04 +05:30
Prince Chaddha
6e7b91f6dc
Update wordpress-accessible-wpconfig.yaml
2021-10-05 18:02:50 +05:30
Sandeep Singh
478a7ef833
Merge pull request #2808 from pdelteil/patch-61
...
Update wp-plugin-1-flashgallery-listing.yaml
2021-10-02 17:59:10 +05:30
Sandeep Singh
47853b869b
Update metinfo-lfi.yaml
2021-10-02 17:57:59 +05:30
Sandeep Singh
f43b256e6e
Update metinfo-lfi.yaml
2021-10-02 17:57:33 +05:30
Philippe Delteil
8fc91de606
Update metinfo-lfi.yaml
2021-10-02 03:42:22 -03:00
Philippe Delteil
e3947fbfeb
Update wp-plugin-1-flashgallery-listing.yaml
2021-10-02 03:29:17 -03:00
Prince Chaddha
4dc168520c
Merge pull request #2791 from pdelteil/patch-59
...
Update and rename wordpress-emails-verification-for-woocommerce.yaml …
2021-10-01 16:33:44 +05:30
Prince Chaddha
d7e6cb313e
Update wp-woocommerce-email-verification.yaml
2021-10-01 16:31:50 +05:30
Prince Chaddha
58fd372498
Update and rename qihang-media-web-lfi.yaml to qihang-media-lfi.yaml
2021-10-01 16:28:20 +05:30
Prince Chaddha
ea71661d79
Update and rename qihang-media-web-credentials-disclosure.yaml to qihang-media-disclosure.yaml
2021-10-01 16:26:25 +05:30
GwanYeong Kim
f750bf5ba5
Create qihang-media-web-credentials-disclosure.yaml
...
The application suffers from clear-text credentials disclosure vulnerability that allows an unauthenticated attacker to issue a request to an unprotected directory that hosts an XML file /xml/User/User.xml and obtain administrative login information that allows for a successful authentication bypass attack.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-10-01 15:42:48 +09:00
GwanYeong Kim
90138f44d1
Create qihang-media-web-lfi.yaml
...
The application suffers from an unauthenticated file disclosure vulnerability when input passed thru the filename parameter when using the download action or thru path parameter when using the getAll action is not properly verified before being used. This can be exploited to disclose contents of files and directories from local resources.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-10-01 15:35:12 +09:00
Philippe Delteil
145f1a643d
Update and rename wordpress-emails-verification-for-woocommerce.yaml to wp-woocommerce-email-verification.yaml
...
- name changed to match template id.
- added stop-at-first-match condition.
2021-09-30 22:49:21 -03:00
Sullo
7adfd01163
Moving listserv_maestro_rce.yaml to cves folder
2021-09-30 15:39:45 -04:00
Sullo
d34e6c1145
Add information for CVE-2010-1870
2021-09-30 15:38:59 -04:00
Sullo
3c012b137d
Break CVE-2016-4975 into its own template
2021-09-30 15:35:17 -04:00
Rizwan Syed
4065f6a493
Update wordpress-accessible-wpconfig.yaml
2021-09-30 23:15:18 +05:30
Sullo
c9a374bed5
renamed: simple-employee-rce.yaml -> ../../cves/2019/CVE-2019-20183.yaml
2021-09-30 13:06:46 -04:00
Sullo
28def083f6
Merge branch 'master' of https://github.com/sullo/nuclei-templates
...
Fix typo for cvss
2021-09-30 13:03:09 -04:00
Sullo
3878138bfe
* Added Host headers where needed (validated via disclosures/posts)
...
* Added CVE simple-employee-rce.yaml
2021-09-30 12:52:05 -04:00
sullo
66cad3ff35
Revert "* Added CVE info & moved simple-employee-rce.yaml to cves/2019/CVE-2019-20183.yaml"
...
incorrect push to master repo
This reverts commit 7191aee570
.
2021-09-30 12:25:22 -04:00
Sullo
7191aee570
* Added CVE info & moved simple-employee-rce.yaml to cves/2019/CVE-2019-20183.yaml
...
