Houziaux Mike
3564e64027
[Add] - Zimbra unauthenticated LFI ( #3571 )
...
* add zimbra lfi
* template updates
- CVE update
- Matchers update
- Additional LFI payload + matchers
* Update CVE-2013-7091.yaml
* Revert "Update CVE-2013-7091.yaml"
This reverts commit fdffa3944f29754d8971a2697754011d29677c42.
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: Prince Chaddha <cyberbossprince@gmail.com>
2022-01-21 13:02:08 +05:30
Onurhan Erdoğdu
599381c30b
jboss-default-login.yaml ( #1828 )
...
* jboss-default-login.yaml
* Update jboss-default-login.yaml
* misc updates
Co-authored-by: onurhan <onurhan.erdogdu@ict.btk.gov.tr>
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-21 00:08:35 +05:30
David McKennirey
5c99a65e8e
Add versa-default-login template ( #1324 )
...
* Add versa-default-login template
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-20 23:46:51 +05:30
Leovalcante
bac26e1669
Create check for cve-2020-24391 mongo-express RCE ( #3566 )
...
* Create check for cve-2020-24391 mongo-express RCE
* random file to write + matcher updates + extractor
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-20 14:55:01 +05:30
Sandeep Singh
1b0c7f1b7f
CVE-2021-22205 update ( #3568 )
...
*moved cves/2021/CVE-2021-22205.yaml to vulnerabilities/gitlab/gitlab-rce.yaml
*template extension update + added missing severity + misc updates
2022-01-20 14:25:57 +05:30
Greg Johnson
e0a2d35a8d
add passive fingerprinting template for CVE-2021-22205 ( #3565 )
...
Co-authored-by: Greg Johnson (codeEmitter) <gjohnson@gitlab.com>
2022-01-20 14:12:37 +05:30
Dhiyaneshwaran
0be16119ee
Go-Phish and Workflow ( #3564 )
...
* Create gophish-login.yaml
* Create gophish-workflow.yaml
* Update gophish-workflow.yaml
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
2022-01-19 23:52:42 +05:30
sandeep
1d7257d4d9
minor cleanups and matcher update
2022-01-19 23:20:03 +05:30
Paul Werther
5d171e544f
add gophish default credential template ( #1532 )
2022-01-19 23:16:22 +05:30
Sandeep Singh
fafd43e090
Added Misconfigured Concrete5 ( #3563 )
2022-01-19 16:28:00 +05:30
Sandeep Singh
05d78b896e
updated tags
2022-01-19 15:45:06 +05:30
sandeep
d3decfb055
concrete5 workflow fix
2022-01-19 15:35:08 +05:30
sandeep
3f6808a9ee
case-insensitive matcher
2022-01-19 15:34:53 +05:30
sandeep
03f8d4641a
using unique matcher
2022-01-19 15:34:25 +05:30
Prince Chaddha
e67530199b
Merge pull request #3562 from projectdiscovery/concrete5
...
Create concrete5-install.yaml
2022-01-19 14:04:11 +05:30
Prince Chaddha
112bb2ccda
Update concrete5-panel.yaml
2022-01-19 14:00:34 +05:30
Prince Chaddha
cbdfde0a38
Update concrete5-install.yaml
2022-01-19 13:49:13 +05:30
sandeep
f6e3df8b33
CVE-2020-13483 Update
2022-01-19 13:44:01 +05:30
Prince Chaddha
5b49c7ee6f
Update and rename exposed-panels/concrete5-panel.yaml to exposed-panels/concrete5/concrete5-panel.yaml
2022-01-19 13:39:50 +05:30
Prince Chaddha
1c4372d846
Create concrete5-install.yaml
2022-01-19 13:38:59 +05:30
pussycat0x
650a38ffde
Qualcomm 4G LTE WiFi VoIP-Router ( #3555 )
...
* Add files via upload
* Auto Generated CVE annotations [Mon Jan 17 16:05:35 UTC 2022] 🤖
* Update CVE-2021-44528.yaml
* Update CVE-2021-45232.yaml
* Add files via upload
* removing duplicate template
* moving template around
* template fix
Co-authored-by: GitHub Action <action@github.com>
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-19 13:33:34 +05:30
Dhiyaneshwaran
0e8b34f776
New Templates & Workflow ( #3556 )
...
