Commit Graph

34019 Commits (449651f0764e88f9beb1d5d058b6a31041e3f854)

Author SHA1 Message Date
bauthard da431b0aa7
Update elasticsearch.yaml 2020-07-08 14:15:37 +05:30
bauthard 38bc600e99
Update CVE-2020-5284.yaml 2020-07-08 14:15:18 +05:30
bauthard 336bac5e1a
Merge pull request #219 from dwisiswant0/add-cves-and-workflows
Add CVE-2020-13167, CVE-2020-7209 & Workflows
2020-07-08 09:46:45 +05:30
dw1 577e3cb429 📝 Remove trailing spaces 2020-07-08 02:55:24 +07:00
dw1 b0aec24951 🔥 Add LinuxKI Toolset RCE - CVE-2020-7209 2020-07-08 02:28:16 +07:00
dw1 a767bea72a 🔥 Add Netsweeper WebAdmin PreAuth RCE Workflow 2020-07-08 02:27:31 +07:00
dw1 f664a763dc 🔨 Add Netsweeper WebAdmin detection 2020-07-08 02:26:45 +07:00
dw1 5f42e15fcb 🔥 Add Netsweeper WebAdmin PreAuth RCE - CVE-2020-13167 2020-07-08 02:26:15 +07:00
Harsh Bothra 3d7f039cbd
Rename ibm-infoprint-directory-traversal to ibm-infoprint-directory-traversal.yaml 2020-07-07 17:41:34 +05:30
Harsh Bothra 97db04d90e
Create ibm-infoprint-directory-traversal
IBM InfoPrint 4247-Z03 Impact Matrix Printer - Directory Traversal
2020-07-07 17:40:48 +05:30
secureITmania cc260b27b0
Update CVE-2020-9757.yaml
template logic changed
2020-07-07 14:09:32 +05:30
secureITmania 3fdcb6668e
Merge pull request #1 from projectdiscovery/master
Update from original
2020-07-07 14:02:35 +05:30
Harsh Bothra ab6bfa0107
Create CVE-2019-3396.yaml
Atlassian Confluence Path Traversal/RCE
2020-07-07 12:54:27 +05:30
bauthard d58fb83331
Merge pull request #214 from harsh-bothra/patch-6
Create CVE-2019-17382.yaml
2020-07-07 11:56:49 +05:30
bauthard 5cfdcf0064 adding matchers-condition
when we are looking to match two condition, we should add matchers-condition, as the default check is OR which will results into false positive results.
2020-07-07 11:56:01 +05:30
bauthard 6a1b383466
Merge pull request #212 from hetroublemaker/patch-4
Create CVE-2020-10204.yaml
2020-07-07 11:50:49 +05:30
bauthard 0a207f55cc Update CVE-2020-10204.yaml 2020-07-07 11:49:48 +05:30
bauthard 350c7e8708
Merge pull request #213 from fyoorer/add-rabbitmq
add rabbitmq default password detection
2020-07-07 11:44:26 +05:30
bauthard aa1660ec79 Update rabbitmq-workflow.yaml 2020-07-07 11:43:50 +05:30
Harsh Bothra 76745f7dcb
Create CVE-2019-17382.yaml
Zabbix Authentication Bypass to access Dashboard
2020-07-07 09:47:27 +05:30
Aditya Gujar 5516d741a4
Update rabbitmq-default-admin.yaml 2020-07-06 18:42:01 -04:00
Aditya Gujar 941ab6d875 add rabbitmq default password detection 2020-07-06 18:33:19 -04:00
Aditya Soni 9c8104f937
Create CVE-2020-10204.yaml 2020-07-07 01:54:18 +05:30
bauthard 2499aaa0a6
Update CVE-2018-1247.yaml 2020-07-07 00:37:01 +05:30
bauthard 24eafa3648
updated matcher 2020-07-07 00:34:27 +05:30
bauthard ebb2f1f3ac
Merge pull request #210 from harsh-bothra/patch-5
Create CVE-2018-11759.yaml
2020-07-06 22:44:05 +05:30
bauthard ba2fe4bf75 Update CVE-2018-11759.yaml 2020-07-06 22:43:45 +05:30
bauthard 1714fa6674
Merge pull request #209 from harsh-bothra/patch-4
Create CVE-2020-5405.yaml
2020-07-06 22:41:09 +05:30
bauthard 8362fb3dc2 Update CVE-2020-5405.yaml 2020-07-06 22:40:05 +05:30
bauthard bd7a526f32
Merge pull request #208 from Techbrunch/patch-5
Create jira-unauthenticated-projects.yaml
2020-07-06 22:31:11 +05:30
bauthard e2373db418 Update jira-unauthenticated-projects.yaml 2020-07-06 22:30:26 +05:30
bauthard 01ddd1deae
Merge pull request #207 from Techbrunch/patch-4
Create jira-unauthenticated-dashboards.yaml
2020-07-06 22:26:16 +05:30
bauthard 503f300230
Merge pull request #206 from Techbrunch/patch-3
Create jira-unauthenticated-popular-filters.yaml
2020-07-06 22:25:48 +05:30
bauthard 63289fb700
Merge pull request #205 from dwisiswant0/update-cve-2020-5902
Update RAW payloads due to can't use helper function - CVE-2020-5902
2020-07-06 22:19:31 +05:30
bauthard 6f7aa0570e
Merge pull request #204 from Techbrunch/patch-2
Create CVE-2019-8451.yaml
2020-07-06 22:16:27 +05:30
Harsh Bothra 8b4cf6bd46
Create CVE-2018-11759.yaml
Apache Tomcat JK Status Manager Access
2020-07-06 21:58:42 +05:30
bauthard c278396f2e
Merge pull request #203 from melbadry9/patch-2
Update open-redirect.yaml
2020-07-06 21:52:55 +05:30
Harsh Bothra ebcf1ec0f6
Create CVE-2020-5405.yaml
Spring Cloud Directory Traversal
2020-07-06 21:52:18 +05:30
Techbrunch 1b0683e4a3
Create jira-unauthenticated-projects.yaml
If public sharing is ON it allows users to share projects with all users including those that are not logged in. Those projects could reveal potentially sensitive information.
2020-07-06 18:03:33 +02:00
Techbrunch 981979d905
Create jira-unauthenticated-dashboards.yaml
If public sharing is ON it allows users to share dashboards and filters with all users including those that are not logged in. Those dashboard and filters could reveal potentially sensitive information.
2020-07-06 18:02:11 +02:00
Techbrunch a525139cbe
Update jira-unauthenticated-popular-filters.yaml 2020-07-06 17:58:12 +02:00
Techbrunch 40238f677f
Create jira-unauthenticated-popular-filters.yaml
If public sharing is ON it allows users to share dashboards and filters with all users including those that are not logged in. Those dashboard and filters could reveal potentially sensitive information.
2020-07-06 17:56:34 +02:00
Techbrunch 59661b1eb6
Update CVE-2019-8451.yaml
Fix trailing whitespace
2020-07-06 16:56:27 +02:00
Techbrunch 3a44d74762
Create CVE-2019-8451.yaml
# On September 9, Atlassian released version 8.4.0 for Jira Core and Jira Software, which included a fix for an important
# security issue reported in August 2019.

