Commit Graph

13 Commits (2d450b006415815cda5afc727b9d5a84e5d57798)

Author SHA1 Message Date
forgedhallpass 209538baa6 refactor: Description field uniformization
* info field reorder
* reference values refactored to list
* added new lines after the id and before the protocols
* removed extra new lines
* split really long descriptions to multiple lines (part 1)
* other minor fixes
2022-04-22 13:38:41 +03:00
MostInterestingBotInTheWorld a24ef794b7
Dashboard Content Enhancements (#4031)
Dashboard Content Enhancements
2022-04-07 09:53:15 -04:00
sandeep ec99241f0e Updated "/etc/passwd" regex to avoid possible false positive results. 2022-03-22 13:31:31 +05:30
gilfoyle97 0fa555567a
Request: Fix CVE-2021-21234 (#3920)
* Fixed CVE-2019-9670

* more strict matchers

* Fix CVE-2021-21234

* more strict matcher

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-03-17 14:59:53 +05:30
MostInterestingBotInTheWorld 9b82c296e1
Dashboard Enhancements (#3722)
* Enhancement: cves/2021/CVE-2021-1497.yaml by cs

* Enhancement: cves/2010/CVE-2010-1957.yaml by mp

* Enhancement: cves/2010/CVE-2010-1977.yaml by mp

* Enhancement: cves/2010/CVE-2010-1979.yaml by mp

* Enhancement: cves/2010/CVE-2010-1980.yaml by mp

* Enhancement: cves/2010/CVE-2010-1981.yaml by mp

* Enhancement: cves/2010/CVE-2010-1982.yaml by mp

* Enhancement: cves/2010/CVE-2010-1983.yaml by mp

* Enhancement: cves/2010/CVE-2010-2033.yaml by mp

* Enhancement: cves/2010/CVE-2010-2034.yaml by mp

* Enhancement: cves/2010/CVE-2010-2035.yaml by mp

* Enhancement: cves/2010/CVE-2010-2036.yaml by mp

* Enhancement: cves/2010/CVE-2010-2037.yaml by mp

* Enhancement: cves/2010/CVE-2010-2045.yaml by mp

* Enhancement: cves/2010/CVE-2010-2050.yaml by mp

* Enhancement: cves/2010/CVE-2010-2122.yaml by mp

* Enhancement: cves/2010/CVE-2010-1980.yaml by mp

* Enhancement: cves/2010/CVE-2010-1981.yaml by mp

* Enhancement: cves/2010/CVE-2010-1982.yaml by mp

* Enhancement: cves/2010/CVE-2010-2035.yaml by mp

* Enhancement: cves/2010/CVE-2010-2128.yaml by mp

* Enhancement: cves/2010/CVE-2010-2259.yaml by mp

* Enhancement: cves/2010/CVE-2010-2307.yaml by mp

* Enhancement: cves/2010/CVE-2010-2507.yaml by mp

* Enhancement: cves/2010/CVE-2010-2680.yaml by mp

* Enhancement: cves/2010/CVE-2010-2682.yaml by mp

* Enhancement: cves/2010/CVE-2010-2857.yaml by mp

* Enhancement: cves/2010/CVE-2010-2861.yaml by mp

* Enhancement: cves/2010/CVE-2010-2918.yaml by mp

* Enhancement: cves/2010/CVE-2010-2920.yaml by mp

* Enhancement: cves/2010/CVE-2010-3203.yaml by mp

* Enhancement: cves/2010/CVE-2010-3426.yaml by mp

