sandeep
|
3adf607b6f
|
Matcher for DNS interaction
|
2021-04-27 16:24:39 +05:30 |
Prince Chaddha
|
eaf70d16ab
|
Merge pull request #1350 from projectdiscovery/princechaddha-patch-15
Create zcms-v3-sqli.yaml
|
2021-04-27 16:09:32 +05:30 |
Prince Chaddha
|
427f99b0c1
|
Update wordpress-rce-simplefilelist.yaml
|
2021-04-27 15:25:28 +05:30 |
Noam Rathaus
|
1aca402bf6
|
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
|
2021-04-27 09:42:50 +03:00 |
Noam Rathaus
|
4cc6b3bdb0
|
Reduce FP due to not actually execution of the PHP but rather it being returned as is (the content)
|
2021-04-27 09:42:41 +03:00 |
Prince Chaddha
|
d705648dc4
|
Merge pull request #1343 from projectdiscovery/princechaddha-patch-8
Create spark-webui-unauth.yaml
|
2021-04-26 21:58:53 +05:30 |
Prince Chaddha
|
3079fce648
|
Update spark-webui-unauth.yaml
|
2021-04-26 21:57:46 +05:30 |
Prince Chaddha
|
f726562445
|
Update spark-webui-unauth.yaml
|
2021-04-26 21:56:13 +05:30 |
Prince Chaddha
|
487e2300e1
|
Merge pull request #1331 from projectdiscovery/princechaddha-patch-1
Create unauth-spark-api.yaml
|
2021-04-26 21:52:22 +05:30 |
Prince Chaddha
|
5fcba18d1e
|
Merge pull request #1349 from projectdiscovery/princechaddha-patch-14
Create xunchi-file-read.yaml
|
2021-04-26 21:06:27 +05:30 |
Prince Chaddha
|
ac29e9a622
|
Merge pull request #1348 from projectdiscovery/princechaddha-patch-13
Create xiuno-bbs-reinstallation.yaml
|
2021-04-26 21:05:39 +05:30 |
Prince Chaddha
|
4cc83776f3
|
Merge pull request #1352 from projectdiscovery/princechaddha-patch-17
Create ecology-springframework-directory-traversal.yaml
|
2021-04-26 20:48:30 +05:30 |
Noam Rathaus
|
2e1e0e932f
|
Product name
|
2021-04-26 09:07:57 +03:00 |
Noam Rathaus
|
19a4bbc844
|
Correct product name, and link to the Gitee
|
2021-04-26 09:03:24 +03:00 |
Noam Rathaus
|
3857469468
|
Add reference
|
2021-04-26 09:01:39 +03:00 |
Noam Rathaus
|
909a0ce4dd
|
Product seems to be called ectouch
|
2021-04-26 08:51:08 +03:00 |
Noam Rathaus
|
bb974381b5
|
add references
|
2021-04-26 08:48:16 +03:00 |
Jurjen de Jonge
|
b9ad93a3cd
|
Reverted back to old technique
The ;INSERT method only seemed to work on my dev enviroment.