* Added missing {{Hostname}} to some raw requests (confirmed that hostname is allowed in exploits)
* Minor cleanup in the modified plugins
2021-09-30 12:20:54 -04:00
sandeep
e90e3b49bc
Added more unique matchers
2021-09-30 20:22:53 +05:30
sandeep
88f6bba576
Added thinkphp keyword from response to avoid false positive
2021-09-30 18:35:14 +05:30
Prince Chaddha
f839f628b6
Update and rename fatpipe-networks-warp-backdoor.yaml to fatpipe-backdoor.yaml
2021-09-30 17:18:45 +05:30
Prince Chaddha
b65719103f
Update and rename fatpipe-networks-warp-auth-bypass.yaml to fatpipe-auth-bypass.yaml
2021-09-30 17:18:21 +05:30
Prince Chaddha
9e25b4871e
Update fatpipe-networks-warp-backdoor.yaml
2021-09-30 16:13:19 +05:30
GwanYeong Kim
606d2b5ea4
Create fatpipe-networks-warp-backdoor.yaml
...
The application has a hidden administrative account cmuser that has no password and has write access permissions to the device. The user cmuser is not visible in Users menu list of the application.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-09-30 13:38:01 +09:00
GwanYeong Kim
263cadaacf
Create fatpipe-networks-warp-auth-bypass.yaml
...
Improper access control occurs when the application provides direct access to objects based on user-supplied input. As a result of this vulnerability attackers can bypass authorization and access resources behind protected pages.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-09-30 11:07:24 +09:00
Sandeep Singh
e9f81943b6
Merge pull request #2759 from projectdiscovery/generic-ssrf
...
generic-ssrf
2021-09-30 03:31:52 +05:30
sandeep
553a7a2480
Update request-based-interaction.yaml
2021-09-30 03:31:03 +05:30
sandeep
be297d732b
misc update
2021-09-30 03:26:16 +05:30
Prince Chaddha
5c80f9dc4c
Update and rename wp-church-admin-lfi.yaml to vulnerabilities/wordpress/church-admin-lfi.yaml
2021-09-28 15:38:03 +05:30
Prince Chaddha
cee46ca968
Update and rename request-interaction-oob.yaml to request-based-interaction.yaml
2021-09-28 15:22:30 +05:30
Prince Chaddha
97ef8f00e2
Update and rename generic-oob-param-based-interaction.yaml to oob-param-based-interaction.yaml
2021-09-28 15:21:41 +05:30
Prince Chaddha
25a971efd4
Update and rename generic-oob-header-based-interaction.yaml to oob-header-based-interaction.yaml
2021-09-28 15:21:27 +05:30
Prince Chaddha
8042d1233e
Create request-interaction-oob.yaml
2021-09-28 15:18:26 +05:30
Prince Chaddha
52a5e33556
Create generic-oob-param-based-interaction.yaml
2021-09-28 15:17:21 +05:30
Prince Chaddha
1a4f6754b4
Create generic-oob-header-based-interaction.yaml
2021-09-28 15:15:57 +05:30
Prince Chaddha
8d7e5b2d24
Merge pull request #2748 from gy741/rule-add-v60
...
Create commax-cctv-rtsp-credentials-disclosure.yaml
2021-09-25 11:49:18 +05:30
Prince Chaddha
2808f46429
Update and rename commax-cctv-rtsp-credentials-disclosure.yaml to commax-credentials-disclosure.yaml
2021-09-25 11:32:31 +05:30
Prince Chaddha
2e7e35eb70
Update and rename ecoa-building-directory-traversal.yaml to ecoa-building-lfi.yaml
2021-09-25 11:22:48 +05:30
GwanYeong Kim
fac7f96b34
Create ecoa-building-directory-traversal.yaml
...
