Commit Graph

1497 Commits (3672b3ef6ecf0cd328d8767e159c406825a09950)

Author SHA1 Message Date
GitHub Action 2ff27f5a02 Auto Template Signing [Sat Oct 28 07:54:29 UTC 2023] 🤖 2023-10-28 07:54:31 +00:00
GitHub Action f55623ed7a TemplateMan Update [Fri Oct 27 16:34:45 UTC 2023] 🤖 2023-10-27 16:34:46 +00:00
GitHub Action a8dcad9a53 TemplateMan Update [Fri Oct 27 09:35:40 UTC 2023] 🤖 2023-10-27 09:35:41 +00:00
GitHub Action adfd15953b Auto Template Signing [Fri Oct 27 09:34:37 UTC 2023] 🤖 2023-10-27 09:34:38 +00:00
GitHub Action 31b153c336 TemplateMan Update [Fri Oct 27 08:59:57 UTC 2023] 🤖 2023-10-27 08:59:58 +00:00
GitHub Action 3ab1e59b78 Auto Template Signing [Fri Oct 27 06:32:23 UTC 2023] 🤖 2023-10-27 06:32:24 +00:00
GitHub Action 7d8f059375 TemplateMan Update [Thu Oct 26 18:00:24 UTC 2023] 🤖 2023-10-26 18:00:25 +00:00
GitHub Action 4aa2c6e328 Auto Template Signing [Thu Oct 26 17:58:23 UTC 2023] 🤖 2023-10-26 17:58:24 +00:00
Rahul Maini ef437b54ac
Merge branch 'projectdiscovery:main' into main 2023-10-26 21:28:03 +04:00
GitHub Action 3403337a87 TemplateMan Update [Thu Oct 26 12:01:42 UTC 2023] 🤖 2023-10-26 12:01:44 +00:00
pussycat0x e6c8490763
Rename CVE-2023-4582.yaml to CVE-2023-45852.yaml 2023-10-26 15:19:39 +05:30
pussycat0x b4f7f5a6ab Update CVE-2023-4547.yaml 2023-10-26 14:32:33 +05:30
pussycat0x aee1efcca2
CVE-2023-4547 2023-10-26 14:17:12 +05:30
Dhiyaneshwaran 6b25c6998c
updated matcher 2023-10-26 12:34:01 +05:30
Ritik Chaddha 5db082ba5f
Update and rename CVE-2023-43208.yaml to CVE-2023-37679.yaml 2023-10-26 12:12:18 +05:30
GitHub Action 52da49c412 Auto Template Signing [Thu Oct 26 05:41:51 UTC 2023] 🤖 2023-10-26 05:41:53 +00:00
Ritik Chaddha d8b65a0338
Update CVE-2023-43208.yaml 2023-10-25 23:43:45 +05:30
Rahul Maini 833c47ce41
Updated CVE-2023-43208.yaml with XStream RCE Gadget 2023-10-25 22:04:51 +04:00
GitHub Action 7d1a291b4a TemplateMan Update [Wed Oct 25 17:39:14 UTC 2023] 🤖 2023-10-25 17:39:16 +00:00
GitHub Action bc1561c94c TemplateMan Update [Wed Oct 25 17:36:18 UTC 2023] 🤖 2023-10-25 17:36:20 +00:00
Rahul Maini 61ffba5b94 Added NextGen Mirth Connect Remote Code Execution Vulnerability (CVE-2023-43208) 2023-10-25 20:30:54 +04:00
GitHub Action 0aa360bf9a Auto Template Signing [Wed Oct 25 12:20:33 UTC 2023] 🤖 2023-10-25 12:20:34 +00:00
sandeep fc17c5cc2b removed unused named variable 2023-10-25 17:46:48 +05:30
GitHub Action db3abf5beb TemplateMan Update [Wed Oct 25 12:04:43 UTC 2023] 🤖 2023-10-25 12:04:45 +00:00
GitHub Action 070a0897d2 Auto Template Signing [Wed Oct 25 12:03:42 UTC 2023] 🤖 2023-10-25 12:03:43 +00:00
pussycat0x a449a3d346
Merge pull request #8452 from projectdiscovery/CVE-2023-4966
Create CVE-2023-4966.yaml (Citrix Bleed - Leaking Session Tokens)
2023-10-25 17:29:37 +05:30
pussycat0x 36d366551d
minor -update 2023-10-25 17:26:09 +05:30
Dhiyaneshwaran 03c42224a1
query change 2023-10-25 16:28:23 +05:30
Dhiyaneshwaran f9d235d579
fixing typo 2023-10-25 15:57:44 +05:30
Dhiyaneshwaran 0c9631bb2e
fix matcher 2023-10-25 15:39:27 +05:30
rivers 4a9aaa0dd9 Add: CVE-2022-36553 2023-10-25 16:50:46 +08:00
GitHub Action eca00fd866 Auto Template Signing [Wed Oct 25 07:33:43 UTC 2023] 🤖 2023-10-25 07:33:44 +00:00
pussycat0x ed598e1f27
Merge pull request #8431 from iamnoooob/main
Added CVE-2023-4582 Vitogate 300 Unauth RCE
