bauthard
da431b0aa7
Update elasticsearch.yaml
2020-07-08 14:15:37 +05:30
bauthard
38bc600e99
Update CVE-2020-5284.yaml
2020-07-08 14:15:18 +05:30
bauthard
336bac5e1a
Merge pull request #219 from dwisiswant0/add-cves-and-workflows
...
Add CVE-2020-13167, CVE-2020-7209 & Workflows
2020-07-08 09:46:45 +05:30
dw1
577e3cb429
📝 Remove trailing spaces
2020-07-08 02:55:24 +07:00
dw1
b0aec24951
🔥 Add LinuxKI Toolset RCE - CVE-2020-7209
2020-07-08 02:28:16 +07:00
dw1
a767bea72a
🔥 Add Netsweeper WebAdmin PreAuth RCE Workflow
2020-07-08 02:27:31 +07:00
dw1
f664a763dc
🔨 Add Netsweeper WebAdmin detection
2020-07-08 02:26:45 +07:00
dw1
5f42e15fcb
🔥 Add Netsweeper WebAdmin PreAuth RCE - CVE-2020-13167
2020-07-08 02:26:15 +07:00
Harsh Bothra
3d7f039cbd
Rename ibm-infoprint-directory-traversal to ibm-infoprint-directory-traversal.yaml
2020-07-07 17:41:34 +05:30
Harsh Bothra
97db04d90e
Create ibm-infoprint-directory-traversal
...
IBM InfoPrint 4247-Z03 Impact Matrix Printer - Directory Traversal
2020-07-07 17:40:48 +05:30
secureITmania
cc260b27b0
Update CVE-2020-9757.yaml
...
template logic changed
2020-07-07 14:09:32 +05:30
secureITmania
3fdcb6668e
Merge pull request #1 from projectdiscovery/master
...
Update from original
2020-07-07 14:02:35 +05:30
Harsh Bothra
ab6bfa0107
Create CVE-2019-3396.yaml
...
Atlassian Confluence Path Traversal/RCE
2020-07-07 12:54:27 +05:30
bauthard
d58fb83331
Merge pull request #214 from harsh-bothra/patch-6
...
Create CVE-2019-17382.yaml
2020-07-07 11:56:49 +05:30
bauthard
5cfdcf0064
adding matchers-condition
...
when we are looking to match two condition, we should add matchers-condition, as the default check is OR which will results into false positive results.
2020-07-07 11:56:01 +05:30
bauthard
6a1b383466
Merge pull request #212 from hetroublemaker/patch-4
...
Create CVE-2020-10204.yaml
2020-07-07 11:50:49 +05:30
bauthard
0a207f55cc
Update CVE-2020-10204.yaml
2020-07-07 11:49:48 +05:30
bauthard
350c7e8708
Merge pull request #213 from fyoorer/add-rabbitmq
...
add rabbitmq default password detection
2020-07-07 11:44:26 +05:30
bauthard
aa1660ec79
Update rabbitmq-workflow.yaml
2020-07-07 11:43:50 +05:30
Harsh Bothra
76745f7dcb
Create CVE-2019-17382.yaml
...
Zabbix Authentication Bypass to access Dashboard
2020-07-07 09:47:27 +05:30
Aditya Gujar
5516d741a4
Update rabbitmq-default-admin.yaml
2020-07-06 18:42:01 -04:00
Aditya Gujar
941ab6d875
add rabbitmq default password detection
2020-07-06 18:33:19 -04:00
Aditya Soni
9c8104f937
Create CVE-2020-10204.yaml
2020-07-07 01:54:18 +05:30
bauthard
2499aaa0a6
Update CVE-2018-1247.yaml
2020-07-07 00:37:01 +05:30
bauthard
24eafa3648
updated matcher
2020-07-07 00:34:27 +05:30
bauthard
ebb2f1f3ac
Merge pull request #210 from harsh-bothra/patch-5
...
Create CVE-2018-11759.yaml
2020-07-06 22:44:05 +05:30
bauthard
ba2fe4bf75
Update CVE-2018-11759.yaml
2020-07-06 22:43:45 +05:30
bauthard
1714fa6674
Merge pull request #209 from harsh-bothra/patch-4
...
Create CVE-2020-5405.yaml
2020-07-06 22:41:09 +05:30
bauthard
8362fb3dc2
Update CVE-2020-5405.yaml
2020-07-06 22:40:05 +05:30
bauthard
bd7a526f32
Merge pull request #208 from Techbrunch/patch-5
...
