a3699d912a
Create CVE-2020-25506.yaml
...
The exploit targets a command injection vulnerability in a system_mgr.cgi component. The component does not successfully sanitize the value of the HTTP parameters f_ntp_server, which in turn leads to arbitrary command execution.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-15 14:28:14 +09:00
67ae44be04
Create CVE-2020-26919.yaml
...
it was found that every section of the web could be used as a valid endpoint to submit POST requests being the action defined by the submitId argument. The problem was located in the login.html webpage, that has to be publicly available to perform login requests but does not implement any restriction for executing debug actions. This will allow users execute system commands.
Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-07-15 10:54:56 +09:00
89e1a8da93
Merge pull request #1962 from dwisiswant0/hotfix/CVE-2020-24148
2021-07-13 05:01:01 +05:30
a91516cbb5
Misplaced of CVE-2020-24148
2021-07-13 05:24:03 +07:00
7f0f8beff2
Update CVE-2020-29395.yaml
2021-07-11 10:14:56 +05:30
da45bdf0ef
Create CVE-2020-29395.yaml
2021-07-11 07:58:31 +07:00
8938010a7a
Add CVE-2020-6207.yaml
2021-07-05 20:36:55 +03:00
52e0c861a1
Merge pull request #1733 from milo2012/master
...
Added CVE-2018-1000130/ CVE-2018-2628/ CVE-2018-2628/ CVE-2019-3401/ CVE-2020-1938/ oracle-bi-default-login/ jolokia-heap-disclosure
2021-07-02 18:27:45 +05:30
e2a0f93f79
misc updates
2021-07-02 18:24:31 +05:30
96fc7bb341
more strict matchers
2021-06-30 03:26:01 +05:30
d1e4b5c510
minor updates
2021-06-25 10:51:00 +05:30
19d80d9d0a
Create CVE-2020-3580.yaml
2021-06-24 15:34:19 +00:00
3844df9fc8
misc changes
2021-06-21 18:09:16 +05:30
592b2e7222
Update CVE-2020-1938.yaml
2021-06-21 14:28:51 +05:30
cb4d12cc8c
Moved to cves/2018
2021-06-21 14:20:20 +05:30
8b43919211
Update CVE-2020-11930.yaml
2021-06-21 14:15:45 +05:30
216b484aec
Update CVE-2020-11930.yaml
2021-06-21 14:15:09 +05:30
ebc202adcb
Create CVE-2020-11930.yaml
2021-06-21 14:11:20 +05:30
55b89115aa
add CVE-2018-2628 - Oracle WebLogic Server Deserialization RCE
2021-06-21 06:24:33 +08:00
c7a11cd1b1
Added CVE-2020-11110
2021-06-20 20:00:19 +05:30
e8e5dd5c83
add CVE-2020-1938.yaml - Ghostcat - Apache Tomcat AJP File Read/Inclusion Vulnerability
2021-06-19 21:59:42 +08:00
55c1984a52
Template Moved to cves
2021-06-19 01:58:02 +05:30
d25869d764
Update CVE-2020-36289.yaml
2021-06-14 11:50:25 -04:00
5c80980915
Added CVE-2020-36289
2021-06-09 21:13:52 +05:30
83ce809e8d
Updated author names
2021-06-09 17:50:56 +05:30
14fa085d1b
more improvements
2021-06-05 12:15:32 +05:30
55c0e1b103
Improved matchers for CVE-2020-6287
2021-06-05 10:29:59 +05:30
c0103e0b8a
Merge pull request #1608 from Mad-robot/master
...
Create CVE-2020-6308.yaml
2021-06-05 00:04:56 +05:30
83d359f6cf
updating tags
2021-06-05 00:02:33 +05:30
11cb8b3106
Update CVE-2020-6308.yaml
2021-06-05 00:00:50 +05:30
0e3ed049ae
misc changes
2021-06-03 23:00:47 +05:30
bdc803fd4b
Added CVE-2020-13927
2021-06-03 14:23:34 +05:30
4a0e83037d
Update CVE-2020-11978.yaml
2021-06-03 13:58:41 +05:30
6652b2ddb6
Added CVE-2020-11978
2021-06-03 13:57:09 +05:30
e3f42066bf
Spelling
2021-06-02 09:39:35 +03:00
f28fdf610b
Create CVE-2020-6308.yaml
2021-06-02 11:39:27 +05:30
01995c82ab
misc changes
2021-05-28 09:26:30 +05:30
830a187e0d
Update CVE-2020-35736.yaml
2021-05-27 15:02:32 +00:00
ddf6bcb7ca
Update CVE-2020-35736.yaml
2021-05-27 14:51:03 +00:00
f981074e3f
Update CVE-2020-35736.yaml
2021-05-27 13:03:59 +00:00
b7d8536a01
Create CVE-2020-35736.yaml
2021-05-27 12:56:22 +00:00
633b9c39ee
Update CVE-2020-19625.yaml
2021-05-26 16:39:57 +05:30
cad836d34e
Added CVE-2020-15227
2021-05-22 17:22:45 +05:30
a320fd7720
Merge pull request #1494 from Techbrunch/magento-stuff
...