2023-10-25 13:03:43 +05:30
pussycat0x 18fcc55775
Merge pull request #8324 from luisfelipe146/main
Multiple XSS in BestWebSoft Plugins
2023-10-25 13:00:12 +05:30
GitHub Action 2afa549894 Auto Template Signing [Wed Oct 25 07:11:32 UTC 2023] 🤖 2023-10-25 07:11:33 +00:00
Dhiyaneshwaran e896e25912 lint fix 2023-10-25 12:35:03 +05:30
pussycat0x ec5e8252b6
Merge branch 'main' into main 2023-10-25 12:34:07 +05:30
Dhiyaneshwaran 4b2b968920 Merge branch 'main' of https://github.com/luisfelipe146/nuclei-templates into pr/8324 2023-10-25 12:31:04 +05:30
Dhiyaneshwaran 4b54644929 fix lint error 2023-10-25 12:30:43 +05:30
Prince Chaddha 7ffc2c63eb Merge remote-tracking branch 'origin' into pr/8431 2023-10-25 12:27:06 +05:30
Dhiyaneshwaran f998197bcc
Merge branch 'main' into main 2023-10-25 12:26:58 +05:30
GitHub Action 4474bf62a3 TemplateMan Update [Wed Oct 25 06:48:30 UTC 2023] 🤖 2023-10-25 06:48:31 +00:00
GitHub Action 50229ad7fa TemplateMan Update [Wed Oct 25 06:44:12 UTC 2023] 🤖 2023-10-25 06:44:14 +00:00
Dhiyaneshwaran 72df19dd8d
change in severity 2023-10-25 06:28:44 +05:30
Dhiyaneshwaran cdaa35cf93
full exploit 2023-10-25 06:17:10 +05:30
Dhiyaneshwaran b035ceffea
fix template 2023-10-25 04:05:46 +05:30
Dhiyaneshwaran b815d23b90
metadata & matcher update 2023-10-24 17:15:08 +05:30
Dhiyaneshwaran 936e1caea8
Create CVE-2023-4966.yaml 2023-10-24 16:28:04 +05:30
GitHub Action 8f5c7924d9 TemplateMan Update [Mon Oct 23 13:06:52 UTC 2023] 🤖 2023-10-23 13:06:53 +00:00
GitHub Action 4607341bf2 Auto Template Signing [Mon Oct 23 13:05:19 UTC 2023] 🤖 2023-10-23 13:05:20 +00:00
GitHub Action 82332a23cc TemplateMan Update [Mon Oct 23 12:51:13 UTC 2023] 🤖 2023-10-23 12:51:13 +00:00
GitHub Action b13f72b186 Auto Template Signing [Mon Oct 23 12:42:35 UTC 2023] 🤖 2023-10-23 12:42:37 +00:00
GitHub Action 72d5082a23 TemplateMan Update [Mon Oct 23 12:22:19 UTC 2023] 🤖 2023-10-23 12:22:20 +00:00
GitHub Action 007a44905e Auto Template Signing [Mon Oct 23 12:20:38 UTC 2023] 🤖 2023-10-23 12:20:39 +00:00
Dhiyaneshwaran 97faa2a09e
Merge pull request #8439 from HuTa0kj/dev/cve_2023_0297
Update CVE-2023-0297
2023-10-23 17:47:25 +05:30
pussycat0x 73f773fdc0
Merge branch 'main' into main 2023-10-23 15:55:20 +05:30
pussycat0x a3700a6d4b metadata - update 2023-10-23 15:13:49 +05:30
Prince Chaddha d4f8229728 Resolved all conflicts by accepting upcoming changes 2023-10-23 15:11:19 +05:30
GitHub Action fc86efd945 Auto Template Signing [Mon Oct 23 07:42:12 UTC 2023] 🤖 2023-10-23 07:42:12 +00:00
Ritik Chaddha 4fdd549ffc Update CVE-2017-18501.yaml 2023-10-23 12:46:36 +05:30
GitHub Action 003c1ae2da TemplateMan Update [Mon Oct 23 07:14:06 UTC 2023] 🤖 2023-10-23 07:14:07 +00:00
rivers 7deba462f4 Update CVE-2023-0297 2023-10-23 15:12:52 +08:00
GitHub Action ec8536d7cb Auto Template Signing [Mon Oct 23 07:04:05 UTC 2023] 🤖 2023-10-23 07:04:06 +00:00
Ritik Chaddha 6e505e114f all template update 2023-10-22 18:05:42 +05:30
GitHub Action c1ebe4aa39 TemplateMan Update [Sun Oct 22 12:16:23 UTC 2023] 🤖 2023-10-22 12:16:25 +00:00
Ritik Chaddha 25ad1850f7
updated matcher 2023-10-20 21:06:05 +05:30
Rahul Maini 1f0c821f5d Added CVE-2023-4582 Vitogate 300 RCE 2023-10-20 17:47:42 +04:00
GitHub Action aac65c12fb Auto Template Signing [Fri Oct 20 12:31:56 UTC 2023] 🤖 2023-10-20 12:31:57 +00:00