* Enhancement: cves/2010/CVE-2010-4617.yaml by mp

* Enhancement: cves/2010/CVE-2010-4231.yaml by mp

* Enhancement: cves/2010/CVE-2010-4282.yaml by mp

* Enhancement: cves/2010/CVE-2010-4282.yaml by mp

* Enhancement: cves/2010/CVE-2010-4617.yaml by mp

* Enhancement: cves/2010/CVE-2010-4719.yaml by mp

* Enhancement: cves/2010/CVE-2010-4769.yaml by mp

* Enhancement: cves/2010/CVE-2010-4977.yaml by mp

* Enhancement: cves/2010/CVE-2010-5028.yaml by mp

* Enhancement: cves/2010/CVE-2010-5278.yaml by mp

* Enhancement: cves/2010/CVE-2010-5286.yaml by mp

* Enhancement: cves/2011/CVE-2011-0049.yaml by mp

* Enhancement: cves/2011/CVE-2011-1669.yaml by mp

* Enhancement: cves/2011/CVE-2011-2744.yaml by mp

* Enhancement: cves/2000/CVE-2000-0114.yaml by mp

* Enhancement: cves/2011/CVE-2011-3315.yaml by mp

* Enhancement: cves/2011/CVE-2011-4336.yaml by mp

* Enhancement: cves/2011/CVE-2011-4618.yaml by mp

* Enhancement: cves/2011/CVE-2011-4624.yaml by mp

* Enhancement: cves/2011/CVE-2011-4804.yaml by mp

* Enhancement: cves/2011/CVE-2011-0049.yaml by mp

* Enhancement: cves/2011/CVE-2011-2780.yaml by mp

* Enhancement: cves/2011/CVE-2011-2780.yaml by mp

* Enhancement: cves/2012/CVE-2012-1823.yaml by mp

* Enhancement: cves/2012/CVE-2012-0392.yaml by mp

* Enhancement: cves/2012/CVE-2012-1226.yaml by mp

* Enhancement: cves/2012/CVE-2012-0996.yaml by mp

* Enhancement: cves/2021/CVE-2021-39226.yaml by cs

* Enhancement: cves/2021/CVE-2021-27358.yaml by cs

* Enhancement: cves/2021/CVE-2021-43798.yaml by cs

* Enhancement: cves/2021/CVE-2021-43798.yaml by cs

* Enhancement: cves/2021/CVE-2021-43798.yaml by cs

* Enhancement: cves/2012/CVE-2012-1835.yaml by mp

* Enhancement: cves/2012/CVE-2012-0901.yaml by mp

* Enhancement: cves/2011/CVE-2011-5265.yaml by mp

* Enhancement: cves/2011/CVE-2011-5181.yaml by mp

* Enhancement: cves/2011/CVE-2011-5179.yaml by mp

* Enhancement: cves/2011/CVE-2011-5107.yaml by mp

* Enhancement: cves/2011/CVE-2011-5106.yaml by mp

* Enhancement: cves/2011/CVE-2011-4926.yaml by mp

* Enhancement: cves/2012/CVE-2012-0991.yaml by mp

* Enhancement: cves/2012/CVE-2012-0981.yaml by mp

* Enhancement: cves/2012/CVE-2012-0896.yaml by mp

* Enhancement: cves/2012/CVE-2012-0392.yaml by mp

* Enhancement: cves/2012/CVE-2012-0392.yaml by mp
Fix "too few spaces before comment" lint errors
Co-authored-by: sullo <sullo@cirt.net>
2022-02-21 13:33:16 -05:00
Pathtaga e281e5bf88
Updated all templates tags with technologies (#3478)
* Updated tags for template sonicwall-email-security-detect.yaml