|
2021-04-24 22:15:57 +03:00 |
Jurjen de Jonge
|
5f264c9891
|
Updated chamilo-lms-sqli.yaml
Uses SQL injection to insert data into the database, then checks to see
if this data has been added;
|
2021-04-24 21:41:38 +03:00 |
Jurjen de Jonge
|
d4e8720797
|
Chamilo 1.11.14 LMS sql injection
YAML file is now indented correctly
|
2021-04-24 19:35:29 +03:00 |
Jurjen de Jonge
|
2f7746fe3d
|
Chamilo 1.11.14 LMS sql injection
|
2021-04-24 19:11:58 +03:00 |
Geeknik Labs
|
05c948eddd
|
Update error-based-sql-injection.yaml
|
2021-04-23 14:12:58 +00:00 |
Prince Chaddha
|
71e25fa42d
|
Create ecology-springframework-directory-traversal.yaml
|
2021-04-23 18:52:08 +05:30 |
Prince Chaddha
|
85bc6464cb
|
Create ecology-filedownload-directory-traversal.yaml
|
2021-04-23 18:50:11 +05:30 |
Prince Chaddha
|
2aa7764e58
|
Create zcms-v3-sqli.yaml
|
2021-04-23 18:48:00 +05:30 |
Prince Chaddha
|
525475ea2e
|
Create xunchi-file-read.yaml
|
2021-04-23 18:45:02 +05:30 |
Prince Chaddha
|
3527ffcd5c
|
Update xiuno-bbs-reinstallation.yaml
|
2021-04-23 18:41:15 +05:30 |
Prince Chaddha
|
bfa6113b45
|
Create xiuno-bbs-reinstallation.yaml
|
2021-04-23 18:40:17 +05:30 |
Prince Chaddha
|
9341841862
|
Create wuzhicms-sqli.yaml
|
2021-04-23 18:26:43 +05:30 |
sandeep
|
f10fcbcf2f
|
Improved matcher
|
2021-04-23 18:19:23 +05:30 |
Prince Chaddha
|
bfae33ab72
|
Create ueditor-file-upload.yaml
|
2021-04-23 17:45:09 +05:30 |
Prince Chaddha
|
fcb93ad108
|
Create spark-webui-unauth.yaml
|
2021-04-23 17:37:19 +05:30 |
sandeep
|
972dbfa78a
|
Update apache-solr-file-read.yaml
|
2021-04-23 15:49:45 +05:30 |
sandeep
|
f7875a24d6
|
Adding Apache Solr <= 8.8.1 Arbitrary File Read
|
2021-04-23 15:48:04 +05:30 |
sandeep
|
6cd5b9d35c
|
CVE update
|
2021-04-23 08:47:52 +05:30 |
sandeep
|
476bb7806f
|
minor update and workflow update
|
2021-04-23 08:38:45 +05:30 |
Robbie
|
ddc321794f
|
Create wp-modern-events-calendar-lite.yml
|
2021-04-22 20:15:52 +01:00 |
Prince Chaddha
|
ed1f462a3c
|
Create resin-cnnvd-200705-315.yaml
|
2021-04-22 19:37:30 +05:30 |
Prince Chaddha
|
7b051a70a9
|
Create WooYun-2015-148227.yaml
|
2021-04-22 14:29:47 +05:30 |
Prince Chaddha
|
af89aaf731
|
Update unauth-spark-api.yaml
|
2021-04-22 14:23:08 +05:30 |
Prince Chaddha
|
6c80ff0b68
|
Update unauth-spark-api.yaml
|
2021-04-22 13:48:03 +05:30 |
Prince Chaddha
|
c89872228c
|
Update unauth-spark-api.yaml
|
2021-04-22 13:46:18 +05:30 |
Prince Chaddha
|
22ddf02690
|
Create unauth-spark-api.yaml
|
2021-04-22 13:45:01 +05:30 |
sandeep
|
333c7965ad
|
Adding Showdoc < 2.8.6 File Upload RCE
|
2021-04-22 01:04:21 +05:30 |
Prince Chaddha
|
d8ccf26cc5
|
Merge pull request #1222 from projectdiscovery/princechaddha-patch-7
Create feifeicms-lfr.yaml
|
2021-04-21 23:56:37 +05:30 |
Prince Chaddha
|
89dd2b02a6
|
Merge pull request #1210 from projectdiscovery/princechaddha-patch-1
Create 74cms-sqli.yaml
|
2021-04-21 23:54:00 +05:30 |