* Create secure-login-panel.yaml
* Create geo-webserver.yaml
* Create hp-virtual-connect-manager.yaml
* Create microsoft-azure-error.yaml
* Create microsoft-iis-8.yaml
* Create veeam-backup-azure-panel.yaml
* Create user-control-panel.yaml
* Create kafka-consumer-monitor.yaml
* Update kafka-consumer-monitor.yaml
* Create kafka-connect-ui-exposure.yaml
* misc updates
* duplicate template
existing one - `exposed-panels/kafka-connect-ui.yaml`
* Create kafka-cruise-control.yaml
* Create kafka-center-default-login.yaml
* Create kafka-center-login.yaml
* minor update
* Create azure-kubernetes-service.yaml
* Update azure-kubernetes-service.yaml
* Update azure-kubernetes-service.yaml
* Create barracuda-panel.yaml
* Update barracuda-panel.yaml
* Update barracuda-panel.yaml
* Create CVE-2021-24891.yaml
* template meta info update
* Delete CVE-2021-24891.yaml
* Create caddy-open-redirect.yaml
* Create concrete5-panel.yaml
* Create concrete-workflow.yaml
* updated matcher to avoid false negative results
* misc updates
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-19 13:21:15 +05:30
Adam Crosser
4000a96d3b
Updated Axis Camera Template ( #3557 )
...
* Updated Axis Camera Template
* Added missing AND condition
* syntax fix
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-19 12:49:00 +05:30
Adam Crosser
dbdc25b148
Terraform Enterprise ( #3559 )
...
* Added Terraform Enterprise Detection Template
* Updated Author
* Added title extractor
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-19 12:46:43 +05:30
Adam Crosser
053d02b80b
Code42 Panel Detection ( #3560 )
...
* Added Terraform Enterprise Detection Template
* Updated Author
* Added Code42 Panel Detection
* Removed Terraform Enterprise Template
* Update code42-panel.yaml
Co-authored-by: Sandeep Singh <sandeep@projectdiscovery.io>
2022-01-19 12:29:11 +05:30
GitHub Action
3cd869ca44
Auto README Update [Tue Jan 18 11:10:29 UTC 2022] 🤖
2022-01-18 11:10:29 +00:00
GitHub Action
bb6791b7ab
Auto Generated Templates Stats [Tue Jan 18 11:10:04 UTC 2022] 🤖
2022-01-18 11:10:04 +00:00
forgedhallpass
da68c83220
Credentials disclosure refactor ( #3552 )
...
* misc updates
* fixed linter error: unnecessary escape of single quotes
* minor simplification of the last capture group
* replaced (=| =|:| :)(( \"|\")|( '|')) with \\s*[=:]\\s*[\"'] because it's more readable and also more permissive with white space characters
* changed the [a-z0-9-_] with [\w-] for readability
* removed the unnecessary capture group
Co-authored-by: Emad Youssef <48482029+Sy3Omda@users.noreply.github.com>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-18 16:25:55 +05:30
Daniel
aa451b254b
Update pulse-secure-panel ( #3536 )
...
* Update pulse-secure-panel
Add version info retrieval.
* separated version detection
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-18 13:44:57 +05:30
Roberto Nunes
f8013457b6
Create CVE-2020-23575.yaml ( #3547 )
...
* Create CVE-2020-23575.yaml
* Update and rename CVE-2020-23575.yaml to cves/2020/CVE-2020-23575.yaml
* minor update
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-18 13:12:16 +05:30
Roberto Nunes
2cadf76241
Create CVE-2021-32618.yaml ( #3546 )
...
* Create CVE-2021-32618.yaml
* Update and rename CVE-2021-32618.yaml to cves/2021/CVE-2021-32618.yaml
* matcher update
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-18 12:51:00 +05:30
Pathtaga
a39245bf40
Added drupal login template ( #3471 )
...
* Added drupal login template
* moved drupal detection to separate template
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-18 12:35:19 +05:30
johnk3r
362c381732
Create fortimail-panel.yaml ( #3549 )
...