GitHub Action b38e8bbebc TemplateMan Update [Fri Oct 20 11:41:12 UTC 2023] 🤖 2023-10-20 11:41:16 +00:00
GitHub Action dd395fa0a8 Auto Template Signing [Thu Oct 19 14:45:53 UTC 2023] 🤖 2023-10-19 14:45:54 +00:00
Prince Chaddha 23396a8bba reverted log4j templates 2023-10-19 20:05:43 +05:30
GitHub Action 40c9ecc610 Auto Template Signing [Thu Oct 19 13:36:25 UTC 2023] 🤖 2023-10-19 13:36:26 +00:00
GitHub Action b4e834b049 Auto Template Signing [Thu Oct 19 13:13:50 UTC 2023] 🤖 2023-10-19 13:13:52 +00:00
GitHub Action ccb6a4683f TemplateMan Update [Thu Oct 19 11:40:01 UTC 2023] 🤖 2023-10-19 11:40:02 +00:00
GitHub Action de280482c4 TemplateMan Update [Thu Oct 19 10:38:58 UTC 2023] 🤖 2023-10-19 10:39:00 +00:00
GitHub Action 74176631f8 TemplateMan Update [Wed Oct 18 16:27:25 UTC 2023] 🤖 2023-10-18 16:27:27 +00:00
GitHub Action e8ab162fd4 TemplateMan Update [Wed Oct 18 16:26:29 UTC 2023] 🤖 2023-10-18 16:26:31 +00:00
Dhiyaneshwaran c077ec0bc3
Merge pull request #8409 from theamanrawat/patch-3
Create CVE-2023-5360.yaml
2023-10-18 21:51:22 +05:30
no e057567c94 update from other pr 2023-10-18 10:57:11 +02:00
E1A ee37aa6ef3
Create CVE-2023-20198.yaml
Update from @rxerium his template
2023-10-18 10:46:32 +02:00
E1A b85ba1e648
Merge branch 'projectdiscovery:main' into main 2023-10-18 10:40:58 +02:00
GitHub Action d4621f33d2 TemplateMan Update [Tue Oct 17 18:18:29 UTC 2023] 🤖 2023-10-17 18:18:29 +00:00
GitHub Action 2dc1bd140c TemplateMan Update [Tue Oct 17 17:52:25 UTC 2023] 🤖 2023-10-17 17:52:27 +00:00
Prince Chaddha 7b1cd03956
Update CVE-2021-24627.yaml 2023-10-17 23:19:18 +05:30
Prince Chaddha 1dd8251465
Merge pull request #8407 from projectdiscovery/cve-templates6
New CVEs Added
2023-10-17 23:17:17 +05:30
Dhiyaneshwaran 031fe06184 fix lint 2023-10-17 23:02:04 +05:30
Dhiyaneshwaran 52c71d0f5d add metadata 2023-10-17 22:51:59 +05:30
Dhiyaneshwaran ea20ad232b fix weak matcher 2023-10-17 22:07:11 +05:30
Prince Chaddha 15e9456960 fixed lint errors 2023-10-17 18:57:49 +05:30
Dhiyaneshwaran 22719a4c3e
minor update 2023-10-17 17:28:54 +05:30
GitHub Action 1f7d855fe4 TemplateMan Update [Tue Oct 17 11:50:30 UTC 2023] 🤖 2023-10-17 11:50:31 +00:00
Aman Rawat e3cad34cd3
Create CVE-2023-5360.yaml 2023-10-17 14:30:45 +05:30
Prince Chaddha c1b18b3f06 fixed errors 2023-10-17 13:46:05 +05:30
Prince Chaddha 1b2fddb9cb templates added 2023-10-17 12:50:28 +05:30
GitHub Action 44cd028c80 TemplateMan Update [Tue Oct 17 06:29:44 UTC 2023] 🤖 2023-10-17 06:29:45 +00:00
pussycat0x 9fc2fa1deb
Merge pull request #8399 from projectdiscovery/CVE-2022-0597
Create CVE-2022-0597.yaml
2023-10-17 11:53:15 +05:30
GitHub Action 4d2cc38fb5 TemplateMan Update [Tue Oct 17 06:19:43 UTC 2023] 🤖 2023-10-17 06:19:44 +00:00
GitHub Action cbf1f18ee8 TemplateMan Update [Tue Oct 17 06:11:14 UTC 2023] 🤖 2023-10-17 06:11:15 +00:00
pussycat0x 2bca87e397
Merge pull request #8401 from projectdiscovery/CVE-2023-37728
Create CVE-2023-37728.yaml
2023-10-17 11:35:48 +05:30
GitHub Action 89f65c1671 TemplateMan Update [Tue Oct 17 06:05:26 UTC 2023] 🤖 2023-10-17 06:05:26 +00:00
Dhiyaneshwaran bf122c0842
Create CVE-2021-25016.yaml 2023-10-17 00:07:06 +05:30
Dhiyaneshwaran e2582d3dfc
Create CVE-2023-37728.yaml 2023-10-16 23:54:57 +05:30
GitHub Action fae99dea62 TemplateMan Update [Mon Oct 16 18:12:46 UTC 2023] 🤖 2023-10-16 18:12:47 +00:00