# CVE-2019-8451 is a pre-authentication server-side request forgery (SSRF) vulnerability found in 
# the /plugins/servlet/gadgets/makeRequest resource. The vulnerability exists due to “a logic bug” in the JiraWhitelist class.
# An unauthenticated attacker could exploit this vulnerability by sending a specially crafted web request to a vulnerable 
# Jira server. Successful exploitation would result in unauthorized access to view and potentially modify internal 
# network resources.
# https://www.tenable.com/blog/cve-2019-8451-proof-of-concept-available-for-server-side-request-forgery-ssrf-vulnerability-in
# https://twitter.com/benmontour/status/1177250393220239360
# https://twitter.com/ojensen5115/status/1176569607357730817
2020-07-06 16:52:34 +02:00
dw1 d19f00bf82 Update RAW payloads due to can't use helper function 2020-07-06 21:45:44 +07:00
Mohamed Elbadry 3381eed789
Update open-redirect.yaml 2020-07-06 16:21:43 +02:00
bauthard 4337755cbe
Merge pull request #202 from melbadry9/patch-1
Update crlf-injection.yaml
2020-07-06 19:48:11 +05:30
Mohamed Elbadry d2f024dc32
Update crlf-injection.yaml 2020-07-06 16:16:27 +02:00
Mohamed Elbadry e255561721
Update crlf-injection.yaml 2020-07-06 16:11:29 +02:00
bauthard 8ef6e99ab3
Merge pull request #200 from dwisiswant0/update-cve-2020-5902
Update CVE-2020-5902 matchers & requests
2020-07-06 19:15:28 +05:30