Commit Graph

11838 Commits (2d53221aea53a1f26331daaf1418622a74ae3d38)

Author SHA1 Message Date
GwanYeong Kim 9435362025 Create CVE-2014-3206.yaml
Seagate BlackArmor NAS allows remote attackers to execute arbitrary code via the session parameter to localhost/backupmgt/localJob.php or the auth_name parameter to localhost/backupmgmt/pre_connect_check.php.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-01-10 21:44:45 +09:00
Prince Chaddha d9c02e215a
Merge pull request #3511 from projectdiscovery/princechaddha-patch-2
Create gocron-panel.yaml
2022-01-10 12:19:07 +05:30
Prince Chaddha 7eae1cd081
Update gocron-panel.yaml 2022-01-10 12:17:09 +05:30
Prince Chaddha d6797e37bf
Merge pull request #3507 from gy741/rule-add-v82
Create epson-projector-detect.yaml
2022-01-10 12:14:03 +05:30
Prince Chaddha a2d39ddcad
Create gocron-panel.yaml 2022-01-10 12:13:36 +05:30
Prince Chaddha c47cbc71af
Merge pull request #3508 from gy741/rule-add-v83
Create xerox-efi-lfi.yaml
2022-01-10 12:11:06 +05:30
Prince Chaddha 9370dc17c3
Update epson-projector-detect.yaml 2022-01-10 12:10:57 +05:30
Prince Chaddha 33d009da24
Update xerox-efi-lfi.yaml 2022-01-10 12:07:06 +05:30
GwanYeong Kim 9befbf0654 Create xerox-efi-lfi.yaml
Input passed thru the 'file' GET parameter in 'forceSave.php' script is not properly sanitized before being used to read files. This can be exploited by an unauthenticated attacker to read arbitrary files on the affected system.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-01-09 15:39:39 +09:00
GwanYeong Kim 5e6bdee4c6 Create epson-projector-detect.yaml
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2022-01-09 13:06:39 +09:00
Muhammad Daffa f900b002b9
Update default-openresty.yaml (#3506) 2022-01-08 20:24:26 +05:30
Muhammad Daffa 068d576d22
Update CVE-2020-8641.yaml (#3505) 2022-01-08 20:23:53 +05:30
Dominique RIGHETTO 91ea210cb6
Add H2 console template (#3504)
* Auto Generated CVE annotations [Sat Jan  8 10:22:47 UTC 2022] 🤖

* Add tpl

Co-authored-by: GitHub Action <action@github.com>
2022-01-08 20:06:08 +05:30
Dominique RIGHETTO bec3a8713d
Add detection for Manage Engine Key Manager Plus (#3503)
* Add KPM tpl

* Added optional favicon based detection

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-08 17:48:57 +05:30
Roberto Nunes 484d77de7c
Create CVE-2021-39501.yaml (#3501)
* Create CVE-2021-39501.yaml

* moving template to cves directory

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-08 17:00:19 +05:30
Roberto Nunes 691688fb66
Create CVE-2020-23015.yaml (#3502)
* Create CVE-2020-23015.yaml

* moving template to cves directory

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-08 16:52:50 +05:30
GitHub Action 451313a0af Auto Generated CVE annotations [Sat Jan 8 10:57:43 UTC 2022] 🤖 2022-01-08 10:57:43 +00:00
sandeep 5a3fdf5253 ruijie workflow fix 2022-01-08 16:25:47 +05:30
Sandeep Singh 8288961342
Added Metersphere Detection (#3499) 2022-01-08 00:48:35 +05:30
Sandeep Singh 5c8ccbd1e5
Added CGI script environment variable (#3498) 2022-01-07 14:02:29 +05:30
Sandeep Singh 491d46335f
Added more DNS Figerprinting templates (#3492)
* Added more DNS Figerprinting templates

* lint fixes
2022-01-07 13:32:20 +05:30
JAS-37 0c7d13d152
add CVE-2021-31862 template (#3491)
* add CVE-2021-31862 template

* updated matchers

* Added SysAid panel + workflow

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-07 13:28:38 +05:30
Sandeep Singh 844c3b4a02
Network template updates & fixes (#3497)
* Fixed template syntax