Prince Chaddha
|
8d53d57728
|
Merge pull request #1243 from projectdiscovery/princechaddha-patch-12
Create maccmsv10-backdoor.yaml
|
2021-04-21 23:49:17 +05:30 |
Prince Chaddha
|
41b35fe99b
|
Merge pull request #1242 from projectdiscovery/princechaddha-patch-11
Create myucms-lfr.yaml
|
2021-04-21 23:48:16 +05:30 |
Prince Chaddha
|
63effa3f1f
|
Merge pull request #1279 from projectdiscovery/princechaddha-patch-16
Create nuuo-file-inclusion.yaml
|
2021-04-21 23:41:50 +05:30 |
Noam Rathaus
|
e9a13c2018
|
Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates
|
2021-04-20 18:41:10 +03:00 |
Noam Rathaus
|
e5e995e909
|
Usually matchers is under requests and not at top level
|
2021-04-20 18:40:55 +03:00 |
sandeep
|
5b4c21c7fa
|
Update wordpress-wordfence-waf-bypass-xss.yaml
|
2021-04-20 15:25:04 +05:30 |
sandeep
|
36195f82a0
|
Added wordpress-wordfence-waf-bypass-xss
|
2021-04-20 15:23:05 +05:30 |
Noam Rathaus
|
38b3359803
|
reference
|
2021-04-18 16:11:49 +03:00 |
Noam Rathaus
|
ba15cabf57
|
Uncomment description and reference
|
2021-04-18 16:11:30 +03:00 |
Noam Rathaus
|
bea9027bde
|
Reference and description
|
2021-04-18 16:09:44 +03:00 |
Noam Rathaus
|
29caaefe8d
|
No need for "
|
2021-04-18 16:09:38 +03:00 |
sandeep
|
ed9965095c
|
Update moodle-xss.yaml
|
2021-04-14 02:15:17 +05:30 |
Prince Chaddha
|
3fa6b9fb74
|
Create nuuo-file-inclusion.yaml
|
2021-04-14 01:57:44 +05:30 |
PD-Team
|
93bb29bf9e
|
Merge pull request #1272 from pikpikcu/patch-143
Add POC
|
2021-04-14 01:54:24 +05:30 |
sandeep
|
9302d0397b
|
Update eyou-email-rce.yaml
|
2021-04-14 01:54:06 +05:30 |
sandeep
|
19553cf671
|
matcher improvements
|
2021-04-14 01:53:24 +05:30 |
Prince Chaddha
|
ccb620bf73
|
Update wordpress-rce-simplefilelist.yaml
|
2021-04-13 18:26:30 +05:30 |
PikPikcU
|
98af0ce0cc
|
Create erp-nc-directory-traversal.yaml
|
2021-04-13 07:18:15 +00:00 |
PikPikcU
|
c19e8aa1cc
|
Create qi-anxin-netkang-next-generation-firewall-rce.yaml
|
2021-04-13 07:13:07 +00:00 |
PikPikcU
|
9583b3bbd5
|
Create oa-v9-uploads-file.yaml
|
2021-04-13 07:06:02 +00:00 |
PikPikcU
|
52f5496134
|
Create core-chuangtian-cloud-rce.yaml
|
2021-04-13 06:53:27 +00:00 |
PikPikcU
|
fb3b481ae8
|
Create eyou-email-rce.yaml
|
2021-04-13 06:40:20 +00:00 |
sandeep
|
17d836b2c4
|
Adding moodle-xss
|
2021-04-12 23:55:06 +05:30 |
PD-Team
|
020fdc5e0a
|
Merge pull request #1253 from pikpikcu/patch-141
Create turbocrm-xss.yaml
|
2021-04-11 17:25:49 +05:30 |
sandeep
|
d96746d193
|
minor update
|
2021-04-11 17:24:54 +05:30 |
LuskaBol
|
b0595790cb
|
Rename vulnerabilities/rockethcat/unauth-message-read.yaml to vulnerabilities/rocketchat/unauth-message-read.yaml
|
2021-04-10 22:27:51 -03:00 |
PikPikcU
|
cdac8b34a6
|
Create turbocrm-xss.yaml
|
2021-04-11 00:22:56 +00:00 |
sandeep
|
b36ec072d6
|
template update
|
2021-04-10 13:10:29 +05:30 |
Gal Nagli
|
ab46a9b2f0
|
Update basic-cors.yaml
Severity should be info.