Dhiyaneshwaran 2cee507762
trailspace fix 2023-10-16 22:34:07 +05:30
Dhiyaneshwaran 12d4ff4229
Create CVE-2022-0597.yaml 2023-10-16 22:31:04 +05:30
GitHub Action 698f3f9082 TemplateMan Update [Mon Oct 16 10:59:02 UTC 2023] 🤖 2023-10-16 10:59:04 +00:00
GitHub Action e51eecde1f TemplateMan Update [Mon Oct 16 10:55:13 UTC 2023] 🤖 2023-10-16 10:55:15 +00:00
Ritik Chaddha e291d54516
Merge pull request #8394 from win3zz/main
Create CVE-2023-3710.yaml
2023-10-16 16:24:17 +05:30
Ritik Chaddha d1d121c46d
Merge pull request #8386 from iamnoooob/main
Added CVE-2020-6950.yaml
2023-10-16 16:20:35 +05:30
Ritik Chaddha cec5e6ffa2
Update CVE-2023-3710.yaml 2023-10-16 16:20:20 +05:30
Ritik Chaddha 98ff890872
Update CVE-2020-6950.yaml 2023-10-16 15:20:11 +05:30
Ritik Chaddha de3182946f
Update CVE-2020-6950.yaml 2023-10-16 14:15:07 +05:30
Dhiyaneshwaran 0b2573f839
minor update 2023-10-16 10:40:56 +05:30
Bipin Jitiya 3781881f10
Create CVE-2023-3710.yaml
Added CVE-2023-3710 Template
2023-10-15 19:27:25 +05:30
GitHub Action 267796f8d6 TemplateMan Update [Sun Oct 15 09:28:03 UTC 2023] 🤖 2023-10-15 09:28:04 +00:00
Luis Felipe 468bb365f2
Merge branch 'main' into main 2023-10-14 17:45:08 -03:00
GitHub Action 076aa6cafd TemplateMan Update [Sat Oct 14 19:50:16 UTC 2023] 🤖 2023-10-14 19:50:16 +00:00
Luis Felipe 1ff0d90499
Merge branch 'projectdiscovery:main' into main 2023-10-14 14:07:13 -03:00
Luis Felipe 6067fa8d03
Delete http/cves/2021/CVE-2021-25016.yaml 2023-10-14 14:06:29 -03:00
Luis Felipe 5210becb8d
Create CVE-2021-25016.yaml 2023-10-14 13:57:47 -03:00
sandeep 161b90353a templateman update 2023-10-14 16:57:55 +05:30
Dhiyaneshwaran 44d59fe270
trail lint fix 2023-10-13 21:36:34 +05:30
Rahul Maini a4de430746 Added CVE-2020-6950.yaml 2023-10-13 20:00:06 +04:00
Dhiyaneshwaran 67edfa63c5
Merge pull request #8383 from 0xPugazh/main
Update phpmyadmin-setup.yaml and CVE-2022-21500.yaml
2023-10-13 15:12:24 +05:30
Ritik Chaddha 6b4d582433
Update CVE-2022-21500.yaml 2023-10-13 15:08:25 +05:30
Ritik Chaddha 5dcf8c0e1a
update matcher 2023-10-13 13:58:39 +05:30
Pugalarasan fff98181f3
Update CVE-2022-21500.yaml 2023-10-12 18:41:52 +05:30
Pugalarasan 46e7580827
Update CVE-2022-21500.yaml 2023-10-12 18:40:11 +05:30
Alexander King a18aed36b9 Fix trailing whitespaces 2023-10-12 07:45:20 -05:00
Alexander King 105cf06818 Create template for CVE-2021-45382 2023-10-12 07:45:20 -05:00
Ritik Chaddha fe6f534b69
Update CVE-2021-41749.yaml 2023-10-12 16:34:02 +05:30
Rahul Maini 438ecc5186 Added CraftCMS SEOMatic Plugin SSTI 2023-10-12 14:53:59 +04:00
Ritik Chaddha 310ae76f45
word matcher update 2023-10-12 02:01:05 +05:30
Dhiyaneshwaran 4d60c41b3e
Create CVE-2023-4451.yaml 2023-10-11 20:41:07 +05:30
Ritik Chaddha 17d3db3a62
Update CVE-2023-37474.yaml 2023-10-11 14:07:22 +05:30
Aman Rawat 57d5228626
Update CVE-2023-37474.yaml 2023-10-11 13:56:49 +05:30
Aman Rawat fa141157db
Create CVE-2023-37474.yaml 2023-10-11 13:52:27 +05:30
Ritik Chaddha dc3ea52a88
Merge pull request #8336 from projectdiscovery/updated-oast
updated oast matchers
2023-10-11 13:12:50 +05:30
Dhiyaneshwaran c97b868a5d
Create CVE-2022-25568.yaml 2023-10-11 02:31:40 +05:30
Dhiyaneshwaran 96885dc6e8
Create CVE-2023-35813.yaml (Sitecore - Remote Code Execution 🔥 ) (#8363)
* Create CVE-2023-35813.yaml