* network template update and fixes
2022-01-07 12:58:37 +05:30
sandeep 43f1a6fc4f removing temporarily 2022-01-06 22:20:44 +05:30
Sandeep Singh 365e9003b1
Template ID's update (#3490) 2022-01-06 17:21:21 +05:30
GitHub Action f00bbde0a1 Auto README Update [Thu Jan 6 11:11:04 UTC 2022] 🤖 2022-01-06 11:11:04 +00:00
GitHub Action b92988f345 Auto Generated Templates Stats [Thu Jan 6 11:10:38 UTC 2022] 🤖 2022-01-06 11:10:38 +00:00
sandeep fc9f3728cd minor workflow update 2022-01-06 16:19:35 +05:30
sandeep 02c17cf8b2 template fix 2022-01-06 15:46:11 +05:30
sandeep 945b4b1456 name update 2022-01-06 15:36:28 +05:30
Prince Chaddha 65703f0cc6
Merge pull request #3469 from ImNightmaree/patch-1
Update CVE-2017-11610.yaml
2022-01-06 14:00:23 +05:30
Prince Chaddha 2fa0619b65
Update CVE-2017-11610.yaml 2022-01-06 13:54:40 +05:30
GitHub Action fbb9f36310 Auto Generated CVE annotations [Thu Jan 6 08:06:01 UTC 2022] 🤖 2022-01-06 08:06:01 +00:00
Prince Chaddha e144116352
Merge pull request #3485 from projectdiscovery/CVE-2016-4977
Create CVE-2016-4977.yaml
2022-01-06 13:34:23 +05:30
Aaron Chen d0f71c6d1b
Update CVE-2021-31589.yaml (#3489) 2022-01-06 12:05:23 +05:30
Dhiyaneshwaran 9187c6b062
Barracuda SSL VPN: Log In (#3487)
* Create secure-login-panel.yaml

* Create geo-webserver.yaml

* Create hp-virtual-connect-manager.yaml

* Create microsoft-azure-error.yaml

* Create microsoft-iis-8.yaml

* Create veeam-backup-azure-panel.yaml

* Create user-control-panel.yaml

* Create kafka-consumer-monitor.yaml

* Update kafka-consumer-monitor.yaml

* Create kafka-connect-ui-exposure.yaml

* misc updates

* duplicate template

existing one - `exposed-panels/kafka-connect-ui.yaml`

* Create kafka-cruise-control.yaml

* Create kafka-center-default-login.yaml

* Create kafka-center-login.yaml

* minor update

* Create azure-kubernetes-service.yaml

* Update azure-kubernetes-service.yaml

* Update azure-kubernetes-service.yaml

* Create barracuda-panel.yaml

* Update barracuda-panel.yaml

* Update barracuda-panel.yaml

Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-06 12:02:40 +05:30
ImNightmaree c5723bdf55
Renames vulnerabilities/other/WooYun2015-148227 (#3488)
Swaps capitalization to all lowercase, as Linux filesystems don't handle capitalization well which may result in this file being skipped.
2022-01-06 12:00:31 +05:30
Ahmed Aboul-Ela f279bd78d1
Add CVE-2021-31589 (#3486)
* Add CVE-2021-31589

Committer: Ahmed Aboul-Ela <ahmed.aboul3la@gmail.com>

* lint fixes

* updated matchers

* Added metadata

* Added Bomgar Login Panel detection

* Added Bomgar workflow

* Added favicon detection

Co-authored-by: Ahmed Aboul-Ela <ahmed@secgeek.local>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-05 18:39:53 +05:30
Prince Chaddha 7be7e8392a
Create CVE-2016-4977.yaml 2022-01-05 14:07:28 +05:30
Prince Chaddha 62de161e54
Merge pull request #3467 from pikpikcu/patch-313
Create CNVD-2021-49104
2022-01-05 13:12:43 +05:30
Prince Chaddha 6180084886
Merge pull request #3473 from projectdiscovery/cnvd-dirs
Update and rename cnvd/CNVD-2019-01348.yaml to cnvd/2019/CNVD-2019-01…
2022-01-05 13:12:12 +05:30
sandeep f73f345362 Merge branch 'master' into cnvd-dirs 2022-01-05 13:09:36 +05:30
Prince Chaddha 031b16b633
Merge pull request #3476 from projectdiscovery/CVE-2015-5531
Create CVE-2015-5531.yaml
2022-01-05 13:08:19 +05:30
GitHub Action 9305549db5 Auto Generated CVE annotations [Wed Jan 5 07:37:34 UTC 2022] 🤖 2022-01-05 07:37:34 +00:00
Prince Chaddha 3cb0c08288
Merge pull request #3474 from projectdiscovery/CVE-2016-10134
Create CVE-2016-10134.yaml
2022-01-05 13:05:50 +05:30
Prince Chaddha a9ef4d2612
Merge pull request #3480 from gy741/rule-add-v81
Create CVE-2021-21881.yaml
2022-01-05 13:01:57 +05:30
Prince Chaddha bf21395cb7
Update CVE-2015-5531.yaml 2022-01-05 13:01:50 +05:30
Prince Chaddha fefd3343eb
Update CVE-2021-21881.yaml 2022-01-05 13:00:40 +05:30
Prince Chaddha 616bea3a88
Update CVE-2021-21881.yaml 2022-01-05 12:59:27 +05:30
Muhammad Daffa 435e38b7ea
Add 3 token-spray templates (#3481)
* Add 27 workflow templates

* fixed Artifactory workflow

* Fixed Jetty workflow

* Fixed Moodle workflow

* Fixed Zabbix workflow

* Fixed DedeCMS workflow

* Fixed OFBiz workflow

* Fixed rConfig workflow

* Tag update for R-SeeNet workflow

* Add 3 token-spray templates

* format fixes

Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
2022-01-05 01:10:09 +05:30