daffainfo
/
nuclei-templates
mirror of https://github.com/daffainfo/nuclei-templates.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
11,838 Commits
17 Branches
0 Tags
165 MiB
Commit Graph

11838 Commits (2d53221aea53a1f26331daaf1418622a74ae3d38)

Author SHA1 Message Date
GwanYeong Kim 2d53221aea Create CVE-2022-23178.yaml 
An issue was discovered on Crestron HD-MD4X2-4K-E 1.0.0.2159 devices. When the administrative web interface of the HDMI switcher is accessed unauthenticated, user credentials are disclosed that are valid to authenticate to the web interface. Specifically, aj.html sends a JSON document with uname and upassword fields.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
 2022-01-23 20:28:25 +09:00
Sandeep Singh 1e88f2ed2e
Merge pull request #3582 from projectdiscovery/CVE-2021-40438-fix 
CVE 2021 40438 fix
 2022-01-22 23:30:57 +05:30
sandeep 2a8d8e1095 more updates 2022-01-22 23:27:52 +05:30
sandeep 6b14c6c6fc CVE-2021-40438 update 2022-01-22 23:18:07 +05:30
Sandeep Singh a5b6ffc05e
Merge pull request #3577 from idealphase/master 
Add strapi-private-documentation-login-portal.yaml
 2022-01-22 14:48:28 +05:30
sandeep 53fc3c0b11 template update 2022-01-22 14:46:40 +05:30
Sandeep Singh 17c28c044e
Merge pull request #3580 from sullo/dashboard 
Data Enhancement: Add remediation to CVE-2001-1473.yaml
 2022-01-22 14:39:17 +05:30
sandeep e84a105f79 lint fix 2022-01-22 14:34:50 +05:30
sullo 0229c3f001 Enhancement: misconfiguration/proxy/open-proxy-portscan.yaml by Chris 2022-01-21 14:06:29 -05:00
sullo 3b7bcda337 Enhancement: cves/2001/CVE-2001-1473.yaml by Chris 2022-01-21 13:58:26 -05:00
sullo 0fcaacfb8c Enhancement: cves/2001/CVE-2001-1473.yaml by Chris 2022-01-21 13:57:17 -05:00
idealphase fa6712b1ff
Add strapi-private-documentation-login-portal.yaml 
Add strapi-private-documentation-login-portal.yaml
 2022-01-21 21:52:57 +07:00
idealphase ad764306cd
Merge branch 'projectdiscovery:master' into master 2022-01-21 21:51:21 +07:00
Sandeep Singh 8a3e575e9f
Added CVE-2012-4547 / CVE-2009-5020 (#3575) 
* Added CVE-2012-4547 / CVE-2009-5020

* Update CVE-2009-5020.yaml
 2022-01-21 16:37:41 +05:30
idealphase f3b08bcddf
Create strapi-documentation.yaml (#3574) 
* Create strapi-documentation.yaml

Create strapi-documentation.yaml

* Update strapi-documentation.yaml

For delete trailing-space
 2022-01-21 16:23:04 +05:30
idealphase cf45b6f636
Update strapi-documentation.yaml 
For delete trailing-space
 2022-01-21 17:16:07 +07:00
idealphase 155188c46b
Create strapi-documentation.yaml 
Create strapi-documentation.yaml
 2022-01-21 16:57:39 +07:00
sandeep 1685477532 tags update 2022-01-21 15:24:20 +05:30
sandeep 7a378c277f file name update 2022-01-21 13:40:31 +05:30
Houziaux Mike 3564e64027
[Add] - Zimbra unauthenticated LFI (#3571) 
* add zimbra lfi

* template updates

- CVE update
- Matchers update
- Additional LFI payload + matchers

* Update CVE-2013-7091.yaml

* Revert "Update CVE-2013-7091.yaml"

This reverts commit fdffa3944f29754d8971a2697754011d29677c42.

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: Prince Chaddha <cyberbossprince@gmail.com>
 2022-01-21 13:02:08 +05:30
Onurhan Erdoğdu 599381c30b
jboss-default-login.yaml (#1828) 
* jboss-default-login.yaml

* Update jboss-default-login.yaml

* misc updates

Co-authored-by: onurhan <onurhan.erdogdu@ict.btk.gov.tr>
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-01-21 00:08:35 +05:30
David McKennirey 5c99a65e8e
Add versa-default-login template (#1324) 
* Add versa-default-login template

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-01-20 23:46:51 +05:30
Leovalcante bac26e1669
Create check for cve-2020-24391 mongo-express RCE (#3566) 
* Create check for cve-2020-24391 mongo-express RCE

* random file to write + matcher updates + extractor

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-01-20 14:55:01 +05:30
Sandeep Singh 1b0c7f1b7f
CVE-2021-22205 update (#3568) 
*moved cves/2021/CVE-2021-22205.yaml to vulnerabilities/gitlab/gitlab-rce.yaml
*template extension update + added missing severity + misc updates
 2022-01-20 14:25:57 +05:30
Greg Johnson e0a2d35a8d
add passive fingerprinting template for CVE-2021-22205 (#3565) 
Co-authored-by: Greg Johnson (codeEmitter) <gjohnson@gitlab.com>
 2022-01-20 14:12:37 +05:30
Dhiyaneshwaran 0be16119ee
Go-Phish and Workflow (#3564) 
* Create gophish-login.yaml