* Update CVE-2023-35813.yaml

* improved matcher

---------

Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
2023-10-10 23:26:29 +05:30
sandeep 3bf6fce75a meta update 2023-10-10 20:28:10 +05:30
sandeep b09a224654 improved matcher + variables 2023-10-10 20:22:53 +05:30
sandeep 0471ab31c7 Added CVE-2023-22515 2023-10-10 18:50:42 +05:30
Prince Chaddha 583beed216
updated protocol name 2023-10-10 15:13:10 +05:30
Dhiyaneshwaran 9db41d5400
Merge pull request #8293 from gy741/rule-add-v145
Create CVE-2023-30013.yaml
2023-10-10 12:25:13 +05:30
pussycat0x 2a2cf9fe8d
minor - update 2023-10-10 12:14:27 +05:30
Dhiyaneshwaran 6e000d1c7c
Merge pull request #8342 from projectdiscovery/CVE-2023-31465
Create CVE-2023-31465.yaml
2023-10-10 10:42:41 +05:30
Dhiyaneshwaran 293264df1a
oast tag added 2023-10-10 10:39:53 +05:30
Ritik Chaddha 8898dafede
Create CVE-2023-31465.yaml 2023-10-09 14:48:51 +05:30
Ritik Chaddha 072802c4dc
Create CVE-2023-41642.yaml 2023-10-09 14:46:15 +05:30
Dhiyaneshwaran a07b5f8b38 Fix Matcher and Panel Move around 2023-10-09 13:48:46 +05:30
GwanYeong Kim 2565ddf6be Create CVE-2023-34259.yaml
CCRX has a Path Traversal vulnerability. Path Traversal is an attack on web applications. By manipulating the value of the file path, an attacker can gain access to the file system, including source code and critical system settings.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2023-10-08 17:57:09 +09:00
Prince Chaddha 213b63e42a updated oast matchers 2023-10-08 13:24:05 +05:30
Prince Chaddha 47869080a6
updated template 2023-10-08 12:50:07 +05:30
Prince Chaddha d28c19efa6
Update CVE-2020-8813.yaml 2023-10-08 12:48:55 +05:30
Dhiyaneshwaran 419a1c6224
Merge pull request #8290 from 5hank4r/main
CVE-2023-33405.yaml
2023-10-08 12:45:01 +05:30
HuTa0 aea032a150
Fix: CVE-2022-4321 (#8330)
* Fix: CVE-2022-4321