* Updated tags for template detect-sentry.yaml

* Updated tags for template kong-detect.yaml

* Updated tags for template openam-detect.yaml

* Updated tags for template shiro-detect.yaml

* Updated tags for template iplanet-web-server.yaml

* Updated tags for template graylog-api-browser.yaml

* Updated tags for template prtg-detect.yaml

* Updated tags for template node-red-detect.yaml

* Updated tags for template abyss-web-server.yaml

* Updated tags for template geo-webserver.yaml

* Updated tags for template autobahn-python-detect.yaml

* Updated tags for template default-lighttpd-page.yaml

* Updated tags for template microsoft-iis-8.yaml

* Updated tags for template lucee-detect.yaml

* Updated tags for template php-proxy-detect.yaml

* Updated tags for template jenkins-detect.yaml

* Updated tags for template cockpit-detect.yaml

* Updated tags for template csrfguard-detect.yaml

* Updated tags for template dwr-index-detect.yaml

* Updated tags for template netsweeper-webadmin-detect.yaml

* Updated tags for template weblogic-detect.yaml

* Updated tags for template s3-detect.yaml

* Updated tags for template tileserver-gl.yaml

* Updated tags for template springboot-actuator.yaml

* Updated tags for template terraform-detect.yaml

* Updated tags for template redmine-cli-detect.yaml

* Updated tags for template mrtg-detect.yaml

* Updated tags for template tableau-server-detect.yaml

* Updated tags for template magmi-detect.yaml

* Updated tags for template oidc-detect.yaml

* Updated tags for template tor-socks-proxy.yaml

* Updated tags for template synology-web-station.yaml

* Updated tags for template herokuapp-detect.yaml

* Updated tags for template gunicorn-detect.yaml

* Updated tags for template sql-server-reporting.yaml

* Updated tags for template google-bucket-service.yaml

* Updated tags for template kubernetes-mirantis.yaml

* Updated tags for template kubernetes-enterprise-manager.yaml

* Updated tags for template oracle-iplanet-web-server.yaml

* Updated tags for template dell-idrac7-detect.yaml

* Updated tags for template dell-idrac6-detect.yaml

* Updated tags for template dell-idrac9-detect.yaml

* Updated tags for template dell-idrac8-detect.yaml

* Updated tags for template apache-guacamole.yaml

* Updated tags for template aws-cloudfront-service.yaml

* Updated tags for template aws-bucket-service.yaml

* Updated tags for template nginx-linux-page.yaml

* Updated tags for template telerik-fileupload-detect.yaml

* Updated tags for template telerik-dialoghandler-detect.yaml

* Updated tags for template htaccess-config.yaml

* Updated tags for template microsoft-azure-error.yaml

* Updated tags for template detect-options-method.yaml

* Updated tags for template unpatched-coldfusion.yaml

* Updated tags for template moodle-changelog.yaml

* Updated tags for template detect-dns-over-https.yaml

* Updated tags for template CVE-2019-19134.yaml

* Updated tags for template CVE-2019-3929.yaml

* Updated tags for template CVE-2019-19908.yaml

* Updated tags for template CVE-2019-10475.yaml

* Updated tags for template CVE-2019-17382.yaml

* Updated tags for template CVE-2019-16332.yaml

* Updated tags for template CVE-2019-14974.yaml

* Updated tags for template CVE-2019-19368.yaml

* Updated tags for template CVE-2019-12725.yaml

* Updated tags for template CVE-2019-15501.yaml

* Updated tags for template CVE-2019-9733.yaml

* Updated tags for template CVE-2019-14322.yaml

* Updated tags for template CVE-2019-9955.yaml

* Updated tags for template CVE-2019-0230.yaml

* Updated tags for template CVE-2019-10232.yaml

* Updated tags for template CVE-2019-17506.yaml

* Updated tags for template CVE-2019-8449.yaml

* Updated tags for template CVE-2019-12593.yaml

* Updated tags for template CVE-2019-10092.yaml

* Updated tags for template CVE-2019-1821.yaml

* Updated tags for template CVE-2019-3401.yaml

* Updated tags for template CVE-2019-16662.yaml

* Updated tags for template CVE-2019-5418.yaml

* Updated tags for template CVE-2016-4975.yaml

* Updated tags for template CVE-2016-1000137.yaml

* Updated tags for template CVE-2016-7552.yaml

* Updated tags for template CVE-2016-10956.yaml

* Updated tags for template CVE-2016-1000146.yaml

* Updated tags for template CVE-2013-2251.yaml

* Updated tags for template CVE-2013-1965.yaml

* Updated tags for template CVE-2014-2323.yaml

* Updated tags for template CVE-2014-5111.yaml

* Updated tags for template CVE-2014-2962.yaml

* Updated tags for template CVE-2014-4561.yaml

* Updated tags for template CVE-2014-4558.yaml

* Updated tags for template CVE-2014-3120.yaml

* Updated tags for template CVE-2007-5728.yaml

* Updated tags for template CVE-2009-4679.yaml