Create jira-unauthenticated-projects.yaml
2020-07-06 22:31:11 +05:30
bauthard
e2373db418
Update jira-unauthenticated-projects.yaml
2020-07-06 22:30:26 +05:30
bauthard
01ddd1deae
Merge pull request #207 from Techbrunch/patch-4
...
Create jira-unauthenticated-dashboards.yaml
2020-07-06 22:26:16 +05:30
bauthard
503f300230
Merge pull request #206 from Techbrunch/patch-3
...
Create jira-unauthenticated-popular-filters.yaml
2020-07-06 22:25:48 +05:30
bauthard
63289fb700
Merge pull request #205 from dwisiswant0/update-cve-2020-5902
...
Update RAW payloads due to can't use helper function - CVE-2020-5902
2020-07-06 22:19:31 +05:30
bauthard
6f7aa0570e
Merge pull request #204 from Techbrunch/patch-2
...
Create CVE-2019-8451.yaml
2020-07-06 22:16:27 +05:30
Harsh Bothra
8b4cf6bd46
Create CVE-2018-11759.yaml
...
Apache Tomcat JK Status Manager Access
2020-07-06 21:58:42 +05:30
bauthard
c278396f2e
Merge pull request #203 from melbadry9/patch-2
...
Update open-redirect.yaml
2020-07-06 21:52:55 +05:30
Harsh Bothra
ebcf1ec0f6
Create CVE-2020-5405.yaml
...
Spring Cloud Directory Traversal
2020-07-06 21:52:18 +05:30
Techbrunch
1b0683e4a3
Create jira-unauthenticated-projects.yaml
...
If public sharing is ON it allows users to share projects with all users including those that are not logged in. Those projects could reveal potentially sensitive information.
2020-07-06 18:03:33 +02:00
Techbrunch
981979d905
Create jira-unauthenticated-dashboards.yaml
...
If public sharing is ON it allows users to share dashboards and filters with all users including those that are not logged in. Those dashboard and filters could reveal potentially sensitive information.
2020-07-06 18:02:11 +02:00
Techbrunch
a525139cbe
Update jira-unauthenticated-popular-filters.yaml
2020-07-06 17:58:12 +02:00
Techbrunch
40238f677f
Create jira-unauthenticated-popular-filters.yaml
...
If public sharing is ON it allows users to share dashboards and filters with all users including those that are not logged in. Those dashboard and filters could reveal potentially sensitive information.
2020-07-06 17:56:34 +02:00
Techbrunch
59661b1eb6
Update CVE-2019-8451.yaml
...
Fix trailing whitespace
2020-07-06 16:56:27 +02:00
Techbrunch
3a44d74762
Create CVE-2019-8451.yaml
...
# On September 9, Atlassian released version 8.4.0 for Jira Core and Jira Software, which included a fix for an important
# security issue reported in August 2019.
# CVE-2019-8451 is a pre-authentication server-side request forgery (SSRF) vulnerability found in
# the /plugins/servlet/gadgets/makeRequest resource. The vulnerability exists due to “a logic bug” in the JiraWhitelist class.
# An unauthenticated attacker could exploit this vulnerability by sending a specially crafted web request to a vulnerable
# Jira server. Successful exploitation would result in unauthorized access to view and potentially modify internal
# network resources.
# https://www.tenable.com/blog/cve-2019-8451-proof-of-concept-available-for-server-side-request-forgery-ssrf-vulnerability-in
# https://twitter.com/benmontour/status/1177250393220239360
# https://twitter.com/ojensen5115/status/1176569607357730817
2020-07-06 16:52:34 +02:00
dw1
d19f00bf82
❌ Update RAW payloads due to can't use helper function
2020-07-06 21:45:44 +07:00
Mohamed Elbadry
3381eed789
Update open-redirect.yaml
2020-07-06 16:21:43 +02:00
bauthard
4337755cbe
Merge pull request #202 from melbadry9/patch-1
...
Update crlf-injection.yaml
2020-07-06 19:48:11 +05:30
Mohamed Elbadry
d2f024dc32
Update crlf-injection.yaml
2020-07-06 16:16:27 +02:00
Mohamed Elbadry
e255561721
Update crlf-injection.yaml
2020-07-06 16:11:29 +02:00
bauthard
8ef6e99ab3
Merge pull request #200 from dwisiswant0/update-cve-2020-5902
...
Update CVE-2020-5902 matchers & requests
2020-07-06 19:15:28 +05:30