* added metadata

---------

Co-authored-by: rivers <HuTa0@HuTa0-MacBook-Pro.local>
Co-authored-by: sandeep <8293321+ehsandeep@users.noreply.github.com>
2023-10-08 11:56:49 +05:30
Alexander King ddc4d97fad
Merge branch 'main' into template/CVE-2021-35395 2023-10-05 14:52:15 -05:00
Luis Felipe 9b1d7f3b71
Add files via upload 2023-10-05 15:36:49 -03:00
pussycat0x e48b398bf3
Merge pull request #8315 from ctflearner/CVE-2023-38501
Create CVE-2023-38501.YAML
2023-10-05 23:38:26 +05:30
Alexander King e88448fa2c
Fix indentation and trailing whitespace 2023-10-05 11:50:38 -05:00
Alexander King 5416d4cf32
Create CVE-2021-35395 template 2023-10-05 11:21:04 -05:00
Ritik Chaddha b479f9abb6
Update and rename CVE-2023-38501.YAML to CVE-2023-38501.yaml 2023-10-05 20:38:15 +05:30
Dhiyaneshwaran aec030bdaa
Merge pull request #8308 from luisfelipe146/main
Create CVE-2023-2224.yaml
2023-10-05 17:29:16 +05:30
GitHub Action 00e5276685 TemplateMan Update [Thu Oct 5 11:56:54 UTC 2023] 🤖 2023-10-05 11:56:55 +00:00
Dhiyaneshwaran a84dfa160c
Merge pull request #8316 from ctflearner/CVE-2022-48197
Create CVE-2022-48197.yaml
2023-10-05 17:24:51 +05:30
Ritik Chaddha b40c62549b
matchers & info update 2023-10-05 13:15:20 +05:30
Ritik Chaddha 0f42303065
lint & format fix 2023-10-05 12:57:16 +05:30
Ritik Chaddha 7a7a867b7b
Update CVE-2023-2224.yaml 2023-10-05 11:35:30 +05:30
ctflearner 26d3cf0a94
Create CVE-2022-48197.yaml 2023-10-04 07:19:16 +05:30
ctflearner 6f37e9b554
Create CVE-2023-38501.YAML 2023-10-04 06:56:45 +05:30
Dhiyaneshwaran 751ddc980a
Create CVE-2023-33405.yaml 2023-10-03 18:33:29 +05:30
Ritik Chaddha ac6bb1823c
Merge pull request #8272 from projectdiscovery/CVE-2023-22432
Create CVE-2023-22432.yaml
2023-10-03 13:40:06 +05:30
Ritik Chaddha 568b53ef70
Merge pull request #8295 from gy741/rule-add-v146
Create CVE-2023-30625.yaml
2023-10-03 13:33:19 +05:30
Ritik Chaddha 22c0b5891d
updated matcher & req 2023-10-03 13:32:34 +05:30
Ritik Chaddha a334550a21
Merge pull request #8286 from jainiresh/patch-1
Update CVE-2019-6802.yaml
2023-10-03 13:19:37 +05:30
Ritik Chaddha 43fc4f3795
added status matcher 2023-10-03 13:18:23 +05:30
GitHub Action 172150f538 TemplateMan Update [Tue Oct 3 06:50:17 UTC 2023] 🤖 2023-10-03 06:50:18 +00:00
pussycat0x e13ab6cfdd
Merge pull request #8301 from gy741/rule-add-v148
Create CVE-2023-33831.yaml
2023-10-03 12:18:01 +05:30
pussycat0x 1e956367e0
Update CVE-2023-33831.yaml 2023-10-03 12:13:22 +05:30
Luis Felipe 63dcb68b75
Create CVE-2023-2224.yaml 2023-10-02 08:57:09 -03:00
gy741 fef8a38e22
Create CVE-2023-43261 (#8300)
* Auto WordPress Plugins Update [Sun Oct  1 04:12:23 UTC 2023] 🤖

* Create CVE-2023-43261.yaml

A critical security vulnerability has been identified in Milesight Industrial Cellular Routers, compromising the security of sensitive credentials and permitting unauthorized access. This vulnerability stems from a misconfiguration that results in directory listing being enabled on the router systems, rendering log files publicly accessible. These log files, while containing sensitive information such as admin and other user passwords (encrypted as a security measure), can be exploited by attackers via the router's web interface. The presence of a hardcoded AES secret key and initialization vector (IV) in the JavaScript code further exacerbates the situation, facilitating the decryption of these passwords. This chain of vulnerabilities allows malicious actors to gain unauthorized access to the router.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>

* Revert "Auto WordPress Plugins Update [Sun Oct  1 04:12:23 UTC 2023] 🤖"

This reverts commit ceb38c80b0.

* added metadata

---------

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
Co-authored-by: GitHub Action <action@github.com>
Co-authored-by: Dhiyaneshwaran <leedhiyanesh@gmail.com>
2023-10-02 13:51:12 +05:30
Dhiyaneshwaran ffa4a84ba9
added metadata and updated matcher 2023-10-02 00:47:23 +05:30
GwanYeong Kim 06674c9bca Create CVE-2023-33831.yaml
A remote command execution (RCE) vulnerability in the /api/runscript endpoint of FUXA 1.1.13 allows attackers to execute arbitrary commands via a crafted POST request.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2023-10-02 01:19:18 +09:00
Prince Chaddha 48b3253a7e added additional matcher 2023-10-01 13:59:50 +05:30
GwanYeong Kim 208ff38843 Create CVE-2023-30013.yaml
TOTOLINK X5000R V9.1.0u.6118_B20201102 and V9.1.0u.6369_B20230113 contain a command insertion vulnerability in setting/setTracerouteCfg. This vulnerability allows an attacker to execute arbitrary commands through the "command" parameter.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2023-09-30 13:15:00 +09:00
sandeep ff450a65ba strict matcher 2023-09-29 19:04:39 +05:30
sandeep fd69046097 Added CVE-2023-29357 (Microsoft SharePoint - Authentication Bypass) 2023-09-29 18:51:23 +05:30
sandeep 6784a9d2c1 format fix 2023-09-29 14:24:46 +05:30
jainiresh 5574a26f60
Update CVE-2019-6802.yaml
Updated to remove false positives.
As the previous change matches the words "Set-Cookie: crlfinjection=1" even if the words are present in the Location header too.