|
2021-04-10 01:01:09 +03:00 |
Prince Chaddha
|
1df35d4f32
|
Create maccmsv10-backdoor.yaml
|
2021-04-10 03:30:22 +05:30 |
Prince Chaddha
|
939b8bee6c
|
Create myucms-lfr.yaml
|
2021-04-10 03:10:57 +05:30 |
Prince Chaddha
|
03c6126f60
|
Create etouch-v2-sqli.yaml
|
2021-04-07 22:03:17 +05:30 |
Prince Chaddha
|
797098e7fc
|
Create feifeicms-lfr.yaml
|
2021-04-07 19:54:35 +05:30 |
Prince Chaddha
|
220a6461fb
|
Create 74cms-sqli.yaml
|
2021-04-06 23:59:29 +05:30 |
sandeep
|
0c243d188a
|
tags improvements
|
2021-04-06 13:45:46 +05:30 |
sandeep
|
e4b9397b06
|
Adding missing wordpress tags
|
2021-04-06 13:19:32 +05:30 |
sandeep
|
8fdfc64e54
|
misc tag updates
|
2021-04-06 12:16:11 +05:30 |
sandeep
|
d34ca6773b
|
misc changes
|
2021-04-05 23:55:18 +05:30 |
sandeep
|
e934241101
|
Update empirecms-xss.yaml
|
2021-04-05 22:13:16 +05:30 |
PikPikcU
|
d789177b06
|
Create empirecms-xss.yaml
|
2021-04-05 08:16:27 +00:00 |
sandeep
|
40fb0066c3
|
more reference
|
2021-04-02 21:38:35 +05:30 |
sandeep
|
3daa03c799
|
Update cache-poisoning.yaml
|
2021-04-02 19:19:50 +05:30 |
Mohamed Elbadry
|
5eb1e78503
|
Create cache-poisoning.yaml
|
2021-04-02 15:14:09 +02:00 |
sandeep
|
532dc4cf0c
|
Added more info and strict matcher
|
2021-03-29 17:05:11 +05:30 |
Rojan Rijal
|
82fbfcf962
|
Create unauth-message-read.yaml
|
2021-03-28 23:42:11 -07:00 |
PD-Team
|
59574cc701
|
Revert "Create apache-spark-rce"
|
2021-03-26 00:16:29 +05:30 |
sandeep
|
28bf41830f
|
Merge branch 'patch-104' of https://github.com/pikpikcu/nuclei-templates into pikpikcu-patch-104
|
2021-03-25 22:37:34 +05:30 |
Prince Chaddha
|
2aa7c97e40
|
Update apache-spark-rce.yaml
|
2021-03-25 21:25:59 +05:30 |
sandeep
|
b5c4ed0e2e
|
Update wordpress-rce-simplefilelist.yaml
|
2021-03-25 19:21:30 +05:30 |
Mzack9999
|
351167e91f
|
removing redundant boolean check
|
2021-03-25 00:28:50 +01:00 |
Prince Chaddha
|
9a750ba944
|
Merge pull request #1136 from pikpikcu/patch-134
Create thinkcmf-arbitrary-code-execution.yaml
|
2021-03-24 17:22:58 +05:30 |
Prince Chaddha
|
915aeb93bb
|
Update thinkcmf-arbitrary-code-execution.yaml
|
2021-03-24 17:21:31 +05:30 |
PikPikcU
|
356856a983
|
Create thinkcmf-arbitrary-code-execution.yaml
|
2021-03-24 01:10:20 +00:00 |
PikPikcU
|
568a795319
|
Update thinkcmf-lfi.yaml
|
2021-03-24 00:42:53 +00:00 |
PD-Team
|
1e541d324f
|
Merge pull request #1116 from pikpikcu/patch-127
Create tpshop-directory-traversal.yaml
|
2021-03-21 21:04:43 +05:30 |
sandeep
|
7af81a3ce8
|
Update tpshop-directory-traversal.yaml
|
2021-03-21 21:04:33 +05:30 |
PD-Team
|
0c20bbf8b5
|
Merge pull request #1119 from pikpikcu/patch-130
Create xdcms-sqli
|
2021-03-21 20:43:51 +05:30 |
sandeep
|
8fd55de534
|
Update error-based-sql-injection.yaml
|
2021-03-21 20:28:22 +05:30 |
PikPikcU
|
7674824c98
|
Create xdcms-sqli.yaml
|
2021-03-21 10:15:44 +00:00 |
PikPikcU
|
ce51bfee06
|
Create tpshop-directory-traversal.yaml
|
2021-03-21 02:53:52 +00:00 |
Geeknik Labs
|
a3d7047521
|
Update error-based-sql-injection.yaml
Reverting back to raw http request. Sending encoded requests using net/http were missing blatant SQL injections.