The BAS controller suffers from a directory traversal content disclosure vulnerability. Using the GET parameter cpath in File Manager (fmangersub), attackers can disclose directory content on the affected device
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-09-25 08:58:58 +09:00
GwanYeong Kim
59e0eb7ad3
Create commax-cctv-rtsp-credentials-disclosure.yaml
...
The COMMAX CCTV Bridge for the DVR service allows an unauthenticated attacker
to disclose RTSP credentials in plain-text.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-09-25 08:43:18 +09:00
Prince Chaddha
93b6f3a799
Merge pull request #2743 from Akokonunes/patch-43
...
Create wp-brandfolder-plugin-open-redirect.yaml
2021-09-25 00:55:20 +05:30
Prince Chaddha
d0ee5cbe02
Merge pull request #2744 from Akokonunes/patch-44
...
Create wp-brandfolder-plugin-lfi.yaml
2021-09-25 00:54:30 +05:30
Prince Chaddha
f70cc70c26
Update and rename wp-brandfolder-plugin-open-redirect.yaml to vulnerabilities/wordpress/brandfolder-open-redirect.yaml
2021-09-25 00:54:03 +05:30
Prince Chaddha
624c722c5a
Update and rename wp-brandfolder-plugin-lfi.yaml to vulnerabilities/wordpress/brandfolder-lfi.yaml
2021-09-25 00:51:56 +05:30
Prince Chaddha
e832a50401
Update issuu-panel-lfi.yaml
2021-09-25 00:49:53 +05:30
Prince Chaddha
f35db18633
Update and rename wp-plugin-issuu-panel-lfi.yaml to vulnerabilities/wordpress/issuu-panel-lfi.yaml
2021-09-25 00:47:37 +05:30
Sandeep Singh
d75bad52c7
Merge pull request #2732 from Akokonunes/patch-38
...
Create product-input-fields-for-woocommerce-file-download.yaml
2021-09-22 18:19:59 +05:30
sandeep
a898a6c3a6
Update wp-woocommerce-file-download.yaml
2021-09-22 18:19:25 +05:30
sandeep
dfa85833e2
misc update
2021-09-22 18:18:21 +05:30
Sandeep Singh
551c9127a2
Merge pull request #2733 from Akokonunes/patch-42
...
Create cs-cart-unauthenticated-lfi.yaml
2021-09-22 18:10:38 +05:30
sandeep
18142906f0
moving files around
2021-09-22 18:09:43 +05:30
sandeep
a60e8a9d5e
misc update
2021-09-22 18:08:32 +05:30
Prince Chaddha
807920c0ac
clean-up
2021-09-21 17:16:53 +05:30
Sandeep Singh
a5982b8f32
Merge pull request #2721 from nerrorsec/patch-1
...
Added a path
2021-09-21 15:32:42 +05:30
Sandeep Singh
e0a8cb25bf
Merge pull request #2725 from projectdiscovery/wp-xmlrpc-pingback-detection
...
Added Wordpress XMLRPC Pingback detection
2021-09-21 15:29:25 +05:30
sandeep
d9c5095780
fixing xmlrpc-pingback-ssrf.yaml
2021-09-21 15:21:35 +05:30
Prince Chaddha
ff4811e085
Create wordpress-git-config.yaml
2021-09-21 15:21:16 +05:30
sandeep
10a6436f6f
Added Wordpress XMLRPC Pingback detection
2021-09-21 15:18:49 +05:30
Prince Chaddha
8034e43e2c
Merge pull request #2711 from 0xSmiley/generic_lfi
...
Generic lfi
2021-09-21 00:11:59 +05:30
Prince Chaddha
8a985aa5c8
Update generic-linux-lfi.yaml
2021-09-20 23:53:49 +05:30
Prince Chaddha
6564d0fca4
Merge pull request #2708 from pussycat0x/master
...
New templates
2021-09-20 14:18:41 +05:30
Sandeep Singh
e9e99de988
Merge pull request #2714 from pikpikcu/patch-288
...