The updated code, will match only if the "Set-Cookie: crlfinjection=1" is actually a header, by verifying that it actually starts in the beginning of a response header.
2023-09-29 13:46:22 +05:30
GitHub Action 77bfd17949 TemplateMan Update [Fri Sep 29 05:57:07 UTC 2023] 🤖 2023-09-29 05:57:07 +00:00
pussycat0x 30217297c2
Merge pull request #8271 from projectdiscovery/CVE-2014-9180
Create CVE-2014-9180.yaml
2023-09-29 11:24:52 +05:30
Ritik Chaddha e616bb0ec7
protocol update 2023-09-27 23:35:44 +05:30
Ritik Chaddha bc957cd1a4
Update CVE-2023-42793.yaml 2023-09-27 23:35:06 +05:30
sandeep f0ba24afa1 JetBrains TeamCity - Remote Code Execution (CVE-2023-42793) 2023-09-27 23:25:18 +05:30
Dhiyaneshwaran dc6b9c1e73
metadata update 2023-09-27 14:39:20 +05:30
Dhiyaneshwaran 334c3be057
Create CVE-2023-22432.yaml 2023-09-27 14:38:24 +05:30
Dhiyaneshwaran 082966e07a
Create CVE-2014-9180.yaml 2023-09-27 14:13:02 +05:30
Ritik Chaddha 1f7ceddbff
Update CVE-2023-40068.yaml 2023-09-26 23:39:38 +05:30
pussycat0x e47239d4df
Merge pull request #8267 from projectdiscovery/CVE-2023-5074
Create CVE-2023-5074.yaml (Authentication Bypass in D-Link D-View 8 🔥 )
2023-09-26 21:24:12 +05:30
pussycat0x 17669c7fd8
lint -fix 2023-09-26 21:21:03 +05:30
pussycat0x 5f4f590e7f
Update CVE-2023-5074.yaml 2023-09-26 21:16:55 +05:30
pussycat0x 3b789d908b
Update CVE-2023-5074.yaml 2023-09-26 21:13:29 +05:30
GitHub Action eec309f75f TemplateMan Update [Tue Sep 26 15:42:15 UTC 2023] 🤖 2023-09-26 15:42:16 +00:00
pussycat0x 85868d5802
Merge pull request #8216 from zn9988/main
Create CVE-2023-2479.yaml
2023-09-26 21:09:57 +05:30
Dhiyaneshwaran e48aa75f0f
fix-trail-spacing 2023-09-26 20:09:49 +05:30
Dhiyaneshwaran 52c9d36132
Create CVE-2023-5074.yaml 2023-09-26 20:05:39 +05:30
pussycat0x 634eb6f24f
Merge pull request #8225 from projectdiscovery/CVE-2023-36845
Create CVE-2023-36845.yaml (Juniper J-Web - Remote Code Execution 🔥 )
2023-09-26 18:57:53 +05:30
Dhiyaneshwaran 6d40f1256d
fix trail space 2023-09-26 12:42:57 +05:30
Dhiyaneshwaran ae67cf87ba
minor update 2023-09-26 12:33:31 +05:30
GitHub Action c79554fd80 TemplateMan Update [Tue Sep 26 05:47:05 UTC 2023] 🤖 2023-09-26 05:47:06 +00:00
Dhiyaneshwaran 2c1392e423
Merge pull request #8260 from kazet/zzzcms-rce-fp
ZZZCMS RCE is a false positive if we see phpinfo() without posting any data
2023-09-26 11:14:55 +05:30
Ritik Chaddha 59151619bc
req and matcher update 2023-09-26 10:19:09 +05:30
Krzysztof Zając f188fcbe2f more precise status code match 2023-09-25 16:28:43 +02:00
Krzysztof Zając 8e3d9c97ce ZZZCMS RCE is a false positive if we see phpinfo() without posting any data 2023-09-25 16:24:23 +02:00
GwanYeong Kim 463f722ad7 Create CVE-2023-30625.yaml
rudder-server is part of RudderStack, an open source Customer Data Platform (CDP). Versions of rudder-server prior to 1.3.0-rc.1 are vulnerable to SQL injection. This issue may lead to Remote Code Execution (RCE) due to the `rudder` role in PostgresSQL having superuser permissions by default. Version 1.3.0-rc.1 contains patches for this issue.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2023-09-24 18:15:00 +09:00
pentesttools-com d549599606
fix: typo in cve-2023-23492 template name (#8250) 2023-09-23 15:12:58 +05:30