Before:
[INF] Loading templates...
[INF] [error-based-sql-injection] Error based SQL injection (@geeknik) [high]
[INF] Loading workflows...
[INF] Using 1 rules (1 templates, 0 workflows)
[INF] No results found. Better luck next time!
After:
[INF] Loading templates...
[INF] [error-based-sql-injection] Error based SQL injection (@geeknik) [high]
[INF] Loading workflows...
[INF] Using 1 rules (1 templates, 0 workflows)
[2021-03-20 14:48:59] [error-based-sql-injection:MariaDB] [http] [high] https://REDACTED/') [check the manual that corresponds to your MariaDB server version]
|
2021-03-20 19:52:48 +00:00 |
Prince Chaddha
|
c04d699985
|
wordpress-infinitewp-auth-bypass
|
2021-03-19 02:10:02 +05:30 |
sandeep
|
d2115fa8f6
|
Update hashicorp-consul-rce.yaml
|
2021-03-18 18:37:43 +05:30 |
sandeep
|
4e16407c52
|
Update hashicorp-consul-rce.yaml
|
2021-03-18 18:36:13 +05:30 |
PD-Team
|
75cd16f667
|
Merge pull request #1100 from geeknik/patch-51
Create error-based-sql-injection.yaml
|
2021-03-18 14:06:56 +05:30 |
sandeep
|
0c602a56e7
|
Update error-based-sql-injection.yaml
|
2021-03-18 14:05:19 +05:30 |
sandeep
|
ad84ecb792
|
tag improvements
|
2021-03-18 13:24:36 +05:30 |
Geeknik Labs
|
988d0c75c9
|
Update error-based-sql-injection.yaml
|
2021-03-17 20:39:57 +00:00 |
Geeknik Labs
|
019a193aec
|
Update error-based-sql-injection.yaml
|
2021-03-17 19:31:08 +00:00 |
Geeknik Labs
|
be020357e8
|
Update error-based-sql-injection.yaml
|
2021-03-17 19:25:02 +00:00 |
Geeknik Labs
|
99bb91c255
|
Update error-based-sql-injection.yaml
|
2021-03-17 19:19:27 +00:00 |
Geeknik Labs
|
8fe5f4e1ff
|
Create error-based-sql-injection.yaml
🎉 OMG 🎉
Detect Error Based SQL Injection
Includes regex matchers + extractors for 29 Database Engines
💥 https://buymeacoffee.com/geeknik 💥
|
2021-03-17 17:30:53 +00:00 |
sandeep
|
3c8432686c
|
Update viewlinc-crlf-injection.yaml
|
2021-03-16 14:05:20 +05:30 |
Geeknik Labs
|
e951c75c59
|
Update viewlinc-crlf-injection.yaml
|
2021-03-15 20:04:37 +00:00 |
Geeknik Labs
|
0068d7ae0c
|
Create viewlinc-crlf-injection.yaml
This was discovered whilst participating in a private Hacker0x01 bug bounty program.