* Create gophish-workflow.yaml

* Update gophish-workflow.yaml

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
 2022-01-19 23:52:42 +05:30
sandeep 1d7257d4d9 minor cleanups and matcher update 2022-01-19 23:20:03 +05:30
Paul Werther 5d171e544f
add gophish default credential template (#1532) 2022-01-19 23:16:22 +05:30
Sandeep Singh fafd43e090
Added Misconfigured Concrete5 (#3563) 2022-01-19 16:28:00 +05:30
Sandeep Singh 05d78b896e
updated tags 2022-01-19 15:45:06 +05:30
sandeep d3decfb055 concrete5 workflow fix 2022-01-19 15:35:08 +05:30
sandeep 3f6808a9ee case-insensitive matcher 2022-01-19 15:34:53 +05:30
sandeep 03f8d4641a using unique matcher 2022-01-19 15:34:25 +05:30
Prince Chaddha e67530199b
Merge pull request #3562 from projectdiscovery/concrete5 
Create concrete5-install.yaml
 2022-01-19 14:04:11 +05:30
Prince Chaddha 112bb2ccda
Update concrete5-panel.yaml 2022-01-19 14:00:34 +05:30
Prince Chaddha cbdfde0a38
Update concrete5-install.yaml 2022-01-19 13:49:13 +05:30
sandeep f6e3df8b33 CVE-2020-13483 Update 2022-01-19 13:44:01 +05:30
Prince Chaddha 5b49c7ee6f
Update and rename exposed-panels/concrete5-panel.yaml to exposed-panels/concrete5/concrete5-panel.yaml 2022-01-19 13:39:50 +05:30
Prince Chaddha 1c4372d846
Create concrete5-install.yaml 2022-01-19 13:38:59 +05:30
pussycat0x 650a38ffde
Qualcomm 4G LTE WiFi VoIP-Router (#3555) 
* Add files via upload

* Auto Generated CVE annotations [Mon Jan 17 16:05:35 UTC 2022] 🤖

* Update CVE-2021-44528.yaml

* Update CVE-2021-45232.yaml

* Add files via upload

* removing duplicate template

* moving template around

* template fix

Co-authored-by: GitHub Action <action@github.com>
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-01-19 13:33:34 +05:30
Dhiyaneshwaran 0e8b34f776
New Templates & Workflow (#3556) 
* Create secure-login-panel.yaml

* Create geo-webserver.yaml

* Create hp-virtual-connect-manager.yaml

* Create microsoft-azure-error.yaml

* Create microsoft-iis-8.yaml

* Create veeam-backup-azure-panel.yaml

* Create user-control-panel.yaml

* Create kafka-consumer-monitor.yaml

* Update kafka-consumer-monitor.yaml

* Create kafka-connect-ui-exposure.yaml

* misc updates

* duplicate template

existing one - `exposed-panels/kafka-connect-ui.yaml`

* Create kafka-cruise-control.yaml

* Create kafka-center-default-login.yaml

* Create kafka-center-login.yaml

* minor update

* Create azure-kubernetes-service.yaml

* Update azure-kubernetes-service.yaml

* Update azure-kubernetes-service.yaml

* Create barracuda-panel.yaml

* Update barracuda-panel.yaml

* Update barracuda-panel.yaml

* Create CVE-2021-24891.yaml

* template meta info update

* Delete CVE-2021-24891.yaml

* Create caddy-open-redirect.yaml

* Create concrete5-panel.yaml

* Create concrete-workflow.yaml

* updated matcher to avoid false negative results

* misc updates

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-01-19 13:21:15 +05:30
Adam Crosser 4000a96d3b
Updated Axis Camera Template (#3557) 
* Updated Axis Camera Template

* Added missing AND condition

* syntax fix

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-01-19 12:49:00 +05:30
Adam Crosser dbdc25b148
Terraform Enterprise (#3559) 
* Added Terraform Enterprise Detection Template

* Updated Author

* Added title extractor

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-01-19 12:46:43 +05:30
Adam Crosser 053d02b80b
Code42 Panel Detection (#3560) 
* Added Terraform Enterprise Detection Template

* Updated Author

* Added Code42 Panel Detection

* Removed Terraform Enterprise Template

* Update code42-panel.yaml

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
 2022-01-19 12:29:11 +05:30
GitHub Action 3cd869ca44 Auto README Update [Tue Jan 18 11:10:29 UTC 2022] 🤖 2022-01-18 11:10:29 +00:00
GitHub Action bb6791b7ab Auto Generated Templates Stats [Tue Jan 18 11:10:04 UTC 2022] 🤖 2022-01-18 11:10:04 +00:00
forgedhallpass da68c83220
Credentials disclosure refactor (#3552) 
* misc updates
* fixed linter error: unnecessary escape of single quotes
* minor simplification of the last capture group
* replaced (=| =|:| :)(( \"|\")|( '|')) with \\s*[=:]\\s*[\"'] because it's more readable and also more permissive with white space characters
* changed the [a-z0-9-_] with [\w-] for readability
* removed the unnecessary capture group

Co-authored-by: Emad Youssef <48482029+Sy3Omda@users.noreply.github.com>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-01-18 16:25:55 +05:30
Daniel aa451b254b
Update pulse-secure-panel (#3536) 
* Update pulse-secure-panel

Add version info retrieval.

* separated version detection

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-01-18 13:44:57 +05:30
Roberto Nunes f8013457b6
Create CVE-2020-23575.yaml (#3547) 
* Create CVE-2020-23575.yaml

* Update and rename CVE-2020-23575.yaml to cves/2020/CVE-2020-23575.yaml

* minor update

Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-01-18 13:12:16 +05:30
Roberto Nunes 2cadf76241
Create CVE-2021-32618.yaml (#3546) 
* Create CVE-2021-32618.yaml

* Update and rename CVE-2021-32618.yaml to cves/2021/CVE-2021-32618.yaml

* matcher update

Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
 2022-01-18 12:51:00 +05:30