* Create fortimail-panel.yaml
* misc updates
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-18 11:01:45 +05:30
GitHub Action
2c250d66c7
Auto Generated CVE annotations [Tue Jan 18 05:22:01 UTC 2022] 🤖
2022-01-18 05:22:01 +00:00
Dwi Siswanto
b8dabfbcbb
Add CVE-2021-20038 ( #3542 )
...
* Add CVE-2021-20038
* misc: Update author
2022-01-18 10:50:14 +05:30
sandeep
7c30910d69
Added missing request
2022-01-18 10:46:50 +05:30
sandeep
2b7304c427
Added version extractor
2022-01-18 09:50:34 +05:30
Antoine Neuenschwander
6479afc4f1
Enable redirects ( #3545 )
2022-01-17 11:38:12 +05:30
Mzack9999
f6ef818e44
Adding contributors.json from gh commit logs ( #3540 )
2022-01-16 22:21:22 +05:30
GitHub Action
8244d08f57
Auto Generated CVE annotations [Sun Jan 16 16:40:51 UTC 2022] 🤖
2022-01-16 16:40:51 +00:00
Sandeep Singh
f6377b09ec
Added Apache APISIX's Admin API Default Access Token (RCE) ( #3544 )
2022-01-16 22:08:55 +05:30
Patrick
1086ca1a30
added template for CVE-2021-42551 ( #3541 )
...
* added template for CVE-2021-42551
* Update CVE-2021-42551.yaml
* Update CVE-2021-42551.yaml
* unbricked CVE-2021-42551
* additional page specific matcher
Co-authored-by: Patrick <patrick.schmid@redguard.ch>
Co-authored-by: Prince Chaddha <prince@projectdiscovery.io>
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-16 19:01:29 +05:30
GitHub Action
a3c13932b8
Auto README Update [Sun Jan 16 12:26:57 UTC 2022] 🤖
2022-01-16 12:26:57 +00:00
GitHub Action
1722e435f4
Auto Generated Templates Stats [Sun Jan 16 12:26:36 UTC 2022] 🤖
2022-01-16 12:26:36 +00:00
Sandeep Singh
6f84c96e5b
Add cloud metadata checks for reverse proxies ( #3528 )
...
* Add cloud metadata checks (proxied) for:
- Amazon AWS
- Alibaba Cloud
- Microsoft Azure
- DigitalOcean
- Hetzner Cloud
- OpenStack
- Oracle Cloud
* fixup! Add cloud metadata checks (proxied) for: - Amazon AWS - Alibaba Cloud - Microsoft Azure - DigitalOcean - Hetzner Cloud - OpenStack - Oracle Cloud
* Fix URL
* Remove unnecessary Flavor header
* Add cgi as a file type
* syntax fix
* syntax update
* moving files around
* tags update
* matchers update
* * Added CVSS scores
* Updated metadata tests to latest versions
* Added generic proxy tests
* * Update to latest versions
* Remove empty lines to pass lint
* removing sniper to use default attacktype
* minor syntax fix
* minor updates
Co-authored-by: sullo <sullo@ziggy.local>
Co-authored-by: sullo <sullo@cirt.net>
2022-01-16 17:55:28 +05:30
Sandeep Singh
02c01d30da
Added MeterSphere Plugin Pre-auth RCE ( #3543 )
2022-01-16 03:06:09 +05:30
gy741
e5958c1364
Update tags ( #3538 )
2022-01-16 02:08:21 +05:30
GitHub Action
93337032a0
Auto Generated CVE annotations [Sat Jan 15 20:36:52 UTC 2022] 🤖
2022-01-15 20:36:52 +00:00
PikPikcU
7e0a3acf44
Create dreambox-xss ( #3535 )
...
* Create dreambox-xss.yaml
* Create dreambox-detect.yaml
* misc updates
Co-authored-by: sandeep <sandeep@projectdiscovery.io>
2022-01-16 02:05:33 +05:30
GitHub Action
ca79e7a81f
Auto Generated CVE annotations [Sat Jan 15 20:28:18 UTC 2022] 🤖
2022-01-15 20:28:18 +00:00