Commit Graph

7672 Commits (4f1f3632f46994948a23cfee4cf7fd6e8bbc4ccd)

Author SHA1 Message Date
Sandeep Singh 4f1f3632f4
Merge pull request #2296 from gy741/rule-add-v46
Create zhiyuan-file-upload.yaml
2021-08-02 10:36:43 +05:30
GwanYeong Kim 27eef8c1a9 Create zhiyuan-file-upload.yaml
Zhiyuan OA is a set of office coordinating management software. Recently, Qianxin CERT monitors the relevant vulnerability information of the long OA. Since there is an unauthorized access in some interfaces, and some functions are insufficient, the attacker can upload malicious script files without logging in, so that there is no need to log in. Zhiyuan OA official has provided patches for this vulnerability. In view of the large vulnerability harm, it is recommended that users apply patch updates as soon as possible.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-08-02 11:07:14 +09:00
Sandeep Singh 81572ce596
Merge pull request #2292 from geeknik/patch-4
Update CVE-2021-31581.yaml
2021-08-02 02:09:32 +05:30
Sandeep Singh b04dc13dcd
Update CVE-2021-31581.yaml 2021-08-02 02:08:28 +05:30
sandeep cda935f2c2 Adding workflow validation 2021-08-02 01:47:58 +05:30
Sandeep Singh d416aea142
Merge pull request #2279 from gy741/rule-add-v45
Create CVE-2021-36380.yaml
2021-08-02 01:36:56 +05:30
sandeep ebf1653d65 Update CVE-2021-36380.yaml 2021-08-02 01:33:10 +05:30
sandeep b30a43f821 Revert "Auto Generated Templates Stats [Sat Jul 31 18:12:02 UTC 2021] 🤖"
This reverts commit 5179b5ad7f.
2021-08-02 01:32:55 +05:30
Sandeep Singh 454e11f6c4
Merge pull request #2271 from pikpikcu/patch-240
Update JIRA SSRF
2021-08-02 01:31:27 +05:30
sandeep f5982c5d28 Update CVE-2019-8451.yaml 2021-08-02 01:30:00 +05:30
sandeep 5023dd6f9c Update CVE-2019-8451.yaml 2021-08-02 01:27:40 +05:30
Sandeep Singh c7778257c3
Update CVE-2019-8451.yaml 2021-08-02 01:22:49 +05:30
Sandeep Singh 56d3a2f1bd
Merge pull request #2284 from pikpikcu/patch-242
Update CVE-2019-0221
2021-08-02 01:17:36 +05:30
Sandeep Singh 76fb40314a
Merge pull request #2277 from pikpikcu/patch-241
Update CVE-2021-3223
2021-08-02 01:15:39 +05:30
sandeep 5c22441bac Update CVE-2021-3223.yaml 2021-08-02 01:11:43 +05:30
Sandeep Singh 4ab50dbd08
Merge pull request #2291 from r3dg33k/guacamole-version-detect
guacamole-login-version-detect
2021-08-02 00:45:51 +05:30
sandeep 0146fd0c11 Update apache-guacamole.yaml 2021-08-02 00:44:34 +05:30
Sandeep Singh 8df4939b6a
Rename guacamole-login-version-detect.yaml to apache-guacamole.yaml 2021-08-02 00:40:43 +05:30
sandeep 67e4998d32 Update guacamole-login-version-detect.yaml 2021-08-02 00:40:06 +05:30
Sandeep Singh 95ea269243
Merge pull request #2286 from nrathaus/master
Fix FP
2021-08-02 00:35:48 +05:30
Geeknik Labs 9cbb151600
Update CVE-2021-31581.yaml
Fixes https://github.com/projectdiscovery/nuclei-templates/issues/2285. 👍🏻
2021-08-01 10:59:39 -05:00
Sandeep Singh 88ab486a9f
Merge pull request #2288 from righettod/master 2021-08-01 20:43:40 +05:30
r3dg33k f2a52e9ad5 guacamole-login-version-detect 2021-08-01 08:06:02 -04:00
drighetto 36e66af09f Fix linter error 2021-08-01 10:21:13 +02:00
drighetto 1fbe66764d Add a template the detect WS02 API Manager 2021-08-01 10:18:36 +02:00
Noam Rathaus 03dfb4bff6 More references 2021-08-01 09:16:33 +03:00
Noam Rathaus 3de7af6018 Better reference 2021-08-01 09:14:14 +03:00
Noam Rathaus ac70ba03c7 description and reference 2021-08-01 09:12:12 +03:00
Noam Rathaus 21b17993be Better references 2021-08-01 09:10:14 +03:00
Noam Rathaus 9dc30c37a2 Description and reference 2021-08-01 08:57:40 +03:00
Noam Rathaus 734dde35cc Fix FP - https://github.com/projectdiscovery/nuclei-templates/issues/2217 2021-08-01 08:52:30 +03:00
Noam Rathaus a4e9469544 Merge branch 'master' of https://github.com/projectdiscovery/nuclei-templates 2021-08-01 08:49:45 +03:00
PikPikcU 0653fdc498
Update CVE-2019-0221.yaml 2021-08-01 09:43:53 +07:00
GitHub Action 5179b5ad7f Auto Generated Templates Stats [Sat Jul 31 18:12:02 UTC 2021] 🤖 2021-07-31 18:12:02 +00:00
GwanYeong Kim 0678e7d233 Create CVE-2021-36380.yaml
The /cgi/networkDiag.cgi script directly incorporated user-controllable parameters within a shell command, allowing an attacker to manipulate the resulting command by injecting valid OS command input. The following POST request injects a new command that instructs the server to establish a reverse TCP connection to another system, allowing the establishment of an interactive remote shell session.