* Updated tags for template CVE-2009-1558.yaml

* Updated tags for template CVE-2009-4202.yaml

* Updated tags for template CVE-2009-0932.yaml

* Updated tags for template CVE-2015-2068.yaml

* Updated tags for template CVE-2015-8813.yaml

* Updated tags for template CVE-2015-7450.yaml

* Updated tags for template CVE-2015-2067.yaml

* Updated tags for template CVE-2015-3306.yaml

* Updated tags for template CVE-2015-3337.yaml

* Updated tags for template CVE-2015-1427.yaml

* Updated tags for template CVE-2015-1503.yaml

* Updated tags for template CVE-2015-1880.yaml

* Updated tags for template CVE-2018-3810.yaml

* Updated tags for template CVE-2018-18069.yaml

* Updated tags for template CVE-2018-17246.yaml

* Updated tags for template CVE-2018-10141.yaml

* Updated tags for template CVE-2018-16341.yaml

* Updated tags for template CVE-2018-18777.yaml

* Updated tags for template CVE-2018-15138.yaml

* Updated tags for template CVE-2018-11784.yaml

* Updated tags for template CVE-2018-16299.yaml

* Updated tags for template CVE-2018-7251.yaml

* Updated tags for template CVE-2018-1273.yaml

* Updated tags for template CVE-2018-1271.yaml

* Updated tags for template CVE-2018-11759.yaml

* Updated tags for template CVE-2018-3167.yaml

* Updated tags for template CVE-2018-7490.yaml

* Updated tags for template CVE-2018-2628.yaml

* Updated tags for template CVE-2018-13380.yaml

* Updated tags for template CVE-2018-2893.yaml

* Updated tags for template CVE-2018-5316.yaml

* Updated tags for template CVE-2018-20985.yaml

* Updated tags for template CVE-2018-10818.yaml

* Updated tags for template CVE-2018-1000861.yaml

* Updated tags for template CVE-2018-0296.yaml

* Updated tags for template CVE-2018-19458.yaml

* Updated tags for template CVE-2018-3760.yaml

* Updated tags for template CVE-2018-12998.yaml

* Updated tags for template CVE-2018-9118.yaml

* Updated tags for template CVE-2018-1000130.yaml

* Updated tags for template CVE-2008-6668.yaml

* Updated tags for template CVE-2017-7269.yaml

* Updated tags for template CVE-2017-1000170.yaml

* Updated tags for template CVE-2017-16877.yaml

* Updated tags for template CVE-2017-1000486.yaml

* Updated tags for template CVE-2017-9822.yaml

* Updated tags for template CVE-2017-0929.yaml

* Updated tags for template CVE-2017-7921.yaml

* Updated tags for template CVE-2017-14535.yaml

* Updated tags for template CVE-2017-5521.yaml

* Updated tags for template CVE-2017-12637.yaml

* Updated tags for template CVE-2017-12635.yaml

* Updated tags for template CVE-2017-11610.yaml

* Updated tags for template CVE-2021-20114.yaml

* Updated tags for template CVE-2021-40856.yaml

* Updated tags for template CVE-2021-21972.yaml

* Updated tags for template CVE-2021-31602.yaml

* Updated tags for template CVE-2021-41773.yaml

* Updated tags for template CVE-2021-37704.yaml

* Updated tags for template CVE-2021-45046.yaml

* Updated tags for template CVE-2021-26084.yaml

* Updated tags for template CVE-2021-27931.yaml

* Updated tags for template CVE-2021-24291.yaml

* Updated tags for template CVE-2021-41648.yaml

* Updated tags for template CVE-2021-37216.yaml

* Updated tags for template CVE-2021-22005.yaml

* Updated tags for template CVE-2021-37573.yaml

* Updated tags for template CVE-2021-31755.yaml

* Updated tags for template CVE-2021-43287.yaml

* Updated tags for template CVE-2021-24274.yaml

* Updated tags for template CVE-2021-33564.yaml

* Updated tags for template CVE-2021-22145.yaml

* Updated tags for template CVE-2021-24237.yaml

* Updated tags for template CVE-2021-44848.yaml

* Updated tags for template CVE-2021-25646.yaml

* Updated tags for template CVE-2021-21816.yaml

* Updated tags for template CVE-2021-41649.yaml

* Updated tags for template CVE-2021-41291.yaml

* Updated tags for template CVE-2021-41293.yaml

* Updated tags for template CVE-2021-21801.yaml

* Updated tags for template CVE-2021-29156.yaml

* Updated tags for template CVE-2021-34370.yaml

* Updated tags for template CVE-2021-27132.yaml

* Updated tags for template CVE-2021-28151.yaml

* Updated tags for template CVE-2021-26812.yaml

* Updated tags for template CVE-2021-21985.yaml

* Updated tags for template CVE-2021-43778.yaml

* Updated tags for template CVE-2021-25281.yaml

* Updated tags for template CVE-2021-40539.yaml

* Updated tags for template CVE-2021-36749.yaml

* Updated tags for template CVE-2021-21234.yaml

* Updated tags for template CVE-2021-33221.yaml

* Updated tags for template CVE-2021-42013.yaml

* Updated tags for template CVE-2021-33807.yaml

* Updated tags for template CVE-2021-44228.yaml

* Updated tags for template CVE-2012-0896.yaml

* Updated tags for template CVE-2012-0991.yaml