Security Checks for Magento - Templates and workflow
2021-05-20 20:04:25 +05:30
74449f98ed
Removing additional requests
2021-05-19 06:50:49 +05:30
0c6a3051e8
Create CVE-2020-36112.yaml
2021-05-18 22:56:54 +00:00
776776621a
Added a few Magento related templates
2021-05-18 15:53:10 +02:00
ce200510a6
changed for testing locally, reverting it back
2021-05-17 21:45:53 +05:30
fa73765221
regex update
2021-05-17 21:42:41 +05:30
ae6b2b42bf
Shorter check
2021-05-16 16:12:59 +03:00
6df4482c23
Make description more managable
2021-05-16 15:46:17 +03:00
f659e820b7
Much better description and references
2021-05-16 15:44:54 +03:00
fdec804118
Template fix
2021-05-15 19:25:57 +05:30
d63b9e1cb8
Adding missing tags
2021-05-13 00:54:59 +05:30
20eae78810
improved matcher
2021-05-12 00:32:16 +05:30
ce680a546c
Improved matcher
2021-05-12 00:25:14 +05:30
682b9fbbc3
Adding status matcher
2021-05-11 02:48:45 +05:30
bfddeccb31
path update
2021-05-11 02:42:34 +05:30
c0f5cf03ab
tags update
2021-05-09 20:41:52 +05:30
5fca66c2a5
Added CVE-2020-9490
2021-05-07 19:24:44 +05:30
a14c1ce233
Added strict matcher
2021-05-05 17:26:14 +05:30
931f8833bf
removing weak matcher
2021-05-05 17:13:51 +05:30
1d2a7b370f
Adding strict matcher
2021-05-05 17:04:46 +05:30
c2c381787f
updating condition
2021-05-05 16:58:40 +05:30
68a9a5f954
Merge pull request #1302 from projectdiscovery/CVE-2020-7247
...
Adding CVE-2020-7247 🔥 🔥
2021-05-05 00:02:23 +05:30
f838747ec1
Merge pull request #1393 from DhiyaneshGeek/master
...
ZyXEL NAS RCE,Oracle iPlanet Improper Authorization,NetScalar AAA Login Panel,ShareCenter Login Page
2021-05-02 17:18:15 +05:30
534fcc8964
Update CVE-2020-9315.yaml
2021-05-02 17:14:03 +05:30
837ca10f23
minor updates
2021-05-02 17:07:30 +05:30
e76d10a3c7
Make reference visible
2021-05-02 08:51:18 +03:00
3ec1a82d82
Create CVE-2020-9315.yaml
2021-05-01 16:38:36 +05:30
3012822716
Create CVE-2020-9054.yaml
2021-05-01 16:15:03 +05:30
bfc959a5a6
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-04-30 20:11:38 +03:00
dad40cadfc
Temporarily moving to branch
2021-04-30 21:45:18 +05:30
1f2b2d05c1
False positive in the matcher, the content of the file has: "= 5.3.1 =" in it, not just a number on its own in addition, it has "1. ... something" in it causing FP
2021-04-27 16:09:27 +03:00
8b7fbeb786
Added hostname
2021-04-25 13:02:41 +05:30
5af8fe5e34
Moving into draft for better matching
2021-04-23 12:45:49 +05:30
0e2a270a11
minor update
2021-04-21 22:08:46 +05:30
5b598fb291
Add files via upload
2021-04-21 21:05:47 +05:30
3a8edbffe6
I think the 'words' were placed in the wrong place
2021-04-19 09:32:33 +03:00
af3905d2db
Update CVE-2020-7247.yaml
2021-04-18 20:18:32 +05:30
dad0d1b3a4
Adding CVE-2020-7247
2021-04-18 20:15:41 +05:30
8652ce2262
minor update
2021-04-17 21:24:29 +05:30
d4e78af66b
Update CVE-2020-19625.yaml
2021-04-15 23:37:47 +05:30
3ebf76685a
Create CVE-2020-19625.yaml
2021-04-15 13:16:11 +00:00
3eea755de1
Adding status matcher
2021-04-14 01:37:04 +05:30
eed5fb11da
Add CVE-2020-35846
2021-04-14 02:45:06 +07:00
8ab8a1d53e
Add CVE-2020-35848
2021-04-14 02:30:08 +07:00
65a7eae942
Add CVE-2020-35847
2021-04-14 02:19:41 +07:00
b05c8f402b
Added CVE-2020-15500
2021-04-11 16:12:21 +05:30
2d3051aea1
Merge pull request #1207 from nrathaus/master
...
Fixed some template issues
2021-04-07 14:27:19 +05:30
7b44702946
Remove duplicated CVE-2020-26073 template
2021-04-06 15:40:01 +02:00
b6b0b3dfda
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
2021-04-06 13:19:07 +03:00
8fdfc64e54
misc tag updates
2021-04-06 12:16:11 +05:30
1790babdd4
Better reference
2021-04-04 12:49:07 +03:00
3f8303a1de
Update CVE-2020-24550.yaml
2021-04-02 14:31:43 +05:30
7111fb4bbe
Create CVE-2020-24550.yaml
2021-04-02 14:11:43 +05:30
15aba2ca14
improved matcher
2021-04-01 14:31:34 +05:30
5df627a909
Update CVE-2020-25078.yaml
2021-04-01 12:53:55 +05:30
052c61ba31
Update CVE-2020-25078.yaml
2021-04-01 03:49:46 +00:00
3735db2221
Create CVE-2020-25078.yaml
2021-04-01 03:35:06 +00:00
GwanYeong Kim
Sandeep Singh
Dwi Siswanto
Prince Chaddha
Muhammad Daffa
Ivanov Vladimir
sandeep
PikPikcU
Prince Chaddha
Dhiyaneshwaran
Keith
Philippe Delteil
Noam Rathaus
SaN ThosH
Geeknik Labs
Techbrunch
jeyaseelan8
Julian Vilas