pentesttools-com 8c3ccf581b
fix: typo in template CVE-2023-24735 name 2023-09-21 11:10:50 +03:00
Ritik Chaddha 47f97458af
Create CVE-2023-42442.yaml 2023-09-20 16:14:04 +05:30
pussycat0x 3115469524
Merge pull request #8224 from projectdiscovery/CVE-2023-4568
Create CVE-2023-4568.yaml (PaperCut NG Unauthenticated XMLRPC Functionality 🔥 )
2023-09-19 13:50:04 +05:30
Dhiyaneshwaran 4dc094fffa
Create CVE-2023-36845.yaml 2023-09-19 07:24:05 +05:30
Ritik Chaddha 835179f9be
Merge pull request #8203 from projectdiscovery/CVE-2023-2766
Create CVE-2023-2766.yaml
2023-09-18 23:51:03 +05:30
Ritik Chaddha 6335a4e3a0
matcher and info update 2023-09-18 23:47:32 +05:30
Dhiyaneshwaran 681a1b3263
Create CVE-2023-4568.yaml 2023-09-18 23:06:47 +05:30
Dhiyaneshwaran 18f37d9226
Update CVE-2022-0342.yaml 2023-09-18 18:51:11 +05:30
Prince Chaddha 8e38345f0d
Merge pull request #7997 from SleepingBag945/some_tps
Added 124 Templates
2023-09-18 18:13:14 +05:30
Ritik Chaddha d5dfd3302c template update 2023-09-18 18:07:42 +05:30
Ritik Chaddha 601100cd0f
Merge pull request #8215 from projectdiscovery/princechaddha-patch-2
Create CVE-2023-41892.yaml
2023-09-18 15:20:42 +05:30
Dhiyaneshwaran 823e1b1f49
Merge pull request #8113 from harsh2403/patch-18
Create CVE-2023-37629.yaml
2023-09-18 15:18:37 +05:30
Prince Chaddha 716c8ddfce
updated matcher 2023-09-18 15:17:31 +05:30
Prince Chaddha b6550ca831
updated matcher 2023-09-18 14:31:39 +05:30
Prince Chaddha 274c14e763 updated-templates-p 2023-09-17 14:21:38 +05:30
pussycat0x 0e4f7b0565
Update CVE-2023-2813.yaml 2023-09-17 13:41:16 +05:30
pussycat0x 1baa17c029 Fix FP -CVE-2023-2813 2023-09-17 13:37:19 +05:30
Prince Chaddha 88153faaf8
Merge branch 'main' into some_tps 2023-09-17 13:03:38 +05:30
pussycat0x 4ace2254fa
Merge pull request #8218 from projectdiscovery/CVE-2023-2813
Create CVE-2023-2813.yaml (48 Wordpress Themes Affected 🔥 )
2023-09-16 23:21:00 +05:30
Ritik Chaddha 0f037e9860
request update 2023-09-15 22:39:22 +05:30
GitHub Action 86659ff1f4 TemplateMan Update [Fri Sep 15 17:04:28 UTC 2023] 🤖 2023-09-15 17:04:28 +00:00
Ritik Chaddha 8f3dfab992
Merge pull request #8178 from meme-lord/phpinfo_template
Added template for CVE-2023-39677 MyPrestaModules PHPInfo
2023-09-15 22:32:31 +05:30
Ritik Chaddha 03eb0dedc8
Merge pull request #8204 from projectdiscovery/CVE-2023-22463
Create CVE-2023-22463.yaml (KubePi JwtSigKey - Login Bypass 🔥 )
2023-09-15 22:31:29 +05:30
Ritik Chaddha 89683e2c2b
info update 2023-09-15 22:24:13 +05:30
Ritik Chaddha af6f3e0897
Merge pull request #8210 from projectdiscovery/CVE-2023-4714
Create CVE-2023-4714.yaml
2023-09-15 22:16:15 +05:30
Ritik Chaddha 428b82492d
matcher & info update 2023-09-15 22:16:06 +05:30
Ritik Chaddha 753e4e5af7
matcher update 2023-09-15 22:12:25 +05:30
Ritik Chaddha b665b1b0e8
info update 2023-09-15 22:11:27 +05:30
Dhiyaneshwaran f122fc3ec9
Create CVE-2023-2813.yaml 2023-09-15 18:19:17 +05:30
pussycat0x c84e4ef64c Templates - update 2023-09-15 17:53:57 +05:30
Dhiyaneshwaran 1353a5c204
added metadata 2023-09-15 15:54:32 +05:30
Prince Chaddha d405588ec1
Create CVE-2023-41892.yaml 2023-09-15 12:44:48 +05:30
zn9988 a711c0cc04
Create CVE-2023-2479.yaml 2023-09-15 15:11:13 +08:00