Signed-off-by: GwanYeong Kim <gy741.kim@gmail.com>
2021-08-01 03:10:49 +09:00
Sandeep Singh bc48231304
Merge pull request #2192 from gy741/rule-add-v41
Create CVE-2018-10818.yaml
2021-07-31 22:56:26 +05:30
sandeep 620cd107c6 Update CVE-2018-10818.yaml 2021-07-31 22:55:55 +05:30
Sandeep Singh f51652a563
Merge pull request #2230 from geeknik/patch-4
Update private-key.yaml
2021-07-31 22:53:21 +05:30
Sandeep Singh c22f4ca46a
Merge pull request #2143 from projectdiscovery/detect-dnsec
Added DNSSEC Detection
2021-07-31 22:51:29 +05:30
Sandeep Singh ee06aea64d
Merge pull request #2262 from DhiyaneshGeek/master
New Template
2021-07-31 22:50:25 +05:30
PikPikcU ae672521d9
Update CVE-2021-3223.yaml 2021-07-31 16:12:48 +07:00
Sandeep Singh 9ca46086d9
Merge pull request #2274 from projectdiscovery/akamai-arl-xss 2021-07-31 12:05:31 +05:30
Prince Chaddha 3cb1abc436
Merge pull request #2268 from daffainfo/patch-117
Create CVE-2014-4535.yaml
2021-07-31 09:02:23 +05:30
Prince Chaddha dccd46c576
Merge pull request #2267 from daffainfo/patch-116
Create CVE-2019-12276.yaml
2021-07-31 09:00:52 +05:30
Prince Chaddha 077191496a
Update CVE-2014-4535.yaml 2021-07-31 09:00:47 +05:30
Prince Chaddha 8246b2356c
Update CVE-2019-12276.yaml 2021-07-31 08:58:19 +05:30
Prince Chaddha 9c758ea8fb
Merge pull request #2275 from daffainfo/patch-118
Create CVE-2014-4536.yaml
2021-07-31 08:48:36 +05:30
Prince Chaddha 86d1815409
Merge pull request #2276 from daffainfo/patch-119
Create CVE-2012-0991.yaml
2021-07-31 08:43:31 +05:30
Prince Chaddha b2e3670c91
Update CVE-2014-4536.yaml 2021-07-31 08:43:27 +05:30
Prince Chaddha 9a47b53434
Update CVE-2012-0991.yaml 2021-07-31 08:41:41 +05:30