Update Severity
2021-09-20 12:20:12 +05:30
PikPikcU
991963fe4a
Update Severity
2021-09-20 12:11:56 +07:00
kn1ght
ffe20a273d
fix: typo error
2021-09-19 20:23:22 -03:00
Nuno
083a72b24c
Generic Template Updated
2021-09-18 20:13:32 +01:00
Muhammad Daffa
50dfd3dc3d
Update Severity
2021-09-18 21:07:47 +07:00
Sandeep Singh
0f03f5ff55
Merge pull request #2692 from projectdiscovery/metadata-attribute-update
2021-09-18 18:19:07 +05:30
sandeep
8c28120218
Update luftguitar-arbitrary-file-upload.yaml
2021-09-18 14:32:13 +05:30
sandeep
fb1aee75ce
Update luftguitar-arbitrary-file-upload.yaml
2021-09-18 14:28:03 +05:30
Prince Chaddha
e183b518db
Update wp-altair-listing.yaml
2021-09-18 14:11:17 +05:30
Prince Chaddha
d0c5083632
Update wp-altair-listing.yaml
2021-09-18 14:09:59 +05:30
Prince Chaddha
0523d46ed2
Revert "Delete wp-altair-listing.yaml"
...
This reverts commit 05dd3affce
.
2021-09-18 13:54:03 +05:30
Prince Chaddha
05dd3affce
Delete wp-altair-listing.yaml
2021-09-18 13:51:28 +05:30
Prince Chaddha
63cc624c4a
Update luftguitar-arbitrary-file-upload.yaml
2021-09-18 12:14:32 +05:30
Prince Chaddha
893f8d3bc6
Update wp-altair-listing.yaml
2021-09-18 12:01:47 +05:30
pussycat0x
10b3bc327d
Add files via upload
2021-09-18 10:37:16 +05:30
PikPikcU
2a1341274a
Create luftguitar-arbitrary-file-upload.yaml
2021-09-17 21:04:21 +07:00
Prince Chaddha
3deb522abc
Merge pull request #2664 from Akokonunes/patch-37
...
Create ecoa-building-automation-lfd.yaml
2021-09-17 16:47:54 +05:30
Prince Chaddha
df59ad5670
Update and rename ecoa-building-automation-lfd.yaml to vulnerabilities/other/ecoa-building-automation-lfd.yaml
2021-09-17 16:39:09 +05:30
Prince Chaddha
b00b70c150
Merge pull request #2697 from Akokonunes/patch-39
...
Create attitude-wp-theme-open-redirect.yaml
2021-09-17 15:12:21 +05:30
Prince Chaddha
5cac00bada
Merge pull request #2698 from Akokonunes/patch-40
...
Create eatery-restaurant-wp-theme-open-redirect.yaml
2021-09-17 15:12:09 +05:30
Prince Chaddha
a40530d9d4
Update and rename eatery-restaurant-wp-theme-open-redirect.yaml to vulnerabilities/wordpress/eatery-restaurant-open-redirect.yaml
2021-09-17 15:10:30 +05:30
Prince Chaddha
69e546ea4d
Update attitude-theme-open-redirect.yaml
2021-09-17 15:10:23 +05:30
Prince Chaddha
c5ccf9d991
Update and rename attitude-wp-theme-open-redirect.yaml to vulnerabilities/wordpress/attitude-theme-open-redirect.yaml
2021-09-17 15:08:59 +05:30
Prince Chaddha
2e8329b645
Update and rename weekender-newspaper-wp-theme-open-redirect.yaml to vulnerabilities/wordpress/weekender-newspaper-open-redirect.yaml
2021-09-17 15:06:13 +05:30
Geeknik Labs
03a79aa0c3
Update jenkins-script.yaml
2021-09-16 15:17:15 -05:00
sandeep
676b51d20c
Metadata attribute update
2021-09-16 21:24:33 +05:30
Prince Chaddha
18879698fa
Update bullwark-momentum-lfi.yaml
2021-09-13 15:55:14 +05:30
Prince Chaddha
e18cc14218
Update bullwark-momentum-lfi.yaml
2021-09-13 15:34:18 +05:30