* Updated tags for template CVE-2012-0392.yaml

* Updated tags for template CVE-2012-4940.yaml

* Updated tags for template CVE-2012-1226.yaml

* Updated tags for template CVE-2012-4878.yaml

* Updated tags for template CVE-2010-1304.yaml

* Updated tags for template CVE-2010-1217.yaml

* Updated tags for template CVE-2010-0759.yaml

* Updated tags for template CVE-2010-2307.yaml

* Updated tags for template CVE-2010-4231.yaml

* Updated tags for template CVE-2010-2861.yaml

* Updated tags for template CVE-2010-4282.yaml

* Updated tags for template CVE-2010-1302.yaml

* Updated tags for template CVE-2010-1461.yaml

* Updated tags for template CVE-2020-4463.yaml

* Updated tags for template CVE-2020-1943.yaml

* Updated tags for template CVE-2020-36289.yaml

* Updated tags for template CVE-2020-17518.yaml

* Updated tags for template CVE-2020-12800.yaml

* Updated tags for template CVE-2020-10770.yaml

* Updated tags for template CVE-2020-17506.yaml

* Updated tags for template CVE-2020-11547.yaml

* Updated tags for template CVE-2020-11034.yaml

* Updated tags for template CVE-2020-24589.yaml

* Updated tags for template CVE-2020-9054.yaml

* Updated tags for template CVE-2020-28976.yaml

* Updated tags for template CVE-2020-16952.yaml

* Updated tags for template CVE-2020-24312.yaml

* Updated tags for template CVE-2020-8512.yaml

* Updated tags for template CVE-2020-14179.yaml

* Updated tags for template CVE-2020-6308.yaml

* Updated tags for template CVE-2020-35846.yaml

* Updated tags for template CVE-2020-7318.yaml

* Updated tags for template CVE-2020-2140.yaml

* Updated tags for template CVE-2020-5410.yaml

* Updated tags for template CVE-2020-5777.yaml

* Updated tags for template CVE-2020-13700.yaml

* Updated tags for template CVE-2020-5775.yaml

* Updated tags for template CVE-2020-13167.yaml

* Updated tags for template CVE-2020-35848.yaml

* Updated tags for template CVE-2020-9484.yaml

* Updated tags for template CVE-2020-15505.yaml

* Updated tags for template CVE-2020-9047.yaml

* Updated tags for template CVE-2020-17519.yaml

* Updated tags for template CVE-2020-17505.yaml

* Updated tags for template CVE-2020-9376.yaml

* Updated tags for template CVE-2020-8497.yaml

* Updated tags for template CVE-2020-14092.yaml

* Updated tags for template CVE-2020-10148.yaml

* Updated tags for template CVE-2020-35847.yaml

* Updated tags for template CVE-2020-12116.yaml

* Updated tags for template CVE-2020-11930.yaml

* Updated tags for template CVE-2020-24186.yaml

* Updated tags for template CVE-2020-9496.yaml

* Updated tags for template CVE-2020-35489.yaml

* Updated tags for template CVE-2020-26413.yaml

* Updated tags for template CVE-2020-2096.yaml

* misc updates

* misc update

* more updates

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-05 01:04:16 +05:30
Ice3man543 e9f728c321 Added cve annotations + severity adjustments 2021-09-10 16:56:40 +05:30
Prince Chaddha 8361cbe8c3
Update CVE-2021-21234.yaml 2021-08-24 15:19:47 +05:30
Prince Chaddha bdd2f700be
Update CVE-2021-21234.yaml 2021-08-24 14:16:14 +05:30
PikPikcU 63e208e3d7
Update CVE-2021-21234.yaml 2021-08-24 14:47:25 +07:00
sandeep 6ccc5f8792 matcher update to handle edge cases 2021-07-25 03:05:55 +05:30
Prince Chaddha 2d40d90715
Update CVE-2021-21234.yaml 2021-06-25 12:53:22 +05:30
GwanYeong Kim cc0dd04ac2 Create CVE-2021-21234.yaml
spring-boot-actuator-logview in a library that adds a simple logfile viewer as spring boot actuator endpoint. It is maven package "eu.hinsch:spring-boot-actuator-logview". In spring-boot-actuator-logview before version 0.2.13 there is a directory traversal vulnerability. The nature of this library is to expose a log file directory via admin (spring boot actuator) HTTP endpoints. Both the filename to view and a base folder (relative to the logging folder root) can be specified via request parameters. While the filename parameter was checked to prevent directory traversal exploits (so that `filename=../somefile` would not work), the base folder parameter was not sufficiently checked, so that `filename=somefile&base=../` could access a file outside the logging base directory). The vulnerability has been patched in release 0.2.13. Any users of 0.2.12 should be able to update without any issues as there are no other changes in that release. There is no workaround to fix the vulnerability other than updating or removing the dependency. However, removing read access of the user the application is run with to any directory not required for running the application can limit the impact. Additionally, access to the logview endpoint can be limited by deploying the application behind a reverse proxy.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-06-24 14:36:45 +09:00