|
2021-03-15 20:00:56 +00:00 |
PD-Team
|
fb65d9341b
|
Merge branch 'master' into patch-4
|
2021-03-15 00:30:30 +05:30 |
sandeep
|
ffae74a6a8
|
Updated to openam-detection
|
2021-03-15 00:27:59 +05:30 |
PD-Team
|
47a7ea85e0
|
Merge pull request #1066 from r3naissance/master
Add teacherease-xss and parentlink-xss to /vulnerabilities/other/
|
2021-03-14 17:12:05 +05:30 |
sandeep
|
e18b34cc64
|
few updates
|
2021-03-14 17:07:52 +05:30 |
Dhiyaneshwaran
|
ed87cc42a8
|
Create pmb-local-file-disclosure.yaml
|
2021-03-12 22:42:45 +05:30 |
sandeep
|
9ff6adff73
|
Update wordpress-accessible-wpconfig.yaml
|
2021-03-12 17:58:35 +05:30 |
sandeep
|
28b0636f2d
|
syntax update
|
2021-03-12 17:32:16 +05:30 |
PD-Team
|
c35ed8a408
|
Merge branch 'master' into wordpress-cves
|
2021-03-12 17:25:27 +05:30 |
sandeep
|
a0785510f5
|
Update apache-flink-unauth-rce.yaml
|
2021-03-12 12:42:17 +05:30 |
sandeep
|
db18f137e6
|
linting updates
|
2021-03-12 12:40:16 +05:30 |
PD-Team
|
bee7bbdac0
|
Merge pull request #1037 from PurushottamanR/master
Moodle jitsi plugin XSS detection
|
2021-03-12 01:13:37 +05:30 |
sandeep
|
830cc84899
|
Update moodle-jitsi-plugin-xss.yaml
|
2021-03-12 01:08:56 +05:30 |
sandeep
|
48dc97b6fe
|
Update moodle-jitsi-plugin-xss.yaml
|
2021-03-12 01:06:37 +05:30 |
Chapman Schleiss
|
655308b864
|
Added reference
|
2021-03-11 09:50:26 -07:00 |
sandeep
|
86faa863f6
|
Added some reference
|
2021-03-11 20:33:36 +05:30 |
Chapman Schleiss
|
881cedaabc
|
Adding teacherease-xss
|
2021-03-10 12:36:44 -07:00 |
Chapman Schleiss
|
8a015fe306
|
Adding parentlink-xss
|
2021-03-10 12:36:08 -07:00 |
sandeep
|
ed91c0813e
|
more typos
|
2021-03-10 19:45:41 +05:30 |
sandeep
|
06945d56a8
|
fixing typos
|
2021-03-10 19:33:49 +05:30 |
Prince Chaddha
|
de3b1d27ea
|
added templates
|
2021-03-10 17:06:11 +05:30 |
Prince Chaddha
|
ce919375eb
|
Create wordpress-auth-bypass-wptimecapsule.yaml
|
2021-03-10 12:29:08 +05:30 |
sandeep
|
79ebf9b5bd
|
Update moodle-jitsi-plugin-xss.yaml
|
2021-03-07 14:28:07 +05:30 |
sandeep
|
944493d343
|
wip
|
2021-03-07 13:48:33 +05:30 |
sandeep
|
d67648b6d7
|
Update moodle-jitsi-plugin-xss.yaml
|
2021-03-07 13:43:48 +05:30 |
purushottamanr
|
17a4f315e7
|
moodle jitsi plugin XSS detection
|
2021-03-06 13:52:35 -05:00 |
purushottamanr
|
7ab99e908a
|
moodle jitsi plugin XSS detection
|
2021-03-06 13:25:44 -05:00 |
sandeep
|
04cc9c44fb
|
xss matchers update
|
2021-03-04 21:32:34 +05:30 |
sandeep
|
e9c9c4822f
|
misc update
|
2021-03-04 21:04:06 +05:30 |
PikPikcU
|
4e31596426
|
Fix 🛠️
|
2021-03-03 22:07:46 +07:00 |